Security News This Week: Ring Is in a Standoff With Hackers
What’s more controversial? More than a popular surveillance camera manufacturer has no call warm relationship with the US police? When ransomware hackers claimed to have breached that company—the Amazon-owned camera maker Ring—stealed that company’s data, and Ring responded by denying the breach.
But we will get there.
Five years ago, police in the Netherlands caught members of Russia’s GRU military intelligence red-handed when they tried to attack the Organization for the Prohibition of Chemical Weapons in The Hague. The group parked a rented car outside the foundation’s building and hid a Wi-Fi tracking antenna in the trunk. In the GRU group was Evgenii Serebriakov, who was caught with other Wi-Fi hacking tools in his backpack.
Since then, surprisingly, Serebriakov has only risen in status. This week, Western intelligence sources told WIRED that Serebriakov is now the new leader of one of the most active hacking units in the world. Serebriakov took over Sandworm, responsible for some The worst cyber attack in historyIn the spring of 2022, experts say, his promotion to a senior role shows how small a highly skilled national hacker group can be and demonstrates Serebriakov’s value to Russia.
Nowhere on the internet is there no threat — and that includes LinkedIn. This week, we looked at how spies, scammers, and hackers from Iran, North Korea, Russia, and China are using professional networking to reconnaissance and access to intelligence targets. In addition, LinkedIn has thousands of suspicious accounts; it was deleted hundreds of words from WIRED’s records as we report them.
The West’s crackdown on TikTok continues — this week the UK joined the US, Belgium, Canada and the European Union in banning the social networking app from being used on its devices. government. But in the US, Senator Mark Warner is trying to pass legislation, in guise of the Bipartisan Restriction Act, that would allow officials to ban apps and services from six “hostile” countries: China, Russia, North Korea, Iran, Cuba, and Venezuela. We sat down with Warner and asked about the plan.
A WIRED analysis of “cybercrime” cases across the US shows How vague and overarching this term can be. Without a clear and universal definition of cybercrime, human rights and civil liberties issues could spread globally. Speaking of criminals, scammers are getting better at using deepfakes voice to scam people. And ransomware gangs are sinking to a new deplorable low. As more and more companies and organizations refuse to pay the ransom, criminal gangs increasingly use extortion as leverage: now they release stolen photos from cancer patients and sensitive student records.
But please wait a moment. Each week, we compile security news that we don’t cover in depth ourselves. Click on the title to read the full story and stay safe while out there.
ALPHV, a hacker group that specializes in blackmailing companies with ransomware and leaking their stolen data, said earlier this week that it had compromised security camera maker Ring and threatened to release the data. company data online if they don’t pay. “There is always an option that allows us to leak your data…” the hackers wrote in a message to Ring on their leak website. So far, Ring has responded with a disclaimer, telling Vice’s Motherboard, “We have no indication of a ransomware event at the moment,” but it said it was aware of a third-party vendor. encountered this problem. That vendor, Ring said, doesn’t have access to any customer records.
Meanwhile, ALPHV, which has previously used its BlackCat ransomware to target companies such as Bandai Namco, Swissport and hospital company Lehigh Valley Health Network, claims to have compromised Ring itself. and not a third party vendor. A member of the VX-Underground malware research team shared with WIRED a screenshot of a conversation with an ALPHV representative, who said they were still “negotiating” with Ring.
In light of the ongoing ransomware pandemic, it’s no surprise that Ring is not alone in facing blackmail issues. So does Maximum Industries, the supplier of rocket parts to Elon Musk’s SpaceX. The hackers, a well-known ransomware group called LockBit, taunted Musk on their website, threatening to sell the stolen information to the highest bidder if Maximum did not pay by the March 20 deadline. “I would say we would have been lucky if the Space-X contractors had said more. But I think this document will find a buyer as soon as possible,” the hackers wrote. “Elon Musk, we will help you sell your drawings to other manufacturers.”
Google’s Project Zero, a security research group that specializes in finding unknown vulnerabilities in widely used technology products, warned on Thursday that it has discovered critical vulnerabilities that could hacks in Samsung chips used in dozens of Android devices. In total, the researchers found 18 different vulnerabilities in Samsung’s Exynos modems for smartphones, but they say that four of them are particularly critical and would allow hackers to “remotely compromise”. phone at the baseband level without user interaction and only requires that the attacker know the victim’s phone number.” Project Zero rarely publishes information about unpatched vulnerabilities. But it says it gave Samsung 90 days to fix the bug, and it still hasn’t. Perhaps, a little public shame could spur Samsung to act faster to protect Google’s users from an insidious form of attack.
Since 2017, the cryptocurrency “mixing” service ChipMixer has quietly grown into a crypto money laundering powerhouse, taking users’ funds, mixing them with others, and then sending them back for concealment. traces of money on blockchains. In the process, the Justice Department said it laundered $3 billion worth of criminal funds, including ransomware payments, stolen loot from North Korean hackers, and even profits. profits from the sale of child sexual exploitation material. Now, in a bankruptcy carried out by various European law enforcement agencies and coordinated by Europol as well as the FBI and DHS, ChipMixer has been shut down and its infrastructure confiscated. The alleged creator of the website, Minh Quoc Nguyen, 49, of Vietnamese nationality, remains unreachable: He has only been charged with money laundering in his absence.
But the most intriguing outcome of the case may have more to do with the now-infamous FTX collapse: Part of FTX’s funds were stolen during the bankruptcy process in November. passed into ChipMixer. Taking possession of that mixing service’s servers could thwart FTX thieves’ attempts to evade tracking and help solve one of the central mysteries of that famous theft.
Only in the crypto world, where thefts of more than half a billion dollars now occur several times a year, does the theft of $200 million deserve the lowest spot in the news aggregator. Earlier this week, distributed trading protocol Euler Finance lost nearly $200 million in crypto to hackers who found vulnerabilities in its code. At first, Euler, the company behind that protocol, offered to let the hackers keep $20 million if they returned the rest. But after that offer was ignored—in fact, the hackers sent money to the money mixing service Tornado Cash in hopes of covering up their tracks—the company announced a $1 million bounty. for anyone to catch the hacker.