Plus: An assassination plot, an AI security bill, a Project Nimbus revelation, and more of the week’s top security news.

This week, WIRED reported that a group of prolific scammers known as the Yahoo Boys are openly operating on major platforms like Facebook, WhatsApp, TikTok, and Telegram. Evading content moderation systems, the group organizes and engages in criminal activities that range from scams to sextortion schemes.

On Wednesday, researchers published a paper detailing a new AI-based methodology to detect the “shape” of suspected money laundering activity on a blockchain. The researchers—composed of scientists from the cryptocurrency tracing firm Elliptic, MIT, and IBM—collected patterns of bitcoin transactions from known scammers to an exchange where dirty crypto could get turned into cash. They used this data to train an AI model to detect similar patterns.

Governments and industry experts are sounding the alarm about the potential for major airline disasters due to increasing attacks against GPS systems in the Baltic region since the start of the war in Ukraine. The attacks can jam or spoof GPS signals, and can result in serious navigation issues. Officials in Estonia, Latvia, and Lithuania blame Russia for the GPS issues in the Baltics. Meanwhile, WIRED went inside Ukraine’s scrappy and burgeoning drone industry, where about 200 companies are racing to build deadlier and more efficient autonomous weapons.

An Australian firm that provided facial recognition kiosks for bars and clubs appears to have exposed the data of more than 1 million records of patrons. The episode highlights the dangers of giving companies your biometric data. In the United States, the Biden administration is asking tech companies to sign a voluntary pledge to make “good-faith” efforts to implement critical cybersecurity improvements. This week we also reported that the administration is updating its plan for protecting the country’s critical infrastructure from hackers, terrorists, and natural disasters.

And there’s more. Each week, we highlight the news we didn’t cover in depth ourselves. Click on the headlines below to read the full stories. And stay safe out there.

**How Israeli Weapons Firms Use Amazon and Google**

A government procurement document unearthed by The Intercept reveals that two major Israeli weapons manufacturers are required to use Google and Amazon if they need any cloud-based services. The reporting calls into question repeated claims from Google that the technology it sells to Israel is not used for military purposes—including the ongoing bombardment of Gaza that has killed more than 34,000 Palestinians. The document contains a list of Israeli companies and government offices “required to purchase” any cloud services from Amazon and Google. The list includes Israel Aerospace Industries and Rafael Advanced Defense Systems, the latter being the manufacturer of the infamous “Spike” missile, reportedly used in the April drone strike that killed seven World Central Kitchen aid workers.

In 2021, Amazon and Google entered into a contract with the Israeli government in a joint venture known as Project Nimbus. Under the arrangement, the tech giants provide the Israeli government, including its Israel Defense Forces, with cloud services. In April, Google employees protested Project Nimbus by staging sit-ins at offices in Silicon Valley, New York City, and Seattle. The company fired nearly 30 employees in response.

A mass surveillance tool that eavesdrops on wireless signals emitted from smartwatches, earbuds, and cars is currently being deployed at the border to track people’s location in real time, a report from Notus revealed on Monday. According to its manufacturer, the tool, TraffiCatch, associates wireless signals broadcast by commonly used devices with vehicles identified by license plate readers in the area. A captain from the sheriff’s office in Webb County, Texas—whose jurisdiction includes the border city of Laredo—told the publication that the agency uses TraffiCatch to detect devices in areas where they shouldn’t be, for instance, to find trespassers.

Several states require law enforcement agencies to obtain warrants before deploying devices that mimic cell towers to obtain data from the devices tricked into connecting to it. But in the case of TraffiCatch, a technology that passively siphons ambient wireless signals out of the air, the courts haven’t yet weighed in. The report highlights how signals intelligence technology, once exclusive to the military, is now available for purchase by both local governments and the general public.

**An Indian Assassination Plot in America**

_The Washington Post_ reports that an officer in India's intelligence service, the Research and Analysis Wing, was allegedly involved in a botched plan to assassinate one of Indian prime minister Narendra Modi's top critics in the United States. The White House said Monday that it was taking the matter "very, very seriously," while India's foreign ministry blasted the _Post_ report as "unwarranted" and "not helpful." The alleged plot to murder the Sikh separatist, Gurpatwant Singh Pannun, a dual citizen of the United States and Canada, was first disclosed by US authorities in November.

Canadian authorities previously announced having obtained "credible" intel allegedly linking the Indian government to the death of another separatist leader, Hardeep Singh Nijjar, who was shot to death outside a Sikh temple in a Vancouver suburb last summer.

**An AI Security Bill Emerges**

US lawmakers have introduced a bill aimed at establishing a new wing of the National Security Agency dedicated to investigating threats aimed at AI systems—or "counter-AI." The bipartisan bill, introduced by Mark Warner and Thom Tillis, a Senate Democrat and Republican, respectively, would further require agencies including the National Institute of Standards and Technology (NIST) and the Cybersecurity and Infrastructure Security Agency (CISA) to track breaches of AI systems, whether successful or not. (The NIST currently maintains the National Vulnerability Database, a repository for vulnerability data, while the CISA oversees the Common Vulnerabilities and Exposures Program, which similarly identifies and catalogues publicly disclosed malware and other threats.)

The Senate bill, known as the Secure Artificial Intelligence Act, aims to expand the government's threat monitoring to include "adversarial machine learning"—a term that is essentially synonymous with "counter-AI"—which serves to subvert AI systems and “poison” their data using techniques vastly dissimilar to traditional modes of cyberwarfare.

A New Surveillance Tool Invades Border Towns

“Yahoo Boy” cybercriminals are openly running dozens of scams across Facebook, WhatsApp, Telegram, TikTok, YouTube, and more.

Most scammers and cybercriminals operate in the digital shadows and don’t want you to know how they make money. But that’s not the case for the Yahoo Boys, a loose collective of young men in West Africa who are some of the web’s most prolific—and increasingly dangerous—scammers.

