Recently there has been a fall in engagement with Palestinian content on tumblr, and for those of us who are helping Palestinians fundraise it is very obvious that this has happened directly after the very public smear campaigns, carried out by some racist users with significant followings.

It seems half the site somehow found it easier to believe in the horseshit about “belgian scam rings” and “russian botnets” in an effort to justify their apathy towards genocide victims, and the other half seems to think that everything is over and that the evil was defeated just because some racist bloggers got run off the site after giving half-hearted apologies that did nothing to mitigate the damage they had done.

THERE ARE PEOPLE STILL IN DIRE NEED OF HELP !! There are people who are still getting death threats from zionists every day and have to stay on this godforsaken website because their gofundmes haven't reached their endgoals yet...

I'm going to keep this brief:

Siraj's ( @siraj2024 ) family including his parents, and his five siblings and their families were displaced during the recent attacks by IOF on deir al balah

This means there are now 23 family members that Siraj is the sole provider for at the moment. 

10 of those members are young children.

Siraj's wife, Halima, is having a terrible flareup of eczema and his children are suffering from skin infections and badly need medical attention.

This whole family has been living in unhygienic conditions in 2 tents, packed like sardines during this heatwave, leading to spread of infections between them as well– all during a time where hygiene products have become unaffordable due to the israeli blockade, and when water has become scarce, and kids cant even receive life saving vaccinations during polio epidemic.

All this while everyday siraj risks his life trying to reach out to us from an internet point amidst violence and shelling from the IOF in what once was a “humanitarian safe zone”, even more desperately than before because–

THIS FUNDRAISER IS NOW THE ONLY LIFELINE FOR FIVE FAMILIES INSTEAD OF JUST ONE !!

Currently at $55,614/ $82,000 CAD

TIME IS RUNNING OUT!! We have to get to 60k by thursday i.e WITHIN THE NEXT THREE DAYS!! DONATE AND BOOST

Vetting link #219

If you want additional incentive to donate, pls check out:

Art raffle here (ending in 4 days!!!) - where you get to win this zine as a prize as well for as low as $5 for 1 entry, please dont miss it !!

Masterpost of informational posts

All posts are written for everyone, including those with no prior computer science education. If you know how to write an email and have used a computer at least sparingly, you are qualified for understanding these posts. :)

What is a DDoS

What are the types of malware

Vulnerabilities and Exploits (old and somewhat outdated)

Example of how malware can enter your computer

What are botnets and sinkholes

How does passwords work

Guide for getting a safer password

Here are various malware-related posts you may find interesting:

Stuxnet

The North Korean bank heist

5 vintage famous malware

Trickbot the Trickster malware (old and not up to date)

jRAT the spy and controller (old and not up to date)

Evil malware

New to Linux? Here's a quick guide for using the terminal:

Part 1: Introduction

Part 2: Commands

Part 3: Flags

Part 4: Shortcuts

If you have any questions, request for a topic I should write about, or if there is something in these posts that you don't understand, please send me a message/ask and I'll try my best to help you. :)

- unichrome

Bonus: RGB terminal

Author: CrimethInc. Topic: technology

“The future is already here,” Cyberpunk pioneer William Gibson once said; “it’s just not very evenly distributed.” Over the intervening decades, many people have repurposed that quote to suit their needs. Today, in that tradition, we might refine it thus: War is already here—it’s just not very evenly distributed.

Never again will the battlefield be just state versus state; it hasn’t been for some time. Nor are we seeing simple conflicts that pit a state versus a unitary insurgent that aspires to statehood. Today’s wars feature belligerents of all shapes and sizes: states (allied and non-allied), religious zealots (with or without a state), local and expatriate insurgents, loyalists to former or failing or neighboring regimes, individuals with a political mission or personal agenda, and agents of chaos who benefit from the instability of war itself. Anyone or any group of any size can go to war.

