Crime

US Charges Duo Behind 'Anonymous Sudan' For Over 35,000 DDoS Attacks (hackread.com) 33

An anonymous reader quotes a report from Hackread: The United States Department of Justice (DoJ) has indicted two Sudanese nationals for their alleged role in operating the hacktivist group Anonymous Sudan. The group claimed fame for conducting "tens of thousands" of large-scale and crippling Distributed Denial of Service attacks (DDoS attacks) targeting critical infrastructure, corporate networks, and government agencies globally. Ahmed Salah Yousif Omer, 22, and Alaa Salah Yusuuf Omer, 27, stand accused of conspiracy to damage protected computers. Ahmed Salah faces additional charges for damaging protected computers. The duo is believed to have controlled Anonymous Sudan, which, since early 2023, launched attacks on high-profile entities such as ChatGPT, UAE's Flydubai Airline, London Internet Exchange, Microsoft, and the Israeli BAZAN Group.

The group and its clients also utilized the Distributed Cloud Attack Tool (DCAT) to conduct over 35,000 DDoS attacks. These attacks targeted sensitive government and critical infrastructure in the U.S. and globally, including the Department of Justice, Department of Defense, FBI, State Department, and Cedars-Sinai Medical Center in Los Angeles. The attacks, which sometimes lasted days, reportedly caused major damage, often crippling websites and networks. For instance, the attack on Cedars-Sinai Medical Center forced the redirection of incoming patients for eight hours, causing over $10 million in damages to U.S. victims.

China

China Cyber Association Calls For Review of Intel Products Sold In China (reuters.com) 49

The Cybersecurity Association of China (CSAC) has recommended a security review of Intel's products sold in China, accusing the U.S. chipmaker of harming national security and citing vulnerabilities in its chips. Reuters reports: While CSAC is an industry group rather than a government body, it has close ties to the Chinese state and the raft of accusations against Intel, published in a long post on its official WeChat account, could trigger a security review from China's powerful cyberspace regulator, the Cyberspace Administration of China (CAC). "It is recommended that a network security review is initiated on the products Intel sells in China, so as to effectively safeguard China's national security and the legitimate rights and interests of Chinese consumers," CSAC said. [...]

CSAC in its post accuses Intel chips, including Xeon processors used for artificial intelligence tasks, of carrying several vulnerabilities, concluding that Intel "has major defects when it comes to product quality, security management, indicating that it is extremely irresponsible attitude towards customers." The industry group goes on to state that operating systems embedded in all Intel processors are vulnerable to backdoors created by the U.S. National Security Agency (NSA). "This poses a great security threat to the critical information infrastructures of countries all over the world, including China...the use of Intel products poses a serious risk to national security." CSAC said.

Businesses

Startup Can Identify Deepfake Video In Real Time (wired.com) 28

An anonymous reader quotes a report from Wired: Real-time video deepfakes are a growing threat for governments, businesses, and individuals. Recently, the chairman of the US Senate Committee on Foreign Relations mistakenly took a video call with someone pretending to be a Ukrainian official. An international engineering company lost millions of dollars earlier in 2024 when one employee was tricked by a deepfake video call. Also, romance scams targeting everyday individuals have employed similar techniques. "It's probably only a matter of months before we're going to start seeing an explosion of deepfake video, face-to-face fraud," says Ben Colman, CEO and cofounder at Reality Defender. When it comes to video calls, especially in high-stakes situations, seeing should not be believing.

The startup is laser-focused on partnering with business and government clients to help thwart AI-powered deepfakes. Even with this core mission, Colman doesn't want his company to be seen as more broadly standing against artificial intelligence developments. "We're very pro-AI," he says. "We think that 99.999 percent of use cases are transformational -- for medicine, for productivity, for creativity -- but in these kinds of very, very small edge cases the risks are disproportionately bad." Reality Defender's plan for the real-time detector is to start with a plug-in for Zoom that can make active predictions about whether others on a video call are real or AI-powered impersonations. The company is currently working on benchmarking the tool to determine how accurately it discerns real video participants from fake ones. Unfortunately, it's not something you'll likely be able to try out soon. The new software feature will only be available in beta for some of the startup's clients.

As Reality Defender works to improve the detection accuracy of its models, Colman says that access to more data is a critical challenge to overcome -- a common refrain from the current batch of AI-focused startups. He's hopeful more partnerships will fill in these gaps, and without specifics, hints at multiple new deals likely coming next year. After ElevenLabs was tied to a deepfake voice call of US president Joe Biden, the AI-audio startup struck a deal with Reality Defender to mitigate potential misuse. [...] "We don't ask my 80-year-old mother to flag ransomware in an email," says Colman. "Because she's not a computer science expert." In the future, it's possible real-time video authentication, if AI detection continues to improve and shows to be reliably accurate, will be as taken for granted as that malware scanner quietly humming along in the background of your email inbox.

