The transaction, visible on Bitcoin's blockchain, suggests the victim of one of the worst ransomware attacks in years may have paid a very large ransom.

The ransomware attack targeting medical firm Change Healthcare has been one of the most disruptive in years, crippling pharmacies across the US—including those in hospitals—and leading to serious snags in the delivery of prescription drugs nationwide for 10 days and counting. Now, a dispute within the criminal underground has revealed a new development in that unfolding debacle: One of the partners of the hackers behind the attack points out that those hackers, a group known as AlphV or BlackCat, received a $22 million transaction that looks very much like a large ransom payment.

On March 1, a Bitcoin address connected to AlphV received 350 bitcoins in a single transaction, or close to $22 million based on exchange rates at the time. Then, two days later, someone describing themselves as an affiliate of AlphV—one of the hackers who work with the group to penetrate victim networks—posted to the cybercriminal underground forum RAMP that AlphV had cheated them out of their share of the Change Healthcare ransom, pointing to the publicly visible $22 million transaction on Bitcoin's blockchain as proof.

That suggests, according to Dmitry Smilyanets, the researcher for security firm Recorded Future who first spotted the post, that Change Healthcare has likely paid AlphV's ransom. “You can see the number of coins that landed there. You don’t see that kind of transaction so often,” Smilyanets says. “There’s proof of a large amount landing in the AlphV-controlled Bitcoin wallet. And this affiliate connects this address to the attack on Change Healthcare. So it’s likely that the victim paid the ransom.”

A spokesperson for Change Healthcare, which is owned by UnitedHealth Group, declined to answer whether it had paid a ransom to AlphV, telling WIRED only that “we are focused on the investigation right now.”

Both Recorded Future and TRM Labs, a blockchain analysis firm, connect the Bitcoin address that received the $22 million payment to the AlphV hackers. TRM Labs says it can link the address to payments from two other AlphV victims in January.

If Change Healthcare did pay a $22 million ransom, it would not only represent a huge payday for AlphV, but also a dangerous precedent for the health care industry, argues Brett Callow, a ransomware-focused researcher with security firm Emsisoft. Every ransomware payment, he says, both funds future attacks by the group responsible and suggests to other ransomware predators that they should try the same playbook—in this case, attacking health care services that patients depend on.

“If Change did pay, it's problematic,” says Callow. “It highlights the profitability of attacks on the health care sector. Ransomware gangs are nothing if not predictable: If they find a particular sector to be lucrative, they’ll attack it over and over again, rinse and repeat.”

The self-described AlphV affiliate who first posted evidence of the payment on RAMP, and who goes by the name “notchy,” complained that AlphV had apparently collected the $22 million ransom from Change Healthcare and then kept the entire sum, rather than share the profits with their hacking partner as they had allegedly agreed. “Be careful everyone and stop deal with ALPHV," notchy wrote.

That affiliate hacker also wrote that in their penetration of Change Healthcare's network, they had accessed the data of numerous other health care firms partnered with the company. If that claim is accurate, Recorded Future's Smilyanets points out, it creates the additional risk that the affiliate hacker still possesses sensitive medical information. Even if Change Healthcare did pay AlphV, the hacker affiliate could still demand additional payment or leak the data independently.

“The affiliates still have this data, and they’re mad they didn’t receive this money,” says Smilyanets. “It’s a good lesson for everyone. You cannot trust criminals; their word is worth nothing.”

As ransomware payments go, $22 million would represent a remarkably profitable score for AlphV. Only a relatively small number of ransoms in the history of ransomware, such as the $40 million payment made by the financial firm CNA to the hackers known as Evil Corp, have been so large, says Emsisoft's Callow. “It’s not without precedent, but it’s certainly very unusual,” he says.

Regardless of whether Change Healthcare is confirmed to have paid that ransom, the attack shows that AlphV has pulled off a disturbing comeback: In December, it was the target of an FBI operation that seized its dark web sites and released decryption keys that foiled its attacks on hundreds of victims. Just two months later, it carried out the cyberattack that paralyzed Change Healthcare, triggering an outage whose effects on pharmacies and their patients have now stretched well beyond a week. As of last Tuesday, AlphV listed 28 companies on the dark web site it uses to extort its victims, not including Change Healthcare.

That site has now gone offline. The reason for that disappearance—whether due to another law enforcement operation or AlphV's attempts to dodge its own cheated affiliates—is unclear. Ransomware trackers say AlphV has disappeared and rebranded several times before. Earlier incarnations under the name BlackCat, BlackMatter, and Darkside were all more or less the same group, security researchers note.

In fact, the hackers working under that Darkside handle were responsible for the 2021 Colonial Pipeline ransomware attack that triggered the shutdown of gas transportation across the Eastern Seaboard of the US and resulted in a brief fuel shortage in some East Coast cities. In that case, too, the victims paid the hackers' ransom. “It was the hardest decision I've made,” Colonial's CEO Joseph Blount later told a US congressional hearing.

Now, it seems, some of the same hackers may have forced yet another company to make that same hard decision.

_Update 3/4/2024, 1:50 pm EST: Included additional contextual details about AlphV and related ransomware attacks._

Hackers Behind the Change Healthcare Ransomware Attack Just Received a $22 Million Payment

Plus: Apple warns about sideloading apps, a court orders NSO group to turn over the code of its Pegasus spyware, and an investigation finds widely available security cams are wildly insecure.

To send those notifications that awaken a device and appear on its screen without a user’s interaction, apps and smartphone operating system makers must store tokens that identify the device of the intended recipient. That system has created what US senator Ron Wyden has called a “digital post office” that can be queried by law enforcement to identify users of an app or communications platform. And while it has served as a powerful tool for criminal surveillance, privacy advocates warn that it could just as easily be turned against others such as activists or those seeking an abortion in states where that’s now illegal.

