United States of America This week it issued a seizure order against Starlink in connection with satellite internet infrastructure used by a fraud complex in Myanmar. The move is part of an interagency U.S. law enforcement initiative announced this week called the District of Columbia Fraud Center Task Force.
Meanwhile, Google this week filed a lawsuit against 25 people it claims are behind a “staggering” and “relentless” text fraud operation that uses a notorious phishing platform as a service called Lighthouse.
WIRED reported this week that the U.S. Department of Homeland Security collected data on Chicago residents accused of gang ties to see if police files could feed the FBI’s watch list — and then, crucially, kept the records for months in violation of domestic espionage laws.
And there are more. Each week, we round up security and privacy news that we haven’t covered in depth ourselves. Click on the headlines to read the full stories. And stay safe there
China’s massive intelligence apparatus has never had its Edward Snowden moment. So any peak in its surveillance and hacking capabilities represents a rare find. Now one of those has been leaked in the form of some 12,000 leaked documents from Chinese hacking contractor firm KnownSec, first revealed on the Chinese-language blog Mxrn.net and then picked up by Western news outlets this week. The leak includes hacking tools such as remote access trojans as well as data mining and analysis programs. Perhaps more interesting is the target list of more than 80 organizations that the hackers claim to have stolen information from. According to Mrxn, the stolen data listed includes 95GB of Indian immigration data, three terabytes of call records from South Korean telecom operator LG U Plus and mentions 459GB of road planning data obtained from Taiwan. In case there was any doubt about who KnownSec did the hack for, reports suggest that the leak also included details of its contracts with the Chinese government.
The cybersecurity community has warned for years that government hackers will soon begin using artificial intelligence tools to augment their infiltration campaigns. The first known AI-powered hacking campaign has now surfaced, according to Anthropic, which says it has discovered a group of Chinese-backed hackers using its Claude tool, which is widely tuned to every stage of hacker hacking. According to Entropic, hackers used the cloud to write malware and extract and analyze stolen data with minimal human interaction. Although the hackers bypassed the cloud protections by using malicious cloud tools in terms of defensive hacking and white hat, Anthropic says it nevertheless detected and stopped them. However, by then, the espionage campaign had successfully infiltrated four organizations.
However, Ars Technica points out that fully AI-based hacking isn’t necessarily ready for prime time yet. According to Entropic, the hackers had a relatively low penetration rate considering they targeted 30 organizations. The AI startup also notes that the tools faked some of the stolen data when it didn’t exist. Currently, government-sponsored spies still have some job security.
North Korea raising money for Kim Jong-un’s regime by getting jobs because remote IT workers don’t work alone with fake identities. Four Americans pleaded guilty this week to allowing North Korea to use their identities as well as receiving and operating company laptops for remote control for North Korean workers. Another man, Oleksandr Dyndenko, a Ukrainian national, pleaded guilty to stealing the identities of 40 Americans for sale to North Korea for use in profiling IT workers.
A report from 404 Media reveals that a Customs and Border Protection program that uses facial recognition to identify migrants is hosted by Google. This application can be used by local law enforcement to determine if a person is a potential interest of ICE. While Google platforms the CBP app, it also recently removed some apps from the Google Play Store that were used for community discussions about ICE activity and ICE agent viewing. Google deemed the removal of the apps necessary under its terms of service because the company says ICE agents are a “vulnerable group.”
