Good evening, tech aficionados! As the sun sets and our screens glow a little brighter, let's unwind with some of today's most captivating tech tales. First up, we delve into the murky waters of X (formerly Twitter), where a storm of malicious crypto ads is testing the nerves of its users. Then, we'll navigate the tangled web of npm's 'everything' package, a digital Pandora's box that's locked developers in a dependency bind. Finally, we'll wrap up with the saga of BreachForums' admin, whose dance with VPNs and unmonitored PCs landed him back in the clutches of law enforcement. So grab your favorite evening beverage, settle in, and let's explore these digital dramas that continue to shape our fascinating, ever-evolving tech landscape.

X Users on High Alert for Crypto Scams

X, formerly known as Twitter, is facing a surge in malicious crypto ads. Cybercriminals are exploiting the platform's ad system to push cryptocurrency drainers, fake airdrops, and other scams. These ads often lead to phishing sites or scripts that empty crypto wallets. Despite X's claim of tailoring ads to user interests, the crypto community is particularly bombarded with these scams.

The situation has escalated over the past month, with security researchers like MalwareHunterTeam highlighting the issue. Verified users are frequently the source of these scam ads, with community members stepping in to warn others. The notorious 'MS Drainer', responsible for stealing $59 million from over 63,000 victims, was promoted via these ads, masquerading as NFT collections or token launches.

This rampant abuse raises questions about X's ad vetting process. With a projected $2.5 billion drop in ad revenue, users speculate that X might be overlooking these malicious ads to boost its finances.

NPM's 'Everything' Package Creates Chaos

Over the holidays, npm's package registry saw an influx of over 3,000 packages, including one peculiarly named "everything." This package, when installed, pulls every single npm package ever published into your computer, potentially causing a storage crisis. But the more significant issue lies in its impact on npm's policy.

A preserved snapshot of the now-removed GitHub discussion is provided below:

Authors who wish to unpublish their packages from npm now find themselves unable to do so due to "everything's" dependency on all npm packages. This unintended consequence of the package has created a bind for all npm authors. The five sub-packages under "@everything-registry," which "everything" depends on, are designed to pull in around 800 npm projects each.

This overwhelming dependency chain means that a single command (npm install everything) could initiate a download of millions of packages. The prank's creator, gdi2290 aka PatrickJS, has apologized and reached out to npm admins for a solution.

Ironically, PatrickJS himself cannot remove his packages due to npm's policy, a reaction to the 2016 'left-pad' incident. This policy allows authors to unpublish packages only if they are not dependencies of any other package on npm. As a temporary fix, the "@everything-registry" packages have been made private.

This "dependency hell," as described by Jossef Harush from Checkmarx, showcases the challenges and potential risks of npm's policies and package dependencies.

BreachForums Admin Arrested for Violating Release Conditions

Conor Fitzpatrick, the administrator of the notorious BreachForums, has been arrested again for violating pretrial release conditions. Known in the cybercriminal community as Pompompurin, Fitzpatrick was initially arrested on March 15th for his involvement in hacking activities, including the creation of BreachForums after the FBI seized RaidForums in 2022.

Fitzpatrick, charged with theft and sale of sensitive data from numerous entities, was released on a $300,000 bond. His release conditions strictly prohibited accessing the internet without monitoring software, visiting certain websites, or using identity obfuscation tools like VPNs.

However, Fitzpatrick breached these conditions by using an unmonitored computer and accessing VPN services. As disclosed in a court document, he was arrested on January 2nd for these violations. He remains in custody pending presentation to a court in the Eastern District of Virginia.

This incident highlights the challenges in monitoring and enforcing compliance with pretrial release conditions in cybercrime cases.