In many cases, tech firms don’t even demand a court order for the data: Apple, in fact, only demanded a subpoena for the data until December. That allowed federal agents and police to obtain the identifying information without the involvement of a judge until it changed its policy to demand a judicial order.

Europe's sweeping Digital Markets Act comes into force next week and is forcing major "gatekeeper" tech companies to open up their services. Meta-owned WhatsApp is opening its encryption to interoperate with other messaging apps; Google is giving European users more control over their data; and Apple will allow third-party app stores and the sideloading of apps for the first time.

Apple's proposed changes have proved controversial, but ahead of the March 7 implementation date the company has reiterated its belief that sideloading apps creates more security and privacy risks. It may be easier for apps on third-party apps stores, the company says in a white paper, to contain malware or try to access people's iPhone data. Apple says it is bringing in new checks to try to make sure apps are safe.

"These safeguards will help keep EU users' iPhone experience as secure, privacy-protecting, and safe as possible—although not to the same degree as in the rest of the world," the company claims. Apple also says it has heard from EU organizations, such as those in banking and defense, which say they are concerned about employees installing third-party apps on work devices.

WhatsApp scored a landmark legal win this week against the notorious mercenary hacking firm NSO Group in its long-running lawsuit against that spyware seller for allegedly breaching its app and the devices of its users. The judge in the case, Phyllis Hamilton, sided with WhatsApp in its demand that NSO Group hand over the code of its Pegasus spyware, which has long been considered one of the most sophisticated pieces of spyware to target mobile devices, sometimes through vulnerabilities in WhatsApp. The code handover—which includes versions of Pegagus from 2018 to 2020 as well as NSO’s documentation around its spyware—could help WhatsApp prove its allegations that NSO hacked 1,400 of its users, including at least 100 members of “civil society” such as journalists and human rights defenders. “Spyware companies and other malicious actors need to understand they can be caught and will not be able to ignore the law,” a WhatsApp spokesperson told the _Guardian_.

Here’s a solid rule of thumb: Don’t put any device in or around your home that has a camera, an internet connection, and is made by a Chinese manufacturer you’ve never heard of. In the latest reminder of that maxim, Consumer Reports this week revealed that countless brands of video-enabled doorbells have absolutely shambolic security, to the degree that for many of the devices, anyone can walk up to them outside your door, hold a button to pair their own smartphone with it, and then spy through your camera. In some cases, they can even obtain just a serial number from the device that lets them hijack it via the internet from anywhere in the world, according to the investigation. Consumer Reports found that these devices were sold under the brand names Eken and Tuck but that they appeared to share a manufacturer with no fewer than 10 other devices that all had similar designs. And while those devices might sound obscure, they’re reportedly sold through major retail platforms like Amazon, Walmart, Sears, Shein, and Temu. In some cases, Amazon had even marked the devices with their “Amazon’s Choice: Overall Pick” badge—even after Consumer Reports alerted Amazon to the security flaws.

The Privacy Danger Lurking in Push Notifications

Security researchers created an AI worm in a test environment that can automatically spread between generative AI agents—potentially stealing data and sending spam emails along the way.

As generative AI systems like OpenAI's ChatGPT and Google's Gemini become more advanced, they are increasingly being put to work. Startups and tech companies are building AI agents and ecosystems on top of the systems that can complete boring chores for you: think automatically making calendar bookings and potentially buying products. But as the tools are given more freedom, it also increases the potential ways they can be attacked.

Now, in a demonstration of the risks of connected, autonomous AI ecosystems, a group of researchers have created one of what they claim are the first generative AI worms—which can spread from one system to another, potentially stealing data or deploying malware in the process. “It basically means that now you have the ability to conduct or to perform a new kind of cyberattack that hasn't been seen before,” says Ben Nassi, a Cornell Tech researcher behind the research.

Nassi, along with fellow researchers Stav Cohen and Ron Bitton, created the worm, dubbed Morris II, as a nod to the original Morris computer worm that caused chaos across the internet in 1988. In a research paper and website shared exclusively with WIRED, the researchers show how the AI worm can attack a generative AI email assistant to steal data from emails and send spam messages—breaking some security protections in ChatGPT and Gemini in the process.

The research, which was undertaken in test environments and not against a publicly available email assistant, comes as large language models (LLMs) are increasingly becoming multimodal, being able to generate images and video as well as text. While generative AI worms haven’t been spotted in the wild yet, multiple researchers say they are a security risk that startups, developers, and tech companies should be concerned about.

Most generative AI systems work by being fed prompts—text instructions that tell the tools to answer a question or create an image. However, these prompts can also be weaponized against the system. Jailbreaks can make a system disregard its safety rules and spew out toxic or hateful content, while prompt injection attacks can give a chatbot secret instructions. For example, an attacker may hide text on a webpage telling an LLM to act as a scammer and ask for your bank details.

To create the generative AI worm, the researchers turned to a so-called “adversarial self-replicating prompt.” This is a prompt that triggers the generative AI model to output, in its response, another prompt, the researchers say. In short, the AI system is told to produce a set of further instructions in its replies. This is broadly similar to traditional SQL injection and buffer overflow attacks, the researchers say.

To show how the worm can work, the researchers created an email system that could send and receive messages using generative AI, plugging into ChatGPT, Gemini, and open source LLM, LLaVA. They then found two ways to exploit the system—by using a text-based self-replicating prompt and by embedding a self-replicating prompt within an image file.

In one instance, the researchers, acting as attackers, wrote an email including the adversarial text prompt, which “poisons” the database of an email assistant using retrieval-augmented generation (RAG), a way for LLMs to pull in extra data from outside its system. When the email is retrieved by the RAG, in response to a user query, and is sent to GPT-4 or Gemini Pro to create an answer, it “jailbreaks the GenAI service” and ultimately steals data from the emails, Nassi says. “The generated response containing the sensitive user data later infects new hosts when it is used to reply to an email sent to a new client and then stored in the database of the new client,” Nassi says.