United Kingdom

UK Considering Making USB-C the Common Charging Standard, Following the EU (neowin.net) 167

Following moves by both the European Union and India to implement USB-C as the default charging port for all consumer devices, the British government has now begun a consultation on whether it should follow suit and implement a common standard for charging, and if this should be USB-C. From a report: The consultation has been started by the Office for Product Safety and Standards which sits within the Department for Business and Trade, and it calls for manufacturers, importers, distributors, and trade associations to provide their input on the matter. Of course, should the UK decide against adopting USB-C and implement a separate standard, expect that device manufacturers just provide dongles to support this rather than having unique device versions.

The Office for Product Safety and Standards stated the following on this topic: "We consider that it would potentially help businesses and deliver consumer and environmental benefits if we were to introduce standardized requirements for chargers for certain portable electrical/electronic devices across the whole UK. We are seeking views from manufacturers, importers, distributors, and trade associations as to whether it would be helpful to do so and, if so, whether this should be based on USB-C â" as adopted by the EU."

Power

Were America's Electric Car Subsidies Worth the Money? (msn.com) 265

America's electric vehicle subsidies brought a 2-to-1 return on investment, according to a paper by the National Bureau of Economic Research. "That includes environmental benefits, but mostly reflects a shift of profits to the United States," reports the New York Times. "Before the climate law, tax credits were mainly used to buy foreign-made cars." "What the [subsidy legislation] did was swing the pendulum the other way, and heavily subsidized American carmakers," said Felix Tintelnot, an associate professor of economics at Duke University who was a co-author of the paper. Those benefits were undermined, however, by a loophole allowing dealers to apply the subsidy to leases of foreign-made electric vehicles. The provision sends profits to non-American companies, and since those foreign-made vehicles are on average heavier and less efficient, they impose more environmental and road-safety costs. Also, the researchers estimated that for every additional electric vehicle the new tax credits put on the road, about three other electric vehicle buyers would have made the purchases even without a $7,500 credit. That dilutes the effectiveness of the subsidies, which are forecast to cost as much as $390 billion through 2031.
The chief economist at Cox Automotive (which provided some of the data) tells the Times that "we could do better", but adds that the subsidies were "worth the money invested". But of course, that depends partly on how benefits were calculated: [U]ing the Environmental Protection Agency's "social cost of carbon" metric, they calculated the dollar cost of each model's lifetime carbon emissions from both manufacturing and driving. On average, emissions by gas-powered vehicles impose 57% greater costs than electric vehicles. The study then calculated harms from air pollution other than greenhouse gases — smog, for example. That's where electric vehicles start to perform relatively poorly, since generating the electricity for them still creates pollution. Those harms will probably fade as more wind and solar energy comes online, but they are significant. Finally, the authors added the road deaths associated with heavier cars. Batteries are heavy, so electric vehicles — especially the largest — are likelier to kill people in crashes.

Totaling these costs and then subtracting fiscal benefits through gas taxes and electricity bills, electric vehicles impose $16,003 in net harms, the authors said, while gas vehicles impose $19,239. But the range is wide, with the largest electric vehicles far outpacing many internal combustion cars.

By this methodology, a large electric pickup like the Rivian imposes three times the harms of a Prius, according to one of the study's co-authors (a Stanford professor of global environmental). And yet "we are subsidizing the Rivian and not the Prius..."
United Kingdom

Can the UK Increase Green Energy with 'Zonal Energy Pricing'? (theguardian.com) 63

To avoid overloading local electric grids, Britain's most productive windfarm "is paid to turn off," reports the Guardian — and across the industry these so-called "constraint payments" amount to billions every year.

"Government officials are hoping to correct the clear inefficiencies in the market by overhauling the market itself." Greg Jackson, the founder of Octopus Energy, told the Guardian: "It's grotesque that energy costs are rising again this winter, whilst we literally pay windfarms these extortionate prices not to generate. Locational pricing would instead mean that local people got cheap power when it's windy. Scotland would have the cheapest power in Europe, instead of among the most expensive, and every region would be cheaper than today. Companies would invest in infrastructure where we need it — not where they get the highest subsidies."

The changes could catalyse an economic osmosis of high energy users — such as datacentres and factories — into areas of the country with low energy prices, creating new job opportunities beyond the south-east. It could also spur the development of new energy projects — particularly rooftop solar — across buildings in urban areas where energy demand is high. This rebalancing of the energy market could save the UK nearly £49bn in accumulated network costs by 2040, according to a study commissioned by the energy regulator from FTI Consulting.