Thousands of people are members of dozens of Yahoo Boy groups operating across Facebook, WhatsApp, and Telegram, a WIRED analysis has found. The scammers, who deal in types of fraud that total hundreds of millions of dollars each year, also have dozens of accounts on TikTok, YouTube, and the document-sharing service Scribd that are getting thousands of views.

Inside the groups, there’s a hive of fraudulent activity with the cybercriminals often showing their faces and sharing ways to scam people with other members. They openly distribute scripts detailing how to blackmail people and how to run sextortion scams—that have driven people to take their own lives—sell albums with hundreds of photographs, and advertise fake social media accounts. Among the scams, they’re also using AI to create fake “nude” images of people and real-time deepfake video calls.

The Yahoo Boys don’t disguise their activity. Many groups use “Yahoo Boys” in their name as well as other related terms. WIRED’s analysis found 16 Yahoo Boys Facebook groups with almost 200,000 total members, a dozen WhatsApp channels, around 10 Telegram channels, 20 TikTok accounts, a dozen YouTube accounts, and more than 80 scripts on Scribd. And that’s just the tip of the iceberg.

Broadly, the companies do not allow content on their platforms that encourages or promotes criminal behavior. The majority of the Yahoo Boys accounts and groups WIRED identified were removed after we contacted the companies about the groups’ overt existence. Despite these removals, dozens more Yahoo Boys groups and accounts remain online.

“They’re not hiding under different names,” says Kathy Waters, the cofounder and executive director of the nonprofit Advocating Against Romance Scammers, which has tracked the Yahoo Boys for years. Waters says the social media companies are essentially providing the Yahoo Boys with “free office space” to organize and conduct their activities. “They’re selling scripts, selling photos, identifications of people, all online, all on the social media platforms,” she says. “Why these accounts still remain is beyond me.”

The Yahoo Boys aren’t a single, organized group. Instead, they’re a collection of thousands of scammers who work individually or in clusters. Often based in Nigeria, their name comes from formerly targeting users of Yahoo services, with links back to the Nigerian Prince email scams of old. Groups in West Africa can be often organized in various confraternities, which are cultish gangs.

“Yahoo is a set of knowledge that allows you to conduct scams,” says Gary Warner, the director of intelligence at DarkTower and director of the University of Alabama at Birmingham’s Computer Forensics Research Laboratory. While there are different levels of sophistication of Yahoo Boys, Warner says, many simply operate from their phones. “Most of these threat actors are only using one device,” he says.

The Yahoo Boys run dozens of scams—from romance fraud to business email compromise. When making contact with potential victims, they’ll often “bomb” people by sending hundreds of messages to dating app accounts or Facebook profiles. “They will say anything they can in order to get the next dime in their pocket,” Waters says.

Searching for the Yahoo Boys on Facebook brings up two warnings: Both say the results may be linked to fraudulent activity, which isn’t allowed on the website. Clicking through the warnings reveals Yahoo Boy groups with thousands of members—one had more than 70,000.

Within the groups—alongside posts selling SIM cards and albums with hundreds of pictures—many of the scammers push people toward other messaging platforms such as Meta’s WhatsApp or Telegram. Here, the Yahoo Boys are at their most bold. Some groups and channels on the two platforms receive hundreds of posts per day and are part of their wider web of operations.

After WIRED asked Facebook about the 16 groups we identified, the company removed them, and some WhatsApp groups were deactivated. “Scammers use every platform available to them to defraud people and constantly adapt to avoid getting caught,” says Al Tolan, a Meta spokesperson. They did not directly address the accounts that were removed or that they were easy to find. “Purposefully exploiting others for money is against our policies, and we take action when we become aware of it,” Tolan says. “We continue to invest in technology and cooperate with law enforcement so they can prosecute scammers. We also actively share tips on how people can protect themselves, their accounts, and avoid scams.”

Groups on Telegram were removed after WIRED messaged the company’s press office; however, the platform did not respond about why it had removed them.

Across all types of social media, Yahoo Boys scammers share “scripts” that they use to socially manipulate people—these can run to thousands of words long and can be copied and pasted to different victims. Many have been online for years. “I’ve seen some scripts that are 30 and 60 layers deep, before the scammer actually would have to go and think of something else to say,” says Ronnie Tokazowski, the chief fraud fighter at Intelligence for Good, which works with cybercrime victims. “It’s 100 percent how they'll manipulate the people,” Tokazowski says.

Among the many scams, they pretend to be military officers, people offering “hookups,” the FBI, doctors, and people looking for love. One “good morning” script includes around a dozen messages the scammers can send to their targets. “In a world full of deceit and lies, I feel lucky when see the love in your eyes. Good morning,” one says. But things get much darker.

The Yahoo Boys have been behind a recent wave of sextortion across the United States and elsewhere, says Paul Raffile, an intelligence analyst at the Network Contagion Research Institute who is closely tracking the criminals. Broadly speaking, during sextortion, a scammer will use intimate or explicit images to try to get someone to pay them money. “The Yahoo Boys are the principal threat actor behind the surge of sextortion that we’re seeing over the past 18 months,” Raffile says. “They are responsible for forcing dozens of teens to suicide.”

In a series of posts in one Telegram channel, highlighted by Warner, who is also involved in Intelligence for Good, one cybercriminal can be seen walking others through how to run a sextortion scam. They say they tricked people into sharing nude images—posting screenshots of the conversation—and explained ways other people can replicate it. “Hey I am posting your naked pictures on social media and Facebook,” says a sample message cybercriminals could use. “Am not just posting it am sending copies of it to your area,” the message says, before demanding $700.

While the scripts like these are shared on all social media channels, WIRED found at least 80 on the document-sharing service Scribd. The company removed them after WIRED got in touch, with a spokesperson saying there are limits on what people can upload and that the company has automated and manual reviews to remove content. “We’re actively building out new capabilities to broaden the scope of content moderation coverage to include a wider range of concerning text and image violations,” the spokesperson says. Some of the scripts had been online since 2020, and on pages where they were removed a “reading suggestions” section recommended other scam scripts.