The increased accessibility of the technology of disruption and war[1] means the barrier to entry is getting lower all the time. The structure of future wars will sometimes feel familiar, as men with guns murder children and bombs level entire neighborhoods—but it will take new forms, too. Combatants will manipulate markets and devalue currencies. Websites will be subject to DDoS attacks and disabling—both by adversaries and by ruling governments. Infrastructure and services like hospitals, banks, transit systems, and HVAC systems will all be vulnerable to attacks and interruptions.

In this chaotic world, in which new and increasing threats ceaselessly menace our freedom, technology has become an essential battlefield. Here at the CrimethInc. technology desk, we will intervene in the discourse and distribution of technological know-how in hopes of enabling readers like you to defend and expand your autonomy. Let’s take a glance at the terrain.

Privacy

The NSA listens to, reads, and records everything that happens on the internet.

Amazon, Google, and Apple are always listening[2] and sending some amount[3] of what they hear back to their corporate data centers[4]. Cops want that data. Uber, Lyft, Waze, Tesla, Apple, Google, and Facebook know your whereabouts and your movements all of the time. Employees spy on users.

Police[5] want access to the contents of your phone, computer, and social media accounts—whether you’re a suspected criminal, a dissident on a watch list, or an ex-wife.

The business model of most tech companies is surveillance capitalism. Companies learn everything possible about you when you use their free app or website, then sell your data to governments, police, and advertisers. There’s even a company named Palantir, after the crystal ball in The Lord of the Rings that the wizard Saruman used to gaze upon Mordor—through which Mordor gazed into Saruman and corrupted him.[6] Nietzsche’s famous quote, “When you look long into an abyss, the abyss also looks into you,” now sounds like a double transcription error: surely he didn’t mean abyss, but app.

Security

Self-replicating malware spreads across Internet of Things (IoT) devices like “smart” light bulbs and nanny cams, conscripting them into massive botnets. The people who remotely control the malware then use these light bulbs and security cameras to launch debilitating DDoS[7] attacks against DNS providers, reporters, and entire countries.

Hackers use ransomware to hold colleges, hospitals, and transit systems hostage. Everything leaks, from nude photos on celebrities’ phones to the emails of US political parties.

Capital

Eight billionaires combined own as much wealth as the poorest 50% of the world’s population. Four of those eight billionaires are tech company founders.[8] Recently, the President of the United States gathered a group of executives to increase collaboration between the tech industry and the government.[9]

The tech industry in general, and the Silicon Valley in particular, has a disproportionately large cultural influence. The tech industry is fundamentally tied to liberalism and therefore to capitalism. Even the most left-leaning technologists aren’t interested in addressing the drawbacks of the social order that has concentrated so much power in their hands.[10]

War

Nation states are already engaging in cyber warfare. Someone somewhere[11] has been learning how to take down the internet.

Tech companies are best positioned to create a registry of Muslims and other targeted groups. Even if George W. Bush and Barack Obama hadn’t already created such lists and deported millions of people, if Donald Trump (or any president) wanted to create a registry for roundups and deportations, all he’d have to do is go to Facebook. Facebook knows everything about you.

The Obama administration built the largest surveillance infrastructure ever—Donald Trump’s administration just inherited it. Liberal democracies and fascist autocracies share the same love affair with surveillance. As liberalism collapses, the rise of autocracy coincides with the greatest technical capacity for spying in history, with the least cost or effort. It’s a perfect storm.

This brief overview doesn’t even mention artificial intelligence (AI), machine learning, virtual reality (VR), augmented reality (AR), robots, the venture capital system, or tech billionaires who think they can live forever with transfusions of the blood of young people.

Here at the tech desk, we’ll examine technology and its effects from an anarchist perspective. We’ll publish accessible guides and overviews on topics like encryption, operational security, and how to strengthen your defenses for everyday life and street battles. We’ll zoom out to explore the relation between technology, the state, and capitalism—and a whole lot more. Stay tuned.

Footnotes

[1] A surplus of AK-47s. Tanks left behind by U.S. military. Malware infected networked computer transformed into DDoS botnets. Off the shelf ready to execute scripts to attack servers.

