Security News This Week: Ring Is in a Standoff With Hackers

What is more controversial? Compared to a popular surveillance camera manufacturer that has one. Uneasily comfortable Relations With the American police? When ransomware hackers claimed to have breached the company — Amazon-owned camera maker Ring — stole its data, Ring responded by denying the breach.

But we’ll get to that.

Five years ago, police in the Netherlands caught members of Russia’s GRU military intelligence red-handed when they tried to hack into the Organization for the Prohibition of Chemical Weapons in The Hague. The team parked a rental car outside the organization’s building and hid a Wi-Fi snooping antenna in its trunk. Inside the GRU group was Evgenii Serebriakov, who was caught with more Wi-Fi hacking tools in his backpack.

Since then, surprisingly, Serebriakov has only increased in status. this week, Western intelligence sources told WIRED that Serebriakov is now the new leader of one of the world’s most aggressive hacking units. Serebryakov takes over Sandorum, who is responsible for something. The Worst Cyber ​​Attacks in HistoryIn the spring of 2022. Experts say his promotion to a senior role shows how small the pool of skilled nation-state hackers is and demonstrates Serebryakov’s value to Russia.

Nowhere on the Internet is free of threats—and that includes LinkedIn. This week we looked at how spies, scammers and hackers from Iran, North Korea, Russia and China are using professional networks. Access scout and intelligence targets., in addition, LinkedIn suffers from thousands of suspicious accounts. Removed Hundreds from WIRED’s profile when we reported them,

The Western ban on TikTok continues — this week the UK joined the US, Belgium, Canada and the European Union in banning the social media app from being used on official devices. But in the US, Senator Mark Warner is pushing for legislation. Under the guise of the Bilateral Sanctions Act, which would allow authorities to ban apps and services from six “hostile” countries: China, Russia, North Korea, Iran, Cuba and Venezuela. We sat together. Asked about Warner and plans,

A Wired analysis of “cybercrime” cases across the U.S. shows. How vague and broad the term can be., without a clear and universal definition of cybercrime, human rights and civil liberties issues can spread globally. Speaking of criminals, fraudsters are getting along. It’s best to use VoiceDeepFax to block people., and ransomware gangs are sinking to a new sad low. As more and more companies and organizations refuse to pay ransoms, criminal groups are increasingly using extortion as leverage: they now Release of images stolen from records of cancer patients and sensitive students,

But wait, there’s more. Each week, we round up security news that we haven’t covered ourselves. Click on the headlines to read the full stories, and stay safe.

ALPHV, a group of hackers who extort companies with ransomware and leak stolen data, said earlier this week that it had breached security camera maker Ring and Threatened to dump company data online if he doesn’t pay. “There is always an option to let us leak your data…” the hackers wrote in a message to Ring on their leak site. Ring has so far responded with denials, telling Vice’s Motherboard, “We currently have no indications of a ransomware event,” but says it’s aware of a third-party vendor that did. What is the experience? This vendor, says Ring, does not have access to any user records.

Meanwhile, ALPHV, which has previously used its BlackCat ransomware to target Bandai Namco, Swissport, and hospital firm Lehigh Valley Health Network, stands by its claim that it is not a third-party vendor but itself. Ring has been violated. A member of the malware research group VX-Underground shared with Wired screenshots of a conversation with an ALPHV representative who says it is still in “negotiations” with Ring.

Amidst the ongoing ransomware epidemic, it’s no surprise that Ring is not alone in facing extortion issues. Maximum Industries is also a supplier of rocket parts for Elon Musk’s SpaceX. The ransomware gang hackers known as Lockbit taunted Musk on their website, threatening to sell the stolen information to the highest bidder if Maxim didn’t pay by its March 20 deadline. will do “I’d say we’d have been lucky if the Space-X contractors had been more forthcoming. But I think this material will find its buyer sooner rather than later,” Hackers wrote. “Elon Musk We’ll help you sell your drawings to other manufacturers.”

Google’s Project Zero, its security research team dedicated to finding unknown vulnerabilities in widely used tech products, warned on Thursday that it had discovered vulnerabilities in Samsung chips used in dozens of Android devices. Discovered serious hackable flaws. In total, the researchers found 18 separate vulnerabilities in Samsung’s Exynos modems for smartphones, but they say four of them are particularly critical and would allow a hacker to “compromise the phone at the baseband level.” will allow remote compromises, without user interaction, and all that is required. The attacker knows the victim’s phone number. Project Zero only rarely publishes information about uncomplicated. It says it gave Samsung 90 days to fix the flaws, and it still hasn’t. A bit of public shaming, perhaps, to protect Samsung users from Google’s insidious form of attack. It can encourage you to move faster.

Since 2017, cryptocurrency “mixer” service ChipMixer has quietly grown into a powerhouse of cryptocurrency money laundering, taking users’ coins, mixing them with others and then obfuscating the money trail in blockchains. Sent them back for In the process, the Justice Department says it laundered $3 billion worth of criminal funds, including payments for ransomware, loot stolen by North Korean hackers, and even the sale of child sexual exploitation material. Profit from Now, in a sting conducted by several European law enforcement agencies and coordinated by Europol as well as the FBI and DHS, ChipMixer has been taken offline and its infrastructure seized. The alleged creator of the site, 49-year-old Vietnamese national Minh Quốc Nguyễn, remains out of reach: he has only been charged in absentia with money laundering.

But the most interesting outcome of the case has more to do with the meltdown of the now infamous cryptocurrency exchange FTX: a portion of FTX’s funds that were stolen during bankruptcy proceedings in November were deposited into ChipMixer. was Seizing the mixing service’s servers could thwart the FTX thieves’ attempts to avoid tracing and help solve one of the central mysteries of this high-profile heist.

Only in the world of cryptocurrency, where thefts of more than half a billion dollars now occur several times a year, does a $200 million theft rank among the lowest in a news cycle. Earlier this week, distributed trading protocol Euler Finance lost nearly $200 million in cryptocurrency to hackers who found a vulnerability in its code. At first, Euler, the company behind the protocol, offered to let the hackers keep $20 million if they returned the rest of the funds. But after the offer was ignored—in fact, the hackers sent funds to the Tornado cash-mixing service in hopes of covering their tracks—the firm announced a $1 million bounty on the hackers’ heads.

Related Posts

Leave a Reply

Your email address will not be published. Required fields are marked *