[whacko_quacko]

I don't see any evidence that this should be the case. My email appears in dumps on haveibeenpwnd too, because of database dumps. How is that evidence that there's a key logger on my system?

Actually critisizing DOGE for their major gaffes (like putting up easily defaceable websites, or their incompetence when it comes to reading numbers accurately) is important, but this kind of article is just sad and diminishes the credibility of news journalism

[alxlaz]

> My email appears in dumps on haveibeenpwnd too, because of database dumps. How is that evidence that there's a key logger on my system?

If your password is in the dumps, too, like this person's passwords, then yeah, you might want to look into it.

[buckle8017]

Many website still store plaintext passwords.

Indeed the ones getting hacked are more likely to.

[alxlaz]

From the linked article:

> user names and passwords for logging in to various accounts belonging to Schutt have been published at least four times since 2023 in logs from stealer malware.

So this isn't from website dumps with plaintext passwords.

[trollbridge]

If I did highly secure work (which I don’t), I’d set up a few honeypot machines and input my “secure credentials” (with a bogus password) into that repeatedly.

[alxlaz]

Yeah, inputing "secure credentials" traceable directly to you with what you'd hope is a bogus password is a very bad idea, especially if you're doing highly secure work.

[trollbridge]

"Hope"? Generate random text, repeatedly type it in with AutoHotKey on honeypot machine, whatever rootkits are on there get garbled, useless data.

[lostmsu]

Them not naming the sites is pretty telling.

[alxlaz]

They're linking to the original source of the news, which literally names "the sites".

[lostmsu]

No it does not. What sites appeared in the "stealer logs" with his email?

[Hikikomori]

If you read the full article you'll see its not just from database dumps.

[nicolaslegland]

Have I Been Pwned listed me in the ALIEN TXTBASE Stealer Logs. I went through the Notify me tab, got a verification link to check for my personal records, and all I got was this lousy:

"No domains were found for your email address. Whilst your email address was found in a stealer log, no websites were found alongside it. This can be due to the way the log was formatted."

TL;DR: You could try my email in there, believe credentials were stolen, when that might be recycled leak stuffing.

[blitzar]

Alternative explanation - someone emailing you is infected by a stealer on their machine - they typed your email into the "to field" and that was captured by a key logger on their system.

[nicolaslegland]

Absolutely. Now, how do I sort things out? And eventually clear my name so people searching for my email don’t jump to conclusions regarding my OPSEC…

[thomquaid]

"By searching for his personal Gmail address (which I'm not sharing) in Have I Been Pwned, he appears in 51 data breaches and in 5 pastes. These include a 2013 breach of 153 million Adobe users, a 2016 breach of 164 million LinkedIn users, a 2020 breach of 167 million users from Gravatar, a 2024 breach of the conservative news site The Post Millennial, and many more."

Stop reading Ars and your name will be cleared. This isnt real journalism, it is Ars-washed political talking points.

[trollbridge]

I’d be in 3 of those breaches. One of the rules working in government was never use your personal email or ID for anything.

If you had to work in the nightmare of secure systems, the computers are literally in a different room, there is no Internet access in there, and you can’t take your smartphone in there.

[blitzar]

You fly jets long enough, something like this happens.

[florbnit]

>But some of the datasets that Schutt is included in are much more concerning than normal data breaches because they're from stealer logs.

[welder]

This is different from haveibeenpawned leaks. These infostealer dumps mean the data is direct from a spyware/malware on a victims computer. for ex: https://hackerone.com/reports/3091909

It means the people in the leak had malware on their computer in the past, and maybe present.