How Spider Got Hacked Through Google Calendar
Dear readers, welcome to a brand new article ✨
"How Spider Was Hacked via Google (Google Calendar)"
On May 29, 2025, a strange and unique security vulnerability was disclosed, linked to a Chinese state-sponsored group known as APT41, short for Advanced Persistent Threat 41.
> Hold on, is this the same “apt” from apt update and apt upgrade?
No, dear reader, this is not the APT you're thinking of.
This APT refers to a category of advanced cyber threats, often supported by nation-states — in this case, China.
Yes, dear reader, the land of Bruce Lee!
APT41 has been involved in global cyber espionage and large-scale data theft campaigns. It's also known under various aliases such as:
Wicked Panda
Brass Typhoon
Winnti, among others...
Their targets are usually sensitive sectors like:
Governments
Shipping & Logistics
Media & Entertainment
Technology
Automotive Industry
---
🧨 Back to the Story: The Attack Itself
The attack revolved around the use of Google Calendar as a Command-and-Control (C2) channel.
> Wait... did they really control victims just by using Google Calendar?
Yes, dear reader, you read that right!
You're not reading from a fake blog — this is real cyberwarfare!
In this attack, APT41 used a newly developed malware called TOUGHPROGRESS that relies on Google Calendar to remotely execute commands on infected devices and receive the results.
---
🪝 How the Attack Was Carried Out:
Victims received a phishing email containing a link to a compromised government website.
That link downloaded a ZIP file containing:
A folder with image files named 1.jpg to 7.jpg (they appeared to be insect images)
A shortcut file (LNK) disguised as a PDF document
Once the victim opened the LNK file:
A fake PDF popped up, claiming the listed species need to be declared for export
But behind the scenes, malware execution began
---
🧬 The Malware Workflow Includes 3 Stages:
1. PLUSDROP
A DLL that decrypts and loads the next payload directly in memory.
2. PLUSINJECT
Uses process hollowing to inject the next-stage malware into a legitimate system process (svchost.exe).
3. TOUGHPROGRESS
The final payload that communicates with Google Calendar for remote command execution.
---
📆 How TOUGHPROGRESS Uses Google Calendar for C2:
It connects to an attacker-controlled Google Calendar account
It creates a calendar event on a hardcoded date (May 30, 2025)
It stores stolen data inside the event description
Attackers add encrypted commands in other calendar events (July 30 & 31, 2025)
The malware:
Fetches and decrypts these commands
Executes them on the victim’s machine
Uploads the results by writing them back into new calendar events
This technique allows attackers to control infected machines stealthily, using a trusted service that doesn’t usually raise any red flags.
---
⚠️ Why This Method is Smart and Dangerous:
Communication with the malware looks legitimate, since it's through Google services
No need for dedicated C2 servers (harder to block or trace)
Can bypass firewalls easily, because Google Calendar is usually allowed in organizations
---
🛡️ Google’s Response:
The malicious calendar activity was discovered in October 2024
Google shut down the compromised calendar and terminated related Workspace projects
Affected organizations were notified, but the full scope of the campaign remains unknown
---
✅ Final Thoughts:
This attack showcases how cybercriminals are evolving and now using trusted cloud services like Google Calendar and Google Drive to:
Avoid detection
Blend in with normal traffic
Make tracking and mitigation much harder
---
Thank you for reading! 🤍✨
Stay informed, stay safe.
Dear readers, welcome to a brand new article ✨
"How Spider Was Hacked via Google (Google Calendar)"
On May 29, 2025, a strange and unique security vulnerability was disclosed, linked to a Chinese state-sponsored group known as APT41, short for Advanced Persistent Threat 41.
> Hold on, is this the same “apt” from apt update and apt upgrade?
No, dear reader, this is not the APT you're thinking of.
This APT refers to a category of advanced cyber threats, often supported by nation-states — in this case, China.
Yes, dear reader, the land of Bruce Lee!
APT41 has been involved in global cyber espionage and large-scale data theft campaigns. It's also known under various aliases such as:
Wicked Panda
Brass Typhoon
Winnti, among others...
Their targets are usually sensitive sectors like:
Governments
Shipping & Logistics
Media & Entertainment
Technology
Automotive Industry
---
🧨 Back to the Story: The Attack Itself
The attack revolved around the use of Google Calendar as a Command-and-Control (C2) channel.
> Wait... did they really control victims just by using Google Calendar?
Yes, dear reader, you read that right!
You're not reading from a fake blog — this is real cyberwarfare!
In this attack, APT41 used a newly developed malware called TOUGHPROGRESS that relies on Google Calendar to remotely execute commands on infected devices and receive the results.
---
🪝 How the Attack Was Carried Out:
Victims received a phishing email containing a link to a compromised government website.
That link downloaded a ZIP file containing:
A folder with image files named 1.jpg to 7.jpg (they appeared to be insect images)
A shortcut file (LNK) disguised as a PDF document
Once the victim opened the LNK file:
A fake PDF popped up, claiming the listed species need to be declared for export
But behind the scenes, malware execution began
---
🧬 The Malware Workflow Includes 3 Stages:
1. PLUSDROP
A DLL that decrypts and loads the next payload directly in memory.
2. PLUSINJECT
Uses process hollowing to inject the next-stage malware into a legitimate system process (svchost.exe).
3. TOUGHPROGRESS
The final payload that communicates with Google Calendar for remote command execution.
---
📆 How TOUGHPROGRESS Uses Google Calendar for C2:
It connects to an attacker-controlled Google Calendar account
It creates a calendar event on a hardcoded date (May 30, 2025)
It stores stolen data inside the event description
Attackers add encrypted commands in other calendar events (July 30 & 31, 2025)
The malware:
Fetches and decrypts these commands
Executes them on the victim’s machine
Uploads the results by writing them back into new calendar events
This technique allows attackers to control infected machines stealthily, using a trusted service that doesn’t usually raise any red flags.