Raffile says the Yahoo Boys have been able to “thrive” online “due to lack of moderation around all the illicit material” that they’re sharing. “They’re acting with impunity because they feel they will never get caught,” Raffile says.

Beyond the messaging platforms, the Yahoo Boys have a presence on TikTok and YouTube. “We design our app to be inhospitable to those who seek to exploit our community and we’ve removed this content for violating our policies,” a TikTok spokesperson says.

“Our policies prohibit spam, scams, or other deceptive practices that take advantage of the YouTube community,” a YouTube spokesperson says. “We also prohibit videos that encourage illegal or dangerous activities. As such, we have terminated the flagged channels for violating our policies and our terms of service.” They add that the company removed accounts for breaching policies about harmful content, spam, and generally violating its terms of service.

The accounts posted tutorials about how to scam people, link to groups on messaging apps, and promote technology for fake video calls. On TikTok, multiple accounts include carousels of images that the scammers can use in their efforts to create believable personas. Some of these include posts of elderly women for scammers who are in “need of grandma pictures for proof” of their fake identities and others for scammers who “need kids pics” for their victims.

As well as being a threat to thousands of people around the world, the Yahoo Boys can be quick to adopt new technologies. David Maimon, a professor at Georgia State University and the head of fraud insights at the identity-verification firm SentiLink, has monitored Yahoo Boys for years and says their techniques have evolved alongside new technologies.

“To build rapport with victims, the fraudsters first used text messages, then started sending recorded audio messages, to now using deepfake tools to communicate with victims live,” Maimon says. “On some of the markets we now also see the use of cloned voices. It is now accompanied with sending physical items to victims such as presents, food deliveries, and flowers.” Within some groups, they use “nudification” tools to turn photos of people clothed into nude photos, and deepfake video calls.

While the Yahoo Boys have been active for years, all the experts spoken to for this piece say they should be treated more seriously by social media companies and law enforcement. “It’s time that we start looking at Yahoo Boys as a dangerous organization, transnational organized crime, and start giving it some of those labels,” Raffile says.

These Dangerous Scammers Don’t Even Bother to Hide Their Crimes

Outabox, an Australian firm that scanned faces for bars and clubs, suffered a breach that shows the problems with giving companies your biometric data.

Police and federal agencies are responding to a massive breach of personal data linked to a facial recognition scheme that was implemented in bars and clubs across Australia. The incident highlights emerging privacy concerns as AI-powered facial recognition becomes more widely used everywhere from shopping malls to sporting events.

The affected company is Australia-based Outabox, which also has offices in the United States and the Philippines. In response to the Covid-19 pandemic, Outabox debuted a facial recognition kiosk that scans visitors and checks their temperature. The kiosks can also be used to identify problem gamblers who enrolled in a self-exclusion initiative. This week, a website called “Have I Been Outaboxed” emerged, claiming to be set up by former Outabox developers in the Philippines. The website asks visitors to enter their name to check whether their information had been included in a database of Outabox data, which the site alleges had lax internal controls and was shared in an unsecured spreadsheet. It claims to have more than 1 million records.

The incident has rankled privacy experts who have long set off alarm bells over the creep of facial recognition systems in public spaces such as clubs and casinos.

“Sadly, this is a horrible example of what can happen as a result of implementing privacy-invasive facial recognition systems,” Samantha Floreani, head of policy for Australia-based privacy and security nonprofit Digital Rights Watch, tells WIRED. “When privacy advocates warn of the risks associated with surveillance-based systems like this, data breaches are one of them.”

According to the Have I Been Outaboxed website, the data includes “facial recognition biometric, driver licence \[sic\] scan, signature, club membership data, address, birthday, phone number, club visit timestamps, slot machine usage.” It claims Outabox exported the “entire membership data” of IGT, a supplier of gambling machines. IGT vice president of global communications Phil O’Shaughnessy tells WIRED that “the data affected by this incident has not been obtained from IGT,” and that the firm would work with Outabox and law enforcement.

The website’s owners posted a photo, signature, and redacted driver license belonging to one of Outabox’s founders, as well as a redacted screenshot of the alleged internal spreadsheet. WIRED was unable to independently verify the identity of the website’s owners or the authenticity of the data they claimed to have. An email sent to an address on the website was not returned.

"Outabox is aware and responding to a cyber incident potentially involving some personal information,” an Outabox spokesperson tells WIRED. “We have been in communication with a group of our clients to inform them and outline our strategy to respond. Due to the ongoing Australian police investigation, we are not able to provide further information at this time.”

The New South Wales police force confirmed to WIRED that it was investigating a data breach on Wednesday, but a spokesperson declined to share further details. On Thursday, the force announced that it, working alongside federal and state agencies, had arrested an unnamed 46-year-old man in a Sydney suburb. He is expected to be charged with blackmail.

Clubs that used Outabox’s technology posted announcements about the incident and notified clients this week. One person who posted a breach notification from a club they visited recounted their experience with the facial recognition system. “My fondest memory of this system is visiting a club and having it confidently match my face to a member that was clearly 20+ years older than me, and looked nothing like me,” they wrote in a post on X. The club did not respond to a request for comment.

The Have I Been Outaboxed website, which is still online at the time of writing, alleges that Outabox stopped paying its developers in the Philippines. AI companies frequently employ low-cost overseas labor, including in the Philippines, to power their systems. The website encourages anybody whose data is included in the breach to contact venues and ask that they remove Outabox’s system. The site, which was set up last week according to online records, lists 19 venues. WIRED searched the database for prominent Australians including politicians, and it returned redacted results listing their name and the venues they allegedly attended.

