By Deeba Ahmed
The NFT market’s claim to fame is undoubtedly the Bored Apes Yacht Club yet someone is offering endless…
This is a post from HackRead.com Read the original post: This AI Can Generate Unique and Free Bored Ape NFTs

The NFT market’s claim to fame is undoubtedly the Bored Apes Yacht Club yet someone is offering endless free versions of these rare collectibles, thanks to Artificial Intelligence (AI).

Yannic Kilcher, a machine learning expert has developed an AI that generates an infinite number of unique apes for free. The Bored Apes is a collection of around 10000 Bored Apes NFTs, which merely comprise different variations of ape images. Still, it has become the face of NFTs, which are extremely expensive and, to be honest, quite funny.

**Details of the Process**

Kilcher uploaded a video on YouTube to explain the process of ape generation using Artificial Intelligence (AI). According to the video, the AI uses the Generative Adversarial Network (GAN) technique, and the procedure involves using two neural networks.

One of these networks is used to generate an image, and the other differentiates the image from an actual image to determine which is fake. Over time, the generator can create images that could easily pass as authentic. In the end, the generator can produce pretty convincing fake apes.

Kilcher scraped the Bored Ape Yacht Club collection in his YouTube video, trained Nvidia’s StyleGAN2 neural network on the dataset, and created near-perfect and fungible bored apes.

> “The quality of my system is not very good, there are often visible artifacts.”
> 
> Yannic Kilcher

Yannic Kilcher on YouTube

According to TNW, the app can generate apes based on user-provided images. It harnesses OpenAI Clip of the same model that powers the DALL-E 2 image generator. The generated images appear starkly similar to the actual NFT collection. Kilcher noted that a particular ape could be generated once only with this AI. You will get a different, unique ape as you refresh the page.

**More NFT News on Hackread.com**

1.  Official website of Banksy hacked for fake NFT scam
2.  Hackers Hijacked Official Ferrari Subdomain to Host NFT Scam
3.  OpenSea vulnerability allowed crypto theft with malicious NFTs
4.  Hot wallet hack: Hackers steal $18.7m from Animoca’s Lympo NTF platform

This AI Can Generate Unique and Free Bored Ape NFTs

On May 11, 2022, the EU will publicize a proposal for a law on mandatory chat control. Privacy advocates aren't happy.
The post Client side scanning may cost more than it delivers appeared first on Malwarebytes Labs.

On May 11, 2022, the EU will publicize a proposal for a law on mandatory chat control. The European Commission wants all providers of email, chat and messaging services to search for suspicious messages in a fully automated way and forward them to the police in the fight against child pornography.

**History**

In 2020, the European Commission initiated temporary legislation which allows the searching of all private chats, messages, and emails for illegal depictions of minors and attempted initiation of contact with minors. This allows the providers of Facebook Messenger, Gmail, et al, to scan every message for suspicious text and images.

A majority of the Members of the European Parliament adopted the chat control regulation on July 6, 2021, allowing providers to scan communications voluntarily. So far, only some unencrypted US services such as Gmail, Meta/Facebook Messenger, and X-Box apply chat control voluntarily.

The European Commission announced that it will propose follow-up legislation that will make the use of chat control mandatory for all email and messenger providers. This legislation will be presented tomorrow, May 11, 2022 and would also apply to communications services that are end-to-end (E2E) encrypted.

It is important to note that the European Parliament has already pointed out that even voluntary scanning, which is currently permitted by the short-term law, lacks a legal basis and would probably be invalidated if it were taken to court.

**Privacy advocates**

Needless to say that many privacy advocates are ready to storm the barricades to prevent this law from being approved. Not only does this violate our basic human right to privacy, but encrypted messaging has been a boon to activists, dissidents, journalists, whistleblowers, and marginalized groups around the world.

Privacy advocates argue it brings the EU closer to the surveillance state that many see in other countries and that is a frightful image. It is also a step back when it comes to cybersecurity. What do we call software that eavesdrops on what we are doing on our devices and sends it to a third party? Spyware! And what happens to servers that accumulate large amounts of private data? They become targets for cybercriminals.

**The goal**

Similar developments are taking place in the US and the supporting narrative has expanded from domestic terrorism to other illegal content and activity, such as child sexual exploitation and abuse, terrorism, foreign adversaries‚ and attempts to undermine democratic values and institutions.

What most, if not all, of these activities have in common is that you usually won’t see the criminals using the same platforms as those of us that want to stay in touch with friends and relatives. They are already conducting their “business” in illegal marketplaces on the Dark Web, or they are using encrypted phone services.

