The €600,000 gold heist, powered by ransomware
Smashing Security
Graham Cluley
4.7 • 579 Ratings
🗓️ 24 September 2025
⏱️ 39 minutes
🧾️ Download transcript
Summary
Ransomware doesn’t just freeze computers - it can silence alarms too. And when the Natural History Museum in Paris went dark, thieves helped themselves to €600,000 worth of gold in a daring late-night heist. Meanwhile, developers have a new headache: a worm dubbed “Shai Hulud” has wriggled its way through more than 180 npm packages, quietly stealing secrets.
But it’s not all doom and gloom - unless you count your kitchen appliances turning into ad billboards.
All this and more is discussed in episode 436 of the "Smashing Security" podcast with cybersecurity veteran Graham Cluley, and his special guest Zoë Rose.
EPISODE LINKS:
- EU cyber agency says airport software held to ransom by criminals - BBC News.
- Teenagers charged over cyber attack on TfL costing millions of pounds - Sky News.
- Teen arrested on suspicion of Vegas Strip attack that cost $100M - SF Gate.
- Paris: cyber-attack hits Natural History Museum, cancels exhibition - Sortira Paris.
- Cybersécurité : le Grand Palais et plusieurs musées dont le Louvre victimes d’une attaque par rançongiciel - Le Parisien.
- "Des pièces de collection nationale": le directeur du Muséum d'histoire naturelle de Paris indique que les pépites d'or volées ont "une valeur inestimable" - BFMTV.
- Shai-Hulud Supply Chain Attack: Worm Used to Steal Secrets, 180+ NPM Packages Hit - Security Week.
- Shai-Hulud: Ongoing Package Supply Chain Worm Delivering Data-Stealing Malware - Wiz.
- 180+ NPM Packages Hit in Major Supply Chain Attack - Ox.
- Samsung confirms ads will now be shown on its $1,800+ fridges - UniLad.
- Bosch Cordless Multifunction Tool - Bosch.
- Smashing Security merchandise (t-shirts, mugs, stickers and stuff)
SPONSORED BY:
- Vanta – Expand the scope of your security program with market-leading compliance automation… while saving time and money. Smashing Security listeners get $1000 off!
- Trelica by 1Password - Access Governance for every SaaS app. Discover, manage, and optimize access for any of your SaaS apps - whether managed or unmanaged.
SUPPORT THE SHOW:
Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.
Become a supporter via Patreon or Apple Podcasts for ad-free episodes on our early-release feed!
FOLLOW THE SHOW:
Follow us on Bluesky or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes.
THANKS:
Theme tune: "Vinyl Memories" by Mikael Manvelyan.
Assorted sound effects: AudioBlocks.
ENJOYED THE SHOW?
Make sure to check out our sister podcast, "The AI Fix".
Privacy & Opt-Out: https://redcircle.com/privacy
Transcript
Click on a timestamp to play from that location
| 0:00.0 | Well, actually, I haven't got a pick of the week. |
| 0:04.8 | Oh? |
| 0:05.4 | No. |
| 0:06.9 | That's rubbish. |
| 0:08.0 | I've got... |
| 0:08.4 | Excuse me. |
| 0:09.3 | It's my podcast, not yours. |
| 0:20.6 | Smashing Security, Episode 436, the 600,000 euros gold heist, powered by ransomware, with Graham Cluley. |
| 0:31.8 | Hello, hello and welcome to Smashin Security episode 436. My name's Graham Cluley. |
| 0:37.2 | And I'm Zoe Rose. Ah, Zoe, welcome back to the show. It's |
| 0:41.6 | been a while. Lovely to have you back on. Yeah, every time I'm on, something new happens in my life. Now I've |
| 0:47.3 | got a cat. So. Oh, fantastic. You know, you don't have to go out and buy a cat just to come on the podcast. You could just say, hey, Graham, can I come on the podcast? |
| 0:56.7 | Well, now you tell me, I've got a bloody cat now. |
| 1:00.1 | Oh, well, that's your problem, isn't it? |
| 1:02.5 | Well, before we kick off, let's thank this week's wonderful sponsors. One Password and Vanta. We'll be hearing more about them later on the show. |
| 1:12.9 | This week on Smashing Security. |
| 1:15.1 | We're not going to be talking about how flights were cancelled or delayed across Europe |
| 1:18.6 | after a cyber attack targeted Collins Aerospace's new software. |
| 1:24.6 | You'll hear no discussion of... |
| 1:26.3 | How two UK teenagers have been charged for a cyber attack on transport |
| 1:30.3 | for London that resulted in 39 million pounds worth of losses. |
| 1:35.3 | And we won't even mention. |
... |
Please login to see the full transcript.
Disclaimer: The podcast and artwork embedded on this page are from Graham Cluley, and are the property of its owner and not affiliated with or endorsed by Tapesearch.
Generated transcripts are the property of Graham Cluley and are distributed freely under the Fair Use doctrine. Transcripts generated by Tapesearch are not guaranteed to be accurate.
Copyright © Tapesearch 2026.