What is more controversial. Instead of a famous surveillance camera maker who has an uneasy relationship with the US police? Ransomware hackers say they’ve breached that company, Amazon’s camera maker Ring, steals its data, and Ring responds by denying the breach.
But we will go there.
Five years ago, police in the Netherlands arrested members of Russia’s GRU military intelligence as they tried to hack into a chemical weapons defense agency in The Hague. The group parked a rental car outside the company’s building and hid the Wi-Fi sliding antenna in the trunk. In the GRU team was Evgenii Serebriakov, who carried more Wi-Fi hacking equipment in his bag.
Since then, surprisingly, Serebryakov has only risen to the status quo. This week, Western intelligence sources told WIRED that Serebryakov is now the new leader of the world’s most aggressive hackers. In the spring of 2022, Serebryakov took control of Sandworm, responsible for some of the worst cyberattacks in history. His rise to the top role, experts say, shows just how small the pool of skilled nation-state hackers can be. Serebryakov price for Russia.
Anywhere on the Internet is free of threats – and that includes LinkedIn. This week we looked at how spies, fraudsters and hackers from Iran, North Korea, Russia and China are using professional networks to spy on and approach espionage targets. In addition, LinkedIn is crowded with thousands of suspicious accounts; By the time we reported it, he had removed hundreds of profiles from WIRED.
The Western crackdown on TikTok continues—this week the UK joined the US, Belgium, Canada and the European Union in banning the social media app from government devices. But in the United States, Senator Mark Warner is trying to introduce a law that would allow authorities to ban applications and services from six “hostile” countries, pretending to be a bipartisan restriction law: China, Russia, North Korea, Iran, Cuba, and Venezuela. We sat down with Warner and asked him about his plans.
A Wired analysis of “cybercrime” cases across the US shows just how vague and broad the term can be. In the absence of a clear and universal definition of cybercrime, human rights and civil liberties issues can become increasingly global. Speaking of criminals, scammers are getting better at using voice-over lies to scam people. And ransomware criminals are hitting new tragic lows. As more and more companies and organizations refuse to pay ransoms, criminal gangs are using hacking as leverage: now they’re releasing photos and sensitive student records stolen from cancer patients.
But wait, there’s more. Each week, we round up security news that we haven’t covered in depth ourselves. Click on headlines to read full stories and stay safe there.
ALPHV, a group of hackers who rob companies and extract stolen data with ransomware, breached security camera maker Ring earlier this week and threatened to dump the company’s data online if it didn’t pay. There is always an option for us to release your data…” the hackers wrote in a message to Ring on their website. Ring has so far responded in denial, telling VC Motherboard that “we have no indications of a ransomware incident at this time,” but that he knows an experienced third-party vendor. That provider, Ring says, has no access to any customer records.
Meanwhile, ALPHV, which has previously used BlackCat ransomware to attack companies such as Bandy Namco, Swissport and hospital firm Lehigh Valley Health Network, maintains it breached Ring itself, not a third-party vendor. A member of the malware research group VX-Underground shared screenshots with WIRED of a conversation with an Alphavi representative who says they are still “in negotiations” with Ring.
Amid the ongoing ransomware epidemic, it’s no surprise that Ring is not alone in facing hacking problems. So does Max Industries, the supplier of rocket materials to Elon Musk’s SpaceX. The hackers, a ransomware group known as Lockbit, taunted Musk on their website, threatening to sell the stolen data to the highest bidder if he didn’t pay up by March 20. “I’d say we’d be lucky if the SpaceX contractors were more talkative. But I think this material will find a buyer as soon as possible,” the hackers wrote. “We’ll help Elon Musk sell your drawings to other manufacturers.”
Google’s Project Zero security research team, which works to find unknown vulnerabilities in widely used technology products, warned Thursday that it had discovered serious hackable flaws in Samsung chips used in dozens of Android devices. In total, the researchers found 18 different vulnerabilities in Samsung’s Exynos modems for smartphones, but four were particularly critical and said the hacker could “remotely compromise the phone at the baseband level with no user interaction and that’s all it takes. The attacker knows the victim’s phone number. Project Zero publishes information only on uncovered vulnerabilities.” But he says he gave Samsung 90 days to fix the flaws, and it hasn’t happened yet. A little public embarrassment, perhaps, could prompt Samsung to move faster to protect Google’s users from this type of attack.
In the year Since 2017, the cryptocurrency “mixer” service ChipMixer has quietly grown into a powerhouse of pretending to be a cryptocurrency, taking users’ coins, mixing them with others, and sending them back to hide the money’s trail on the blockchain. In the process, the Justice Department disclosed that it laundered $3 billion in criminal proceeds, including proceeds from ransomware payments, loot stolen by North Korean hackers, and even the sale of child sexual exploitation materials. Now, with the coordination of several European law enforcement agencies and Europol, as well as the FBI and DHS, ChipMixer has been taken offline and its infrastructure seized. The alleged creator of the website, 49-year-old Vietnamese national Minh Cuốc Nguyễn, could not be reached and was charged in absentia with money laundering.
But the most interesting outcome of the case may have more to do with the now-famous meltdown of cryptocurrency exchange FTX: a portion of the FTX funds stolen in the midst of bankruptcy proceedings in November went into ChipMixer. Capturing the servers of that mixing service could well thwart the FTX thieves’ attempts to evade detection and help solve one of its high-profile mysteries.
In the world of cryptocurrency alone, where thefts of more than half a billion dollars occur several times a year, a theft of $200 million may rank low in news coverage. Trading protocol Euler Finance, which circulated earlier this week, lost nearly $200 million in cryptocurrency to hackers who found a vulnerability in its code. Initially, Euler, the man behind this protocol, allowed hackers to keep $20 million if they returned the rest of the money. But after that offer was ignored — the hackers actually sent their money to Tornado’s cash-mixing service to cover their tracks — the firm announced a $1 million bounty on the hackers’ heads.