In the second method, the researchers say, an image with a malicious prompt embedded makes the email assistant forward the message on to others. “By encoding the self-replicating prompt into the image, any kind of image containing spam, abuse material, or even propaganda can be forwarded further to new clients after the initial email has been sent,” Nassi says.

In a video demonstrating the research, the email system can be seen forwarding a message multiple times. The researchers also say they could extract data from emails. “It can be names, it can be telephone numbers, credit card numbers, SSN, anything that is considered confidential,” Nassi says.

Although the research breaks some of the safety measures of ChatGPT and Gemini, the researchers say the work is a warning about “bad architecture design” within the wider AI ecosystem. Nevertheless, they reported their findings to Google and OpenAI. “They appear to have found a way to exploit prompt-injection type vulnerabilities by relying on user input that hasn't been checked or filtered,” a spokesperson for OpenAI says, adding that the company is working to make its systems “more resilient” and saying developers should “use methods that ensure they are not working with harmful input.” Google declined to comment on the research. Messages Nassi shared with WIRED show the company’s researchers requested a meeting to talk about the subject.

While the demonstration of the worm takes place in a largely controlled environment, multiple security experts who reviewed the research say that the future risk of generative AI worms is one that developers should take seriously. This particularly applies when AI applications are given permission to take actions on someone’s behalf—such as sending emails or booking appointments—and when they may be linked up to other AI agents to complete these tasks. In other recent research, security researchers from Singapore and China have shown how they could jailbreak 1 million LLM agents in under five minutes.

Sahar Abdelnabi, a researcher at the CISPA Helmholtz Center for Information Security in Germany, who worked on some of the first demonstrations of prompt injections against LLMs in May 2023 and highlighted that worms may be possible, says that when AI models take in data from external sources or the AI agents can work autonomously, there is the chance of worms spreading. “I think the idea of spreading injections is very plausible,” Abdelnabi says. “It all depends on what kind of applications these models are used in.” Abdelnabi says that while this kind of attack is simulated at the moment, it may not be theoretical for long.

In a paper covering their findings, Nassi and the other researchers say they anticipate seeing generative AI worms in the wild in the next two to three years. “GenAI ecosystems are under massive development by many companies in the industry that integrate GenAI capabilities into their cars, smartphones, and operating systems,” the research paper says.

Despite this, there are ways people creating generative AI systems can defend against potential worms, including using traditional security approaches. “With a lot of these issues, this is something that proper secure application design and monitoring could address parts of,” says Adam Swanda, a threat researcher at AI enterprise security firm Robust Intelligence. “You typically don't want to be trusting LLM output anywhere in your application.”

Swanda also says that keeping humans in the loop—ensuring AI agents aren’t allowed to take actions without approval—is a crucial mitigation that can be put in place. “You don't want an LLM that is reading your email to be able to turn around and send an email. There should be a boundary there.” For Google and OpenAI, Swanda says that if a prompt is being repeated within its systems thousands of times, that will create a lot of “noise” and may be easy to detect.

Nassi and the research reiterate many of the same approaches to mitigations. Ultimately, Nassi says, people creating AI assistants need to be aware of the risks. “This is something that you need to understand and see whether the development of the ecosystem, of the applications, that you have in your company basically follows one of these approaches,” he says. “Because if they do, this needs to be taken into account.”

Here Come the AI Worms

The UK’s privacy regulator says the government did not take into account the intrusiveness of ankle tags that continuously monitor a person’s location.

The way the UK government has been tagging migrants with GPS trackers is illegal, the country’s privacy regulator ruled on Friday, in a rebuke to officials who have been experimenting with migrant-surveillance tech in both the UK and the US.

As part of an 18-month pilot that concluded in December, the UK interior ministry, known as the Home Office, forced up to 600 people who arrived in the country without permission to wear ankle tags that continuously tracked their locations. However, that pilot broke UK data protection law because it did not properly assess the privacy intrusion of GPS tracking or give migrants clear information about the data that was being collected, the UK’s Information Commissioner’s Office (ICO) said today. The ruling means the Home Office has 28 days to update its policies around GPS tracking.

Friday’s decision also means the ICO could fine the Home Office up to £17.5 million ($22 million) or 4 percent of its turnover—whichever is higher—if it resumes tagging people who arrive on the UK south coast in small boats from Europe. In 2023, over 29,000 people arrived using this often perilous route. Earlier this week, French rescue services said one person had died and two were missing after attempting to cross the English Channel, the stretch of water that separates England and France.

Critics of the GPS tags welcomed the decision. “Blanket 24/7 GPS surveillance of asylum seekers arriving in the UK runs diametrically opposed to data protection and privacy rights,” says Jonah Mendelsohn, a lawyer at Privacy International, a digital rights group that has campaigned against the tag. “The UK government’s gung-ho, Wild West approach in deploying deeply intrusive technology has through today’s decision collided with a rules-based system that we all have recourse to, regardless of our immigration status.” The Home Office did not respond to WIRED’s request for comment.

“Having access to a person’s 24/7 movements is highly intrusive, as it is likely to reveal a lot of information about them, including the potential to infer sensitive information such as their religion, sexuality, or health status,” said John Edwards, the UK information commissioner, in a statement. “Lack of clarity on how this information will be used can also inadvertently inhibit people’s movements and freedom to take part in day-to-day activities.”

The ICO did not rule that the Home Office had to delete migrants’ GPS data already stored in its systems. The regulator also left open the possibility that there may be a legal way to monitor migrants electronically, but not without data protections in place.

In UK courts, at least two cases revolving around GPS tags are awaiting judgment. In one, a 25-year-old former asylum seeker from Sudan, who was tagged by the Home Office as part of the pilot scheme after arriving in the UK via a small boat in May 2022, is challenging the regime for its disproportionate interference with his right to family and private life. Wearing the tag brought up painful memories of being bound and tortured during his journey to the UK, according to his lawyers at London firm Duncan Lewis, adding that his tag has since been removed.

