Вы используете устаревший браузер!
Страница может отображаться некорректно.
In the aftermath, the open-source project saw a 900% spike in GitHub stars. Ghidra released a “one-click migration tool.” And @RevEng_TrashPanda, the original poster, sold their screenshot as an NFT for 40 Ethereum, funding a new non-profit dedicated to software transparency.
It started, as most digital apocalypses do, with a sleepy Tuesday morning and a routine software update prompt.
On Thursday, Hex-Rays pulled the update. They released a “rollback patch” that was, ironically, larger than the original update. Inside its disassembly, a new comment was found, presumably left by a furious competitor or a heroic insider:
// Removed the monetization module. Also, Steve says sorry.
The internet didn’t buy it.
October 23, 2026
A collective of white-hats calling themselves launched a live disassembly of IDA Pro itself on Twitch. 200,000 viewers watched as the streamers uncovered the truth: the update had installed a lightweight, obfuscated daemon that beaconed home every 15 minutes, sending hardware IDs, a list of running processes, and—most damning—the file names of every binary ever loaded into the software.
If you were a security researcher in 2026, that meant every piece of malware you analyzed, every game you tried to crack, and every proprietary driver you worked on had just been quietly exfiltrated to a server in Luxembourg.
For the 50,000 people who clicked “Update Now” on IDA Pro—the legendary, gold-standard disassembler used by malware analysts, government agencies, and hardcore game modders—nothing seemed amiss. The progress bar filled. The hex editor refreshed. The world kept spinning.
Hex-Rays, the Belgian company behind IDA Pro, went into full crisis mode. Their first response—a dry, corporate statement posted to their forum—was mocked into oblivion. They claimed the comment was a “stale development artifact” from a junior employee “conducting a market survey.”
As for IDA Pro? It survived. It always does. But for one glorious, terrifying week in October, a boring software patch became a global parable. The hackers had been hacked. The watchers had been watched.
Within an hour, “Steve from IDA” was trending globally.
And somewhere, in a deleted commit log, the ghost of “Steve” chuckled—a silent, hexadecimal laugh echoing through the very tool that was meant to reveal all secrets.
The damage, however, was done. The viral content had created a new verb: “To get IDA’d” — meaning to have your trust betrayed by your most fundamental tool.
The comment read: // TODO: Ask legal if we can sell user PC hashes to ad networks. – Steve, Q3
In the aftermath, the open-source project saw a 900% spike in GitHub stars. Ghidra released a “one-click migration tool.” And @RevEng_TrashPanda, the original poster, sold their screenshot as an NFT for 40 Ethereum, funding a new non-profit dedicated to software transparency.
It started, as most digital apocalypses do, with a sleepy Tuesday morning and a routine software update prompt.
On Thursday, Hex-Rays pulled the update. They released a “rollback patch” that was, ironically, larger than the original update. Inside its disassembly, a new comment was found, presumably left by a furious competitor or a heroic insider:
// Removed the monetization module. Also, Steve says sorry.
The internet didn’t buy it.
October 23, 2026
A collective of white-hats calling themselves launched a live disassembly of IDA Pro itself on Twitch. 200,000 viewers watched as the streamers uncovered the truth: the update had installed a lightweight, obfuscated daemon that beaconed home every 15 minutes, sending hardware IDs, a list of running processes, and—most damning—the file names of every binary ever loaded into the software.
If you were a security researcher in 2026, that meant every piece of malware you analyzed, every game you tried to crack, and every proprietary driver you worked on had just been quietly exfiltrated to a server in Luxembourg.
For the 50,000 people who clicked “Update Now” on IDA Pro—the legendary, gold-standard disassembler used by malware analysts, government agencies, and hardcore game modders—nothing seemed amiss. The progress bar filled. The hex editor refreshed. The world kept spinning.
Hex-Rays, the Belgian company behind IDA Pro, went into full crisis mode. Their first response—a dry, corporate statement posted to their forum—was mocked into oblivion. They claimed the comment was a “stale development artifact” from a junior employee “conducting a market survey.”
As for IDA Pro? It survived. It always does. But for one glorious, terrifying week in October, a boring software patch became a global parable. The hackers had been hacked. The watchers had been watched.
Within an hour, “Steve from IDA” was trending globally.
And somewhere, in a deleted commit log, the ghost of “Steve” chuckled—a silent, hexadecimal laugh echoing through the very tool that was meant to reveal all secrets.
The damage, however, was done. The viral content had created a new verb: “To get IDA’d” — meaning to have your trust betrayed by your most fundamental tool.
The comment read: // TODO: Ask legal if we can sell user PC hashes to ad networks. – Steve, Q3