“We are aware of a malicious website carrying a number of false statements designed to harm our business and defame our senior staff,” the Outabox spokesperson says. “We believe this is linked and urge people not to repeat false and reputationally damaging misinformation.” Outabox declined to specify which statements are false, citing the police investigation.

It’s unclear how much of the story told on the website is true, or whether the perpetrators even have the claimed biometric data. Australian cybersecurity expert Troy Hunt, founder of the breach notification website Have I Been Pwned, tells WIRED that there is little reason to doubt it at this time.

“I haven’t seen any reason not to take this at face value, which means they have exactly what they say they have,” he says. In posts on X, Hunt speculated that the website’s posting may have been preceded by demands that were not met, and that the perpetrators’ actions now “clearly land” in the realm of criminality.

“Offshoring is a messy discussion between the legalities of data sovereignty, perceived shortcomings of foreign labor, and frankly, a big dose of xenophobia,” Hunt says. “It’s not like Aussie developers doing exactly the same thing would have made this OK.”

Floreani of Digital Rights Watch says that the incident illustrates the “significant negative consequences” that can arise from collecting sensitive biometric data. “We need bold privacy reform and strict limitations on facial recognition technology,” she says. “As always, surveillance isn’t safety.”

The Breach of a Face Recognition Firm Reveals a Hidden Danger of Biometrics

Ukraine needs small drones to combat Russian forces—and is bootstrapping its own industry at home.

Inside Ukraine’s Killer-Drone Startup Industry

The Biden administration is asking tech companies to sign a pledge, obtained by WIRED, to improve their digital security, including reduced default password use and improved vulnerability disclosures.

The pledge offers examples of how companies can meet the goals, although it notes that companies “have the discretion to decide how best” to do so. The document also emphasizes the importance of companies publicly demonstrating “measurable progress” on their goals, as well as documenting their techniques “​​so that others can learn.”

CISA developed the pledge in consultation with tech companies, seeking to understand what would be feasible for them while also meeting the agency’s goals, according to Goldstein. That meant making sure the commitments were feasible for companies of all sizes, not just Silicon Valley giants.

The agency originally tried using its Joint Cyber Defense Collaborative to prod companies into signing the pledge, according to the tech industry official, but that backfired when companies questioned the use of an operational cyberdefense collaboration group for “a policy and legal issue,” the industry official says.

“Industry expressed frustration about trying to use the JCDC to obtain pledges,” the official says, and CISA “wisely pulled back on that effort.”

CISA then held discussions with companies through the Information Technology Sector Coordinating Council and tweaked the pledge based on their feedback. Originally, the pledge contained more than seven goals, and CISA wanted signatories to commit to “firm metrics” for showing progress, according to the industry official. In the end, this person says, CISA removed several goals and “broadened the language” about measuring progress.

John Miller, senior vice president of policy, trust, data, and technology at the Information Technology Industry Council, a major industry trade group, says that change was smart, because concrete progress metrics—like the number of users using multi-factor authentication—could be “easily misconstrued.”

Goldstein says the number of pledge signatories is “exceeding my expectations about where we’d be” at this point. The industry official says they’re not aware of any company that has definitively refused to sign the pledge, in part because vendors want to “keep open the option of signing on” after CISA’s launch event at RSA. “Everyone’s in a kind of wait-and-see mode.”

Legal liability is a top concern for potential signatory companies. “If there ends up being, inevitably, some type of security incident,” Miller says, “anything \[a\] company has said publicly could be used in lawsuits.”

That said, Miller predicts that some global companies facing strict new European security requirements will sign the US pledge to “get that credit” for something they already have to do.

CISA’s Secure by Design campaign is the centerpiece of the Biden administration’s ambitious plan to shift the burden of cybersecurity from users to vendors, a core theme of the administration’s National Cybersecurity Strategy. The push for corporate cyber responsibility follows years of disruptive supply-chain attacks on critical software makers like Microsoft, SolarWinds, Kaseya, and Change Healthcare, as well as a mounting list of widespread software vulnerabilities that have powered ransomware attacks on schools, hospitals, and other essential services. White House officials say the pattern of costly and often preventable breaches demonstrates the need for increased corporate accountability.

The US Government Is Asking Big Tech to Promise Better Cybersecurity

Blockchain analysis firm Elliptic, MIT, and IBM have released a new AI model—and the 200-million-transaction dataset it's trained on—that aims to spot the “shape” of bitcoin money laundering.

One task where AI tools have proven to be particularly superhuman is analyzing vast troves of data to find patterns that humans can't see, or automating and accelerating the discovery of those we can. That makes Bitcoin's blockchain, a public record of nearly a billion transactions between pseudonymous addresses, the perfect sort of puzzle for AI to solve. Now, a new study—along with a vast, newly released trove of crypto crime training data—may be about to trigger a leap forward in automated tools' ability to suss out illicit money flows across the Bitcoin economy.

On Wednesday, researchers from cryptocurrency tracing firm Elliptic, MIT, and IBM published a paper that lays out a new approach to finding money laundering on Bitcoin's blockchain. Rather than try to identify cryptocurrency wallets or clusters of addresses associated with criminal entities such as dark-web black markets, thieves, or scammers, the researchers collected patterns of bitcoin transactions that led from one of those known bad actors to a cryptocurrency exchange where dirty crypto might be cashed out. They then used those example patterns to train an AI model capable of spotting similar money movements—what they describe as a kind of detector capable of spotting the “shape” of suspected money laundering behavior on the blockchain.

Now, they're not only releasing an experimental version of that AI model for detecting bitcoin money laundering but also publishing the training data set behind it: a 200-million transaction trove of Elliptic's tagged and classified blockchain data, which the researchers describe as the biggest of its kind ever to be made public by a thousandfold. “We're providing about a thousand times more data, and instead of labeling illicit wallets, we're labeling examples of money laundering which might be made up of chains of transactions,” says Tom Robinson, Elliptic's chief scientist and cofounder. “It's a paradigm shift in the way that blockchain analytics is used.”