Another case revolves around car mechanic Mark Nelson, who told WIRED that his experience wearing a GPS tag had been dehumanizing. “Our firm represents numerous individuals like Mark who are being electronically monitored,” says Katie Schwarzmann, a human rights lawyer at Wilsons Solicitors, who is representing Nelson. “In virtually all cases the Home Office has failed to provide evidence they have considered less-intrusive methods or explain why this draconian regime is necessary for immigration control.”

The UK is not the only country that is using GPS tracking devices as an alternative to immigration detention centers. Last year, the US Immigration and Customs Enforcement agency also announced it would start tracking migrants using GPS ankle tags and specially designed smartwatches.

The UK’s GPS Tagging of Migrants Has Been Ruled Illegal

The notorious LockBit gang promised a Georgia court leak "that could affect the upcoming US election.” It didn't materialize—but the story may not be over yet.

This week, the notorious ransomware gang known as LockBit threatened a kind of disruption that would have been a first even for a criminal industry that has crippled hospitals and triggered the shutdown of a gas pipeline: leaking documents from the criminal prosecution of a former president and presidential candidate.

Then, without explanation, that threat evaporated, leaving plenty of unanswered questions behind.

For the past five days, LockBit promised on its dark-web site to publish data stolen from the Fulton County, Georgia, government, which it listed as one of its extortion victims, unless the county paid an unspecified ransom. One administrator for the group went so far as to post the specific threat of releasing documents related to Fulton County's high-profile prosecution of Donald Trump: the Superior Court of Fulton County is the venue where Trump, the Republican presidential front-runner, stands accused of a criminal conspiracy to interfere in the 2020 election.

Yet when the hacker group's own deadline for that leak arrived, no documents appeared. Instead, LockBit mysteriously removed any mention of it from its website. Fulton County officials have denied paying a ransom—which leaves unanswered why the leak disappeared, and whether LockBit still holds any of the court's documents or ever did in the first place.

“We’re not aware of any data having been released today so far,” Fulton County Commission Chairman Robb Pitts said in a Thursday afternoon press conference. “Now that being said, that does not mean the threat is over by any means, and they could release whatever data they have at any time, today, tomorrow or any time in the future. We have no control over that."

The ransomware crew's threat, before it vanished, had been dramatically timed: It followed a coordinated law enforcement takedown operation targeting LockBit just last week. Known as Operation Chronos and led by the UK's National Crime Agency, the operation took control of much of LockBit's infrastructure, seized hundreds of its cryptocurrency wallets, tore down the dark-web sites it uses in its extortion campaigns, and even claimed to have compromised some of its members and partners. Just days later, however, LockBit managed to launch a new dark-web site, where it posted a list of victims along with countdown timers for each representing their deadline to pay a ransom before the hackers leaked their stolen data. The deadline for the Fulton County documents had been set for February 29 at 1:49 pm UTC.

On that relaunched site, one LockBit administrator also posted a lengthy screed accusing the FBI of timing the takedown specifically to prevent the release of the Trump-related Fulton County court documents—and promising to release them despite the bust if Fulton County didn't pay.

“The FBI decided to hack now for one reason only, because they didn't want to leak information from \[the Fulton County government website\],” the LockBit administrator wrote. “The stolen documents contain a lot of interesting things and Donald Trump's court cases that could affect the upcoming US election.”

The hacking-related paralysis of Fulton County's government, at least, seems to be very real: By its own admission, the county government is facing a serious and ongoing network disruption that looks very much like a ransomware attack. The website for Fulton County's government has noted in an alert on its homepage for nearly a week that it's “experiencing an unexpected IT outage currently affecting multiple systems” and that systems related to everything from phone lines to tax collection to courts had been affected. An official who answered the phone at the county's publicly listed phone line tells WIRED the outage had begun as early as late January. But a county government spokesperson declined WIRED's request for more information on the attack.

The LockBit hackers also posted some convincing sample documents that appeared to have been stolen from the Fulton County court systems prior to the takedown last week, according to Georgia-based reporter George Chidi, who wrote about the incident earlier this month. Chidi reported seeing documents that included court files and even documents under seal in specific cases, though none appeared to be related to Trump’s prosecution.

Then, on Wednesday, just hours before LockBit's deadline for the county to pay its ransom expired, the countdown timer for that leak on Lockbit's website froze, with an added line of text that read, “Timer stopped.” At the promised time of 1:49 PM UTC Thursday, the leak failed to materialize. Instead, all mention of Fulton County was removed from LockBit's extortion threat site.

In Thursday's press conference, Fulton County Chairman Rob Pitts denied that the county had paid Lockbit's extortion fee. “We have not paid any ransom, nor has any ransom been paid on our behalf,” Pitts said.

LockBit instead may well be bluffing—either it doesn't have the goods it claims or isn't ready to give up on its extortion demand. Robert McArdle, a researcher who leads a cybercrime-focused research team at security firm Trend Micro and was involved in the law enforcement operation against LockBit, says the group's thus-far empty threat is a sign that it was likely more disrupted by the bust than it wants to admit.

“This appears to be further evidence of the difficulties facing LockBit ever since Op Chronos took place, and should be considered as a sign they are unable to reliably follow through on their statements,” says McArdle. He points out that the victims listed on the group's new dark-web site were all compromised prior to Operation Chronos and that continuing to threaten them is the group's attempt to “appear as if everything is normal when most evidence points very much to the contrary.”

There remain other theories, however, that Lockbit might still possess the court's data but is seeking to use it in some other way. “They generally don't lie about victims, because they're so worried about their reputation,” says Jon DiMaggio, the ransomware-focused chief security strategist at cybersecurity firm Analyst1. He notes that the decision to take down the leak threat may have been the decision of the “affiliate” hackers who partner with LockBit to penetrate victims like Fulton County and may have different motivations from LockBit itself.