**Client side scanning**

What does client side scanning mean exactly, some may wonder. Client side scanning broadly refers to systems that scan message contents for matches against a database of objectionable content before the message is sent to the intended recipient.

In this case, it means that the EU wants to force all providers of email, messaging, and chat services to comprehensively search all private messages, even in the absence of any suspicion. That makes the contents of messages no longer private between the sender and receiver, and client-side scanning breaks the E2E encryption trust model.

**Pitfalls**

As we have seen in the US, once the trend has been set, the number of targets can quickly expand from child abuse to other areas. As some of the privacy advocates noted, it’s a slippery slope.

It’s building a database of objectionable content. Given the amount of data you will need something to make a first selection. Machine Learning and Artificial Intelligence will undoubtedly be put to use. These systems can be manipulated and led astray, where static databases are too easy to circumvent.

False positives are a risk to keep in mind. What happens to a sender, or receiver for that matter, that gets tied to several flagged messages? I’m asking for me. Once an interest in cybercrime, vulnerabilities, and other related areas get added to the areas of government interest, my search queries alone would be enough to get me in trouble. On a lighter note, how hard will it be to explain that autocorrect is responsible for your message getting flagged? And will my reputation accompany me on my travels? In other words, will the US know if the EU thinks I’m involved in something shady?

The complexity of breaking the chain of E2E encryption could also limit the reliability of a communications system, and potentially stop legitimate messages from reaching their intended destinations.

So far, for every method that has been devised to limit the amount of private data that gets shared and scrutinized after the first selection, a downside has been brought up. And the stage in which these messages are unencrypted to be reviewed offers a target area where criminals can exfiltrate a lot of valuable information.

Since client-side scanning technologies may represent the most powerful surveillance system ever imagined, it is imperative that we find a way to make them abuse-resistant and auditable before we decide to start using them. Failures from the past have taught us that it’s often the other way around. We learn from our mistakes, but how costly are they?

It is also important to realize that the criminals we are trying to catch will simply move away from the platforms we decide to subject to client side scanning. So in the end, we are monitoring the communications of innocent citizens, for what exactly?

Client side scanning may cost more than it delivers

Threat landscape’s increasing complexity adds impetus to drive for consistency across 27 member states

Threat landscape’s increasing complexity adds impetus to drive for consistency across 27 member states

ANALYSIS The European Union (EU) wants to see greater standardization across European cybersecurity legislation and regulations, according to the bloc’s cybersecurity agency.

The EU sees standards as vital to increasing security across the bloc, as well as ensuring that cybersecurity measures are consistent between member states. This, the European Commission argues, will make it easier for both security vendors and businesses in general to work across borders.

EU-wide standards are envisaged for both product certification and legislation on computer misuse.

RECOMMENDED ‘Dangerous’ EU web authentication plan threatens to undercut browser-led certification system

The work is being led by ENISA, the EU’s agency for cybersecurity.

“Given the increasing complexity in an evolving cyber threat environment, cybersecurity standards can be an essential tool by which an organization can improve its cybersecurity posture by ensuring its cybersecurity strategy and policies are implemented in a consistent and measurable manner,” a spokesperson for ENISA told The Daily Swig.

**Legislative landscape**

ENISA is working with the European Commission and European standards agencies, including ETSI, CEN, and CENELEC, to promote standardization. So far ENISA has produced two reports, one reviewing existing standards in risk management and another looking at 5G.

The work is being informed both by the US’s Cybersecurity Act (CSA), which gives ENISA a lead role in setting security standards, and by the EU’s standardization strategy, set out earlier this year.

The EU’s NIS directive, which sets out measures to bolster cybersecurity across the bloc, specifically calls for EU countries to use European or internationally accepted standards to secure network and information systems.

The EU’s Cybersecurity Act will set up a “European cybersecurity certification framework for ICT products, services and processes”, according to ENISA. Standardization is seen as crucial to the framework’s efficacy. So far, ENISA and the standards agencies have investigated security standardization in 5G, artificial intelligence, digital identity wallets, infrastructure and supply chains, and data protection.

RELATED ENISA urges data-handling innovation amid growing tide of healthcare breaches

“Standards in the area of IT and technology are crucial to assure interoperability – without them the systems of different vendors wouldn’t work together,” ENISA told The Daily Swig. ENISA expects to provide independent advice to vendors and other stakeholders on cybersecurity standards in future legislation.

**Facilitating GDPR compliance**

The cybersecurity standardization process is not part of the EU’s General Data Protection Regulation (GDPR). Although in some ways GDPR set the ball rolling, by setting standards for data privacy, the regulation stops short of telling organizations how to comply with the law. Standards will therefore be a key part of ensuring GDPR compliance.

