Which is even more controversial but a popular surveillance camera manufacturer that has an uncomfortably cozy relationship with the US police? When ransomware hackers claim to have breached that company—Amazon-owned camera maker Ring—they stole its data, and Ring responds by denying the breach.
But we’ll get there.
Five years ago, police in the Netherlands caught members of the Russian military intelligence service GRU while trying to hack into the Organization for the Prohibition of Chemical Weapons in The Hague. The team parked the rental car in front of the organization’s building and hid a Wi-Fi sniffer antenna in its trunk. Within the GRU group was Evgeny Serebryakov, who was caught with other Wi-Fi hacking tools in his backpack.
Since then, surprisingly, Serebryakov has only grown in status. This week, Western intelligence sources told WIRED that Serebriakov is now the new leader of one of the world’s most aggressive hacking units. Serebriakov took over Sandworm, which has been responsible for some of the worst cyberattacks in history, in the spring of 2022. His elevation to the senior role, experts say, shows how few skilled nation-state hackers are likely to be and demonstrates Serebriakov’s value to Russia.
There are no threats anywhere on the internet – and that includes LinkedIn. This week we looked at how spies, fraudsters and hackers from Iran, North Korea, Russia and China are using the professional network to scout and close in on intelligence targets. In addition, LinkedIn is plagued with thousands of suspicious accounts; removed hundreds from WIRED’s profile when we reported them.
The Western crackdown on TikTok continues – this week the UK joined the US, Belgium, Canada and the European Union in banning the social media app from state-owned devices. But in the US, Senator Mark Warner is trying to pass legislation, under the guise of the bipartisan Restrict Act, that would allow officials to ban apps and services from six “hostile” nations: China, Russia, North Korea, Iran, Cuba, and Venezuela. We sat down with Warner and asked about the plans.
A WIRED analysis of “cybercrime” cases across the US shows how vague and broad the term can be. Without a clear and universal definition of cybercrime, human rights and civil liberties issues can spread globally. Speaking of criminals, scammers are getting better at using voice spoofs to trick people. And ransomware gangs are sinking to a new deplorable low. As more and more companies and organizations refuse to pay the ransom, criminal gangs are increasingly using extortion as leverage: they are now releasing photos stolen from cancer patients and sensitive student files.
But wait, there’s more. Every week we collect security news that we haven’t covered in depth ourselves. Click on the headlines to read the full stories and stay safe.
ALPHV, a prolific group of hackers who extort companies with ransomware and leak their stolen data, said earlier this week that it had hacked security camera maker Ring and threatened to dump the company’s data online if it wasn’t paid. “There is always the option to allow us to disclose your information…” the hackers wrote in a message to Ring on their leak page. Ring has responded with denial so far, telling Vice’s Motherboard, “We have no indication of a ransomware event at this time,” but says it is aware of a third-party vendor that has experienced one. That seller, Ring says, does not have access to any customer records.
Meanwhile, ALPHV, which has previously used its BlackCat ransomware to target companies such as Bandai Namco, Swissport and hospital firm Lehigh Valley Health Network, stands by its claim that Ring itself was breached, not a third-party vendor. A member of the malware research group VX-Underground shared with WIRED screenshots of a conversation with an ALPHV representative who says it is still in “negotiations” with Ringo.
Amidst the ongoing ransomware epidemic, it’s no surprise that Ring is not alone in facing extortion issues. So is Maximum Industries, supplier of rocket parts to Elon Musk’s SpaceX. The hackers, a notorious ransomware gang known as LockBit, taunted Musk on their website, threatening to sell the stolen information to the highest bidder if Maximum didn’t pay up by March 20. “I’d say we were lucky if the Space-X performers were more talkative. But I think this material will find its buyer as soon as possible,” the hackers wrote. “Elon Musk, we’ll help you sell your drawings to other manufacturers.”
Google’s Project Zero, its security research team dedicated to finding unknown vulnerabilities in widely used technology products, warned Thursday that it had discovered serious flaws in Samsung chips used in dozens of Android devices. In total, the researchers found 18 different vulnerabilities in Samsung’s Exynos smartphone modems, but said four of them were particularly critical and would allow a hacker to “remotely compromise a phone at the baseband level without user interaction, requiring only that the attacker know the number the victim’s phone.” Project Zero only rarely publishes information about unpatched vulnerabilities. But it says that it gave Samsung 90 days to fix the defects, and it hasn’t yet. A bit of public shaming might prompt Samsung to move faster to protect Google users from an insidious form of attack.
Since 2017, cryptocurrency “mixer” service ChipMixer has quietly grown into a cryptocurrency money laundering powerhouse, taking users’ coins, mixing them with others, and then sending them back to obfuscate the money trail across the blockchain. In the process, the Justice Department says it laundered $3 billion worth of criminal assets, including ransomware payments, stolen loot from North Korean hackers and even proceeds from the sale of child sexual exploitation material. Now, in a crackdown by multiple European law enforcement agencies and coordinated by Europol, as well as the FBI and DHS, ChipMixer has been shut down and its infrastructure seized. The site’s alleged creator, 49-year-old Vietnamese citizen Minh Quốc Nguyễn, remains at large: he has been charged with money laundering in absentia.
But the most intriguing result of the case may have more to do with the collapse of the now-notorious cryptocurrency exchange FTX: Some of the FTX assets that were stolen amid bankruptcy proceedings in November were transferred to ChipMixer. The seizure of the mixing service’s servers could thwart the FTX thieves’ attempt to evade detection and help solve one of the central mysteries of the high-profile heist.
In the cryptocurrency world alone, where thefts of more than half a billion dollars now occur multiple times a year, a theft of $200 million deserves the bottom spot in the news roundup. Earlier this week, distributed trading protocol Euler Finance lost nearly $200 million in cryptocurrency to hackers who found a vulnerability in its code. Initially, Euler, the company behind the protocol, offered the hackers to keep $20 million if they returned the rest of the funds. But after that offer was ignored—in fact, the hackers sent the funds to the mixing service Tornado Cash in hopes of covering their tracks—the firm announced a $1 million reward for the hackers’ heads.