But others fear the changes could come at a deeper cost to Britain's climate goals — and bill payers too. The clean energy companies preparing to spend billions on building new wind and solar farms are concerned that a redrawing of the market boundaries could radically change the economics of new renewable energy projects — which would ultimately raise the costs, which would be passed on to consumers, or see the projects scrapped altogether... With stiff competition in the international markets for investment in clean energy, Renewable UK [the industry's trade group] fears that companies and their investors will simply choose to build new clean energy projects elsewhere.

"The debate has driven deep rifts across the industry," the article concludes, "between modernisers who believe the new price signals would give rise to a new, rational market and those who fear the changes risk unravelling Britain's low-carbon agenda...

"The government is expected to make a decision on how to proceed in the coming months, but the fierce debate between warring factions of the energy industry is likely to continue for far longer."

Thanks to long-time Slashdot reader AmiMoJo for sharing the news.
The Military

Mystery Drones Swarmed a US Military Base for 17 Days. Investigators are Stumped (msn.com) 133

The Wall Street Journal reports on a "suspicious fleet of unidentified aircraft... as many as a dozen or more" that appeared in Virginia 10 months ago "over an area that includes the home base for the Navy's SEAL Team Six and Naval Station Norfolk, the world's largest naval port." The article notes this was just 10 months after the U.S. shot down a Chinese spy balloon...

After watching the drones — some "roughly 20 feet long and flying at more than 100 miles an hour" — there were weeks of meetings where "Officials from agencies including the Defense Department, Federal Bureau of Investigation and the Pentagon's UFO office joined outside experts to throw out possible explanations as well as ideas about how to respond..." Federal law prohibits the military from shooting down drones near military bases in the U.S. unless they pose an imminent threat. Aerial snooping doesn't qualify, though some lawmakers hope to give the military greater leeway...

Drone incursions into restricted airspace was already worrying national-security officials. Two months earlier, in October 2023, five drones flew over a government site used for nuclear-weapons experiments. The Energy Department's Nevada Nuclear Security Site outside Las Vegas detected four of the drones over three days. Employees spotted a fifth. U.S. officials said they didn't know who operated the drones in Nevada, a previously unreported incursion, or for what reason. A spokeswoman said the facility has since upgraded a system to detect and counter drones...

Over 17 days, the [Virginia] drones arrived at dusk, flew off and circled back... They also were nearly impossible to track, vanishing each night despite a wealth of resources deployed to catch them. Gen. Glen VanHerck, at the time commander of the U.S. Northern Command and the North American Aerospace Defense Command, said drones had for years been spotted flying around defense installations. But the nightly drone swarms over Langley [Air Force base], he said, were unlike any past incursion...

Analysts learned that the smaller quadcopters didn't use the usual frequency band available for off-the-shelf commercial drones — more evidence that the drone operators weren't hobbyists.

"Langley officials canceled nighttime training missions, worried about potential collisions with the drone swarm, and moved the F-22 jet fighters to another base... On December 23, the drones made their last visit."

But toward the end of the article, it notes that "In January, authorities found a clue they hoped would crack the case." It was a student at the University of Minnesota named Fengyun Shi — who was reported flying a drone on a rainy morning near a Virginia shipyard that builds nuclear submarines and aircraft carriers. Their drone got stuck in a tree, and ended up with federal investigators who found "Shi had photographed Navy vessels in dry dock, including shots taken around midnight. Some were under construction at the nearby shipyard." On Jan. 18, federal agents arrested Shi as he was about to board a flight to China on a one-way ticket. Shi told FBI agents he was a ship enthusiast and hadn't realized his drone crossed into restricted airspace. Investigators weren't convinced. but found no evidence linking him to the Chinese government. They learned he had bought the drone on sale at a Costco in San Francisco the day before he traveled to Norfolk. U.S. prosecutors charged Shi with unlawfully taking photos of classified naval installations, the first case involving a drone under a provision of U.S. espionage law. The 26-year-old Chinese national pleaded guilty and appeared in federal court in Norfolk on Oct. 2 for sentencing. Magistrate Judge Lawrence Leonard said he didn't believe Shi's story — that he had been on vacation and was flying drones in the middle of the night for fun. "There's significant holes," the judge said in court.

"If he was a foreign agent, he would be the worst spy ever known," said Shi's attorney, Shaoming Cheng. "I'm sorry about what happened in Norfolk," Shi said before he was sentenced to six months in federal prison.

But "U.S. officials have yet to determine who flew the Langley drones or why..."

