The Lazarus heist: How North Korea almost pulled off a billion-dollar hack

bbc.com/news/stories-57520169

@lupyuen Passing unsanitized string to the format argument of sprintf (or similar) is the SQL injection of the C world. Awesome. 😆

@lupyuen "Obviously, this is such an obscure chain of events that it is highly unlikely that any person accidentally falls into this, unless a load of Wi-Fi pranksters suddenly pop up in the wild with open Wi-Fi networks using the poisoned name. 😉"

Show more
Qoto Mastodon

QOTO: Question Others to Teach Ourselves. A STEM-oriented instance.

An inclusive free speech instance.
All cultures and opinions welcome.
Explicit hate speech and harassment strictly forbidden.
We federate with all servers: we don't block any servers.