---
⚠️ Why This Method is Smart and Dangerous:
Communication with the malware looks legitimate, since it's through Google services
No need for dedicated C2 servers (harder to block or trace)
Can bypass firewalls easily, because Google Calendar is usually allowed in organizations
---
🛡️ Google’s Response:
The malicious calendar activity was discovered in October 2024
Google shut down the compromised calendar and terminated related Workspace projects
Affected organizations were notified, but the full scope of the campaign remains unknown
---
✅ Final Thoughts:
This attack showcases how cybercriminals are evolving and now using trusted cloud services like Google Calendar and Google Drive to:
Avoid detection
Blend in with normal traffic
Make tracking and mitigation much harder
---
Thank you for reading! 🤍✨
Stay informed, stay safe.
❤1
تفتكر اي المفاجاه الي سبايدر سيك هينزلها الشهر الجاي ؟
What surprise do you think Spider-Sec will release next month?
What surprise do you think Spider-Sec will release next month?
من قيمه سنه بظبط فنفس الوقت دا كنت انا اتكلمت اني لقيت xss في جوجل بس محدش صدقني و الناس اتريقت عليا المضحك فل موضوع انه مش xss بل انه مجرد طبع كود الـxss بدون حتا ما يعمل alert او يغير حاجه فل موقع
الغريب بقي يعزيزي ان بعد سنه فنفس الساعه دي لقيت تسريب اكواد JavaScript لي جوجل
علي رغم من انه اكواد عاديه مفهاش اي مشكله ولكن لو شخص متطور و فاهم هيعرف انه ممكن تودي لي xss تحديدا xss stored
الي مخليني مش قادر من الضحك ان بعد سنه اكتشفت الموضوع صدفه و انا بدور علي موقع لناس عشان اروق عليهم
هدف من البوست دا اني اقولك حتا لو الناس اتريقت عليك كمل و صدقني يجي وقت و هتلقي الحاجه الي كانت مش موجوده بقت حقيقه اسعي و ربنا هيكرم
( انا بلغت عن مشكله ك bug مش ك ثغره امنيه )
الـPoc اهو 👇🏻
https://www.google.com/search?q=%D9%85%D9%88%D9%82%D8%B9+%D8%A7%D9%84%D9%85%D9%84%D8%AD%D8%AF%D9%8A%D9%86+%D8%A7%D9%84%D8%AE%D8%A7%D8%B5%D9%87+%D8%A8+%D8%A7%D8%B9%D9%84%D8%A7%D9%85%D9%8A&client=ms-android-realme-terr1-rso2&sca_esv=791114aa42752da3&sxsrf=AE3TifMyp11MRaX5Fux7Z-IvY5unuA6ERg%3A1749782925072&ei=jZFLaNqdBI_qkdUPudTAgAI&oq=%D9%85%D9%88%D9%82%D8%B9+%D8%A7%D9%84%D9%85%D9%84%D8%AD%D8%AF%D9%8A%D9%86+%D8%A7%D9%84%D8%AE%D8%A7%D8%B5%D9%87+%D8%A8+%D8%A7%D8%B9%D9%84%D8%A7%D9%85%D9%8A&gs_lp=EhNtb2JpbGUtZ3dzLXdpei1zZXJwIjbZhdmI2YLYuSDYp9mE2YXZhNit2K_ZitmGINin2YTYrtin2LXZhyDYqCDYp9i52YTYp9mF2YoyBRAhGKABMgUQIRigATIIEAAYgAQYogQyCBAAGIAEGKIESPkjULYGWMMhcAF4AZABAJgBqAGgAbATqgEEMC4xNrgBA8gBAPgBAZgCEaAC4BTCAgoQABiwAxjWBBhHwgIKEAAYgAQYQxiKBcICBRAAGIAEwgIGEAAYFhgewgIIEAAYogQYiQXCAgUQABjvBcICBRAhGJ8FwgIHECEYoAEYCpgDAIgGAZAGCJIHBjEuMTUuMaAHpTqyBwYwLjE1LjG4B9UUwgcHMi03LjkuMcgHqgE&sclient=mobile-gws-wiz-serp
الغريب بقي يعزيزي ان بعد سنه فنفس الساعه دي لقيت تسريب اكواد JavaScript لي جوجل
علي رغم من انه اكواد عاديه مفهاش اي مشكله ولكن لو شخص متطور و فاهم هيعرف انه ممكن تودي لي xss تحديدا xss stored
الي مخليني مش قادر من الضحك ان بعد سنه اكتشفت الموضوع صدفه و انا بدور علي موقع لناس عشان اروق عليهم
هدف من البوست دا اني اقولك حتا لو الناس اتريقت عليك كمل و صدقني يجي وقت و هتلقي الحاجه الي كانت مش موجوده بقت حقيقه اسعي و ربنا هيكرم
( انا بلغت عن مشكله ك bug مش ك ثغره امنيه )
الـPoc اهو 👇🏻
https://www.google.com/search?q=%D9%85%D9%88%D9%82%D8%B9+%D8%A7%D9%84%D9%85%D9%84%D8%AD%D8%AF%D9%8A%D9%86+%D8%A7%D9%84%D8%AE%D8%A7%D8%B5%D9%87+%D8%A8+%D8%A7%D8%B9%D9%84%D8%A7%D9%85%D9%8A&client=ms-android-realme-terr1-rso2&sca_esv=791114aa42752da3&sxsrf=AE3TifMyp11MRaX5Fux7Z-IvY5unuA6ERg%3A1749782925072&ei=jZFLaNqdBI_qkdUPudTAgAI&oq=%D9%85%D9%88%D9%82%D8%B9+%D8%A7%D9%84%D9%85%D9%84%D8%AD%D8%AF%D9%8A%D9%86+%D8%A7%D9%84%D8%AE%D8%A7%D8%B5%D9%87+%D8%A8+%D8%A7%D8%B9%D9%84%D8%A7%D9%85%D9%8A&gs_lp=EhNtb2JpbGUtZ3dzLXdpei1zZXJwIjbZhdmI2YLYuSDYp9mE2YXZhNit2K_ZitmGINin2YTYrtin2LXZhyDYqCDYp9i52YTYp9mF2YoyBRAhGKABMgUQIRigATIIEAAYgAQYogQyCBAAGIAEGKIESPkjULYGWMMhcAF4AZABAJgBqAGgAbATqgEEMC4xNrgBA8gBAPgBAZgCEaAC4BTCAgoQABiwAxjWBBhHwgIKEAAYgAQYQxiKBcICBRAAGIAEwgIGEAAYFhgewgIIEAAYogQYiQXCAgUQABjvBcICBRAhGJ8FwgIHECEYoAEYCpgDAIgGAZAGCJIHBjEuMTUuMaAHpTqyBwYwLjE1LjG4B9UUwgcHMi03LjkuMcgHqgE&sclient=mobile-gws-wiz-serp
Google
🔎 موقع الملحدين الخاصه ب اعلامي – Google Search
❤2
Exactly one year ago — at this exact same time — I was talking about finding an XSS vulnerability in Google. But no one believed me. People laughed at me, mocked me.