"U.S. officials confirmed this month that more unidentified drone swarms were spotted in recent months near Edwards Air Force Base, north of Los Angeles."
Crime

WSJ Profiles The 'Dangerous' Autistic Teen Cybercriminal Who Leaked GTA VI Clips (msn.com) 78

The Wall Street Journal delves into the origin story of that teenaged Grand Theft Auto VI leaker. Arion Kurtaj, now 19 years old, is the most notorious name that has emerged from a sprawling set of online communities called the Com... Their youthful inventiveness and tenacity, as well as their status as minors that make prosecution more complicated, have made the Com especially dangerous, according to law-enforcement officials and cybersecurity investigators. Some kids, they say, are recruited from popular online spaces like Minecraft or Roblox.... [William McKeen, a supervisory special agent with the FBI's Cyber Division] said the average age of anyone arrested for a crime in the U.S. is 37, while the average age of someone arrested for cybercrime is 19. Cybersecurity investigators have found posts they say suggest Kurtaj has been involved in online attacks since he was 11.
"He had limited social skills and trouble developing relationships, records say — and ultimately looked for approval in the booming world of cybercrime..." [When Kurtaj was 14] he landed in a residential school serving children with severe emotional and behavioral needs. Kurtaj was physically assaulted by a staff member at his school who was later convicted as a result, according to a person familiar with the case. In early 2021, his mother brought him home and removed him from government care, court records say. He never returned to school. He was 16.

A month after his mother pulled him out of school, investigators say that Kurtaj was part of a hacking group called Recursion Team that broke into the videogame firm Electronic Arts and stole 780 gigabytes of data. When Electronic Arts refused to engage, they dumped the stolen data online. Within a week of that hack, investigators had identified Kurtaj and provided his name to the FBI. Later in that summer of 2021, according to court records, Kurtaj partnered with another teenager, known as ASyntax, and several Brazilian hackers, and started calling themselves Lapsus$. The group hacked into the British telecommunications giant BT in an effort to steal money using a technique called SIM swapping... The hacks weren't always for money. In late 2021, Lapsus$ hacked into a website operated by Brazil's Ministry of Health and deleted the country's database of Covid vaccinations, according to law enforcement...

If the Com has a social center, it's a website called Doxbin, where users publish personal details, such as home addresses and phone numbers, of their online rivals in an attempt to intimidate each other. Kurtaj bought Doxbin in November 2021 for $75,000, according to Chainalysis. But after a few months, the previous owners accused Kurtaj of mismanaging the site and pressured him to sell it back. He relented. Then in January 2022, cybersecurity investigators say, he doxxed the entire site, publishing a database that included usernames, passwords and email addresses that he'd downloaded when he was the owner. For cybersecurity experts, it was a gold mine. "It helped investigators piece together which crimes were done by who," said Allison Nixon, chief research officer at Unit 221B, an online investigations firm.

Doxbin's owners responded with a dox of Kurtaj and his family, including his home address and photos of him, investigators say — setting up the chain of events that would put Kurtaj in the Travelodge.

After two weeks of "protective custody" there — during which time he was supposed to be computer-free — Kurtaj "was arrested a third time and charged with hacking, fraud and blackmail. Authorities said that while at the Travelodge, he broke into Uber and taunted the company by posting a link to a photo of an erect penis on the company's internal Slack messaging system, then stole software and videos from Rockstar Games. Stolen clips had popped up in a Grand Theft Auto discussion forum from a user named teapotuberhacker and stirred a frenzy.

"As officers collected evidence, the teen stood by, emotionless, police say...."

"Kurtaj's lawyers and some experts on autism have said a potential lifetime of incarceration isn't appropriate for a teenager like Kurtaj..."

Thanks to long-time Slashdot reader SpzToid for sharing the article.
Microsoft

Microsoft's Take On Kernel Access and Safe Deployment After CrowdStrike Incident (securityweek.com) 45

wiredmikey writes: As the dust settles following the massive Windows BSOD tech outages caused by CrowdStrike in July 2024, the question is now, how do we prevent this happening again? While there was no current way Microsoft could have prevented this incident, the OS firm is obviously keen to prevent anything similar happening in the future. SecurityWeek talked to David Weston, VP enterprise and OS security at Microsoft, to discuss Windows kernel access and safe deployment practices (or SDP).
Former Ukranian officer Serhii "Flash" Beskrestnov created a Signal channel where military communications specialists could talk with civilian radio experts, reports MIT's Technology Review. But radio communications are crucial for drones, so... About once a month, he drives hundreds of kilometers east in a homemade mobile intelligence center: a black VW van in which stacks of radio hardware connect to an array of antennas on the roof that stand like porcupine quills when in use. Two small devices on the dash monitor for nearby drones. Over several days at a time, Flash studies the skies for Russian radio transmissions and tries to learn about the problems facing troops in the fields and in the trenches.