Blockchain analysts have used machine learning tools for years to automate and sharpen their tools for tracing crypto funds and identifying criminal actors. In 2019, in fact, Elliptic already partnered with MIT and IBM to create a AI model for detecting suspicious money movements and released a much smaller data set of around 200,000 transactions that they had used to train it.

For this new research, by contrast, the same team of researchers took a much more ambitious approach. Rather than try to classify single transactions as legitimate or illicit, Elliptic analyzed collections of up to six transactions between Bitcoin address clusters it had already identified as illicit actors and the exchanges where those previously identified shady entities sold their crypto, positing that the patterns of transactions between criminals and their cashout points could serve as examples of money laundering behavior.

Working from that hypothesis, Elliptic assembled 122,000 of these so-called subgraphs, or patterns of known money laundering within a total data set of 200 million transactions. The research team then used that training data to create an AI model designed to recognize money laundering patterns across Bitcoin's entire blockchain.

As a test of their resulting AI tool, the researchers checked its outputs with one cryptocurrency exchange—which the paper doesn't name—identifying 52 suspicious chains of transactions that had all ultimately flowed into that exchange. The exchange, it turned out, had already flagged 14 of the accounts that had received those funds for suspected illicit activity, including eight it had marked as associated with money laundering or fraud, based in part on know-your-customer information it had requested from the account owners. Despite having no access to that know-your-customer data or any information about the origin of the funds, the researchers' AI model had matched the conclusions of the exchange's own investigators.

Correctly identifying 14 out of 52 of those customer accounts as suspicious may not sound like a high success rate, but the researchers point out that only 0.1 percent of the exchange's accounts are flagged as potential money laundering overall. Their automated tool, they argue, had essentially reduced the hunt for suspicious accounts to more than one in four. “Going from ‘one in a thousand things we look at are going to be illicit’ to 14 out of 52 is a crazy change,” says Mark Weber, one of the paper's coauthors and a fellow at MIT's Media Lab. “And now the investigators are actually going to look into the remainder of those to see, wait, did we miss something?”

Elliptic says it's already been privately using the AI model in its own work. As more evidence that the AI model is producing useful results, the researchers write that analyzing the source of funds for some suspicious transaction chains identified by the model helped them discover Bitcoin addresses controlled by a Russian dark-web market, a cryptocurrency “mixer” designed to obfuscate the trail of bitcoins on the blockchain, and a Panama-based Ponzi scheme. (Elliptic declined to identify any of those alleged criminals or services by name, telling WIRED it doesn't identify the targets of ongoing investigations.)

Perhaps more important than the practical use of the researchers' own AI model, however, is the potential of Elliptic's training data, which the researchers have published on the Google-owned machine learning and data science community site Kaggle. “Elliptic could have kept this for themselves,” says MIT's Weber. “Instead there was very much an open source ethos here of contributing something to the community that will allow everyone, even their competitors, to be better at anti-money-laundering.” Elliptic notes that the data it released is anonymized and doesn't contain any identifiers for the owners of Bitcoin addresses or even the addresses themselves, only the structural data of the “subgraphs” of transactions it tagged with its ratings of suspicion of money laundering.

That enormous data trove will no doubt inspire and enable much more AI-focused research into bitcoin money laundering, says Stefan Savage, a computer science professor at the University of California San Diego who served as adviser to the lead author of a seminal bitcoin-tracing paper published in 2013. He argues, though, that the current tool doesn't seem likely to revolutionize anti-money-laundering efforts in crypto in its current form, so much as serve as a proof of concept. “An analyst, I think, is going to have a hard time with a tool that's _kind_ of right sometimes,” Savage says. “I view this as an advance that says, ‘Hey, there's a thing here. More people should work on this.’”

Savage warns, though, that AI-based money-laundering investigation tools will likely raise new ethical and legal questions if they end up being used as actual criminal evidence—in part because AI tools often serve as a “black box” that provides a result without any explanation of how it was produced. “This is on the edge where people get uncomfortable in the same way they get uncomfortable about face recognition,” he says. “You can't quite explain how it works, and now you're depending on it for decisions that may have an impact on people's liberty.”

MIT's Weber counters that money laundering investigators have always used algorithms to flag potentially suspicious behavior. AI-based tools, he argues, just mean those algorithms will be more efficient and have fewer false positives that waste investigators' time and incriminate the wrong suspects. “This isn't about automation,” Weber says. “This is a needle-in-a-haystack problem, and we're saying let's use metal detectors instead of chopsticks.”

As for the research impact that Savage expects, he argues that even beyond blockchain analysis, Elliptic's training data is so voluminous and detailed that it may even help with other kinds of AI research into analogous problems like health care and recommendation systems. But he says the researchers do also intend their work to have a practical effect, enabling a new and very real way to hunt for patterns that reveal financial crime.

“We're hopeful that this is much more than an academic exercise,” Weber says, “that people in this domain can actually take this and run with it.”

A Vast New Data Set Could Supercharge the AI Hunt for Crypto Money Laundering

China's brain-computer interface technology is catching up to the US. But it envisions a very different use case: cognitive enhancement.

At a tech forum in Beijing last week, a Chinese company unveiled a “homegrown” brain-computer interface that allowed a monkey to seemingly control a robotic arm just by thinking about it.

In a video shown at the event, a monkey with its hands restrained uses the interface to move a robotic arm and grasp a strawberry. The system, developed by NeuCyber NeuroTech and the Chinese Institute for Brain Research, involves soft electrode filaments implanted in the brain, according to state-run news media outlet Xinhua.

Researchers in the US have tested similar systems in paralyzed people to allow them to control robotic arms, but the demonstration underscores China’s progress in developing its own brain-computer interface technology and vying with the West.

Brain-computer interfaces, or BCIs, collect and analyze brain signals, often to allow direct control of an external device, such as a robotic arm, keyboard, or smartphone. In the US, a cadre of startups, including Elon Musk’s Neuralink, are aiming to commercialize the technology.

