Security Experts:

Connect with us

Hi, what are you looking for?


Black Hat

Famed Hacker Barnaby Jack Dies Days Before Black Hat Conference

Well known hacker Barnaby Jack has died, sending a shock through the security community with the biggest hacker-focused security conference of the year just days away.

Well known hacker Barnaby Jack has died, sending a shock through the security community with the biggest hacker-focused security conference of the year just days away.

Jack, a famed white hat hacker, was scheduled to present at the Black Hat security conference next week, and present research on vulnerabilities in implantable medical devices. Conference organizers said Jack’s talk would not be replaced, and that the allotted hour on Thursday would be left vacant to commemorate his life and work.

Barnaby Jack

“I just wake up and heard this, really sad, I can’t believe this, no words,” Cesar Cerrudo, CTO, IOActive Labs, said in an email to SecurityWeek.

The cause of Jack’s death is unknown.

(Related ReadingBarnaby Jack (1977-2013): Farewell to a Daring Wunderkind)

The San Francisco Medical Examiner’s office confirmed to Reuters that Jack had died in San Francisco on Thursday, but did not provide additional details.

Barnaby Jack is probably best known for his ATM hacking demonstrations, which he liked to refer as “Jackpotting”, and has performed at a few conferences, including a demonstration at Black Hat 2010 that got media attention around the world.

Shocked reactions hit the Twittersphere on Friday, as many in the industry conveyed their condolences, shock, and even disbelief, hoping new of the death was some sort of hoax.

“My fondest memories of barnaby jack were all of them. he lived life the way it should be lived,” Tweeted Ryan Naraine. 

“Barns was simultaneously one of the kindest, smartest, most geniune, and most fun people I’ve ever met, anywhere. I can’t believe this,” Veracode’s Chris Eng Tweeted

Jack has served as Director of Embedded Device Security at IOActive since October 2012, after a 10-month stint at McAfee, returning to IOActive where he previously held various roles. Jack also did stints also at eEye Digital Security and Juniper Networks.

“Lost but never forgotten our beloved pirate, Barnaby Jack has passed. He was a master hacker and dear friend. Here’s to you Barnes!” IOActive Tweeted

Related ReadingBarnaby Jack (1977-2013): Farewell to a Daring Wunderkind)

Related Video: Barnaby Jack Demonstrates ATM Hacking at Black Hat

Related Reading: Barnaby Jack Leaves McAfee to Return To IOActive

*Updated with details from Black Hat conference organizers

Written By

For more than 10 years, Mike Lennon has been closely monitoring the threat landscape and analyzing trends in the National Security and enterprise cybersecurity space. In his role at SecurityWeek, he oversees the editorial direction of the publication and is the Director of several leading security industry conferences around the world.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join this webinar to learn best practices that organizations can use to improve both their resilience to new threats and their response times to incidents.


Join this live webinar as we explore the potential security threats that can arise when third parties are granted access to a sensitive data or systems.


Expert Insights

Related Content


Less than a week after announcing that it would suspended service indefinitely due to a conflict with an (at the time) unnamed security researcher...

Application Security

Drupal released updates that resolve four vulnerabilities in Drupal core and three plugins.

Risk Management

The supply chain threat is directly linked to attack surface management, but the supply chain must be known and understood before it can be...


Apple has released updates for macOS, iOS and Safari and they all include a WebKit patch for a zero-day vulnerability tracked as CVE-2023-23529.

Cloud Security

VMware vRealize Log Insight vulnerability allows an unauthenticated attacker to take full control of a target system.

Application Security

A CSRF vulnerability in the source control management (SCM) service Kudu could be exploited to achieve remote code execution in multiple Azure services.

IoT Security

Lexmark warns of a remote code execution (RCE) vulnerability impacting over 120 printer models, for which PoC code has been published.


GoAnywhere MFT users warned about a zero-day remote code injection exploit that can be targeted directly from the internet