He is, at least in an unofficial capacity, a spy. But unlike other spies, Flash does not keep his work secret. In fact, he shares the results of these missions with more than 127,000 followers — including many soldiers and government officials — on several public social media channels. Earlier this year, for instance, he described how he had recorded five different Russian reconnaissance drones in a single night — one of which was flying directly above his van... Drones have come to define the brutal conflict that has now dragged on for more than two and a half years. And most rely on radio communications — a technology that Flash has obsessed over since childhood. So while Flash is now a civilian, the former officer has still taken it upon himself to inform his country's defense in all matters related to radio...

Flash has also become a source of some controversy among the upper echelons of Ukraine's military, he tells me. The Armed Forces of Ukraine declined multiple requests for comment, but Flash and his colleagues claim that some high-ranking officials perceive him as a security threat, worrying that he shares too much information and doesn't do enough to secure sensitive intel... [But] His work has become greatly important to those fighting on the ground, and he recently received formal recognition from the military for his contributions to the fight, with two medals of commendation — one from the commander of Ukraine's ground forces, the other from the Ministry of Defense...

And given the mounting evidence that both militaries and militant groups in other parts of the world are now adopting drone tactics developed in Ukraine, it's not only his country's fate that Flash may help to determine — but also the ways that armies wage war for years to come.

He's also written guides on building cheap anti-drone equipment...
China

Who's Winning America's 'Tech War' With China? (wired.com) 78

In mid-2021 Ameria's National Security Advisor set up a new directorate focused on "advanced chips, quantum computing, and other cutting-edge tech," reports Wired. And the next year as Congress was working on boosting America's semiconductor sector, he was "closing in on a plan to cripple China's... In October 2022, the Commerce Department forged ahead with its new export controls."

So what happened next? In a phone call with President Biden this past spring, Xi Jinping warned that if the US continued trying to stall China's technological development, he would not "sit back and watch." And he hasn't. Already, China has answered the US export controls — and its corresponding deals with other countries — by imposing its own restrictions on critical minerals used to make semiconductors and by hoovering up older chips and manufacturing equipment it is still allowed to buy. For the past several quarters, in fact, China was the top customer for ASML and a number of Japanese chip companies. A robust black market for banned chips has also emerged in China. According to a recent New York Times investigation, some of the Chinese companies that have been barred from accessing American chips through US export controls have set up new corporations to evade those bans. (These companies have claimed no connection to the ones who've been banned.) This has reportedly enabled Chinese entities with ties to the military to obtain small amounts of Nvidia's high-powered chips.

Nvidia, meanwhile, has responded to the US actions by developing new China-specific chips that don't run afoul of the US controls but don't exactly thrill the Biden administration either. For the White House and Commerce Department, keeping pace with all of these workarounds has been a constant game of cat and mouse. In 2023, the US introduced the first round of updates to its export controls. This September, it released another — an announcement that was quickly followed by a similar expansion of controls by the Dutch. Some observers have speculated that the Biden administration's actions have only made China more determined to invest in its advanced tech sector.

And there's clearly some truth to that. But it's also true that China has been trying to become self-sufficient since long before Biden entered office. Since 2014, it has plowed nearly $100 billion into its domestic chip sector. "That was the world we walked into," [NSA Advisor Jake] Sullivan said. "Not the world we created through our export controls." The United States' actions, he argues, have only made accomplishing that mission that much tougher and costlier for Beijing. Intel CEO Pat Gelsinger estimated earlier this year that there's a "10-year gap" between the most powerful chips being made by Chinese chipmakers like SMIC and the ones Intel and Nvidia are working on, thanks in part to the export controls.

If the measure of Sullivan's success is how effectively the United States has constrained China's advancement, it's hard to argue with the evidence. "It's probably one of the biggest achievements of the entire Biden administration," said Martijn Rasser, managing director of Datenna, a leading intelligence firm focused on China. Rasser said the impact of the US export controls alone "will endure for decades." But if you're judging Sullivan's success by his more idealistic promises regarding the future of technology — the idea that the US can usher in an era of progress dominated by democratic values — well, that's a far tougher test. In many ways, the world, and the way advanced technologies are poised to shape it, feels more unsettled than ever.

Four years was always going to be too short for Sullivan to deliver on that promise. The question is whether whoever's sitting in Sullivan's seat next will pick up where he left off.