William Hannas, lead analyst at Georgetown University’s Center for Security and Emerging Technology (CSET), says China is quickly catching up with the US in terms of its BCI technology. “They’re strongly motivated,” he says of the Asian superpower. “They're doing state-of-the-art work, or at least as advanced as anybody else in the world.”

He says China has typically lagged behind the US in invasive BCIs—that is, those that are implanted in the brain or on its surface—choosing instead to focus on noninvasive technology that’s worn on the head. But it’s quickly catching up on implantable interfaces, which are being explored for medical applications.

More concerning, though, is China’s interest in noninvasive BCIs for the general population. Hannas coauthored a report released in March that examines Chinese research on BCIs for nonmedical purposes.

“China is not the least bit shy about this,” he says, referring to ethical guidelines released by the Communist Party in February 2024 that include cognitive enhancement of healthy people as a goal of Chinese BCI research. A translation of the guidelines by CSET says, “Nonmedical purposes such as attention modulation, sleep regulation, memory regulation, and exoskeletons for augmentative BCI technologies should be explored and developed to a certain extent, provided there is strict regulation and clear benefit.”

The translated Chinese guidelines go on to say that BCI technology should avoid replacing or weakening human decisionmaking capabilities “before it is proven to surpass human levels and gains societal consensus, and avoid research that significantly interferes with or blurs human autonomy and self-awareness.”

These nonmedical applications refer to wearable BCIs that rely on electrodes placed on the scalp, also known as electroencephalography or EEG devices. Electrical signals from the scalp are much harder to interpret than those inside the brain, however, and there’s a huge effort in China to use machine learning techniques to improve analysis of brain signals, according to the CSET report.

A handful of US companies are also developing wearable BCIs that arguably fall under the category of cognitive enhancement. For instance, Emotiv of San Francisco and Neurable in Boston are starting to sell EEG headsets intended to improve attention and focus. The US Department of Defense has also funded research on wearable interfaces that could ultimately enable control of cyber-defense systems or drones by military personnel.

China Has a Controversial Plan for Brain-Computer Interfaces

Thousands of planes and ships are facing GPS jamming and spoofing. Experts warn these attacks could potentially impact critical infrastructure, communication networks, and more.

The disruption to GPS services started getting worse on Christmas Day. Planes and ships moving around southern Sweden and Poland lost connectivity as their radio signals were interfered with. Since then, the region around the Baltic Sea—including neighboring Germany, Finland, Estonia, Latvia, and Lithuania—has faced persistent attacks against GPS systems.

Tens of thousands of planes flying in the region have reported problems with their navigation systems in recent months amid widespread jamming attacks, which can make GPS inoperable. As the attacks have grown, Russia has increasingly been blamed, with open source researchers tracking the source to Russian regions such as Kaliningrad. In one instance, signals were disrupted for 47 hours continuously. On Monday, marking one of the most serious incidents yet, airline Finnair canceled its flights to Tartu, Estonia, for a month, after GPS interference forced two of its planes to abort landings at the airport and turn around.

The jamming in the Baltic region, which was first spotted in early 2022, is just the tip of the iceberg. In recent years, there has been a rapid uptick in attacks against GPS signals and wider satellite navigation systems, known as GNSS, including those of Europe, China, and Russia. The attacks can jam signals, essentially forcing them offline, or spoof the signals, making aircraft and ships appear at false locations on maps. Beyond the Baltics, war zone areas around Ukraine and the Middle East have also seen sharp rises in GPS disruptions, including signal blocking meant to disrupt airborne attacks.

Now, governments and telecom and airline safety experts are increasingly sounding the alarm about the disruptions and the potential for major disasters. Foreign ministers in Estonia, Latvia, and Lithuania have all blamed Russia for GPS issues in the Baltics this week and said the threat should be taken seriously.

“It cannot be ruled out that this jamming is a form of hybrid warfare with the aim of creating uncertainty and unrest,” Jimmie Adamsson, the chief of public affairs for the Swedish Navy, tells WIRED. “Of course, there are concerns, mostly for civilian shipping and aviation, that an accident will occur creating an environmental disaster. There is also a risk that ships and aircraft will stop traffic to this area and therefore global trade will be affected.”

“A growing threat situation must be expected in connection with GPS jamming,” Joe Wagner, a spokesperson from Germany’s Federal Office for Information Security, tells WIRED, saying there are technical ways to reduce its impact. Officials in Finland say they have also seen an increase in airline disruptions in and around the country. And a spokesperson for the International Telecommunication Union, a United Nations agency, tells WIRED that the number of jamming and spoofing incidents have “increased significantly” over the past four years, and interfering with radio signals is prohibited under the ITU’s rules.

**On the Upswing**

Attacks against GPS, and the wider GNSS category, come in two forms. First, GPS jamming looks to overwhelm the radio signals that make up GPS and make the systems unusable. Second, spoofing attacks can replace the original signal with a new location—spoofed ships can, for example, appear on maps as if they’re at inland airports.

Both types of interference are up in frequency. The disruptions—at least at this stage—mostly impact planes flying at high altitudes and ships that can be in open water, not people’s individual phones or other systems that rely on GPS.

The Dangerous Rise of GPS Attacks

President Joe Biden has updated the directives to protect US critical infrastructure against major threats, from cyberattacks to terrorism to climate change.

The Biden administration is updating the US government’s blueprint for protecting the country’s most important infrastructure from hackers, terrorists, and natural disasters.

On Tuesday, President Joe Biden signed a national security memorandum overhauling a 2013 directive that lays out how agencies work together, with private companies, and with state and local governments to improve the security of hospitals, power plants, water facilities, schools, and other critical infrastructure.

