Security
Headlines
HeadlinesLatestCVEs

Headline

How 3 Million ‘Hacked’ Toothbrushes Became a Cyber Urban Legend

Plus: China’s Volt Typhoon hackers lurked in US systems for years, the Biden administration’s crackdown on spyware vendors ramps up, and a new pro-Beijing disinformation campaign gets exposed.

Wired
#web#ios#mac#google#intel#botnet#auth#sap

Documents exclusively obtained by WIRED reveal that AI surveillance software tracked thousands of people using the London Underground to detect crime or unsafe situations. The machine learning software scoured live CCTV footage to spot aggressive behavior, weapons being brandished, and people dodging fares. The documents also detail errors made during the trial—for instance, mistakenly identifying children walking with their parents as fare evaders.

Meanwhile, on Wednesday, cryptocurrency tracing firm Chainalysis published a report finding ransomware payments in 2023 reached over $1.1 billion, the highest annual total ever recorded. The record-breaking sum of extorted funds was due to two things: the high number of ransomware attacks and the amount of money that hackers were demanding from victims, many of whom were targeted specifically for their ability to pay and their inability to sustain a prolonged disruption of services.

A tech company, notorious for keeping websites with far-right and other extreme content online, was bought last year by a secretive company whose business is to help set up businesses, often in ways that keep details of those companies secret, WIRED reported on Thursday. Registered Agents Inc.’s acquisition of Epik may allow the shadowy company to provide its customers with another layer of anonymity.

For the past month, senior security reporter Matt Burgess has been transitioning away from using passwords to log in to his hundreds of online accounts. Instead, he’s using passkeys, a more secure form of authentication that uses generated codes stored on your device to log in to websites and apps using a biometric identifier like a fingerprint, face scan, or PIN. When it works, it’s seamless and secure. When it doesn’t, it’s a mess.

WhatsApp is developing a feature to allow its users to message across apps, all while maintaining its secure end-to-end encryption. In theory, the move would allow users to chat with people on WhatsApp using apps like Signal or Telegram. It’s unclear which companies, if any, will link their services with WhatsApp.

And there’s more. Each week, we highlight the news we didn’t cover in-depth ourselves. Click on the headlines below to read the full stories. And stay safe out there.

Hackers have, in the real world, caused blackouts, set fire to a steel mill, and released worms that took down medical record systems in hospitals across the US and the UK. So it hardly seems necessary to invent new nightmares about them taking over our toothbrushes.

Yet, when the Swiss newspaper Aargauer Zeitung published a story that cybercriminals had infected 3 million internet-connected toothbrushes with malware, then used them to launch a cyberattack that downed a website for four hours and caused millions of dollars in damage, the tale was somehow irresistible. This week, news outlets around the world picked up the story, which quoted the cybersecurity firm Fortinet as its source, spinning it out as the perfect illustration of how hackers can exploit the most mundane technology for epic malevolence. “This example, which seems like a Hollywood scenario, actually happened,” the Swiss newspaper wrote.

Except, of course, it didn’t. Cybersecurity professionals quickly started to point out that the story was unsupported by any evidence—and was somewhat absurd on its face. (Even the Mirai botnet, which knocked out its targets with record-breaking tsunamis of junk traffic and eventually broke a large fraction of the internet, infected only 650,000 internet-connected devices at its peak.)

Fortinet belatedly sought to correct the record, writing in public statements that “it appears that due to translations the narrative on this topic has been stretched to the point where hypothetical and actual scenarios are blurred.” But the Aargauer Zeitung pointed the finger back at Fortinet, noting in a follow-up story that Fortinet provided exact details of the dental doomsday it described as real, and that the company even reviewed the text of the article prior to publication. Regardless of who’s to blame, at least this cyber urban legend has inspired some solid meme content.

Back to more factual cyber doomsday headlines: The US Federal Bureau of Investigation, National Security Agency, and Cybersecurity and Infrastructure Security Agency this week warned in a report that China’s hacker group known as Volt Typhoon had quietly maintained access to some US critical infrastructure networks for as long as half a decade. The report included detailed descriptions of the intrusion and persistence techniques used by the group, which has distinguished itself as perhaps China’s most aggressive state-sponsored hacking force. Volt Typhoon’s broad penetration of US electric grids, transportation networks, and other critical infrastructure has raised alarms among US federal agencies since as early as May of last year, when those agencies began to warn that the group appeared to be laying the groundwork for cyberwar-style attacks in the midst of any future conflict. Now it’s clear that those warnings came only years after the hackers’ sabotage preparations were well underway.

The Biden administration announced that it will restrict the visas of foreign sellers of commercial spyware, potentially preventing executives or associates of those surveillance firms from traveling to the US. The new regulation is part of the White House’s slow tightening of the screws on spyware seller firms like NSO Group, Cytrox, Intellexa, and Candiru, after an earlier move to place those firms on a Commerce Department trade blocklist and prevent US government agencies from buying those hacking firms’ tools. On the day of the announcement, Google released its own detailed report on alleged commercial spyware vendors, calling out a dozen of the companies by name and offering policy recommendations for protecting users.

Citizen Lab this week exposed a vast network of Chinese websites posing as local news sites across the globe, all used to post pro-Beijing disinformation and propaganda. The 123 sites, targeting audiences in more than 30 countries in Europe, Asia, and Latin America, mixed innocuous commercial and cut-and-pasted content with anti-Western conspiracy theories, such as allegations of human experimentation carried out by the United States in Southeast Asia, and targeted attacks on critics of the Chinese government. While the visibility and impact of the influence operation has been “negligible,” according to Citizen Lab, it’s another sign of China’s growing efforts to wield disinformation as a soft power tactic.

Wired: Latest News

Bitfinex Hacker Gets 5 Years for $10 Billion Bitcoin Heist