{"id":39298,"date":"2021-01-26T13:44:45","date_gmt":"2021-01-26T13:44:45","guid":{"rendered":"https:\/\/packetstormsecurity.com\/news\/view\/31962\/Former-LulzSec-Hacker-Releases-SonicWall-VPN-Zero-Day.html"},"modified":"2021-01-26T13:44:45","modified_gmt":"2021-01-26T13:44:45","slug":"former-lulzsec-hacker-releases-sonicwall-vpn-zero-day","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/former-lulzsec-hacker-releases-sonicwall-vpn-zero-day\/","title":{"rendered":"Former LulzSec Hacker Releases SonicWall VPN Zero-Day"},"content":{"rendered":"
\n
\"sonicwall\"<\/picture><\/div>\n

Image: Krisztian Bocsi\/Bloomberg via Getty Images<\/p>\n<\/div>\n

<\/p>\n

A security researcher who used to be part of the infamous hacktivist group LulzSec published a zero-day exploit for a popular VPN application made by SonicWall on Monday. The exploit relies on the same vulnerabilities exploited by the notorious hacktivist Phineas Fisher<\/span><\/a> to hack Hacking Team.<\/p>\n

<\/span><\/p>\n

On Monday, Darren Martyn published the exploit in a blog<\/span><\/a>, following the announcement by SonicWall that hackers had breached its internal network<\/span><\/a> by exploiting zero-days in its equipment. Martyn said he decided to release the exploit to denounce SonicWall’s poor security. <\/p>\n

<\/span><\/p>\n

\n

Advertisement<\/p>\n<\/div>\n

<\/span><\/p>\n

“Figured that with SonicWall back in the news for getting owned via some 0days in their own shit products, it would be somewhat amusing to release this,” Martyn wrote.<\/p>\n

<\/span><\/p>\n

\n

Do you know of any similar security vulnerability or data breach? We\u2019d love to hear from you. You can contact Lorenzo Franceschi-Bicchierai securely on Signal at +1 917 257 1382, OTR chat at lorenzofb@jabber.ccc.de, or email lorenzofb@vice.com<\/a><\/strong><\/em><\/p>\n<\/blockquote>\n

<\/p>\n

In an online chat, Martyn explained that he was able to develop the exploit after reading the post-mortem<\/span><\/a> Phineas Fishes wrote after hacking an offshore bank<\/span><\/a> in 2019. In that writeup, the notorious vigilante explained that they used a zero-day in a SonicWall VPN used by the bank, the same product used by Hacking Team, the Italian spyware vendor that Phineas Fisher famously hacked in 2015<\/span><\/a>. <\/p>\n

<\/span><\/p>\n

Martyn said he was able to work out the exploit “about 2 minutes after reading the writeup,” which “basically tells you everything you need to know.” <\/p>\n

<\/span><\/p>\n

\n
\n
\"screenshot-from-2021-01-24-17-33-06.png\"<\/picture><\/div>\n<\/div>\n
\n

A screenshot of Martyn’s exploit. (Image: Darren Martyn)<\/p>\n<\/div>\n<\/div>\n

<\/p>\n

The vulnerabilities underlying this exploit are patched, according to SonicWall. <\/p>\n

<\/span><\/p>\n

\u201cThe vulnerability that this post is referencing was patched in 2015 in SMA 8.0.0.4. It cannot be exploited in version 9 or 10,\u201d a SonicWall spokesperson said in an email.  <\/p>\n

<\/span><\/p>\n

The researcher left the last step of the exploit\u2014how to get administrative privileges on the SonicWall VPN\u2014out of his blog, in order to prevent unsophisticated hackers from just copy pasting the exploit and wreaking havoc with it. In any case, Martyn criticized SonicWall for shipping products that contain severely outdated code, which allowed him and Phineas Fisher to exploit them<\/p>\n

<\/span><\/p>\n

“Honestly kind of bizarre, like that level of outdated crap just feels like negligence,” Martyn told Motherboard.<\/p>\n

<\/span><\/p>\n

In his blog, Martyn was even more scathing in his advice for SonicWall customers. <\/p>\n

<\/span><\/p>\n

“The only recommendation I have if you use these products is to unplug them, douse them in kerosene, and set them on fire. It is the only way to be safe from something seemingly developed with this level of negligence.”<\/p>\n

<\/span><\/div>\n

READ MORE HERE<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"