The Military

The Radio-Obsessed Civilian Shaping Ukraine's Drone Defense (technologyreview.com) 42

Former Ukranian officer Serhii "Flash" Beskrestnov created a Signal channel where military communications specialists could talk with civilian radio experts, reports MIT's Technology Review. But radio communications are crucial for drones, so... About once a month, he drives hundreds of kilometers east in a homemade mobile intelligence center: a black VW van in which stacks of radio hardware connect to an array of antennas on the roof that stand like porcupine quills when in use. Two small devices on the dash monitor for nearby drones. Over several days at a time, Flash studies the skies for Russian radio transmissions and tries to learn about the problems facing troops in the fields and in the trenches.

He is, at least in an unofficial capacity, a spy. But unlike other spies, Flash does not keep his work secret. In fact, he shares the results of these missions with more than 127,000 followers — including many soldiers and government officials — on several public social media channels. Earlier this year, for instance, he described how he had recorded five different Russian reconnaissance drones in a single night — one of which was flying directly above his van... Drones have come to define the brutal conflict that has now dragged on for more than two and a half years. And most rely on radio communications — a technology that Flash has obsessed over since childhood. So while Flash is now a civilian, the former officer has still taken it upon himself to inform his country's defense in all matters related to radio...

Flash has also become a source of some controversy among the upper echelons of Ukraine's military, he tells me. The Armed Forces of Ukraine declined multiple requests for comment, but Flash and his colleagues claim that some high-ranking officials perceive him as a security threat, worrying that he shares too much information and doesn't do enough to secure sensitive intel... [But] His work has become greatly important to those fighting on the ground, and he recently received formal recognition from the military for his contributions to the fight, with two medals of commendation — one from the commander of Ukraine's ground forces, the other from the Ministry of Defense...

And given the mounting evidence that both militaries and militant groups in other parts of the world are now adopting drone tactics developed in Ukraine, it's not only his country's fate that Flash may help to determine — but also the ways that armies wage war for years to come.

He's also written guides on building cheap anti-drone equipment...
Security

European Govt Air-Gapped Systems Breached Using Custom Malware (bleepingcomputer.com) 51

An APT hacking group known as GoldenJackal has successfully breached air-gapped government systems in Europe using two custom toolsets to steal sensitive data, like emails, encryption keys, images, archives, and documents. From a report: According to an ESET report, this happened at least two times, one against the embassy of a South Asian country in Belarus in September 2019 and again in July 2021, and another against a European government organization between May 2022 and March 2024. In May 2023, Kaspersky warned about GoldenJackal's activities, noting that the threat actors focus on government and diplomatic entities for purposes of espionage. Although their use of custom tools spread over USB pen drives, like the 'JackalWorm,' was known, cases of a successful compromise of air-gapped systems were not previously confirmed.
The Internet

Ukraine Arrests VPN Operator Facilitating Access to Russian Internet (circleid.com) 122

penciling_in writes: Ukrainian authorities have arrested a 28-year-old man in Khmelnytskyi for running an illegal VPN service that allowed users to bypass Ukrainian sanctions and access the Russian internet (Runet). The VPN, active since Russia's invasion, enabled Russian sympathizers and people in occupied territories to reach blocked Russian government sites, social media, and news.

Handling over 100GB of data daily and linking to 48 million Russian IP addresses, the VPN may have been exploited by Russian intelligence. Ukrainian cyber police, in collaboration with the National Security Service, seized servers and equipment in multiple locations. The suspect faces charges under Part 5 of Article 361 of Ukraine's Criminal Code, which could lead to a 15-year prison sentence. Investigations are ongoing into further connections and funding sources. The case highlights the growing role of VPNs in the ongoing cyberwar between Ukraine and Russia.

China

US Officials Race To Understand Severity of China's Salt Typhoon Hacks (msn.com) 20

U.S. officials are racing to understand the full scope of a China-linked hack of major U.S. broadband providers, as concerns mount from members of Congress that the breach could amount to a devastating counterintelligence failure. From a report: Federal authorities and cybersecurity investigators are probing the breaches of Verizon Communications, AT&T and Lumen Technologies. A stealthy hacking group known as Salt Typhoon tied to Chinese intelligence is believed to be responsible. The compromises may have allowed hackers to access information from systems the federal government uses for court-authorized network wiretapping requests, The Wall Street Journal reported last week.

Among the concerns are that the hackers may have essentially been able to spy on the U.S. government's efforts to surveil Chinese threats, including the FBI's investigations. The House Select Committee on China sent letters Thursday asking the three companies to describe when they became aware of the breaches and what measures they are taking to protect their wiretap systems from attack. Spokespeople for AT&T, Lumen and Verizon declined to comment on the attack. A spokesman at the Chinese Embassy in Washington has denied that Beijing is responsible for the alleged breaches.

