How not to steal $46 million from the US government

A Wikipedia security engineer accidentally wakes a dormant JavaScript worm that hadn't stirred since 2024 - and within minutes, giant woodpecker images are plastered across the internet's favourite encyclopaedia. Meanwhile, a crypto contractor hired to help the US Marshals manage seized digital assets allegedly decides to help himself to $46 million of it - and then brags about it on a recorded Telegram call. Plus: Graham champions Asterix, Trisha discovers the fantasy novels of Robin Hobb, and someone called "Lick" ends up in the nick. All this, and much more, in episode 458 of the "Smashing Security" podcast with cybersecurity veteran Graham Cluley, and special guest Tricia Howard. EPISODE LINKS: Major data leak forum dismantled in global action against cybercrime forum - Europol. Ericsson blames vendor vishing slip-up for breach exposing thousands of records - The Register. How hackers bypassed MFA with a $120 phishing kit – until law enforcement shut them down - Hot for Security. Wikipedia hit by self-propagating JavaScript worm that vandalized pages - Bleeping Computer. FBI arrests crypto thief accused of stealing $46 million from seized government wallet - Tom’s Hardware. Twitter thread by ZachXBT about John Daghita’s arrest - Twitter. Asterix - Wikipedia. Robin Hobb . The Complete Farseer trilogy - Harper Collins. Smashing Security merchandise (t-shirts, mugs, stickers and stuff) SPONSORS: Vanta - Expand the scope of your security program with market-leading compliance automation… while saving time and money. Smashing Security listeners get $1000 off! ThreatLocker - Start your free trial and book a demo of ThreatLocker today to see how you can implement Zero Trust in your environment. Meter - Network infrastructure for the enterprise. Get a free personalised demo. SUPPORT THE SHOW: Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser . Become a supporter! Join Smashing Security PLUS via Patreon or Apple Podcasts for ad-free episodes on our early-release feed! FOLLOW THE SHOW:

You can listen to How not to steal $46 million from the US government online on Radio and Podcast. Open the player on this page to stream the available audio.

How not to steal $46 million from the US government is an episode from Smashing Security by Graham Cluley, Carole Theriault.

This episode is 41:16 long.

This episode was published on Mar 12, 2026.

Yes. Use the heart button on the episode page to add it to your favorite episodes list.

Yes. This page shows related episodes from Smashing Security when more episodes are available from the podcast feed.