[2] Amazon Echo / Alexa. Google with Google Home. Apple with Siri. Hey Siri, start playing music.

[3] What, how much, stored for how long, and accessible by whom are all unknown to the people using those services.

[4] Unless you are a very large company, “data center” means someone else’s computer sitting in someone else’s building.

[5] Local beat cops and police chiefs, TSA, Border Patrol, FBI… all the fuckers.

[6] Expect to read more about Palantir and others in a forthcoming article about surveillance capitalism.

[7] Distributed Denial of Service. More on this in a later article, as well.

[8] Bill Gates, Jeff Bezos, Mark Zuckerberg, Larry Ellison. In fact, if you count Michael Bloomberg as a technology company, that makes five.

[9] In attendance: Eric Trump. Brad Smith, Microsoft president and chief legal officer. Jeff Bezos, Amazon founder and CEO. Larry Page, Google founder and Alphabet CEO. Sheryl Sandberg, Facebook COO. Mike Pence. Donald Trump. Peter Thiel, venture capitalist. Tim Cook, Apple CEO. Safra Catz, Oracle CEO. Elon Musk, Tesla CEO. Gary Cohn, Goldman Sachs president and Trump’s chief economic adviser. Wilbur Ross, Trump’s commerce secretary pick. Stephen Miller, senior policy adviser. Satya Nadella, Microsoft CEO. Ginni Rometty, IBM CEO. Chuck Robbins, Cisco CEO. Jared Kushner, investor and Trump’s son-in-law. Reince Priebus, chairman of the Republican National Committee and White House chief of staff. Steve Bannon, chief strategist to Trump. Eric Schmidt, Alphabet president. Alex Karp, Palantir CEO. Brian Krzanich, Intel CEO.

[10] We’ll explore this more in a later article about “The California Ideology.”

[11] Probably a state-level actor such as Russia or China.

From the beginning | Previously | Coin standings | 60/70 | 37/37

Once again, some kind strangers have left you some supplies. You get another WIFI ACCESS POINT, to replace the one you're about to use, plus another NOBLE BELT TUT BOTNET BULLET (bringing you back up to 4) and a spare SOFTWARE PATCH (bringing you to 2). Wait, 2? Walter says yeah, I've had this one lying around since before I fell down in the sparkling abyss. Adea says well why didn't you SAY so?!

You're both distracted by the priciest purchase yet, though: a BIONIC MINTER BIT COIN MINER. This device- although someone appears to have briefly gnawed on its casing- can be installed anywhere you can find a power outlet, and it'll just spit out free money! Five Coin in the amount of time it takes for you to lose 1 hunger! Or... free minus the electricity it consumes, but it's not like it's your electricity you'd be using in this otherworld. Just leave it to run, then come back later, and you've got a massive pile of cash to spend! And there's power outlets all over this tower, so setting it up should be no problem.

Yep, there's definitely no downsides to using this machine!

So that's very convenient. Satisfied, you dig into ACCESS QUEENLIEST JUICE ION, PRONTO! "JOCQUES NINELITE PROSECUTION CASE".

Jocques Ninelite, apparently, is a local entrepreneur, who recently quit his government job as a HAZARD WICK to found the Ninelite RECEDING NEST, a technology startup. His new company has developed and is distributing EDEN SNAKE, and this has Governor Thinrar extremely mad at him for some reason. This document details dozens of attempts to come up with charges that'll stick to him so he can be arrested and his DECADE'S CHOICES confiscated, but most of them have run aground on insufficient evidence.

There's reams of legal jargon attempting to find obscure laws and bylaws under which selling EDEN SNAKE is illegal, but he apparently knew the law and meticulously avoided any of the various traps- Thinrar's legal advisors don't think they can make any of these stick in court.

Ninelite was found snooping around the scene of an apparent terrorist bombing in the MR. SQUEAK TABLEWARE 15 years ago, and is suspected of having tampered with the crime scene- but no physical evidence exists.