Combined with other Chinese cyber threats, news of the Salt Typhoon assault makes clear that "we face a cyber-adversary the likes of which we have never confronted before," Rep. John Moolenaar, the Republican chairman of the House Select Committee Committee on China, and Raja Krishnamoorthi, the panel's top Democrat, said in the letters. "The implications of any breach of this nature would be difficult to overstate," they said. Hackers still had access to some parts of U.S. broadband networks within the last week, and more companies were being notified that their networks had been breached, people familiar with the matter said. Investigators remain in the dark about precisely what the hackers were seeking to do, according to people familiar with the response.

The Internet

Hacktivists Claim Responsibility For Taking Down the Internet Archive (gizmodo.com) 91

An anonymous reader quotes a report from Gizmodo: The Internet Archive and Wayback Machine went down on Tuesday following a sustained cyber attack. In addition, the Archive's user data has been compromised. If you've ever logged into the site to pore over its ample archives, it's time to change your passwords. [...] A pro-Palestenian hacktivist group called SN_BLACKMETA has taken responsibility for the hack on X and Telegram. "They are under attack because the archive belongs to the USA, and as we all know, this horrendous and hypocritical government supports the genocide that is being carried out by the terrorist state of 'Israel,'" the group said on X when someone asked them why they'd gone after the Archive.

The group elaborated on its reasoning in a now-deleted post on X. Jason Scott, an archivist at the Archive, screenshotted it and shared it. "Everyone calls this organization 'non-profit', but if its roots are truly in the United States, as we believe, then every 'free' service they offer bleeds millions of lives. Foreign nations are not carrying their values beyond their borders. Many petty children are crying in the comments and most of those comments are from a group of Zionist bots and fake accounts," the post said.

SN_BLACKMETA also claimed responsibility for a six-day DDoS attack on the Archive back in May. "Since the attacks began on Sunday, the DDoS intrusion has been launching tens of thousands of fake information requests per second. The source of the attack is unknown," Chris Freeland, Director of Library Services at the Archive said in a post about the attacks back in May. SN_BLACKMETA launched its Telegram channel on November 23 and has claimed responsibility for a number of other attacks including a six-day DDoS run at Arab financial institutions and various attacks on Israeli tech companies in the spring.

Crime

The FBI Secretly Created a Coin To Investigate Crypto Pump-and-Dump Schemes (theverge.com) 42

The FBI created a cryptocurrency as part of an investigation into price manipulation in crypto markets, the government revealed on Wednesday. From a report: The FBI's Ethereum-based token, NexFundAI, was created with the help of "cooperating witnesses." As a result of the investigation, the Securities and Exchange Commission charged three "market makers" and nine people for allegedly engaging in schemes to boost the prices of certain crypto assets. The Department of Justice charged 18 people and entities for "widespread fraud and manipulation" in crypto markets.

The defendants allegedly made false claims about their tokens and executed so-called "wash trades" to create the impression of an active trading market, prosecutors claim. The three market makers -- ZMQuant, CLS Global, and MyTrade -- allegedly wash traded or conspired to wash trade on behalf of NexFundAI, an Ethereum-based token they didn't realize was created by the FBI.

"What the FBI uncovered in this case is essentially a new twist to old-school financial crime," Jodi Cohen, the special agent in charge of the FBI's Boston division, said in a statement. "What we uncovered has resulted in charges against the leadership of four cryptocurrency companies, and four crypto 'market makers' and their employees who are accused of spearheading a sophisticated trading scheme that allegedly bilked honest investors out of millions of dollars."

China

How the US Lost the Solar Power Race To China (bloomberg.com) 182

An anonymous reader shares a report: Washington blames China's dominance of the solar industry on what are routinely dubbed "unfair trade practices." But that's just a comforting myth. China's edge doesn't come from a conspiratorial plot hatched by an authoritarian government. It hasn't been driven by state-owned manufacturers, subsidized loans to factories, tariffs on imported modules or theft of foreign technological expertise. Instead, it's come from private businesses convinced of a bright future, investing aggressively and luring global talent to a booming industry â" exactly the entrepreneurial mix that made the US an industrial powerhouse.

The fall of America as a solar superpower is a tragedy of errors where myopic corporate leadership, timid financing, oligopolistic complacency and policy chaos allowed the US and Europe to neglect their own clean-tech industries. That left a yawning gap that was filled by Chinese start-ups, sprouting like saplings in a forest clearing. If rich democracies are playing to win the clean technology revolution, they need to learn the lessons of what went wrong, rather than just comfort themselves with fairy tales.

To understand what happened, I visited two places: Hemlock, Michigan, a tiny community of 1,408 people that used to produce about one-quarter of the world's PV-grade polysilicon, and Leshan, China, which is now home to some of the world's biggest polysilicon factories. The similarities and differences between the towns tell the story of how the US won the 20th century's technological battle -- and how it risks losing its way in the decades ahead.