“GDPR was a regulation that was applicable across the bloc when it came into force. Most other work in this space has been in the form of directives that need to be transposed into national laws,” Jon France, CISO of security body (ISC)2, tells The Daily Swig.

“There is broad recognition that cybersecurity is a core requirement within all EU member states, but it remains a very broad topic area covering products, services, development, operation and more across many sectors and industries.”

**Tricky task**

France believes ENISA is taking on a daunting task.

“The regulatory landscape across Europe is in some respects overt and easy to understand,” he explains. “However, implementation is not as easy with a plethora of rules, regulations, and ways to address them to consider, compounded by security remaining a sovereign reserved right for each member state, with each retaining the ability to choose in many cases what to implement and how to implement within local regulation and law.”

Catch up with the latest cybersecurity policy and legislation news

And although the EU acknowledges that standards are an international issue, and the organization takes part in international groupings such as the ISO, ENISA is not currently working with ‘third countries’ on this. This might change in the future, however.

“A standardized approach within the EU would mirror similar initiatives in other regions, for example the US, which has had success with NIST standards for risk assessment and penetration testing that are becoming adopted around the world,” Phil Robinson, principal consultant and founder of Prism Infosec, tells The Daily Swig.

Setting standards would, he said, allow businesses to use one consistent risk assessment across the EU.

“Additionally, in a similar fashion to a safety ‘kitemark’, products and services can also have a standardized certification that will mean that a consumer, business or personal, can be assured of the cybersecurity certification across the entire region.”

DON’T FORGET TO READ Quantum leap: Biden administration commits to ensuring leadership in emerging tech

EU targets standardization as key to bloc-wide cyber-resilience

Cybersecurity has to be a top priority as enterprises begin incorporating the use of nonfungible tokens into their business strategies, brand-awareness campaigns, and employee-communication efforts, experts say.

A recent malware campaign that targeted online artists with a lure about lucrative nonfungible token (NFT) projects is a good indication of how threat actors are capitalizing on the snowballing interest in digital goods — and it has implications for the growing number of corporate brands trying to ride the NFT wave, too.

The campaign, which researchers from Malwarebytes observed, involved messages purporting to be from NFT project Cyberpunk Ape Executives. These were sent to digital art creators on online platforms such as DeviantArt and Pixiv, and they invited the recipients to work with the people behind the Cyberpunk Ape project to create new NFT characters. They also promised them $350 per day by way of compensation.

A link in the message directed recipients to more information about the project. When users clicked on it, they were sent to a site that downloaded multiple images of apes that purported to be examples of NFTs from the project. One of the images was an executable file, which when opened infected the user's system with an information stealer.

Malwarebytes said it observed several account holders on platforms such as Pixiv and DeviantArt complaining about their accounts being used to spam others with messages about the same Cyberpunk Ape Executive NFT project. Malwarebytes said it couldn't confirm if the information stealer itself was responsible for the account hacks or if some other form of phishing was involved.

**NFT-Related Cybercrime: A Rapidly Growing Threat  
**The campaign is one in a rapidly growing number of NFT-centric attacks, security researchers say. Most of them, for the moment at least, are aimed at people working directly in the NFT space, says Chris Boyd, lead malware intelligence analyst at Malwarebytes. "However, as more mainstream businesses adopt NFT projects or look to get involved with blockchain, it will quickly become a concern across more traditional industries," he predicts.

Analyst firms such as Gartner and Forrester already predict a world where NFTs will play a crucial part in enterprise strategies over the next few years. Gartner included NFTs in its 2021 hype cycle for emerging technologies, and it has described them as one of the technologies that could have the most significant impact on business and society over the next 10 years. The analyst firm expects NFTs will play a fundamental role in an emerging metaverse where organizations try to provide better engagement, collaboration, and connection with employees and others through immersive virtual workplaces. 

Forrester also has pointed to organizations such as insurance firm State Farm jumping into the NFT space with a football-themed treasure hunt as an example of how a quickly growing number of enterprises are experimenting with nonfungible tokens.

Harvard Business Review earlier this year described initial enterprise efforts around NFTs as focused on launching their own digital collectibles — such as Campbell's soup can art. HBR predicts that in the next few years, NFTs could become the "central digital touchpoint" between enterprises and their customers.

**A Variety of Attacks  
**Boyd says Malwarebytes researchers have been observing a variety of NFT and cryptocurrency threats daily. 