The funny part? It wasn’t even real XSS. It was just the XSS payload getting reflected — printed on the page without actually triggering an alert() or affecting the page in any visible way.
Now here’s where it gets weird: one year later, at the same exact hour, I stumbled across a leak of internal JavaScript code from Google.
Even though the code itself doesn’t seem harmful at first glance, someone with a deep understanding of JavaScript and browser behavior could clearly see how this might lead to something dangerous — like stored XSS.
I honestly couldn’t stop laughing. A full year later, the thing everyone thought was a joke turns out to be a real lead. And what’s crazier is I didn’t even mean to find it — I was just browsing random sites for fun.
The whole point of this post is simple:
Even if people make fun of you or don’t believe you — keep going. Keep learning. Keep pushing. One day, something that didn’t exist will become real. And when that moment comes, you’ll be glad you didn’t stop.
(And yes, I reported it as a bug — not a full-blown security vulnerability.)
Here’s the PoC :
https://www.google.com/search?q=%D9%85%D9%88%D9%82%D8%B9+%D8%A7%D9%84%D9%85%D9%84%D8%AD%D8%AF%D9%8A%D9%86+%D8%A7%D9%84%D8%AE%D8%A7%D8%B5%D9%87+%D8%A8+%D8%A7%D8%B9%D9%84%D8%A7%D9%85%D9%8A&client=ms-android-realme-terr1-rso2&sca_esv=791114aa42752da3&sxsrf=AE3TifMyp11MRaX5Fux7Z-IvY5unuA6ERg%3A1749782925072&ei=jZFLaNqdBI_qkdUPudTAgAI&oq=%D9%85%D9%88%D9%82%D8%B9+%D8%A7%D9%84%D9%85%D9%84%D8%AD%D8%AF%D9%8A%D9%86+%D8%A7%D9%84%D8%AE%D8%A7%D8%B5%D9%87+%D8%A8+%D8%A7%D8%B9%D9%84%D8%A7%D9%85%D9%8A&gs_lp=EhNtb2JpbGUtZ3dzLXdpei1zZXJwIjbZhdmI2YLYuSDYp9mE2YXZhNit2K_ZitmGINin2YTYrtin2LXZhyDYqCDYp9i52YTYp9mF2YoyBRAhGKABMgUQIRigATIIEAAYgAQYogQyCBAAGIAEGKIESPkjULYGWMMhcAF4AZABAJgBqAGgAbATqgEEMC4xNrgBA8gBAPgBAZgCEaAC4BTCAgoQABiwAxjWBBhHwgIKEAAYgAQYQxiKBcICBRAAGIAEwgIGEAAYFhgewgIIEAAYogQYiQXCAgUQABjvBcICBRAhGJ8FwgIHECEYoAEYCpgDAIgGAZAGCJIHBjEuMTUuMaAHpTqyBwYwLjE1LjG4B9UUwgcHMi03LjkuMcgHqgE&sclient=mobile-gws-wiz-serp
The funny part? It wasn’t even real XSS. It was just the XSS payload getting reflected — printed on the page without actually triggering an alert() or affecting the page in any visible way.
Now here’s where it gets weird: one year later, at the same exact hour, I stumbled across a leak of internal JavaScript code from Google.
Even though the code itself doesn’t seem harmful at first glance, someone with a deep understanding of JavaScript and browser behavior could clearly see how this might lead to something dangerous — like stored XSS.
I honestly couldn’t stop laughing. A full year later, the thing everyone thought was a joke turns out to be a real lead. And what’s crazier is I didn’t even mean to find it — I was just browsing random sites for fun.
The whole point of this post is simple:
Even if people make fun of you or don’t believe you — keep going. Keep learning. Keep pushing. One day, something that didn’t exist will become real. And when that moment comes, you’ll be glad you didn’t stop.
(And yes, I reported it as a bug — not a full-blown security vulnerability.)