If Fulton County documents do remain in the hands of hackers, and if any of them relate to the Trump case, they could further complicate an already deeply messy trial. The state's case has been rocked by allegations that the prosecutor in the case, Fulton County district attorney Fanni Willis, had an improper affair with another prosecutor involved in Trump's prosecution, which the defense has argued should require Willis’ dismissal. The compromise of non-public documents in the case could make the proceedings—and the upcoming US presidential election—even more chaotic.

“We're watching with interest to see how the Fulton leak develops,” Trend Micro’s McArdle says. So, no doubt, will the US political sphere—including a certain former president.

_Additional reporting by Matt Burgess._

_Updated 2/29/2024, 4:15 pm EST with a statement from Fulton County Commission Chairman Robb Pitts._

The Mysterious Case of the Missing Trump Trial Ransomware Leak

Plus: Mozilla patches 12 flaws in Firefox, Zoom fixes seven vulnerabilities, and more critical updates from February.

CVE-2024-1553 and CVE-2024-1557 are memory-safety bugs rated as having a high severity. “Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code,” Mozilla researchers said.

Zoom

Video conferencing giant Zoom has issued fixes for seven flaws in its software, one of which has a CVSS score of 9.6. CVE-2024-24691 is an improper-input-validation bug in Zoom Desktop Client for Windows, Zoom VDI Client for Windows, and Zoom Meeting SDK for Windows. If exploited, the issue may allow an unauthenticated attacker to escalate their privileges via network access, Zoom said in a security bulletin.

Another notable flaw is CVE-2024-24697, an untrusted-search-path issue in some Zoom 32 bit Windows clients that could allow an authenticated user with local access to escalate their privileges.

Ivanti

In January, Ivanti warned that attackers were targeting two unpatched vulnerabilities in its Connect Secure and Policy Secure products, tracked as CVE-2023-46805 and CVE-2024-21887. With a CVSS score of 8.2 the first authentication-bypass vulnerability in the web component of Ivanti Connect Secure and Ivanti Policy Secure allows a remote attacker to access restricted resources by bypassing control checks.

With a CVSS score of 9.1, the second command injection vulnerability in web components of Ivanti Connect Secure and Ivanti Policy Secure allows an authenticated administrator to send specially crafted requests and execute arbitrary commands on the appliance. This vulnerability can be exploited over the internet.

At the end of the month, the firm alerted companies to another two serious flaws, one of which was being exploited in attacks. The exploited issue is a server-side request forgery bug in the SAML component tracked as CVE-2024-21893. Meanwhile, CVE-2024-21888 is a privilege-escalation vulnerability.

Patches were available by February 1, but the issues were deemed so serious that the US Cybersecurity and Infrastructure Security Agency (CISA) advised disconnecting all Ivanti products by February 2.

On February 8, Ivanti released a patch for yet another issue tracked as CVE-2024-22024, which prompted another CISA warning.

Fortinet

Fortinet has issued a patch for a critical issue with a CVSS score of 9.6, which it says is already being used in attacks. Tracked as CVE-2024-21762, the code-execution flaw impacts FortiOS versions 6.0, 6.2, 6.4, 7.0, 7.2 and 7.4. The out-of-bounds write vulnerability can be used for arbitrary code execution using specially crafted HTTP requests, Fortinet said.

It came just days after the firm released a patch for two issues in its FortiSIEM products, CVE-2024-23108 and CVE-2024-23109, rated as critical with a CVSS score of 9.7. The flaw in FortiSIEM Supervisor could allow a remote unauthenticated attacker to execute unauthorized commands via crafted API requests, Fortinet said in an advisory.

Cisco

Cisco has listed multiple vulnerabilities in its Expressway Series that could allow an unauthenticated, remote attacker to conduct cross-site request forgery attacks.

Tracked as CVE-2024-20252 and CVE-2024-20254, two vulnerabilities in the API of Cisco Expressway Series devices have been given a CVSS score of 9.6. “An attacker could exploit these vulnerabilities by persuading a user of the API to follow a crafted link,” Cisco said. “A successful exploit could allow the attacker to perform arbitrary actions with the privilege level of the affected user.”

SAP

Enterprise software firm SAP has released 13 security updates as part of its SAP Security Patch Day. CVE-2024-22131 is a code-injection vulnerability in SAP ABA with a CVSS score of 9.1.

CVE-2024-22126 is a cross-site scripting vulnerability in NetWeaver AS Java listed as having a high impact, with a CVSS score of 8.8. “Incoming URL parameters are insufficiently validated and improperly encoded before including them into redirect URLs,” security firm Onapsis said. “This can result in a cross-site scripting vulnerability, leading to a high impact on confidentiality and mild impact on integrity and availability.”

Here Are the Google and Microsoft Security Updates You Need Right Now

Several of the strikes occurred far from the front lines of the conflict, indicating possible war crimes. Researchers say the attacks likely had devastating impacts on civilians.

Last week marked the second anniversary of Russia’s full-scale invasion of Ukraine, a conflict that has been marked by multiple reports that Russia may have committed war crimes by indiscriminately targeting civilians and civilian infrastructure. During the first winter of the conflict, Russia pursued a strategy that US secretary of state Antony Blinken described as trying to “freeze \[Ukraine\] into submission” by attacking its power infrastructure, shutting citizens off from heat and electricity.

Now, using satellite imagery and open source information, a new report from the Conflict Observatory, a US-government-backed initiative between Yale University’s Humanitarian Research Lab, the Smithsonian Cultural Rescue Initiative, PlanetScape AI, and the mapping software Esri, offers a clearer picture of the scale of this strategy. Between October 1, 2022, and April 30, 2023, researchers found more than 200 instances of damage to the country’s power infrastructure, amounting to more than $8 billion in estimated destruction. Of the 223 instances identified in the report, researchers were able to confirm 66 of them with high confidence, meaning they were able to cross-reference the damage across multiple trustworthy sources and data points.

