Each week, we round up the security and privacy news we didn’t cover in depth ourselves.
A Hacker May Have Deepfaked Trump’s Chief of Staff in a Phishing Campaign The FBI is investigating who impersonated Susie Wiles, the Trump White House’s chief of staff and one of the president’s closest advisers, in a series of fraudulent messages and calls to high-profile Republican political figures and business executives, The Wall Street Journal reported.
Despite Wiles’ reported claim of having her device hacked, it remains unconfirmed whether this was actually how attackers identified Wiles’ associates.
Experts called the leak an unparalleled breach of Russia’s nuclear security, with the data potentially being incredibly useful for foreign governments and intelligence services.
There are descriptions of IT systems and security systems, including information on surveillance cameras, electric fences being used, and the alarm systems in place.
Even as other members of the Trickbot ransomware gang were exposed in leaks and unmasked, a shadowy individual known only as Stern led the group for years and avoided detection. Without much fanfare, German authorities this week disclosed that they believe the mysterious hacker kingpin to be Vladimir Nikolaevich Kovalev, a 36-year-old Russian national still at large in his native country.
Nearer home, according to WIRED, 133,000 migrant children and teenagers had their mouths swabbed by Customs and Border Protection to obtain their DNA. Their genetic information was then uploaded into a national criminal database that is utilized by federal, state, and local law enforcement. In addition, WIRED found evidence linking a Swedish far-right mixed martial arts competition to a California-based neo-Nazi “fight club,” which is part of the Trump administration’s ongoing crackdown on migrants, which is frequently excused by citing terrorism and criminal activity.
We provided information about more private substitutes for US-based web browsing, email, and search tools for individuals looking to avoid US government surveillance. Additionally, we put together a more comprehensive guide to safeguarding yourself against hacking and surveillance, which was inspired by queries our senior writer Matt Burgess got in a Reddit Ask Me Anything.
That’s not all, though. Every week, we compile the security and privacy news that we didn’t personally cover in-depth. To read the complete stories, click on the headlines. Also, be careful when you’re out.
In a phishing campaign, a hacker may have deepfaked Trump’s chief of staff.
In a series of phony calls and messages to prominent Republican political figures and business executives, the FBI is looking into who pretended to be Susie Wiles, the chief of staff at the Trump White House and one of the president’s closest advisors, according to The Wall Street Journal. The spear-phishing calls and messages seem to have targeted people on Wiles’ contact list, according to government officials and investigators. Wiles has allegedly told coworkers that her personal phone was compromised in order to obtain those contacts.
Despite Wiles’ purported claim that her device was compromised, it is still unknown if this is how the attackers truly located Wiles’ associates. Such a target list could also be put together using data sold by gray-market brokers as well as information that is publicly accessible.
“The level of security awareness is embarrassing.”. According to Jake Williams, a former NSA hacker and vice president of research and development at Hunter Strategy, “you cannot convince me they actually did their security trainings.”. Everyone may have to deal with this kind of social engineering these days, and senior government officials should undoubtedly be prepared for it. “.”.
Some government officials think the calls may have used artificial intelligence tools to mimic Wiles’ voice, and in other cases, the targets received phone calls that mimicked his voice in addition to text messages. If that is the case, the incident would rank among the most notable instances of phishing attempts utilizing so-called deepfake software to date.
The FBI has reportedly informed White House officials that it has ruled out foreign involvement in the impersonation campaign, even though it is still unclear how Wiles’ phone may have been compromised. In fact, at least one instance of impersonation attempted to deceive a target into arranging a cash transfer, even though some of the attempts seemed to have political intentions—for example, a member of Congress was asked to compile a list of individuals Trump might pardon. The spoofing campaign may not be as much an espionage operation as a typical cybercriminal fraud scheme, despite having a very high-level target, based on that attempt at a money grab.