Here’s the PoC :
https://www.google.com/search?q=%D9%85%D9%88%D9%82%D8%B9+%D8%A7%D9%84%D9%85%D9%84%D8%AD%D8%AF%D9%8A%D9%86+%D8%A7%D9%84%D8%AE%D8%A7%D8%B5%D9%87+%D8%A8+%D8%A7%D8%B9%D9%84%D8%A7%D9%85%D9%8A&client=ms-android-realme-terr1-rso2&sca_esv=791114aa42752da3&sxsrf=AE3TifMyp11MRaX5Fux7Z-IvY5unuA6ERg%3A1749782925072&ei=jZFLaNqdBI_qkdUPudTAgAI&oq=%D9%85%D9%88%D9%82%D8%B9+%D8%A7%D9%84%D9%85%D9%84%D8%AD%D8%AF%D9%8A%D9%86+%D8%A7%D9%84%D8%AE%D8%A7%D8%B5%D9%87+%D8%A8+%D8%A7%D8%B9%D9%84%D8%A7%D9%85%D9%8A&gs_lp=EhNtb2JpbGUtZ3dzLXdpei1zZXJwIjbZhdmI2YLYuSDYp9mE2YXZhNit2K_ZitmGINin2YTYrtin2LXZhyDYqCDYp9i52YTYp9mF2YoyBRAhGKABMgUQIRigATIIEAAYgAQYogQyCBAAGIAEGKIESPkjULYGWMMhcAF4AZABAJgBqAGgAbATqgEEMC4xNrgBA8gBAPgBAZgCEaAC4BTCAgoQABiwAxjWBBhHwgIKEAAYgAQYQxiKBcICBRAAGIAEwgIGEAAYFhgewgIIEAAYogQYiQXCAgUQABjvBcICBRAhGJ8FwgIHECEYoAEYCpgDAIgGAZAGCJIHBjEuMTUuMaAHpTqyBwYwLjE1LjG4B9UUwgcHMi03LjkuMcgHqgE&sclient=mobile-gws-wiz-serp
Google
🔎 موقع الملحدين الخاصه ب اعلامي – Google Search
طيب حابب اقول حاجه ان شاء الله هرجع قريب لي القناه و باذن الله هكون احسن سبب اني بطلت تنزيل بسبب اني كنت محظور و الحظر اتفك ❤️✨
I just wanted to say that, God willing, I’ll be back on the channel soon — and this time, even better than before. The reason I stopped uploading was because I was banned, but the ban has been lifted ❤️✨
I just wanted to say that, God willing, I’ll be back on the channel soon — and this time, even better than before. The reason I stopped uploading was because I was banned, but the ban has been lifted ❤️✨
❤3
https://aistudio.google.com/prompts/new_chat
انسب طريقه عشان تستخدم
That's better to use a gemini 2.5 pro
انسب طريقه عشان تستخدم
Gemini 2.5 pro
That's better to use a gemini 2.5 pro
لحد الوقتي سبايدر مش اعلن عن مفاجاه و شكلها حاجه كبيره لنها قعدت فتره طويله ف تفتكر هيا اي
ياااا عزيزي عامل اي ؟
تصدق والله والله كنت علي بالي النهارده
الي صحيح يعزيزي سمعت عن اختراق الطياره ؟
بس يا سبايدر اختراق طياره اي انت شكلك بتقول كلام عبيط
الحقيقه يعزيزي انو لا
موضوع المقال :
في سنه ( 2015-2014 )
قدر الباحث لامني كريس روبرتس انو يخترق طياره حقيقها و هو كان راكبها
عن طريق انو جاب usb خبيثه كانت تحتوي علي اسكربت لي استغلال الثغره و وضعها في منفذ USB الخاص بطياره من ما ادي الي اختراق نظام الطياره
طيب يا سبايدر في طرق تانيه ؟
اكيد زي مثلا GPS Spoofing
انك تقدر تخدع الطياره و تخليها تهبط من مكان لي مكان تاني عن طريق ارسال اشارات مزيفه
موقع زي opsgroup لقي ان اغلب الحوادث بتحصل زي
اختراق طيارات في القاهره و بغداد و فلسطين ( الي مش يتسمو )
و دا خلي الطيارات ترجع علي عادات تقليديه
طيب علي كد في تسريب بيانات بيحصل ؟
في ( 2014 )
حصل ان شركه sita الي بتخدم 90 فل ميه من شركات الطيارين حصلها اختراق و اتسرب بيانات لي عملاء و
لن لانظمه دي بتكون شغاله علي لينكس
يعني مثال
انت دلوقتي يعزيزي قعد في طياره و قدامك الشاشه و قعد تكتب لو جربت تكتب كلمه spider و تنسخها و تعملها كتير كتير زي كد
Spider spider spider spider
Spider spider spider spider
Spider spider spider spider
و النظام علق او حتا خرجك بره البرنامج فا دا معني علي وجود bug او مشكله في الطياره
طيب يا سبايدر في طرق تانيه ؟
الحقيقه فوقت كتابه المقال و علي حد علمي طرق اختراق الطياره من داخلها مش بيتم غير الطرق الي ذكرتها
بس لحظه ينفع هندسه اجتماعية ؟
الحقيقه ينفع و مش ينفع فنفس الوقت
ينفع لو فحال شخص منتحل هويه شخص ساسي كبير او او او و تيجي تحط فلاشه خبيثه
و مش ينفع و دا السيناريو الواقعي انك هتقول لموظفه الطياران لو سمحتي حطي الفلاشه 🤦🏻
طيب بعد كل دا ازاي الشركات بقت بتحمي نفسها ؟
بطريقه بسيطه ياما يرجعو لي سياسيه القديمه زي انهم يفصلو الواي فاي ف اي جهاز
او تطوير نظام حمايه مخصص ليهم و اضافه لي firewall
شكرا علي قرائه المقال اتمنه لو قدرت افيدك يعزيزي ولو بمعلومه بسيطه و شكرا علي تفاعل رهيب و لسه المفاجاه قريبه 🤍
تصدق والله والله كنت علي بالي النهارده
الي صحيح يعزيزي سمعت عن اختراق الطياره ؟
بس يا سبايدر اختراق طياره اي انت شكلك بتقول كلام عبيط
الحقيقه يعزيزي انو لا
موضوع المقال :
اختراق الطيارات ✈️
في سنه ( 2015-2014 )
قدر الباحث لامني كريس روبرتس انو يخترق طياره حقيقها و هو كان راكبها
IFE
عن طريق انو جاب usb خبيثه كانت تحتوي علي اسكربت لي استغلال الثغره و وضعها في منفذ USB الخاص بطياره من ما ادي الي اختراق نظام الطياره
طيب يا سبايدر في طرق تانيه ؟
اكيد زي مثلا GPS Spoofing
انك تقدر تخدع الطياره و تخليها تهبط من مكان لي مكان تاني عن طريق ارسال اشارات مزيفه
موقع زي opsgroup لقي ان اغلب الحوادث بتحصل زي
اختراق طيارات في القاهره و بغداد و فلسطين ( الي مش يتسمو )
و دا خلي الطيارات ترجع علي عادات تقليديه
طيب علي كد في تسريب بيانات بيحصل ؟
في ( 2014 )
حصل ان شركه sita الي بتخدم 90 فل ميه من شركات الطيارين حصلها اختراق و اتسرب بيانات لي عملاء و
لن لانظمه دي بتكون شغاله علي لينكس