There's a half-finished case for an antitrust suit in here, alleging anticompetitive hiring practices where he attempts to poach talent from other companies. Nothing he's done has technically been illegal, though, but they're working on drafting new legislation that might be able to get him retroactively.

The RECEDING NEST's R&D experiments are under investigation for workplace safety violations, but they haven't been able to get an inspector on-site without alerting them ahead of time- everything they've done under surveillance has been free of occupational safety hazards.

They're even trying to get the corporate campus written up for landscaping code violations. This city has a landscaping code?! What kind of HOA nonsense is this?

You'd think a rich tech CEO would have mountains of dirty laundry, but a concerted effort by the local government has been totally unable to pin anything on him, which is odd. No one's record is this clean unless someone's put effort into cleaning it. How has he been covering his tracks?

The NEXT TO MOLASSES SACRAMENT CORONAMELT TAX ASSESSMENT reveals a similar battle involving Thinrar's legal team trying to pin something on a local business owner. This time, though, it's looking a lot less flimsy. RANDOM SEED, owner of the mountainside casino-resort MONTE CARLO, is very plainly guilty of dozens of counts of felony tax evasion, and HAZARD WICK specialist ONE-TIME PAD has volunteered to go retrieve the last pieces of evidence needed to bring him down.

...The emails between Thinrar and his legal team, though, reveal there's more going on here. Apparently, none of this tax evasion is new- rather, it's been tolerated for decades as part of some kind of under-the-table deal with the casino. Not even tolerated, exactly- it'd just be redundant to pay taxes when RANDOM SEED has been paying such humongous bribes to Thinrar in exchange for exemption from the city's gambling laws.

Somehow, MONTE CARLO has been producing more Coin than it could possibly be extracting from the pockets of desperate gamblers, and it's been keeping the city's municipal budget (and Thinrar's gubernatorial campaign) afloat for years. They're only prosecuting him now because the money is starting to dry up, and they think they can finally get better election odds by making a show of rooting out corruption. (Y'know, rather than by taking kickbacks from that same corruption.) Most of these emails are discussing how to prevent retaliation, and prosecute the case without exposing their own illegal dealings.

These files are like something out of an Ayn Rand novel- corrupt bureaucracy trying to keep down poor innocent captains of industry. The naked corruption on display is pretty flabbergasting- is it all like this?

You've been at this a while- do you want to keep digging, or has your governorship's REIGN PEAKED and you'd like to go somewhere else?

Continued | 60/70 | 36/36

About three years ago, some of Google’s security engineers came to company attorneys with a gigantic mess.

The security team had discovered that Google unwittingly was enabling the spread of malicious software known as Glupteba. The malware had corrupted more than 1 million Windows computers, turning them into vehicles to mine cryptocurrency and spy on users. By hijacking Google accounts, purchasing Google ads to lure in users, and misusing Google cloud tools, the hackers behind the operation were on their way to infecting even more computers.

Tech giants such as Google long have had a playbook for destroying botnets like Glupteba. They call up fellow companies and US authorities and together coordinate a massive takedown operation. Sometimes, the cops file criminal charges. But this time around, Google’s legal team recommended an approach that the company hadn’t pursued in years: Sue the hackers for money.

The eventual lawsuit against two Russian men and a dozen unnamed individuals allegedly behind Glupteba would be the first of a run of at least eight cases that Google has filed against various hackers and scammers, adding to a sporadic few filings in the past. The tactic, which Google calls affirmative litigation, is meant to scare off would-be fraudsters and generate public awareness about scams. Now, for the first time, Google is opening up about this strategy.

Leaders of Google’s security and legal teams tell WIRED they believe going after people in court has paid off. Google hasn’t yet lost a case; it has collected almost all of the more than $2 million that it has won through the legal process, and forced hundreds of companies or websites to shut down. The awards are trivial to Google and its parent Alphabet, a $2 trillion company, but can be devastating for the defendants.

