newsweekshowcase.com

Meduza can land you in Russian prison if you follow a link.

Wired: https://www.wired.com/story/alphabay-series-part-4-face-to-face/

Hive, Monaco, and Beyond: How Russia and other ransomware groups are affected by the FBI’s cyber-crime spree

This week the FBI announced that they had stopped the operations of one of the world’s most prolific and disruptive ransomware groups, known as Hive, by taking their dark-web site offline and trying to get the keys to the system of victims who were facing $130 million in total ransom demands. Monaco told reporters in a press conference that they had hacked the hackers. In previous years of its extortion-fueled cybercrime spree, Hive victimized more than 80 networks and collected over $100 million in ransom payments, according to the FBI. The FBI surveilled the group and eventually disrupted them, thanks to their work with numerous law enforcement agencies. Despite that win, no arrests were mentioned in the splashy announcement, signaling that—as is usual in ransomware cases—Hive’s hackers are likely located in non-extradition countries beyond the reach of Western law enforcement.

We used the data to compare the timing of attacks for groups we think are based out of Russia, and for other groups that aren’t based in Russia. “Our model looked at the number of attacks on any given day, and what we find is this interesting relationship where for these Russia-based groups, we see an increase in the number of attacks starting four months before an election and moving three, two, one month in, up to the event.”

The data set was culled from the dark-web sites that ransomware gangs maintain to name and shame victims and pressure them to pay up. The two researchers focused on what they called the so-called double extortion attacks in which hackers break into a target network and then use the data to plant ransomware to take over the systems. Then the attackers demand a ransom not only for the decryption key but to keep the stolen data secret instead of selling it. While the data collection was thorough, attackers may not post about all of their targets, and the groups typically have an interest in publicizing their attacks.

On the day Cazes left Bangkok: What can Roosh V tell us about his day at the airport? And what can we learn from the experience?

A team of Royal Thai police officers arrived at a Marriott hotel in June of last year. Jen Sanchez, a veteran Drug Enforcement Administration agent, had been assigned to bring the delegation on a flight from Bangkok to California to coordinate with the US team—to iron out any intercontinental wrinkles on the Bangkok end of what had come to be known as Operation Bayonet.

The computer was very important to Cazes. The FBI told the Thais they’d need to grab it unlocked, or it too would be irretrievably encrypted. That phone, after all, might hold keys to Cazes’ cryptocurrency wallets or other crucial data. The question of how to thread the needle of capturing these two devices and their information hung in the air, unanswered.

She asked the FBI agent if it would be helpful to know more about how Cazes spent his days. After all, she explained, he had laid it all out on Roosh V, the online forum for “alpha males” where Cazes practically liveblogged his daily life and sexual escapades under the handle Rawmeo. The FBI agent invited her to go ahead.

Diksha: Protecting your files against cybercrime, and the location of the criminals in a crypto-encrypted app

If you make a mistake with your app all it takes is a few people to get hurt. Such is the case with Diksha, a public education app run by India’s Ministry of Education that exposed the personal information of around 1 million teachers and millions of students across the country. The data, which included things like full names, email addresses, and phone numbers, was publicly accessible for a year or more, potentially exposing those impacted to fraud.

Speaking of cybercrime, the LockBit ransomware gang has long operated under the radar, thanks to its professional operation and choice of targets. But over the past year, a series of missteps and drama have thrust it into the spotlight, potentially threatening its ability to continue operating with impunity.

Encrypting everything on your machine isn’t just the domain of criminals, however. We told you how to protect your files under a digital lock and key. What is the location of the criminals? Money laundering, which a Chainalysis report published this week says is primarily facilitated by only five crypto exchanges, four of which helped scofflaws cash out $1.1 billion in 2022.

Source: https://www.wired.com/story/meduza-russia-outlaw-security-roundup/

The Melting of APT38 in Russia: The Story of the Musks, the Saudis, and the Dark Side of Cryptocurrency

Billionaires like Elon Musk may have reason to celebrate. The data from the flight-tracing platform was used for the account that tracked the private plane of the Musks. Jetnet is a private equity firm that has taken over the company. Fans of ADS-B, including the creator of @ElonJet, are now jumping ship on the assumption that the new owner will be more likely to bow to censorship requests from the likes of Musk and the Saudi royal family.

But that’s not all. We round up the stories we didn’t cover in-depth. The full story can be found by clicking the headlines. Stay safe out there.

Meduza has warned Russians and anyone traveling to Russia to be cautious with social media posts, as most of the violations of the law have resulted in fines. Regardless of how the law is enforced, its chilling effects will no doubt be significant, and the draconian ban on Meduza represents another small step in Russia’s long, slow slide into totalitarianism.

The FBI pointed a finger at the North Koreans as the leading suspect in the theft of millions of dollars from the world of cryptocurrencies. In its investigation of a heist that stole $100 million in cryptocurrency last year, the Bureau accused two hacker groups long believed to be associated with the regime of Kim Jong Un, known as APT38 or Lazarus—the latter of which is sometimes used as a broader umbrella term for multiple North Korean hacker units. The cyber criminals targeted the “bridge” owned by US firm Harmony, an system used to allow for transfers between cryptocurrencies. Bridges have increasingly become lucrative targets for thieves, who have stolen hundreds of millions worth of digital currency from them in recent years. The FBI said some of the currency was seized when the hackers were trying to make money from the loot, and it pointed to a number of different addresses where the loot is currently stored.

Source: https://www.wired.com/story/meduza-russia-outlaw-security-roundup/

Madison Square Garden should not have banned lawyers from its experiment in using face recognition to spot people they didn’t see in the public. The New York attorney general’s letter

If Madison Square Garden didn’t want a legal scandal from its experiment in using face recognition technology to spot people it sought to ban from its venue, perhaps it shouldn’t have started by banning lawyers. Following revelations that the Madison Square Garden used facial recognition to block lawsuits against it from going through, the New York attorney general has sent a letter to their owners demanding more information. The letter asked about the reliability of the facial recognition technology and whether there were safeguards against bias since it implied that the ban on lawyers is meant to deter people from filing lawsuits. James wanted the policy to be reversed because people with a ticket to an event shouldn’t be concerned that they may be denied entry based on their appearance.

admin

,