يعني مثال
انت دلوقتي يعزيزي قعد في طياره و قدامك الشاشه و قعد تكتب لو جربت تكتب كلمه spider و تنسخها و تعملها كتير كتير زي كد
Spider spider spider spider
Spider spider spider spider
Spider spider spider spider
و النظام علق او حتا خرجك بره البرنامج فا دا معني علي وجود bug او مشكله في الطياره
طيب يا سبايدر في طرق تانيه ؟
الحقيقه فوقت كتابه المقال و علي حد علمي طرق اختراق الطياره من داخلها مش بيتم غير الطرق الي ذكرتها
بس لحظه ينفع هندسه اجتماعية ؟
الحقيقه ينفع و مش ينفع فنفس الوقت
ينفع لو فحال شخص منتحل هويه شخص ساسي كبير او او او و تيجي تحط فلاشه خبيثه
و مش ينفع و دا السيناريو الواقعي انك هتقول لموظفه الطياران لو سمحتي حطي الفلاشه 🤦🏻
طيب بعد كل دا ازاي الشركات بقت بتحمي نفسها ؟
بطريقه بسيطه ياما يرجعو لي سياسيه القديمه زي انهم يفصلو الواي فاي ف اي جهاز
او تطوير نظام حمايه مخصص ليهم و اضافه لي firewall
شكرا علي قرائه المقال اتمنه لو قدرت افيدك يعزيزي ولو بمعلومه بسيطه و شكرا علي تفاعل رهيب و لسه المفاجاه قريبه 🤍
❤4
✈️ Hacking Airplanes – Is it Really Possible?
Hey buddy, how are you doing?
You won’t believe it… I swear I was just thinking about you today!
But seriously, have you ever heard about hacking an airplane?
“Come on, Spider… hacking a plane? You sound crazy!”
Well my friend, no… it’s not crazy at all 👀
---
🎯 The Topic: Hacking Airplanes ✈️
Back in 2014–2015,
a security researcher named Chris Roberts managed to hack a real airplane… while he was actually on board!
How?
He discovered a vulnerability in the plane’s IFE (In-Flight Entertainment) system.
He created a malicious USB that contained an exploit script targeting the system.
Once he plugged it into the USB port of the aircraft… boom 💥
He was inside the plane’s systems!
---
🛰️ Other Attack Methods?
Definitely, bro.
🔁 GPS Spoofing
This is when you send fake GPS signals to the airplane.
You trick it into thinking it’s in a different location — making it land somewhere it shouldn't.
A website called OPSGROUP even confirmed multiple incidents like that — especially in places like:
Cairo
Baghdad
Palestine (yes, that place you know they never mention)
This made some airplanes go back to old-school, manual navigation systems.
---
📂 So… Is Data Ever Leaked?
Absolutely.
In 2014, a major company called SITA — which serves over 90% of global airlines —
was hacked. Tons of passenger data was leaked!
Why?
Most of these systems run on Linux.
Let me give you a simple example:
You’re sitting on a plane, right? You got the little screen in front of you.
Try typing the word:
Spider spider spider spider
Spider spider spider spider
Spider spider spider spider
If the system crashes or exits the program — that’s a sign of a bug or vulnerability in the plane’s software 😬
---
🧠 Any Other Ways to Hack a Plane?
Well, as of writing this article — and to my current knowledge —
there aren’t many more realistic ways to hack a plane from the inside, other than what I mentioned.
---
🎭 What About Social Engineering?
That’s a great point.
Can it work? Yes.
Can it also fail miserably? Yes 😅
✅ It might work if someone is pretending to be a high-ranking official, or engineer, or anyone with access — and sneaks in a malicious USB device.
❌ But in real life?
You really gonna walk up to a flight attendant and say:
> "Excuse me, can you plug in this USB for me?" 🤦🏻♂️
---
🔐 So, How Do Airlines Protect Themselves Now?
Simple really.
1. Old-school policies:
Some airlines now physically disconnect Wi-Fi or USB access from critical systems.
2. Custom Security Systems:
They build firewalls and protection layers specifically designed for aviation networks.
3. Network Segmentation:
Entertainment systems are separated from flight controls, reducing risk.
---
✅ Final Thoughts
Yes, hacking planes is technically possible — but extremely difficult.
Cybersecurity awareness in aviation is growing rapidly.
Companies are learning from past incidents and building more secure systems every day.
---
Thank you so much for reading the article.
I really hope I was able to teach you at least one cool thing today ✨
And don’t go too far…
Something big is coming soon 🤍
Hey buddy, how are you doing?
You won’t believe it… I swear I was just thinking about you today!
But seriously, have you ever heard about hacking an airplane?
“Come on, Spider… hacking a plane? You sound crazy!”
Well my friend, no… it’s not crazy at all 👀
---
🎯 The Topic: Hacking Airplanes ✈️
Back in 2014–2015,
a security researcher named Chris Roberts managed to hack a real airplane… while he was actually on board!