"The most common attacks try to trick cryptocurrency enthusiasts into handing over their wallet’s recovery phrase," he says. Users who fall for the scam often stand to lose access to their funds permanently, he says. "Bogus Airdrops, which are fake promotional giveaways, are also common and ask for recovery phrases or have the victim connect their wallets to malicious Airdrop sites, he adds, noting that many fake Airdrop sites are imitations of real NFT projects. And with so many small unverified projects around, it’s often hard to determine authenticity, he notes.

Oded Vanunu, head of product vulnerability at Check Point Software, says what his company has observed by way of NFT-centric attacks is activity focused on exploiting weaknesses in NFT marketplaces and applications. 

"We need to understand that all NFT or crypto markets are using Web3 protocols," Vanunu says, referring to the emerging idea of a new Internet based on blockchain technology. Attackers are trying to figure out new ways to exploit vulnerabilities in applications connected to decentralized networks such as blockchain, he notes.

Over the last few months, Check Point Research has observed attacks that try to trick the user to provide NFT platform or wallet access, and those that target NFT marketplace vulnerabilities to access NFTs belonging to digital artists. 

Check Point has also observed attacks involving the use of malicious NFTs to exploit platform vulnerabilities, Vanunu says. He says organizations that hold NFT assets or crypto assets need to be aware of these threats. Enterprise users who access NFT marketplaces using their company-issued device could also put their organizations at risk, he says.

The increase in NFT-centric scams also shows how attackers are leveraging the new and relatively unknown in attacks against victims, notes Hank Schless, senior manager security solutions at Lookout. Many are purchasing NFTs with cryptocurrency without fully understanding the underlying mechanisms, he says. For example, "people who are new to NFTs might not understand how to validate that the digital asset they’re looking at is the real thing," he says.

Attackers can take advantage of this lack of knowledge to trick people into bidding on fake NFTs, for instance. This can especially be an issue with more expensive NFTs, where a principal bidder or purchaser might offer fragmented ownership of an NFT to a large group of buyers. 

"These group purchases are usually coordinated over social-media platforms like Twitter, Reddit, and Discord, which give an attacker access to a large number of potential victims," Schless says. While most NFT scams continue to be consumer-focused, an attacker could easily use an NFT lure to deliver malware to a corporate device and gain access to corporate data, he says.

Check Point's Vanunu says it's time for organizations to improve user awareness around NFT-centric threats. Organizations with an NFT platform or crypto wallet should enforce multifactor authentication for accessing them, for one. He also recommends that they use two wallets: one that is cold — or offline — for holding all digital asses, and one just for trading with low amounts. 

That way, he says, "in case of exploitation, hackers will not be able to hijack too much."

NFTs Emerge as the Next Enterprise Attack Vector

The CSM by Deloitte platform includes cloud security policy orchestration, cyber predictive analytics, attack surface management, and cyber cloud managed services.

NEW YORK, May 9, 2022 /PRNewswire/ -- To help U.S. executives concerned about visibility into the security of their cloud workloads and applications, Deloitte has expanded existing capabilities to launch Cloud Security Management (CSM) by Deloitte. The platform of services and solutions includes cloud security policy orchestration (CSPO), cyber predictive analytics, attack surface management and cyber cloud managed services (CCMS) – all of which can be applied in Google Cloud, Microsoft Azure and other public clouds alone, or in multi-cloud environments.

"We integrated newly acquired capabilities with our existing technologies and leading global security services to help our clients secure and enhance their cloud environments more efficiently and effectively," said Vikram Kunchala, Deloitte Risk & Financial Advisory Cyber Cloud leader and principal, Deloitte & Touche LLP. "We worked to ensure our platform integrates and operates with the major cloud providers' security capabilities so that our clients can more easily scale their cloud security programs and apply security throughout the systems development lifecycle – even when non-standard security requirements are involved. Building upon the strength of the CSM by Deloitte platform, we plan to expand it over time as client demands change and the technology landscape evolves."

Deborah Golden, Deloitte Risk & Financial Advisory Cyber and Strategic Risk leader and principal, Deloitte & Touche LLP said, "While many are eager to accelerate cloud adoption in a secure, resilient and agile manner, that process is not always easy or simple – particularly when digital transformations occur at various stages, multiple cloud environments are involved, and regulatory compliance requires a variety of shared infrastructure situations, inclusive of third-party requirements. Whether organizations want to leverage our advanced technologies or large practice of highly skilled cyber specialists – or both – CSM by Deloitte acts as a potential change agent for organizations that want to operate confidently and securely in the cloud environment even as that threat landscape evolves."