Courtesy of Yale Humanitarian Research Lab

“What we see here is that there was a pattern of bombardment that hit front lines and non-frontline areas, at a scale that must have had civilian effect,” says Nathaniel Raymond, a coleader of the Humanitarian Research Lab and lecturer at Yale’s Jackson School of Global Affairs. The UN Office for the Coordination of Humanitarian Affairs estimated at the time that attacks on Ukraine’s power grid had left “millions” of people without electricity throughout the country.

Researchers found and were able to identify and verify damage to power infrastructure in 17 of the country’s 24 oblasts, or administrative units.

Documenting specific instances of damage to power infrastructure has been particularly difficult for researchers and investigators, because the Ukrainian government has sought to limit public information about which sites have been damaged and which continue to be operational in an effort to prevent further attacks. (For this reason, the report itself avoids getting too specific about which locations it analyzed and the extent of the destruction.) But this can also make it difficult to collect, verify, and build upon the data necessary to prove violations of international law.

By making its methodology public, Raymond hopes that it will make further investigation possible. “Having common standards to a common dataset is a prerequisite for accountability,” he says.

Courtesy of Yale Humanitarian Research Lab

International humanitarian law prohibits attacks on civilians or civilian infrastructure, like schools or hospitals. But Oona Hathaway, professor of international law at Yale University, says that power stations and infrastructure can present a trickier question, because it’s often difficult, if not impossible, to tell whether power is being distributed to the military or civilians (oftentimes it’s both). This can sometimes make targeting power infrastructure legitimate, says Hathaway, but combatants need to consider how something like a sustained power outage or an explosion at a power plant could impact civilians. Unleashing “dangerous forces” by, say, bombing or opening a dam could also be a war crime.

“That is a clear violation, even if part of its infrastructure might be supporting both civilian and military purposes,” says Hathaway.

Russia has not only sought to damage Ukraine’s power infrastructure through physical attacks. In October 2022, during the same time period covered by the report, hackers from Russia’s GRU military intelligence unit known as Sandworm plunged an unknown number of Ukrainian civilians into a blackout during a missile strike. It is the third time Sandworm has caused a blackout in Ukraine with a cyberattack since 2015.

Courtesy of Yale Humanitarian Research Lab

While some of the attacks documented by the Conflict Observatory did indeed occur near the front lines, Raymond says that researchers found strikes as far away from the battlefield as the country’s westernmost city, Lviv. Of the strikes that Raymond and his team identified, 128 occurred in places that were not part of the conflict’s front lines at the times when they were attacked.

The report “indicates the attacks were deliberate and disproportionately harmed civilian populations, which, if true, would violate international humanitarian law and the laws of armed conflict,” says US state department spokesperson Russell Brooks. “Many of the affected areas are remote from the front lines of the war, calling into question whether the attacks served any justifiable military objective.”

Some Russian officials have claimed that Ukrainian infrastructure is a legitimate target. In December 2022, Russia’s foreign minister, Sergey Lavrov, asserted that by attacking the country’s energy grid it was making it harder for Ukraine to access weapons provided by Western countries. In other instances, Russian officials indicated that its attacks on the country’s electricity supply were “strikes of retribution,” according to Russian politician Boris Chernyshov.

“The justifications that Russian officials provided varied from arguments that they were legitimate military objectives to statements that pointed more toward civilian harm and general retaliation not grounded in a concrete and direct military objective,” says Raymond. “It was important to capture this, because it can be indicative of intent, even though the statements alone are not in themselves indicative of an international legal violation.”

Courtesy of Yale Humanitarian Research Lab

Hathway notes that several of the statements seem to indicate that Russia was intentionally targeting civilians as a way to pressure the Ukrainian government into conceding the conflict. “I think a lot of the comments are indicative of this unlawful purpose that Russia and certain Russian leaders and military officials may have had in the carrying out of these attacks,” she says.

Hathaway adds that while the report’s findings are not themselves evidence of war crimes, they provide a strong foundation for bodies like the Independent International Commission of Inquiry on Ukraine, whose work is still ongoing. “I would say it is kind of a roadmap for prosecutors.”

Russia Attacked Ukraine's Power Grid at Least 66 Times to ‘Freeze It Into Submission’

As Chinese automakers prepare to launch in the US, the White House is investigating whether cars made in China could pose a national security threat.

The US government has launched an investigation into the national security risks posed by foreign-made vehicles with internet connectivity—especially those made in China. At a briefing on Wednesday, Secretary of Commerce Gina Raimondo even raised the specter of Beijing remotely triggering mayhem on US highways.

“Imagine if there were thousands or hundreds of thousands of Chinese connected vehicles on American roads that could be immediately and simultaneously disabled by somebody in Beijing,” Raimondo said.

The new US government fears about Chinese autos come as automakers such as BYD and Geely have become major global players in car manufacturing—and particularly electric vehicles. They also build on evidence that as cars have become increasingly computerized, and connected to the internet, vehicles have become vulnerable to new security threats. Hackers have shown it is possible to disable internet-connected vehicles from afar. Automated driving systems and internet connectivity have added cameras and other sensors to vehicles, and can also make them mobile repositories of personal information.

Raimondo said that the Bureau of Industry and Security, a division of the Commerce Department that handles national security issues related to advanced technology, would explore how sensor-laden, internet-connected vehicles could be used to commit espionage, collect data on US citizens, or commit sabotage on US roads.

The alarm sounded about Chinese autos adds to a recent history of US government concern about China’s technology ambitions under President Joe Biden and under President Trump before him. Trump imposed sanctions on Chinese telecoms equipment maker Huawei and other 5G companies working on 5G wireless technology and targeted Chinese AI firms with similar controls. The Biden administration has aggressively restricted the flow of advanced chips into China. Concerns over sensitive US data passing back to China has led to a TikTok ban for most federal government devices.

