The startup changing the hacker-for-hire industry

If you’re looking for a long read to while away the weekend, we’ve got you covered.First, “Wired” senior reporter Andy Greenberg revealed The crazy story behind the three teenage hackers who created the Mirai botnet code It eventually took down much of the Internet in 2016. In an excerpt from his new book on UFOs, Wired writer Garrett Graff explains Proving that aliens were “discovered” in Roswell, New Mexico, in 1947, Never really happened.Finally, we take a deep dive into the communities where cold case Use facial recognition and other artificial intelligence.

That’s not all. Each week, we summarize security and privacy stories that we don’t cover in depth ourselves. Click on the title to read the full story and stay safe.

For-profit hacking firms such as NSO Group and Hacking Team have been the subject of scandals over the years for selling digital intrusion and cyber espionage services to clients around the world. Far less famous is an Indian startup called Appin, which, with offices in New Delhi, enables clients around the world to attack whistleblowers, activists, corporate rivals, lawyers and celebrities at scale.

In a wide-ranging investigation, Reuters producers spoke to dozens of former Appin employees and hundreds of hacking victims. The company also obtained thousands of internal documents, including 17 promotional documents promoting its “cyber espionage” and “cyber warfare” products, as well as case files from a law enforcement investigation into Appin launched from the United States to Switzerland. The resulting story sheds new light on how a small Indian company “hacked the world,” as Reuters writes, blatantly selling its hacking prowess to the highest bidder through online portals, its victims and by Victims of copycat hacking companies founded by its alumni include Russian oligarch Boris Berezovsky, Malaysian politician Mohamed Azmin Ali, targets of Dominican digital tabloids and Native Americans who tried A member of the tribe is demanding profits from a casino development on New York’s Long Island on his reservation.

A ransomware group called “Scattered Spider” has become one of the most ruthless ransomware groups in the digital extortion industry this year, recently causing an estimated $100 million in losses to MGM Casino. A shocking new report from Reuters – which has had a busy week for their cyber teams – suggests that at least some members of the cybercriminal organization are based in the West, within the purview of US law enforcement. But they have not yet been arrested. Executives at cybersecurity companies tracking Scattered Spider said the FBI said many of those companies’ investigators focused on cybersecurity were poached by the private sector and may lack the personnel needed to investigate. They also noted that victims’ reluctance to immediately cooperate with investigations sometimes resulted in law enforcement losing valuable evidence.

Denmark’s Critical Infrastructure Computer Emergency Response Team (SektorCERT) warned in a report on Sunday that hackers exploited vulnerabilities in the firewall equipment of 22 Danish power companies to invade their networks. Danish journalist Henrik Moltke revealed, calling the campaign the largest of its kind targeting the Danish power grid. Several clues in the hacking infrastructure indicate that the group behind the intrusion is the notorious Sandworm, aka Unit 74455 of Russia’s GRU military intelligence agency, which has been responsible for only three confirmed hacker-induced outages in history. The incidents all occurred in Ukraine. But in this case, the hackers were discovered and expelled from the target network before causing any disruption to utility customers.

Last month, Wired reported on the efforts of a white-hat hacking startup called Unciphered to unlock valuable cryptocurrency wallets whose owners had forgotten their passwords, including some stashes $250 Million Worth of Bitcoin Stuck on Encrypted USB DriveNow, the same company has revealed that it discovered a flaw in a widely used random number generator in cryptocurrency wallets created before 2016, leaving many wallets vulnerable to theft, with the vulnerable funds potentially totaling up to $1 billion. Unciphered discovered the flaw while trying to unlock $600,000 worth of cryptocurrency in a customer’s wallet. They were unable to crack it, but in the process discovered a flaw in a piece of open-source code called BitcoinJS that disabled a large number of other wallets. It is possible to be attacked by hackers. The coder who planted the flaw in BitcoinJS was none other than Stefan Thomas, the owner of $250 million worth of Bitcoins locked on a USB drive.

Source link

Leave a Comment