The CSM by Deloitte platform initially includes:

*   A **CSPO solution** offering continuous, cloud-native, multi-cloud security posture monitoring and policy application. Leveraging a comprehensive set of industry-specific policies provided in the form of policy-as-code, the solution can be customized and managed via GitOps to serve as the "single source of truth" for policy enforcement while also making it easier for DevSecOps teams to include security earlier in product development.
*   **CCMS** include end-to-end cloud security design, 24x7x365 operations support, as well as multiple specialization modules. Clients can apply one, some or all modules to their environments, including identity and access management, infrastructure and network security, detection logging and monitoring, data protection, infrastructure and network security, threat and incident response, endpoint protection as well as DevSecOps, automation and orchestration.
*   **Cyber predictive analytics** that leverage models trained on attack simulations and real-world data to quickly comb through petabytes of data, surfacing threats that might otherwise be missed. Through automated threat hunting and detection, actionable risk metrics are combined and accessible through an interactive, persona-driven suite of dashboards.
*   **Attack surface management** functionality incorporates the results of continuous testing through managed services and intelligent automation into threat detection and response activities. Asset identification, service fingerprinting and vulnerability scanning help users define specific risk areas, identify high priority security and compliance issues and orchestrate remediation efforts.

**About Deloitte**  
Deloitte provides industry-leading audit, consulting, tax and advisory services to many of the world's most admired brands, including nearly 90% of the Fortune 500® and more than 7,000 private companies. Our people come together for the greater good and work across the industry sectors that drive and shape today's marketplace — delivering measurable and lasting results that help reinforce public trust in our capital markets, inspire clients to see challenges as opportunities to transform and thrive, and help lead the way toward a stronger economy and a healthier society. Deloitte is proud to be part of the largest global professional services network serving our clients in the markets that are most important to them. Building on more than 175 years of service, our network of member firms spans more than 150 countries and territories. Learn how Deloitte's more than 345,000 people worldwide connect for impact at www.deloitte.com.

Deloitte refers to one or more of Deloitte Touche Tohmatsu Limited, a UK private company limited by guarantee ("DTTL"), its network of member firms, and their related entities. DTTL and each of its member firms are legally separate and independent entities. DTTL (also referred to as "Deloitte Global") does not provide services to clients. In the United States, Deloitte refers to one or more of the US member firms of DTTL, their related entities that operate using the "Deloitte" name in the United States and their respective affiliates. Certain services may not be available to attest clients under the rules and regulations of public accounting. Please see www.deloitte.com/about to learn more about our global network of member firms.

SOURCE Deloitte

Deloitte Launches Expanded Cloud Security Management Platform

The U.S. State Department has announced rewards of up to $10 million for any information leading to the identification of key individuals who are part of the infamous Conti cybercrime gang.
Additionally, it's offering another $5 million for intelligence information that could help arrest or convict individuals who are conspiring or attempting to affiliate with the group in a ransomware attack.

The U.S. State Department has announced rewards of up to $10 million for any information leading to the identification of key individuals who are part of the infamous Conti cybercrime gang.

Additionally, it's offering another $5 million for intelligence information that could help arrest or convict individuals who are conspiring or attempting to affiliate with the group in a ransomware attack.

The department called the Conti variant the "costliest strain of ransomware ever documented."

Conti, the work of a Russia-based transnational organized crime group dubbed Gold Ulrick, is one most prolific ransomware cartels that has continued to strike entities globally while simultaneously expanding its empire by absorbing TrickBot and running side hustles that involve data extortion.

After the syndicate expressed public support for Russia's invasion of Ukraine in February, it suffered a major breach of its own after its source code and internal chats were released on the public domain. But the leaks have done precious little to slow it down.

According to the State Department, Conti is said to have victimized more than 1,000 organizations as of January 2022, with victim payouts surpassing $150 million. Last month, the group claimed credit for an attack on Costa Rica's government networks.

This is not the first time the U.S. government has offered bounties as part of its efforts to "disrupt and dismantle transnational organized crime globally, including cybercrime" and protect "potential ransomware victims around the world from exploitation by cyber criminals."

In November 2021, it offered similar monetary rewards for locating criminal parties associated with DarkSide and REvil ransomware, which were used in high-profile attacks on Colonial Pipeline and Kaseya last year.

Found this article interesting? Follow THN on Facebook, Twitter __ and LinkedIn to read more exclusive content we post.

U.S. Offering $10 Million Reward for Information on Conti Ransomware Hackers

Plus: Russia rerouted internet in occupied Ukraine, Grindr sold its users' location data to ad networks, and more.

If the war in Ukraine and Russia's still-unfolding atrocities there didn't offer enough fodder for doomscrolling, this week supplied a new dose of domestic crisis: A leaked Supreme Court draft decision that would overturn _Roe v. Wade_, demolishing a ruling that has served as a cornerstone of reproductive rights for nearly five decades. And this crisis, too, will play out in the digital realm as much as the physical and legal ones.

