HTML Image
Forum: 1 Lucky Nerd

  1. Forum
  2. FidoNet
  3. CONSPRCY

  • DOGE workers' credentials

    From Mike Powell@1:2320/105 to All on Monday, May 12, 2025 11:29:00
    This DOGE workers' credentials have allegedly been exposed by infostealing malware

    Date:
    Mon, 12 May 2025 14:00:00 +0000

    Description:
    A researcher claims a DOGE employee was compromised four times but some security pros disagree.

    FULL STORY

    A DOGE worker has had his personal computer infected by infostealer malware
    on multiple occasions, a researcher claims, hinting that the US governments security lapses go way past Mike Waltzs Signal fiasco. Not everyone agrees
    with this assessment, however.

    As picked up by The Register, recently a security researcher named Micah Lee took a closer look at the security posture of one Kyle Schutt, allegedly a 37-year-old "DOGE software engineer". Wired also reported that Schutt was on the CISA staff.

    Lee claims that Schutts personal computer was compromised by infostealer malware at least four times so far, saying that they found his data in four different infostealer logs.

    Stealer logs are collections of URLs paired with usernames and passwords, compiled with the help of malware. If malware infects your device, it can do things like log your keystrokes or record everything entered into forms in
    your web browser building a list of your usernames and passwords for various websites and then send this data back to the person who controls the
    malware. This is where stealer log data comes from, Lee explained.

    Lee also said that he doesnt know enough about these incidents - when they happened, and if they occurred on Schutts personal, or work devices (or a single device that does both).

    The media were quick to pick up on this information, but not everyone agrees with Lees assessment. For example, Alon Gal, CTO and co-founder of Hudson
    Rock, an Israeli cybersecurity company specializing in cybercrime
    intelligence, thinks Schutt was not infected by malware and believes that
    Lees research means nothing:

    I checked the data myself, and this is not true, Gal said in a LinkedIn post
    . Since the article has been picked up and is currently going viral, I
    figured I'll make it clear that Kyle Schutt was in fact not infected by malware, he added.

    Via The Register

    ======================================================================
    Link to news story: https://www.techradar.com/pro/security/this-doge-workers-credentials-have-alle gedly-been-exposed-by-infostealing-malware

    $$
    --- SBBSecho 3.20-Linux
    * Origin: capitolcityonline.net * Telnet/SSH:2022/HTTP (1:2320/105)

I recommend using



to connect to the BBS