How?
He discovered a vulnerability in the plane’s IFE (In-Flight Entertainment) system.
He created a malicious USB that contained an exploit script targeting the system.
Once he plugged it into the USB port of the aircraft… boom 💥
He was inside the plane’s systems!
---
🛰️ Other Attack Methods?
Definitely, bro.
🔁 GPS Spoofing
This is when you send fake GPS signals to the airplane.
You trick it into thinking it’s in a different location — making it land somewhere it shouldn't.
A website called OPSGROUP even confirmed multiple incidents like that — especially in places like:
Cairo
Baghdad
Palestine (yes, that place you know they never mention)
This made some airplanes go back to old-school, manual navigation systems.
---
📂 So… Is Data Ever Leaked?
Absolutely.
In 2014, a major company called SITA — which serves over 90% of global airlines —
was hacked. Tons of passenger data was leaked!
Why?
Most of these systems run on Linux.
Let me give you a simple example:
You’re sitting on a plane, right? You got the little screen in front of you.
Try typing the word:
Spider spider spider spider
Spider spider spider spider
Spider spider spider spider
If the system crashes or exits the program — that’s a sign of a bug or vulnerability in the plane’s software 😬
---
🧠 Any Other Ways to Hack a Plane?
Well, as of writing this article — and to my current knowledge —
there aren’t many more realistic ways to hack a plane from the inside, other than what I mentioned.
---
🎭 What About Social Engineering?
That’s a great point.
Can it work? Yes.
Can it also fail miserably? Yes 😅
✅ It might work if someone is pretending to be a high-ranking official, or engineer, or anyone with access — and sneaks in a malicious USB device.
❌ But in real life?
You really gonna walk up to a flight attendant and say:
> "Excuse me, can you plug in this USB for me?" 🤦🏻♂️
---
🔐 So, How Do Airlines Protect Themselves Now?
Simple really.
1. Old-school policies:
Some airlines now physically disconnect Wi-Fi or USB access from critical systems.
2. Custom Security Systems:
They build firewalls and protection layers specifically designed for aviation networks.
3. Network Segmentation:
Entertainment systems are separated from flight controls, reducing risk.
---
✅ Final Thoughts
Yes, hacking planes is technically possible — but extremely difficult.
Cybersecurity awareness in aviation is growing rapidly.
Companies are learning from past incidents and building more secure systems every day.
---
Thank you so much for reading the article.
I really hope I was able to teach you at least one cool thing today ✨
And don’t go too far…
Something big is coming soon 🤍
❤4
عن أبي سعيد الخدري رضي الله عنه ،
أن رسول الله ﷺ قال :
"إنَّ إبْلِيسَ قَالَ لِرَبِّهِ : بِعِزَّتِكَ وَجَلَالِكَ لَا أبْرَحُ أُغْوِي بَنِي آدَمَ مَا دَامَتِ الأرْوَاحُ فِيهِمْ. فَقَالَ لَهُ اللهُ : فَبِعِزَّتِي وَجَلَالِي لَا أبْرَحُ أغْفِرُ لَهُمْ مَا اسْتَغْفَرُونِي".
[الأربعون الحنبلية | الحديث السادس عشر].
أن رسول الله ﷺ قال :
"إنَّ إبْلِيسَ قَالَ لِرَبِّهِ : بِعِزَّتِكَ وَجَلَالِكَ لَا أبْرَحُ أُغْوِي بَنِي آدَمَ مَا دَامَتِ الأرْوَاحُ فِيهِمْ. فَقَالَ لَهُ اللهُ : فَبِعِزَّتِي وَجَلَالِي لَا أبْرَحُ أغْفِرُ لَهُمْ مَا اسْتَغْفَرُونِي".
[الأربعون الحنبلية | الحديث السادس عشر].
❤7
حوار بين احمد و محمد 🗣️
محمد : انا في حاجه مستغربه اوي
احمد : اي هيا ؟
محمد : بيقولو ان تلفون النوكيا القديم جدا تقدر تخترقو !؟
احمد : اكيد
محمد : اشلون , كيف , ازاي
احمد : تعالا نشوف 😂
----------------------------------------------------
اهلا وسهلا بيكم اعزائي القراء و اهلا بيكم في مقال جديد
" عنوان المقال "
اول حاجه نفهم ازاي تلفون القديم بيشتغل
طبيعي زي اي جهاز بيحتوي علي معالج ( CPU ) و رامات ( RAM ) و طبعا هما بيعملو اشياء بسيطه جدا و حجم الرام كان قليل اقل من 1 ميجابايت
دا كد من ناحيه الهارد وير طيب السوفت وير 🤔
هناخد شركه نوكيا في المقال دا كا مثال 😁
شركه نوكيا كانت عامله نظام تشغيل اسمو
نظام كان معقد ولكن علي وقتها كان مبسط و سهل و كان في
و دا كان لي لاجهزه المبتكره
و من ناحيه الشبكات !؟
كان الجهاز شغال علي
2G (GSM)
و كان في اتصالات و sms و بعض لاوقات كان يقدر يشغل انترنت
" GPRS & EDGE "
وطبعا كان كل حاجه في بسيطه و خفيفه جدا مقارنه بل وقت الحالي
طيب كد شرحنا شرح سريع لي اجهزه نوكيا ازاي كان بيحصل اختراق عليهم 🤔
بص يعزيزي و ركز معايا كويس
اول حاجه ثغرات الـ SMS Exploits
ببساطه الثغره كانت بتشتغل عن طريق ان المهاجم يرسل رساله مليانه رموز وشفرات لي جهاز الخاص بي الضحيه
يعني مثلا
سبايدر ( مهاجم )
محمد ( ضحيه )
سبايدر ارسل لي محمد رساله مليانه حروف زي كد
$&$&&$&٢&$&$&#&٦$&$&$٥$&
و تلفون محمد يبداء يهنج و اوقات بيعمل ريست يعني يقفل و يفتح تاني
و كان اوقات المهاجم لو كان شخص تقني يقدر يعمل اوفر فلو ( buffer overflow ) علي الضحيه
اشهر واقعه حصلت كانت في سنه { 2008 }
و اسمه
كانت في نظام Symbian S60 و بتخلي المستخدم مش يقدر ياخد اي رساله من اي مستخدم تاني يعني كانت بتعملو تاخير
تاني حاجه Bluetooth Exploits
دي كانت بتستغل كلمات البلوتوث الضعيفه لن وقتها البلوتوث الحمايه الخاصه بي كانت ضعيفه جدا
و بتخلي الجهاز في وضع ( Discoverable ) بدون علم المستخدم
مثال :
BlueBugging: التحكم بالجهاز عبر البلوتوث مثل إرسال رسائل أو إجراء مكالمات بدون علم الضحية.