“We’re disrupting bad actors and deterring future activity, because it’s clear that the consequences and the costs are high,” says Chester Day, lead of the three-person “litigation advance” team at Google that’s focused on taking people to court. Google, he adds, is “making it clear that we’re willing to invest our resources into taking action to protect our users.”

Google blog posts and similar content about the lawsuits and the underlying scams have drawn more than 1 billion views, according to the company. Google representatives say that the awareness increases vigilance among consumers and shrinks the pool of vulnerable targets. “Educating people about how these crimes work may be the best thing we can do to stop the crime,” says Harold Chun, director of Google’s security legal team.

Several Big Tech companies have pursued affirmative litigation, though not necessarily under that name and with varying strategies. Microsoft has filed more than two dozen lawsuits since 2008 with a focus on securing court permission to dismantle botnets and other hacking tools. Amazon has been a prolific complainant since 2018, filing at least 42 cases over counterfeit products, 38 for reviews fraud, three for copyright abuse, and, recently, two for bogus product returns. Amazon has been filing so many counterfeit cases, in fact, that the federal court in western Washington assigned three magistrate judges to focus on them.

Since 2019, Meta has filed at least seven counterfeiting or data theft cases, with settlements or default judgments in four so far, including one in which it won nearly $300,000 in damages. Like Meta, Apple has sued Israeli spyware developer NSO Group for alleged hacking. (NSO is fighting the lawsuits. Trials are scheduled for next year.)

Some attorneys who’ve studied how the private sector uses litigation to enforce the law are skeptical about the payoff for the plaintiffs. David Noll, a Rutgers University law professor and author of a forthcoming book on state-supported private enforcement, Vigilante Nation, says it’s difficult to imagine that companies could bring the volume of cases needed to significantly stop abuse. “The fact that there is a small chance you might be named in a suit isn’t really going to deter you,” he says.

Noll believes the big risk is that Google and other tech companies could be burdening the court system with cases that ultimately secure some favorable headlines but do less to make the internet safer than the companies could achieve through investing in better antifraud measures.

Still, of the six outside legal experts who spoke to WIRED, all of them say that overall Google deserves credit for complementing the work of underfunded government agencies that are struggling to rein in online abuse. At an estimated hundreds of thousands of dollars per case, it’s a low-risk endeavor for the tech giant, former prosecutors say.

“Reliable and regular enforcement when folks step outside the law brings us closer to a society where less of us are harmed,” says Kathleen Morris, resident scholar of law at UC Berkeley’s Institute of Governmental Studies. “This is healthy and robust collaboration on law enforcement by the public and private sectors.”

Google’s general counsel, Halimah DeLaine Prado, tells WIRED she wants to send a message to other companies that the corporate legal department can do more than be the team that says “no” to wild ideas. “Legal can be a proactive protector,” she says.

Marketing Scams

DeLaine Prado says that from its earliest days, Google has considered pursuing litigation against people abusing its platforms and intellectual property. But the first case she and other leaders within Google recall filing was in 2015. Google accused Local Lighthouse, a California marketing company, of placing robocalls to dupe small businesses into paying to improve their ranking in search results. Google alleged trademark infringement, unfair competition, and false advertising. As part of a settlement, Lighthouse stopped the problematic calls.

Since then, Google has filed complaints against five similar allegedly scammy marketers, with three of them ending in settlements so far. A Florida business and its owners agreed to pay Google $850,000, and a Los Angeles man who allegedly posted 14,000 fake reviews on Google Maps agreed to stop. Terms of the third deal, with an Illinois company, were not disclosed in court files, but Google spokesperson José Castañeda says it involved a seven-figure payment to Google.

Castañeda says Google has donated all the money it has collected to recipients such as the Better Business Bureau Institute, the National Consumers League, Partnership to End Addiction, Cybercrime Support Network, and various US chambers of commerce.

Another genre of cases has targeted individuals submitting false copyright complaints to Google to get content removed from the company’s services. A man in Omaha, Nebraska, whom Google accused of falsely claiming ownership of YouTube videos to extort money from their real owners, agreed to pay $25,000 to Google. Two individuals in Vietnam sued by Google never responded—a common issue.