WIRED's Lily Hay Newman responded to the news with a guide to protecting your privacy if you're seeking an abortion in a near-future world in which _Roe_ has in fact been overturned. As right-wing pundits demand the Supreme Court leaker's prosecution, meanwhile, we analyzed the laws concerning leaks of unclassified government information like a draft court ruling and found that there's no clear statute criminalizing that sort of information sharing. And law professor Amy Gajda walked us through the history of Supreme Court information leaks, which stretches back hundreds of years.

As Russia's war in Ukraine grinds on, we looked at how small, consumer-grade drones are offering a defensive tool to Ukrainians that they're exploiting as in no other war in history. And further abroad in India, a battle is taking shape between VPN firms and the Indian government, which is demanding they hand over users' data. Meanwhile, the country's new “super app,” Tata Neu, has sparked user privacy concerns.

And there's more. As we do every week, we’ve rounded up all the news that we didn’t break or cover in-depth. Click on the headlines to read the full stories. And stay safe out there.

If _Roe_'s precedent ceases to protect people seeking abortions across the United States, the question of who can digitally surveil those seeking abortions and abortion providers—and how to evade that surveillance—will become a civil liberties battle of the highest urgency. This week, Motherboard's Joseph Cox fired the opening salvos of that battle with a series of stories about data brokers who offer to sell location data that include individuals' visits to abortion clinics and Planned Parenthood offices, an egregious form of surveillance capitalism with immediate human consequences. Anti-abortion protest groups have already used abortion clinic data to target ads at women inside the clinics, and the same data could soon be used to identify women who seek out-of-state abortions in violation of local laws.

Cox pointed to two companies, SafeGraph and Placer.ai, both of which sold location data of those apparently visiting abortion clinics. Placer.ai has gone so far as to offer "heat maps" of where abortion clinic visitors live to anyone who creates a free account on its site. Cox's reporting had quick results: SafeGraph, which was banned from the Google Play store in June, responded to Motherboard's story by committing to stop selling the abortion-related location data. One of its investors, Are Traasdahl, says he's selling his stake in the company and donating the money to Planned Parenthood.

Your move, Placer.ai.

While we're shaming firms that leak or sell their users' location data, Grindr has long represented a uniquely dangerous combination: a company that courts at-risk users, and then egregiously fails to protect their privacy. This week, _The Wall Street Journal_ revealed that Grindr users' location data was sold for years—beginning in 2017 until at least two years ago—via ad networks, potentially exposing the movements, work locations, and home addresses of millions of gay men. The revelation follows years of Grindr data abuses and inattention to privacy and security, such as allowing anyone to pinpoint users with a triangulation technique, and even turning a blind eye as one man's life was ruined by spoofed Grindr accounts.

In 2022 a Russian military occupation doesn't merely mean physical devastation from shelling, unspeakable war crimes, and mass deportations of Ukrainian civilians to Russian hinterlands. In the Russian-occupied region of Kherson in southern Ukraine, it now means that Ukrainians have been disconnected from the global internet and rerouted through Russia's tightly controlled, surveilled, and censored “Runet.” The move, confirmed Monday by the internet monitoring firm Netblocks, represents a grim advancement of the “splinternet” notion of repressive regimes increasingly walling off their own regional slice of the internet to exert greater control over their populations. Russia now appears to be experimenting with extending its internet repression to the victims of its unprovoked military conquests in a bid to better control and influence digital information there too.

Last month, _The New Yorker_ published an in-depth investigation of how the Israeli hacking firm NSO Group's highly sophisticated smartphone spyware known as Pegasus was used to target members of Spain's Catalan independence movement. Now, Spain's government may be getting a taste of its own medicine: Both the prime minister, Pedro Sánchez, and the country's defense minister, Margarita Robles, have said that their phones, too, were hacked with Pegasus in May and June of 2021. Spain's criminal court is investigating the hacking, which was revealed by security researchers at Citizen Lab. While the Spanish government has claimed that the hacking must have been carried out by a foreign culprit, the Catalan targets of Pegasus have long pointed the finger—for their own targeting at least—at Spain's National Intelligence Center.

The US Treasury announced Friday that it's issuing sanctions against Blender.io, a “mixing” service that's used to obscure the origins and destinations of cryptocurrency. Mixers, including Bitcoin Fog and Helix, have been criminally prosecuted by the US Department of Justice for helping to obscure the criminal origins of cryptocurrency. But the sanctions against Blender.io represent the first time that the Treasury has taken measures to financially ostracize a mixer, making it a crime for any American to transact with the service. In this case, Blender is accused of helping to launder $20.5 million of the $620 million worth of cryptocurrency that North Korea's Lazarus hackers allegedly stole from the cryptocurrency firm Ronin Networks in March. That hack alone suggests that North Korean thieves have already topped the estimated $400 million in crypto—largely in the Ethereum currency—that they stole last year.