The move comes as US automakers miss targets for EV sales, and as Chinese automakers such as BYD tout record global sales and build new factories. Many Chinese manufacturers are producing cars, and particularly EVs, more efficiently and profitably than their US counterparts, with billions in assistance from the central government.

In January, BYD overtook Tesla as the world’s leading manufacturer of EVs, according to figures released by the two companies. Last year, China became the world’s biggest car exporter.

“China is determined to dominate the future of the auto market, including by using unfair practices,” reads a statement from Biden released by the White House. “China’s policies could flood our market with its vehicles, posing risks to our national security. I’m not going to let that happen on my watch.”

Rising Power

China’s automakers are expected to soon begin a direct assault on the US market. Recent news reports suggest that Chinese automakers including BYD, MG, and Chery plan to manufacture their lower-cost electric vehicles in Mexico, enabling them to take advantage of North American trade treaties and evade US tariffs of 27.5 percent on imported Chinese autos.

The Alliance for American Manufacturing, a trade group, earlier this month called China a “significant” threat to US car manufacturers. It urged US policymakers to “adopt a proactive and evolving strategy to stymie the CCP’s penetration.”

Speaking at the briefing Wednesday, Lael Brainard, national economic adviser to the White House, described US automakers being on a competitive playing field that appears to be rapidly tilting in favor of Chinese automakers. “For years China has employed an array of subsidies and protections to build massive capacity in EV production,” Brainard said. “Chinese automakers are now flooding foreign markets with their autos.”

The security risks posed by vehicles have grown as they’ve become more computerized, more sensor-filled, and more connected. Anne Neuberger, the Biden administration’s deputy national security adviser for cyber, recently told WIRED that the US is working with allies to develop standards for autonomous vehicles that would address the risks they pose. Neurberger said the administration is concerned about Chinese autonomous vehicles that have been approved for testing on US roads.

Administration officials say that the investigation would extend to Chinese-made components and other technologies. This could include the lidar systems that use lasers to map roads and spot obstacles, a market in which Chinese companies are major players.

Officials note that China has imposed restrictions on connected vehicles from US companies. Tesla cars are reportedly restricted from driving in military- and government-affiliated areas, including meeting halls and exhibition centers, for instance.

The move will risk ratcheting up tension between the US and China. If the action leads to trade restrictions, it could be met with counter restrictions from Beijing. “We'll have to wait to see what China's retaliation might be,” a senior administration official said.

The White House Warns Cars Made in China Could Unleash Chaos on US Highways

Every time someone in the UK searched for child abuse material on Pornhub, a chatbot appeared and told them how to get help.

For the past two years, millions of people searching for child abuse videos on Pornhub’s UK website have been interrupted. Each of the 4.4 million times someone has typed in words or phrases linked to abuse, a warning message has blocked the page, saying that kind of content is illegal. And in half the cases, a chatbot has also pointed people to where they can seek help.

The warning message and chatbot were deployed by Pornhub as part of a trial program, conducted with two UK-based child protection organizations, to find out whether people could be nudged away from looking for illegal material with small interventions. A new report analyzing the test, shared exclusively with WIRED, says the pop-ups led to a decrease in the number of searches for child sexual abuse material (CSAM) and saw scores of people seek support for their behavior.

“The actual raw numbers of searches, it’s actually quite scary high,” says Joel Scanlan, a senior lecturer at the University of Tasmania, who led the evaluation of the reThink Chatbot. During the multiyear trial, there were 4,400,960 warnings in response to CSAM-linked searches on Pornhub’s UK website—99 percent of all searches during the trial did not trigger a warning. “There’s a significant reduction over the length of the intervention in numbers of searches,” Scanlan says. “So the deterrence messages do work.”

Millions of images and videos of CSAM are found and removed from the web every year. They are shared on social media, traded in private chats, sold on the dark web, or in some cases uploaded to legal pornography websites. Tech companies and porn companies don’t allow illegal content on their platforms, although they remove it with different levels of effectiveness. Pornhub removed around 10 million videos in 2020 in an attempt to eradicate child abuse material and other problematic content from its website following a damning _New York Times_ report.

Pornhub, which is owned by parent company Aylo (formerly MindGeek), uses a list of 34,000 banned terms, across multiple languages and with millions of combinations, to block searches for child abuse material, a spokesperson for the company says. It is one way Pornhub tries to combat illegal material, the spokesperson says, and is part of the company’s efforts aimed at user safety, after years of allegations it has hosted child exploitation and nonconsensual videos. When people in the UK have searched for any of the terms on Pornhub’s list, the warning message and chatbot have appeared.

The chatbot was designed and created by the Internet Watch Foundation (IWF), a nonprofit which removes CSAM from the web, and the Lucy Faithfull Foundation, a charity which works to precent child sexual abuse. It appeared alongside the warning messages a total of 2.8 million times. The trial counted the number of sessions on Pornhub, which could mean people are counted multiple times, and it did not look to identify individuals. The report says there was a “meaningful decrease” in searches for CSAM on Pornhub and that at least “in part” the chatbot and warning messages appear to have played a role.

The chatbot was relatively simple: It asked people a series of questions, allowing them to click buttons to answer or type out a response. Ultimately, it explained that the material people were searching for may be illegal and pointed them toward the Lucy Faithfull Foundation’s help services. There were 1,656 requests for more information made through the chatbot, while 490 people clicked through to the charity’s Stop It Now website. Around 68 people called or chatted with Lucy Faithfull’s confidential helpline, the report says.

Donald Findlater, the director of the Stop It Now helpline, says that while the numbers are “relatively modest” compared to the overall number of warnings displayed, they are still seen as a “big success” as it’s a sign that people may want to get help. “If people have been doing something dodgy on a site, clicking through is quite a bold step to make,” Findlater says.