“If users want to confirm who they’re speaking with, there’s a case to be made for using something like Signal—yes, the irony—or another messaging app that provides an additional method of authentication,” Williams of Hunter Strategy says. As always, the crucial element is that government representatives use approved resources and adhere to all federally required procedures rather than relying solely on their own initiative. “.”.
An Iranian man admits guilt in the Baltimore ransomware attack.
Among the worst municipal cybersecurity catastrophes ever, the 2019 ransomware attack on the city government of Baltimore cost taxpayers tens of millions of dollars and paralyzed city services for months. Now, the Department of Justice has shockingly disclosed that it arrested Sina Gholinejad, 37, in North Carolina last January, one of the hackers responsible for the attack, and that he entered a guilty plea. The cities of Greenville, North Carolina, and Yonkers, New York, were among the other targets of the Robbinhood ransomware campaign, in which Gholinejad has acknowledged taking part. Considering that the majority of ransomware criminals take care to stay in nations without extradition agreements with the US government, making them inaccessible to US law enforcement, it is still unclear how Gholinejad was identified and why he traveled from Iran to the US. Indeed, a number of unidentified co-conspirators who might still be at large in Iran are named in the indictment against him.
A massive document leak revealed Russia’s nuclear blueprints.
Russia’s nuclear weapons facilities have been exposed in previously unheard-of detail thanks to more than 2 million documents that were made public in a database, according to reports this week from Germany’s Der Spiegel and Denmark’s Danwatch. Plans for nuclear facilities all over the nation were discovered by reporters looking through the vast collection of documents pertaining to Russian military procurement, to which Russian authorities were gradually limiting access. The data may prove to be immensely valuable for foreign governments and intelligence services, experts said, calling the leak an unprecedented breach of Russia’s nuclear security.
The documents detail the reconstruction of Russia’s nuclear facilities in recent years, the construction of new facilities, and the locations of underground tunnels connecting buildings. They also include detailed site plans that show the locations of barracks and watchtowers. The security and IT systems are described, along with details about the alarm systems in place, the electric fences that are being used, and the surveillance cameras. “The locations of the control rooms and the buildings that are connected to one another by subterranean tunnels are clearly stated,” according to Danwatch.
To find a woman who had an abortion, police used license plate recognition cameras.
Large databases of people’s movements throughout America are being created by license plate recognition cameras, which record the locations and times of automobile travel. Concerns about the cameras being used as a weapon by private investigators or law enforcement to target people seeking abortions or those offering care related to abortions have existed for years. According to 404 Media this week, at the beginning of this month, officials from the Johnson County Sheriff’s Office in Texas, where almost all abortions are prohibited, searched 83,000 Flock license-plate reader cameras in an attempt to find a woman they believe had a self-administered abortion.
Authorities were looking for the woman because her family was worried about her safety, according to Sheriff Adam King, who also stated that they weren’t attempting to “block her from leaving the state.”. Nonetheless, experts claim that searching the entire United States reveals the extensive network of license plate reader cameras and emphasizes how people seeking abortions can be located. “I am not comforted by the notion that police are actively monitoring the whereabouts of women they suspect of having self-administered abortions under the pretense of ‘safety,’” Eva Galperin, director of cybersecurity at the Electronic Frontier Foundation, told 404 Media.
A $200 million loss-related investment scam company was sanctioned by the US government.
Due to their connections to investment and romance scams, commonly known as “pig-butchering” scams, the US Treasury’s Office of Foreign Assets Control has sanctioned Funnull Technology, a Philippine company, and its CEO, Liu Lizhi. “In a statement announcing the sanctions, OFAC stated that Funnull has directly facilitated multiple of these schemes, resulting in over $200 million in losses reported by victims in the United States.”. According to the OFAC, Funnull is “linked to the majority” of investment scam websites that the FBI has received reports of. The company buys IP addresses from major cloud service providers and then sells them to cybercriminals who may use them to host scam websites. Brian Krebs, an independent cybersecurity journalist, described in January how Funnull was misusing cloud services from Microsoft and Amazon.