Data Brokers Track Abortion Clinic Visits for Anyone to Buy

If you don’t like marketers (or anyone else) knowing when and where you read your email, Apple’s feature will help you reclaim some privacy.

Nothing makes you more paranoid about privacy than working in a marketing department. Trust me on this. For example, did you know that marketers track every time you open an email newsletter—and where you were when you did it?

Apple caused a small panic among marketers in September 2021 by effectively making this tracking impossible in the default Mail app on iPhone, iPad, and Mac. I, personally, switched to Apple Mail as soon as the feature was announced. You might feel the same way, but marketers feel as though they've lost a useful tool.

"If I start a conversation with somebody and they're not responding to me, I'm going to stop talking to them at some point," says Simon Poulton, vice president of digital intelligence at marketing agency Wpromote. "But if someone is nodding along, I'm going to keep talking."

Tracking email opens, to Poulton, is a way for marketers to see who is, and isn't, listening—and adjust their strategy accordingly.

Privacy advocates feel differently. Bill Budington, senior staff technologist at the Electronic Frontier Foundation, says tracking is bad for privacy, and he's pleased that “Apple Mail now provides tools to take your privacy back.”

Let’s talk more about what, exactly, this feature does—and what it means for you.

How Email Tracking Works (and How Apple Blocks It)

If you're really freaking old—36, say—you might recall some ’90s email clients couldn't open certain emails with formatting. You'd instead be prompted to open the email in your web browser. There's a reason for this.

Email dates back to the ’70s, when computers couldn't display much in the way of graphics. Because of this, email protocols are more or less designed for simple text messages with attachments—which works until you want to add things like colors and images. By the ’90s, a workaround showed up: adding HTML code to an email message that points to images hosted on servers.

I bring this history up only because it's what makes modern email tracking possible. Most email newsletters you get include an invisible “image,” typically a single white pixel, with a unique file name. The server keeps track of every time this “image” is opened and by which IP address. This quirk of internet history means that marketers can track exactly when you open an email and your IP address, which can be used to roughly work out your location.

So, how does Apple Mail stop this? By caching. Apple Mail downloads all images for all emails before you open them. Practically speaking, that means every message downloaded to Apple Mail is marked “read,” regardless of whether you open it. Apples also routes the download through two different proxies, meaning your precise location also can't be tracked.

Apple’s Been Adding Features Like This for a While

So did this catch marketers off guard? Kind of.

“The Apple Mail thing specifically kind of came out of left field,” Poulton tells me, “but the whole idea of the de-identification of users is something we've been planning on for a while. This is a multipronged attack from Apple.”

Apple Mail Now Blocks Email Tracking. Here’s What That Means

The U.S. Treasury Department on Friday moved to sanction virtual currency mixer Blender.io, marking the first time a mixing service has been subjected to economic blockades.
The move signals continued efforts on the part of the government to prevent North Korea's Lazarus Group from laundering the funds stolen from the unprecedented hack of Ronin Bridge in late March.
The newly imposed sanctions,

The U.S. Treasury Department on Friday moved to sanction virtual currency mixer Blender.io, marking the first time a mixing service has been subjected to economic blockades.

The move signals continued efforts on the part of the government to prevent North Korea's Lazarus Group from laundering the funds stolen from the unprecedented hack of Ronin Bridge in late March.

The newly imposed sanctions, issued by the U.S. Office of Foreign Assets Control (OFAC), target 45 Bitcoin addresses linked to Blender.io and four new wallets linked to Lazarus Group, an advanced persistent with ties to the Democratic People's Republic of Korea (DPRK).

"Blender was used in processing over $20.5 million of the illicit proceeds," the Treasury said, adding it was utilized by DPRK to "support its malicious cyber activities and money-laundering of stolen virtual currency."

Cryptocurrency mixers, also called tumblers, are privacy-focused services that allow users to move cryptocurrency assets between accounts without leaving a transaction trail by obfuscating their origins.

Mixers like Blender are known to take a "dynamic" service fee that ranges anywhere between 0.6% and 2.5% every time money is transferred to a wallet address under its control. Since its launch in 2017, Blender is estimated to have transferred more than $500 million worth of Bitcoin.

"Through these services, threat actors can achieve their end goal of cashing out and keeping the criminal underground liquid through the trade of illicit goods and services," Intel 471 noted in a report published in November 2021.