Biden’s memo, which is full of updates to the Obama-era directive and new assignments for federal agencies, arrives as the US confronts an array of serious threats to the computer systems and industrial equipment undergirding daily life. In addition to foreign government hackers and cyber criminals seeking to destabilize American society by crippling vital infrastructure, extremist groups and lone actors have plotted to sabotage these systems, and climate change is fueling natural disasters that regularly overwhelm basic services.

But foreign cyber threats loom largest as a danger in the near future. “America faces an era of strategic competition, where state actors will continue to target American critical infrastructure and tolerate or enable malicious activity conducted by nonstate actors,” Caitlin Durkovich, the deputy homeland security adviser for resilience and response, told reporters during a briefing on Monday.

The memorandum has three core purposes: to formalize the role of the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) as the lead agency tasked with protecting infrastructure from bad actors and natural hazards; to improve partnerships with the private sector through faster, more comprehensive information sharing; and to lay out the groundwork for minimum cybersecurity requirements for sectors that currently lack them.

The regulatory push represents a dramatic shift from the government’s approach to infrastructure protection a decade ago. The Biden administration, having concluded that voluntary partnerships were not sufficiently reducing risks to essential services, has applied new cyber rules to the aviation, pipeline, railroad, maritime, and medical device industries, and the Department of Health and Human Services is working on security requirements for hospitals. Now, the administration plans to use the new memo to turbocharge efforts to apply rules to other sectors.

“It is important that we work together to set baseline security standards for the lifeline sectors on which the American way of life and our democracy depends,” Durkovich says.

The document tasks the government’s “Sector Risk Management Agencies,” or SRMAs—each of which oversees and assists one or more infrastructure sectors with cyber and physical security—with determining whether existing rules adequately address their industries’ vulnerabilities and, if not, crafting new rules. The memo includes a process to help agencies if they conclude that they lack “the tools or authorities necessary to ensure effective implementation of those requirements,” a senior administration official said during Monday’s briefing, speaking anonymously pursuant to the White House’s terms.

That process is designed to support agencies like the Environmental Protection Agency, which tried to issue cyber requirements for water systems in 2023 but abandoned the effort after a legal challenge from industry groups and Republican-led states.

Anticipating further industry pushback to new rules in various sectors, the White House is promising to collaborate with companies. “These requirements … need to be developed in close coordination with the owners and operators of that infrastructure to ensure they are appropriate and proportionate to the vulnerability,” the senior administration official says.

In addition to new cyber standards, the memo attempts to kickstart more harmonious and productive information-sharing relationships between government agencies and private companies. The private sector often complains that agencies either declassify information too slowly or keep it tightly restricted to only executives with security clearances. Many companies say that without timely access to the government’s detailed intelligence about hackers’ activities, it is difficult to stay ahead of those adversaries.

To address these tensions, Biden is directing US spy agencies to redouble their efforts to “collect, produce, and share intelligence” with infrastructure operators, Durkovich says.

The memo requires the Office of the Director of National Intelligence (ODNI) to produce a report on the state of the government’s information-sharing with the private sector. As part of that process, the senior administration official says, ODNI will work with CISA and other agencies to write procedures for better outreach to companies.

The government can look to two recent case studies for insights about the best ways to share useful information without jeopardizing the sensitive sources and methods used to gather it. As Russia began its expanded invasion of Ukraine in 2022, the intelligence community declassified and published intelligence about the Kremlin’s plans at such a rapid tempo that it stunned many former officials. And when officials wanted to warn companies about the seriousness of China’s recent cyber intrusions into US infrastructure, they convened classified briefings that starkly laid out the potential damage Beijing could do in the event of a war.

“We have a lot of instructive emerging practices and lessons learned from what has happened in the first three years of this administration,” says the senior official.

In addition to the report on information sharing, the memo also gives ODNI 180 days to produce a formal intelligence assessment on threats to America’s infrastructure, and the senior official says the government “will work to share that” with companies to the extent possible.

Beyond its major substantive changes, the new memo significantly boosts the stature of CISA, which did not exist when the previous plan was written. The memo codifies CISA’s twin roles as a government-wide coordinator for infrastructure security work and as the designated SRMA for eight of the 16 sectors.

CISA has pursued its role as the lead infrastructure protection agency in multiple ways, its director, Jen Easterly, told reporters during Monday’s briefing.

First, CISA reestablished a council of senior officials that makes major decisions about how agencies coordinate to address risks. Second, Easterly says, CISA has provided agencies with “guidance and templates” to help produce risk assessments and risk management plans for each of their sectors. Third, CISA is finalizing a list of “systemically important entities” whose operations power daily life in fundamental ways.

The government will work with the companies on the important-entities list—there are fewer than 500 of them—“to ensure they have the resources necessary to manage risk,” a second senior administration official told reporters on Monday. Those companies will also be priorities for regulation.

While it updates key parts of the government’s defensive playbook, the memo does not change the basic structure underpinning this work: the 16 sectors—each containing a collection of related industries—that together comprise the nation’s critical infrastructure. A CISA report published in late 2021 recommended that the administration consider adding new sectors for the space and bioeconomy industries, but officials decided not to do so.

“Because space is really a part of so many different sectors, it did not, at this time, make sense to break space out as a separate sector,” the second senior official says. (CISA is, however, focused on space cybersecurity.) Government leaders similarly decided that bioeconomy risks were not unique enough to merit a new sector. But both industries could receive their own sectors in the future “if there are significant changes” to the risks they face, says the second official.

In light of how quickly those risks and other conditions could change, the memo directs DHS to submit a “national risk management plan” to the White House every two years summarizing what the government is doing to prevent harm.

Biden administration officials see the new document as more than just an updated strategy. To them, it is a watershed moment in how the government organizes itself to protect Americans from poisoned water, widespread blackouts, and other infrastructure disasters.

The new memo, Durkovich says, “prepares us for the next decade—what the president calls the decisive decade—and what lies out on the horizon.”