BlueSnarfing: سرقة بيانات مثل الأسماء، الرسائل، الملفات عبر اتصال بلوتوث بدون إذن.
BlueJacking: إرسال رسائل مجهولة للهواتف القريبة عبر البلوتوث.
تالت حاجه ( exploit symbian os )
و دي كانت عن طريق تنزيل برامج ضاره تحديدا
زي
Cabir & Commwarrior
لاخيره كانت عن طريق التحايل علي sim
عن طريق اكواد تكتبها في لاتصال زي
وبس يعزيزي مش حابب اطول عليك شكرا علي قرائه المقال لو حابين اعمل جزء تاني مش مشكله و اتمني تنشرو مقال صحيح الحاجت دي قديمه بس الهدف منها هو نشر العلم و مش تستهزء بيها زمان الحاجت دي كانت زي البيجاسوس دلوقت و شكرا علي دعم
و سلام 🤍
محمد : انا في حاجه مستغربه اوي
احمد : اي هيا ؟
محمد : بيقولو ان تلفون النوكيا القديم جدا تقدر تخترقو !؟
احمد : اكيد
محمد : اشلون , كيف , ازاي
احمد : تعالا نشوف 😂
----------------------------------------------------
اهلا وسهلا بيكم اعزائي القراء و اهلا بيكم في مقال جديد
" عنوان المقال "
كيف يتم اختراق هاتف النوكيا
اول حاجه نفهم ازاي تلفون القديم بيشتغل
طبيعي زي اي جهاز بيحتوي علي معالج ( CPU ) و رامات ( RAM ) و طبعا هما بيعملو اشياء بسيطه جدا و حجم الرام كان قليل اقل من 1 ميجابايت
دا كد من ناحيه الهارد وير طيب السوفت وير 🤔
هناخد شركه نوكيا في المقال دا كا مثال 😁
شركه نوكيا كانت عامله نظام تشغيل اسمو
Nokia os series 30/40
نظام كان معقد ولكن علي وقتها كان مبسط و سهل و كان في
Symbian OS
و دا كان لي لاجهزه المبتكره
و من ناحيه الشبكات !؟
كان الجهاز شغال علي
2G (GSM)
و كان في اتصالات و sms و بعض لاوقات كان يقدر يشغل انترنت
" GPRS & EDGE "
وطبعا كان كل حاجه في بسيطه و خفيفه جدا مقارنه بل وقت الحالي
طيب كد شرحنا شرح سريع لي اجهزه نوكيا ازاي كان بيحصل اختراق عليهم 🤔
بص يعزيزي و ركز معايا كويس
اول حاجه ثغرات الـ SMS Exploits
ببساطه الثغره كانت بتشتغل عن طريق ان المهاجم يرسل رساله مليانه رموز وشفرات لي جهاز الخاص بي الضحيه
يعني مثلا
سبايدر ( مهاجم )
محمد ( ضحيه )
سبايدر ارسل لي محمد رساله مليانه حروف زي كد
$&$&&$&٢&$&$&#&٦$&$&$٥$&
و تلفون محمد يبداء يهنج و اوقات بيعمل ريست يعني يقفل و يفتح تاني
و كان اوقات المهاجم لو كان شخص تقني يقدر يعمل اوفر فلو ( buffer overflow ) علي الضحيه
اشهر واقعه حصلت كانت في سنه { 2008 }
و اسمه
Curse of Silence
كانت في نظام Symbian S60 و بتخلي المستخدم مش يقدر ياخد اي رساله من اي مستخدم تاني يعني كانت بتعملو تاخير
تاني حاجه Bluetooth Exploits
دي كانت بتستغل كلمات البلوتوث الضعيفه لن وقتها البلوتوث الحمايه الخاصه بي كانت ضعيفه جدا
و بتخلي الجهاز في وضع ( Discoverable ) بدون علم المستخدم
مثال :
BlueBugging: التحكم بالجهاز عبر البلوتوث مثل إرسال رسائل أو إجراء مكالمات بدون علم الضحية.
BlueSnarfing: سرقة بيانات مثل الأسماء، الرسائل، الملفات عبر اتصال بلوتوث بدون إذن.
BlueJacking: إرسال رسائل مجهولة للهواتف القريبة عبر البلوتوث.
تالت حاجه ( exploit symbian os )
و دي كانت عن طريق تنزيل برامج ضاره تحديدا
Fake Certificates
زي
Cabir & Commwarrior
لاخيره كانت عن طريق التحايل علي sim
عن طريق اكواد تكتبها في لاتصال زي
*#06# → معرفة رقم IMEI
*#7780# → إعادة ضبط المصنع
وبس يعزيزي مش حابب اطول عليك شكرا علي قرائه المقال لو حابين اعمل جزء تاني مش مشكله و اتمني تنشرو مقال صحيح الحاجت دي قديمه بس الهدف منها هو نشر العلم و مش تستهزء بيها زمان الحاجت دي كانت زي البيجاسوس دلوقت و شكرا علي دعم
و سلام 🤍
❤1
🗣️ Conversation Between Ahmed and Mohamed
Mohamed: There's something I find really strange.