The Ronin Bridge hack saw the state-sponsored cyber hacking group stealing $540 million from a decentralized protocol that permits users to transfer their crypto between Ethereum and the popular blockchain game Axie Infinity.

On April 16, the Treasury Department blocklisted the Ethereum wallet address that received the stolen digital currency, although by then the Lazarus Group had managed to launder 18% of the siphoned funds (about $97 million) through centralized exchanges and an Ethereum mixing service called Tornado Cash.

Over the past two weeks, around $273.9 million of Ether was sent to four of the newly-sanctioned addresses, according to blockchain analytics firm Elliptic, with one of those addresses already moving $37 million through Tornado Cash, leaving behind $236 million.

"The transactions involved amounts significantly larger than their previous laundering efforts," the company said. "The ramping up of laundering efforts in this manner potentially reflects a growing desperation by the hackers."

Furthermore, the sanctioning of Blender is evidence that the "Lazarus Group had moved some of the stolen funds into Bitcoin," Elliptic pointed out.

On top of that, Blender is also said to have helped a number of the Russia-aligned ransomware gangs launder their money, including TrickBot, Conti (formerly Ryuk), Sodinokibi (aka REvil), and Gandcrab.

In the midst of all this, crypto exchange Binance on April 22 revealed that it had managed to recover $5.8 million worth of the Axie Infinity stolen funds that were spread across 86 accounts.

The development comes a month after the Treasury sanctioned virtual currency exchange Garantex for assisting criminal actors in laundering over $100 million in ill-gotten funds.

Last year, the department penalized two cryptocurrency exchanges SUEX and CHATEX for facilitating financial transactions for ransomware actors and cashing out the money extorted from victims.

In recent years, North Korea has been attached to a string of cyber-enabled heists from cryptocurrency exchanges and financial entities as a way of getting around international sanctions and generating revenue for its nuclear weapons program.

Last month, U.S. cybersecurity and intelligence agencies warned of a new set of cyberattacks carried out by the Lazarus Group targeting blockchain companies with rogue cryptocurrency apps.

"Virtual currency mixers that assist illicit transactions pose a threat to U.S. national security interests," said Brian E. Nelson, undersecretary of the Treasury for Terrorism and Financial Intelligence.

"We are taking action against illicit financial activity by the DPRK and will not allow state-sponsored thievery and its money-laundering enablers to go unanswered."

Found this article interesting? Follow THN on Facebook, Twitter __ and LinkedIn to read more exclusive content we post.

U.S. Sanctions Cryptocurrency Mixer Blender for Helping North Korea Launder Millions

In the next 10 years, public-key encryption needs to be replaced by post-quantum techniques that can stand up to the new challenges.

Within a decade, the growth of powerful quantum computers will lead to a new era in security, in which once-impenetrable public-key techniques like RSA and ECC will fall to higher levels of brute force. Such techniques need to be replaced by post-quantum cryptography that can stand up to the new challenges.

That's according to an intelligence brief from research company PreScouter. The brief, titled "Quantum Computing and Cybersecurity: Preparing for Post-Quantum Cryptography," says the global quantum computing market will grow from $472 million in 2021 to $1.765 billion by 2026. As the technology spreads from research labs to the cloud, the likelihood of it getting used to defeat current encryption methods rises to near certainty. Indeed, the Biden administration just issued two directives to prepare US government and businesses against future quantum cyberattacks.

"Hackers are currently unlikely to have the resources to develop quantum computing systems," the PreScouter brief states. "However, the emergence of general-purpose quantum computing will be available in the cloud as an infrastructure platform like a service, making it affordable for a wide range of users with current technological capabilities." IBM added its Quantum Cloud service back in 2017, and today users can rent time on a quantum computer from more than a dozen vendors, including Azure and AWS.

Numerous groups have been working on post-quantum cryptography for years, including European Telecommunication Standards Institute (ETSI), the European Union Agency for Cybersecurity (ENISA), and the International Organization for Standardization (ISO). In the US, NIST initiated its post-quantum work back in 2016. This foresight is necessary, PreScouter says, because replacing encryption algorithms requires many steps, so the sooner we get started, the better.

The brief notes that while hackers might not be breaking into OT systems and medical devices by 2030, we need to have post-quantum cryptography implemented by then to stave off such attacks. Algorithmic approaches to post-quantum cryptography include lattice-based, hash-based, isogeny-based, multivariate, and code-based systems.

Download the brief in full from PreScouter.

Keep up with the latest cybersecurity threats, newly-discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

Subscribe

Tag

#intel