The vast majority of people who received the warning message and chatbot did so only once, the report says. Around 1.7 million people saw a warning before leaving Pornhub or making other searches related to legal material. “They didn't just disappear. They typically remained on the site and looked for other stuff,” Findlater says. “The influence for the millions of people that actually did a dubious search and then stopped doing that dubious search is a big win.” Not everyone was deterred, however. In the most persistent cases, around 400 people made 10 searches that triggered the message.

Cynthia Najdowski, an associate professor of psychology at the State University of New York at Albany, who was not involved in the research, says the chatbot appears to show promise for interrupting some people’s efforts to access CSAM. Warning messages and small behavioral nudges have been used in multiple ways to change people’s behavior online, from piracy and copyright infringement to gambling. Google has used some deterrence messages around child abuse searches since 2013, and other studies have found decreases in searches and millions of views or warnings.

Najdowski says there are three things known about deterring people from engaging in criminal behavior: People must know what they’re doing is illegal; they need to apply that “legal knowledge” to their own behavior; and they need to believe the cost of the behavior may outweigh any benefits they expect. “A chatbot that delivers notice of the potential illegality of certain searches can certainly accomplish the first step in the deterrence process, and that alone is a significant contribution,” Najdowski says. It may struggle to help cases where people are more persistent in their behavior or more complex scenarios though.

Scanlan, who conducted the analysis into the chatbot trial, says there were some complexities with the work. The data provided by Pornhub, the IWF, and the Lucy Faithfull Foundation wasn’t always complete, and there weren’t any figures from before the warnings were introduced to compare the results against. However, Scanlan says the results show the method could be one part of broader education and deterrence efforts against people finding CSAM online. “If someone's doing that sort out of curiosity, you want to nudge them away from it before they get involved in it, because we can't arrest our way out of the problem,” Scanlan says.

Scanlan’s findings say that over time, the web traffic being referred to the Stop It Now website appeared to decrease, perhaps as people who continued to search became used to the messaging. However, helpline calls, emails, and online chats showed an increase over the duration of the trial. The report says that in the future, a variety of messages could be used—potentially including existing deterrence videos—and the chatbot could directly connect people to a live chat session with Lucy Faithfull’s helpline.

The chatbot itself could also be improved. Since it was initially designed and created, says Dan Sexton, the chief technology officer at the IWF, generative AI has changed people’s perceptions of what chatbots are and how they interact with people. The reThink Chatbot could respond to only a limited number of queries. Sexton says there may be ways to make the chatbot more approachable and better handle questions it was not programmed to deal with.

While the trial period has ended, the chatbot and warnings are still in place on Pornhub’s UK website. “There's certainly no plans to turn it off. It is in production. It was a pilot project, but it is having an effect right now,” Sexton says. Those involved in the study say that other porn companies could look to introduce similar nudges across their services and deter people from looking for child abuse content. “They all should be doing this; it should become the norm,” Scanlan says. “This report and technology are significant steps forward in identifying, removing, and reporting harmful and illegal content,” a spokesperson for Pornhub says. “We feel all other major tech and social media platforms should explore the implementation of similar deterrence technology to create a safer internet for all.”

Findlater, from the Stop It Now helpline, says he hopes other companies, such as social media websites and file-hosting platforms, can look at the results of the trial and introduce similar nudges where people are seeking CSAM. “The more places you can put it, the greater chance you're going to catch those people that might be at a stage where they can still be helped, or those people that are looking for help but don't know about it,” Sexton says.

A Pornhub Chatbot Stopped Millions From Searching for Child Abuse Videos

The White House issued an executive order on Wednesday that aims to prevent the sale of Americans' data to “countries of concern,” including China and Russia. Its effectiveness may vary.

US president Joe Biden will sign an executive order on Wednesday aimed at preventing a handful of countries, including China, North Korea, and Russia, from purchasing sensitive information about Americans through commercial data brokers in the United States.

Administration officials say categories of sensitive data, including personal identifiers, precise location information, and biometrics—vital tools for waging cyberattacks, espionage, and blackmail operations against the US—are being amassed by what the White House is calling “countries of concern.”

Biden administration officials disclosed the order to reporters in advance during a Zoom call on Tuesday and briefly took questions, on the condition that they not be named or referred to by job title.

The order will have few immediate effects, they said. The US Justice Department will instead launch a rulemaking process aimed at mapping out a “data security program” envisioned by the White House. The process affords experts, industry stakeholders, and the public at large an opportunity to chime in prior to the government adopting the proposal.

White House officials said the US Attorney General would consult with the heads of the Department of State and Department of Commerce to finalize a list of countries falling under the eye of the program. A tentative list given to reporters during Tuesday’s call, however, included China, Cuba, Iran, North Korea, Russia, and Venezuela.

The categories of information covered by the program will include health and financial data, precise geolocation information, and “certain sensitive government-related data,” among others, the officials said. The order will contain several carve-outs for certain financial transactions and activities that are “incidental” to ordinary business operations.

It’s unclear to what degree such a program would be effective. Notably, it does not extend to a majority of countries where trafficking in Americans’ private data will ostensibly remain legal. What’s more, it’s unclear whether the government has the authority or wherewithal (outside of an act of Congress) to restrict countries that, while diplomatically and militarily allied with the US, are also known to conduct espionage against it: close US ally Israel, for instance, was accused in 2019 of planting cell-phone-spying devices near the White House, and has served as an international marketplace for illicit spyware; or Saudi Arabia, which availed itself of that market in 2018 to covertly surveil a _Washington Post_ contributor who was later abducted and murdered by a Saudi hit squad.

If China, Russia, or North Korea moves to obtain US data from a third party in one of the more than 170 countries not on the US government’s list, there may be little to prevent it. US data brokers need only take steps to ensure overseas customers follow “certain security requirements” during the transfer, many of which are already required by law.

The restrictions imposed by the executive order are meant to protect against “direct” and “indirect transfers of data,” officials said. But data brokers are on the hook merely until they obtain “some type of commitment" from overseas customers—an “understanding”—when it comes to the possibility of data being sold or transferred to others down the line.

Source

Wired