Ahmed: What is it?
Mohamed: They say those really old Nokia phones can be hacked!?
Ahmed: Of course!
Mohamed: How!? Seriously, how is that possible?
Ahmed: Come on, let me show you 😂
---
📄 Welcome everyone to a new article!
Title: How Old Nokia Phones Were Hacked
First, let's understand how those old phones actually worked.
Like any other device, they had:
A CPU (Processor)
RAM (which was extremely limited, usually less than 1 MB)
That covers the hardware side. But what about the software? 🤔
Let's use Nokia as an example here 😁
Nokia used to run operating systems like:
Nokia OS Series 30/40 → Simple but advanced for its time
Symbian OS → For more innovative or smart Nokia devices
And in terms of network connectivity:
The phones operated on 2G (GSM) networks
Supported calls, SMS, and sometimes even basic internet using:
GPRS
EDGE
Of course, everything was lightweight and simple compared to today's technology.
---
🤔 So, how were Nokia phones hacked back then?
Focus with me here, my friend 👀
First: SMS Exploits
Simply put, the attacker would send the victim a message filled with symbols and weird characters.
Example:
Spider (Attacker)
Mohamed (Victim)
Spider sends Mohamed a message full of strange symbols like:
$&$&&$&٢&$&$&#&٦$&$&$٥$&
Mohamed’s phone starts lagging, sometimes it freezes or restarts itself.
In more technical attacks, a skilled hacker could trigger a Buffer Overflow on the victim's device.
One of the most famous incidents was in 2008, called:
⚠️ Curse of Silence
This exploit targeted Symbian S60 devices, preventing the victim from receiving any new SMS from anyone, basically jamming their message inbox.
---
Second: Bluetooth Exploits
At that time, Bluetooth security was very weak, and often:
Phones would stay in Discoverable Mode without the user knowing.
Examples of Bluetooth Attacks:
BlueBugging: Gain control of the device via Bluetooth, send messages or make calls without the victim’s consent.
BlueSnarfing: Steal contacts, messages, files via Bluetooth without permission.
BlueJacking: Send anonymous prank messages to nearby phones using Bluetooth.
---
Third: Symbian OS Exploits
This happened by installing malicious apps, often using:
Fake Certificates to bypass restrictions.
Some well-known mobile viruses included:
Cabir
Commwarrior
---
Lastly: SIM Exploits using Secret Codes
Attackers could abuse secret dialing codes to access hidden functions like:
*#06# → Check IMEI number
*#7780# → Factory Reset
---
That's it, my friend!
I won’t keep you for long, thanks for reading this article 🙏
If you’d like me to do a second part, no problem, just let me know!
Please share this article—the topic may be old, but it's educational.
Back then, these tricks were like today’s Pegasus spyware—serious stuff for their time!
Thank you for the support, and peace out 🤍
Mohamed: There's something I find really strange.
Ahmed: What is it?
Mohamed: They say those really old Nokia phones can be hacked!?
Ahmed: Of course!
Mohamed: How!? Seriously, how is that possible?
Ahmed: Come on, let me show you 😂
---
📄 Welcome everyone to a new article!
Title: How Old Nokia Phones Were Hacked
First, let's understand how those old phones actually worked.
Like any other device, they had:
A CPU (Processor)
RAM (which was extremely limited, usually less than 1 MB)
That covers the hardware side. But what about the software? 🤔
Let's use Nokia as an example here 😁
Nokia used to run operating systems like:
Nokia OS Series 30/40 → Simple but advanced for its time
Symbian OS → For more innovative or smart Nokia devices
And in terms of network connectivity:
The phones operated on 2G (GSM) networks
Supported calls, SMS, and sometimes even basic internet using:
GPRS
EDGE
Of course, everything was lightweight and simple compared to today's technology.
---
🤔 So, how were Nokia phones hacked back then?
Focus with me here, my friend 👀
First: SMS Exploits
Simply put, the attacker would send the victim a message filled with symbols and weird characters.
Example:
Spider (Attacker)
Mohamed (Victim)
Spider sends Mohamed a message full of strange symbols like:
$&$&&$&٢&$&$&#&٦$&$&$٥$&
Mohamed’s phone starts lagging, sometimes it freezes or restarts itself.
In more technical attacks, a skilled hacker could trigger a Buffer Overflow on the victim's device.
One of the most famous incidents was in 2008, called:
⚠️ Curse of Silence
This exploit targeted Symbian S60 devices, preventing the victim from receiving any new SMS from anyone, basically jamming their message inbox.
---
Second: Bluetooth Exploits
At that time, Bluetooth security was very weak, and often:
Phones would stay in Discoverable Mode without the user knowing.
Examples of Bluetooth Attacks:
BlueBugging: Gain control of the device via Bluetooth, send messages or make calls without the victim’s consent.
BlueSnarfing: Steal contacts, messages, files via Bluetooth without permission.
BlueJacking: Send anonymous prank messages to nearby phones using Bluetooth.
---
Third: Symbian OS Exploits
This happened by installing malicious apps, often using:
Fake Certificates to bypass restrictions.
Some well-known mobile viruses included:
Cabir
Commwarrior
---
Lastly: SIM Exploits using Secret Codes
Attackers could abuse secret dialing codes to access hidden functions like:
*#06# → Check IMEI number
*#7780# → Factory Reset
---
That's it, my friend!
I won’t keep you for long, thanks for reading this article 🙏
If you’d like me to do a second part, no problem, just let me know!
Please share this article—the topic may be old, but it's educational.
Back then, these tricks were like today’s Pegasus spyware—serious stuff for their time!
Thank you for the support, and peace out 🤍
🕊2
👌2