READ MORE HERE…<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"colormag_page_layout":"default_layout","footnotes":""},"categories":[277],"tags":[7530],"class_list":["post-39298","post","type-post","status-publish","format-standard","hentry","category-cybersecurity-blogs","tag-headlinehackerflawzero-day"],"yoast_head":"\nFormer LulzSec Hacker Releases SonicWall VPN Zero-Day 2026 | ThreatsHub Cybersecurity News<\/title>\n<meta name=\"description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.threatshub.org\/blog\/former-lulzsec-hacker-releases-sonicwall-vpn-zero-day\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Former LulzSec Hacker Releases SonicWall VPN Zero-Day 2026 | ThreatsHub Cybersecurity News\" \/>\n<meta property=\"og:description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.threatshub.org\/blog\/former-lulzsec-hacker-releases-sonicwall-vpn-zero-day\/\" \/>\n<meta property=\"og:site_name\" content=\"ThreatsHub Cybersecurity News\" \/>\n<meta property=\"article:published_time\" content=\"2021-01-26T13:44:45+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"432\" \/>\n\t<meta property=\"og:image:height\" content=\"435\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"TH Author\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatshub\" \/>\n<meta name=\"twitter:site\" content=\"@threatshub\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"TH Author\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"2 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/former-lulzsec-hacker-releases-sonicwall-vpn-zero-day\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/former-lulzsec-hacker-releases-sonicwall-vpn-zero-day\\\/\"},\"author\":{\"name\":\"TH Author\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\"},\"headline\":\"Former LulzSec Hacker Releases SonicWall VPN Zero-Day\",\"datePublished\":\"2021-01-26T13:44:45+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/former-lulzsec-hacker-releases-sonicwall-vpn-zero-day\\\/\"},\"wordCount\":447,\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"keywords\":[\"headline,hacker,flaw,zero day\"],\"articleSection\":[\"CyberSecurity Blogs\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/former-lulzsec-hacker-releases-sonicwall-vpn-zero-day\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/former-lulzsec-hacker-releases-sonicwall-vpn-zero-day\\\/\",\"name\":\"Former LulzSec Hacker Releases SonicWall VPN Zero-Day 2026 | ThreatsHub Cybersecurity News\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\"},\"datePublished\":\"2021-01-26T13:44:45+00:00\",\"description\":\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/former-lulzsec-hacker-releases-sonicwall-vpn-zero-day\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/former-lulzsec-hacker-releases-sonicwall-vpn-zero-day\\\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/former-lulzsec-hacker-releases-sonicwall-vpn-zero-day\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"headline,hacker,flaw,zero day\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/tag\\\/headlinehackerflawzero-day\\\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"Former LulzSec Hacker Releases SonicWall VPN Zero-Day\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"name\":\"ThreatsHub Cybersecurity News\",\"description\":\"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"alternateName\":\"Threatshub.org\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\",\"name\":\"ThreatsHub.org\",\"alternateName\":\"Threatshub.org\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"width\":432,\"height\":435,\"caption\":\"ThreatsHub.org\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/threatshub\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\",\"name\":\"TH Author\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"caption\":\"TH Author\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Former LulzSec Hacker Releases SonicWall VPN Zero-Day 2026 | ThreatsHub Cybersecurity News","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.threatshub.org\/blog\/former-lulzsec-hacker-releases-sonicwall-vpn-zero-day\/","og_locale":"en_US","og_type":"article","og_title":"Former LulzSec Hacker Releases SonicWall VPN Zero-Day 2026 | ThreatsHub Cybersecurity News","og_description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","og_url":"https:\/\/www.threatshub.org\/blog\/former-lulzsec-hacker-releases-sonicwall-vpn-zero-day\/","og_site_name":"ThreatsHub Cybersecurity News","article_published_time":"2021-01-26T13:44:45+00:00","og_image":[{"width":432,"height":435,"url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","type":"image\/jpeg"}],"author":"TH Author","twitter_card":"summary_large_image","twitter_creator":"@threatshub","twitter_site":"@threatshub","twitter_misc":{"Written by":"TH Author","Est. reading time":"2 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.threatshub.org\/blog\/former-lulzsec-hacker-releases-sonicwall-vpn-zero-day\/#article","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/former-lulzsec-hacker-releases-sonicwall-vpn-zero-day\/"},"author":{"name":"TH Author","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476"},"headline":"Former LulzSec Hacker Releases SonicWall VPN Zero-Day","datePublished":"2021-01-26T13:44:45+00:00","mainEntityOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/former-lulzsec-hacker-releases-sonicwall-vpn-zero-day\/"},"wordCount":447,"publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"keywords":["headline,hacker,flaw,zero day"],"articleSection":["CyberSecurity Blogs"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.threatshub.org\/blog\/former-lulzsec-hacker-releases-sonicwall-vpn-zero-day\/","url":"https:\/\/www.threatshub.org\/blog\/former-lulzsec-hacker-releases-sonicwall-vpn-zero-day\/","name":"Former LulzSec Hacker Releases SonicWall VPN Zero-Day 2026 | ThreatsHub Cybersecurity News","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/#website"},"datePublished":"2021-01-26T13:44:45+00:00","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","breadcrumb":{"@id":"https:\/\/www.threatshub.org\/blog\/former-lulzsec-hacker-releases-sonicwall-vpn-zero-day\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.threatshub.org\/blog\/former-lulzsec-hacker-releases-sonicwall-vpn-zero-day\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/www.threatshub.org\/blog\/former-lulzsec-hacker-releases-sonicwall-vpn-zero-day\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.threatshub.org\/blog\/"},{"@type":"ListItem","position":2,"name":"headline,hacker,flaw,zero day","item":"https:\/\/www.threatshub.org\/blog\/tag\/headlinehackerflawzero-day\/"},{"@type":"ListItem","position":3,"name":"Former LulzSec Hacker Releases SonicWall VPN Zero-Day"}]},{"@type":"WebSite","@id":"https:\/\/www.threatshub.org\/blog\/#website","url":"https:\/\/www.threatshub.org\/blog\/","name":"ThreatsHub Cybersecurity News","description":"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform","publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"alternateName":"Threatshub.org","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.threatshub.org\/blog\/#organization","name":"ThreatsHub.org","alternateName":"Threatshub.org","url":"https:\/\/www.threatshub.org\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","width":432,"height":435,"caption":"ThreatsHub.org"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/threatshub"]},{"@type":"Person","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476","name":"TH Author","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","caption":"TH Author"}}]}},"_links":{"self":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/39298","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/comments?post=39298"}],"version-history":[{"count":0,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/39298\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media?parent=39298"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/categories?post=39298"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/tags?post=39298"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}