The White House Has a New Master Plan to Stop Worst-Case Scenarios

Plus: Google holds off on killing cookies, Samourai Wallet founders get arrested, and GM stops driver surveillance program.

Controversial gunshot-detection company ShotSpotter has deployed more than 25,000 microphones across 170 cities worldwide. This week, WIRED and _South Side Weekly_ revealed the company may continue to provide gunshot data to police in cities even after contracts have ended. Internal emails seen by the publications suggest ShotSpotter sensors may have stayed online despite law enforcement deals having expired, raising questions about what will happen to 2,500 microphones in Chicago when its contract runs out at the end of the year.

Elsewhere, Change Healthcare finally admitted to paying a ransom to the AlphV hackers, also known as BlackCat, that extorted the medical company. Weeks ago, WIRED revealed the attackers were paid $22 million, one of the largest ransomware payments ever. However, in a statement this week the company admitted for the first time that it paid the ransom as part of its effort “to do all it could to protect patient data from disclosure.” Some of that data still found its way onto the dark web.

In another successful grift, researchers have found animators in North Korea creating artwork for major Hollywood studios. A misconfigured North Korea cloud server, discovered at the end of last year, contained thousands of animation files, notes, and working documents for productions of shows that stream on Amazon Prime Video and Max. The companies likely didn’t know workers from the Hermit Kingdom were creating the artwork, but it’s another example of how North Korea is using skilled workers to circumvent sanctions and make the regime money.

Meanwhile, Cisco revealed this week that some of its devices, called Adaptive Security Appliances, have been targeted by state-sponsored hackers who exploited two zero-day vulnerabilities in the systems. The attack, dubbed ArcaneDoor, is believed to have had an espionage focus and sources suspect China’s state-backed hackers may be the culprits.

The November presidential elections may still be months away, but the next US president will have increased surveillance capabilities. This week Joe Biden signed a controversial bill extending and enhancing Section 702 of the Foreign Intelligence Surveillance Act. FISA allows spy agencies to collect Americans’ calls, emails, and more when pursuing foreign intelligence. Critics say the changes are “a gift to any president who may wish to spy on political enemies.”

That’s not all. Each week, we round up the security and privacy news we didn’t cover in depth ourselves. Click the headlines to read the full stories. And stay safe out there.

**School Principal Framed Using AI Voice Deepfake**

In January, an Instagram account in Baltimore, Maryland, posted an alleged audio recording of local school principal Eric Eiswert making racist and antisemitic comments. Baltimore County Public Schools quickly opened an investigation into the incident. However, this week, a former athletic director at Pikesville High School was arrested after police said he used artificial intelligence software to create the fake audio clip of Eiswert. The audio included comments about “ungrateful Black kids” and disparaging remarks about the Jewish community.

Dazhon Darien, the former staff member, was arrested after being stopped in possession of a gun at an airport when officials saw there was an outstanding arrest warrant, the _Baltimore Banner_ reported. The media organization reports that Darien was charged with disrupting school activities and stalking. The fake clip was allegedly made in retaliation for the principal investigating Darien over irregular payments to his roommate.

Police reports, the _Banner_ says, indicate that the audio clip had a “profound” impact on the school principal. “It not only led to Eiswert’s temporary removal from the school but also triggered a wave of hate-filled messages on social media and numerous calls to the school,” police reports said.

Voice-cloning technology, which can fall under the broader banner of deepfake technology, has rapidly improved within the last year. Cloning tools can recreate someone’s voice to a relatively realistic level using just a few seconds of real audio. The systems have increasingly been used to impersonate politicians and scam people over the phone.

**General Motors Stops Driving Surveillance, Following Privacy Complaints**

Your car knows a lot about you—from where and how you drive, to your weight and how you sit. This week, following a series of revelations from _New York Times_ reporter Kashmir Hill, General Motors announced it will end its “Smart Driver” program and unenroll all customers. Until the reports from the _Times_, GM was sharing data with data brokers LexisNexis and Verisk, which shared it with insurers and led to high payments for some people. The OnStar Smart Driver program had been designed to promote safer driving, GM said. However, many people were not aware they had been enrolled in the system. Ten lawsuits have been filed so far about the Smart Driver program and how it shared data.

**Google Delays Killing Cookies—Again**

In January 2020, Google said it would remove third-party cookies from Chrome within two years—following Safari, Brave, Firefox, and other browsers in eradicating the tracking technology. It’s now April 2024 and the company has delayed the change for a third time, saying it’ll happen in 2025. Google’s proposed cookie replacement has faced scrutiny from competition and privacy regulators in the UK, with critics saying cookies are just being replaced by another form of tracking and suggesting the changes could further benefit Google’s ad business.

**Samourai Wallet Founders Arrested Over $2 Billion Unlawful Transactions**

Keonne Rodriguez and William Lonergan Hill, the founders of crypto-mixing service Samourai Wallet, were charged by US prosecutors this week for running an unlicensed money transfer business and conspiracy to commit money laundering. The company processed $2 billion in “unlawful transactions” and “facilitated more than $100 million in money laundering,” according to Damian Williams, the United States Attorney for the Southern District of New York, and other investigators. The charges can carry a maximum of 20 years each. The move comes as US prosecutors try to clampdown on crypto mixing services that may be used to hide funds or allow illicit behavior. Mixers Bitcoin Fog, Helix, and Tornado Cash have all faced action in recent years.

**Chinese Keyboard Vulnerabilities Could Reveal Typing**

New research from the University of Toronto’s Citizen Lab this week revealed vulnerabilities in eight Chinese keyboard apps that, if exploited, could allow everything typed to be intercepted. Up to a billion people may be impacted, the researchers say. They tested apps from major technology companies and phone makers, including Baidu, Honor, Huawei, Samsung and Tencent. “Most of the vulnerable apps can be exploited by an entirely passive network eavesdropper,” they researchers write, adding that most of the impacted companies fixed the vulnerabilities when they were reported.

Source

Wired