Believe it or not no, GameStop shares were not the only story in the world this week. The last few days have also been turbulent for cyber security, especially after revelations that North Korean hackers targeted security personnel with a campaign of persuasive DMs. Many people have shared screenshots of how they evaded the bullet, but it is still unclear how much more fell for the loop.
Speaking of the fall, an international team of law enforcement agencies took down the infamous Emotet botnet this week and arrested two suspected gang members behind it and seized servers in the process. Ransomware operators and other bad actors who used Emotet to distribute their wares are likely to switch to other means of distribution, but at least the ‘most dangerous malware in the world’, as Europol called it, has been extinguished for now.
After all, these things tend to keep going. Take Flash, the software that introduced a thousand vulnerabilities. While Adobe killed it dead last week (for real time), it will continue and cause problems on some systems for years to come. Another possible cause of the problem: Telegram, the messaging app that exploded in popularity as WhatsApp users fled about privacy and Parler about the current state of existence. Although Telegram offers end-to-end encryption, it is not up to standard and is not available for group chats at all. This can lead to some users exposing themselves more than they would assume.
Plans for an encrypted federal weapons registry also challenged the assumptions this week, and it offers a possible way to balance liability with privacy for a hot stove topic. And we looked at how Facebook allows advertisers to target military categories, which can have worrying consequences.
Finally, read the first installment in the series that we will be playing in WIRED this month and next. It follows a conflict with China in 2034 that is pure fiction but feels all too close to the real feeling.
And there is more! Every week we make all the news we have not thoroughly discussed. Click on the headings to read the full stories. And stay safe out there.
Most iOS updates contain some sort of security solution. But it is a more rare occasion that the vulnerabilities they patch are actively exploited by hackers. This is the case with iOS 14.4, released earlier this week, which addresses not just one, but three bugs that attackers use in the wild, according to Apple’s accompanying security update. These are also no less important issues; the relevant bugs that occur in WebKit and the iOS kernel would have allowed arbitrary code execution and escalation of privileges, respectively, both of which could have given a hacker a lot of access to your device and its data. Does that mean you were hacked? Probably not! But it does not make sense to risk it if you can protect yourself by installing the dang update already.
Not all data leaks are equal. In this case, ZDNet shared 2.28 million users of the MeetMindful dating app information such as their real names, dating preferences, geolocation, Facebook user IDs and verification tokens, and ‘body details’ as a free download on a hacking forum. According to ZNet, the forum thread containing the download has been viewed more than 1,500 times since Sunday. Information about the dating profile is not only useful for identity theft but also for more aggressive extortion schemes.
Ransomware has exploded in recent times, with hackers successfully targeting everything from hospitals to cities to international businesses. The DoJ took action this week against one of the many groups responsible for the plague. He arrested a Canadian man who, according to Netwalker, used ransomware to shake victims for a total of $ 27.6 million. Unfortunately, Netwalker is ransomware-as-a-service; the employees arrested a suspected subsidiary rather than a key member of the group behind it. Yet progress is progress.
OK, it’s been a long week and it’s an interview with a guy who had to use bolt cutters to free himself from a chastity belt that a hacker remotely locked. You deserve it.
More great wired stories