[...] Meanwhile, the core questions are often almost impossible to answer. Is Tongwei's cheap electricity from a state-owned utility a form of government subsidy? What about Hemlock's tax credits protecting it from high power prices? Chinese businesses can often get cheap land in industrial parks, something that's often considered a subsidy. But does zoning US land for industrial usage count as a subsidy too? Most countries have tax credits for research and development and compete to lower their corporate tax rates to encourage investment. The factor that determines whether such initiatives are considered statist industrial policy (bad), or building a business-friendly environment (good), is usually whether they're being done by a foreign government, or our own.

United Kingdom

How a UK Treaty Could Spell the End of the .io Domain (theverge.com) 41

AmiMoJo writes: A treaty finalized by the UK may bring about the end of the .io domain. Last week, the British government announced that it has agreed to give up ownership of the Chagos Islands, a territory in the Indian Ocean it has controlled since 1814 -- relinquishing the .io domain with it.

The Internet Assigned Numbers Authority (IANA) has a process for retiring old country code domains within five years (with the possibility for extensions). The IANA established this rule after the Soviet Union's .su domain lingered after its collapse, becoming a domain commonly used among cybercriminals. Since then, IANA has also had to retire the .yu domain previously used for Yugoslavia, but it remained operational for years following the country's breakup while government websites transitioned to new domains. And while the independent Solomon Islands does have the domain name .sb, where 'B' stands for how it used to be a British protectorate, that domain was registered decades after it achieved independence. The UK still has the inactive .gb domain as well, but it's considering getting rid of it.

Twitter

Brazil Unblocks X (npr.org) 87

X has been restored in Brazil after being shut down nationwide for over a month. According to court documents released today, X ultimately complied with all of Brazilian Supreme Court Justice Alexandre de Moraes' demands. "They included blocking certain accounts from the platform, paying outstanding fines and naming a legal representative in the country," reports NPR. "Failure to do the latter had triggered the suspension." From the report: Elon Musk's X was blocked blocked on Aug. 30 in the highly online country of 213 million people -- and one of X's biggest markets, with estimates of its user base ranging from 20 to 40 million. De Moraes ordered the shutdown after a monthslong dispute with Musk over free speech, far-right accounts and misinformation. Musk had disparaged de Moraes, calling him an authoritarian and a censor, even though his rulings, including X's suspension, were repeatedly upheld by his peers.

Brazilian law requires foreign companies to have a local legal representative to receive notifications of court decisions and swiftly take any requisite action -- particularly, in X's case, the takedown of accounts. Conceicao was first named X's legal representative in April and resigned four months later. The company named her to the same job on Sep. 20, according to the public filing with the Sao Paulo commercial registry. In an apparent effort to shield Conceicao from potential violations by X -- and risking arrest -- a clause has been written into Conceicao's new representation agreement that she must follow Brazilian law and court decisions, and that any legal responsibility she assumes on X's behalf requires prior instruction from the company in writing, according to the company's filing.

There is nothing illegal or suspect about using a company like BR4Business for legal representation, but it shows that X is doing the bare minimum to operate in the country, said Fabio de Sa e Silva, a lawyer and associate professor of International and Brazilian Studies at the University of Oklahoma. "It doesn't demonstrate an intention to truly engage with the country. Take Meta, for example, and Google. They have an office, a government relations department, precisely to interact with public authorities and discuss Brazil's regulatory policies concerning their businesses," Silva added. [...] "The concern now is what comes next and how X, once back in operation, will manage to meet the demands of the market and local authorities without creating new tensions," he said.

Privacy

MoneyGram Says Hackers Stole Customers' Personal Information, Transaction Data (techcrunch.com) 6

An anonymous reader quotes a report from TechCrunch: U.S. money transfer giant MoneyGram has confirmed that hackers stole its customers' personal information and transaction data during a cyberattack last month. The company said in a statement Monday that an unauthorized third party "accessed and acquired" customer data during the cyberattack on September 20. The cyberattack -- the nature of which remains unknown -- sparked a week-long outage that resulted in the company's website and app falling offline. MoneyGram says it serves over 50 million people in more than 200 countries and territories each year.

The stolen customer data includes names, phone numbers, postal and email addresses, dates of birth, and national identification numbers. The data also includes a "limited number" of Social Security numbers and government identification documents, such as driver's licenses and other documents that contain personal information, like utility bills and bank account numbers. MoneyGram said the types of stolen data will vary by individual. MoneyGram said that the stolen data also included transaction information, such as dates and amounts of transactions, and, "for a limited number of consumers, criminal investigation information (such as fraud)."

Slashdot Top Deals