In 2022, Google won default judgment against an individual in Cameroon who never responded to charges that he was using Gmail to scam people into paying for fake puppies, including a $700 basset hound. After the lawsuit, complaints about the scammer dried up, according to Google.

But legal experts say the most fascinating cases of Google’s affirmative litigation are four that it filed against alleged computer hackers. The suits emerged after months of investigation into Glupteba.

Security engineers at Google realized that eradicating Glupteba through the typical approach of taking down associated servers would be difficult. The hackers behind it had designed a backup system involving a blockchain that enabled Glupteba to resurrect itself and keep pilfering away.

That’s in part why Google’s attorneys suggested suing. Chun, the security legal director, had pursued cases against botnets as a federal prosecutor. “I thought this would be something good to do from a civil angle for a company as well,” he says. “Law enforcement agencies have limits on what they can do. And Google has a large voice and the litigation capacity.”

Chun and other attorneys cautioned their bosses that the hackers might use the lawsuit to reverse engineer Google’s investigation methods and make Glupteba more evasive and resilient. But ultimately, DeLaine Prado, who has final say over lawsuits, signed off. Chun says his former colleagues from the government applauded the complaint.

Google sued Dmitry Starovikov and Alexander Filippov, alleging that they were the Russia-based masterminds behind Glupteba after linking websites associated with the virus to Google accounts in their name. The search giant accused the duo (and unknown co-conspirators) of violating the Racketeer Influenced and Corrupt Organizations Act (RICO), the Computer Fraud and Abuse Act, and the Electronic Communications Privacy Act. The lawsuit also alleged a trademark law violation for hiding Glupteba in a tool that claimed to download videos from YouTube.

Google argued that it had suffered substantial harm, having never received payment for ads it had sold to the hackers, who allegedly were using fraudulent credit cards. Users also had their experiences with Google services degraded, putting them at risk and impairing the value of the company’s brand, according to the lawsuit.

In court papers, Starovikov and Filippov stated they learned of the lawsuit only through friends and then decided to hire a New York attorney, Igor Litvak, to fight on their behalf. The defendants initially offered innocent explanations for their software related to Glupteba and said that their projects had not targeted the US market. At one point, they countersued Google for $10 million, and at another, they allegedly demanded $1 million each to hand over the keys to shut down the botnet. They eventually denied the allegations against them.

Following an ordeal over whether the defendants could obtain Russian passports, sit for depositions in Europe, and turn over work files, Google’s attorneys and Litvak traded accusations of lying. In 2022, US district judge Denise Cote sided with Google. She found in a 48-page ruling that the defendants “intentionally withheld information” and “misrepresented their willingness and ability” to disclose it to “avoid liability and further profit” from Glupteba. “The record here is sufficient to find a willful attempt to defraud the Court,” Cote wrote.

Cote sanctioned Litvak, and he agreed to pay Google $250,000 in total through 2027 to settle. The jurist also ordered Starovikov and Filippov to pay nearly $526,000 combined to cover Google’s attorneys fees. Castañeda says Google has received payment from all three.

Litvak tells WIRED that he still disagrees with the judge's findings and that Russia’s strained relationship with the US may have weighed on whom the judge trusted. “It’s telling that after I filed a motion to reconsider, pointing out serious issues with the court’s decision, the court went back on its original decision and referred [the] case to mediation, which ended with … me not having to admit to doing anything wrong,” he says in an email.

Google’s Castañeda says the case achieved the intended effect: The Russian hackers stopped misusing Google services and shut down their marketplace for stolen logins, while the number of Glupteba-infected computers fell 78 percent.

Not every case delivers measurable results. Defendants in Google’s other three hacking cases haven’t responded to the accusations. That led to Google last year winning default judgment against three individuals in Pakistan accused of infecting more than 672,000 computers by masquerading malware as downloads of Google’s Chrome browser. Unopposed victories are also expected in the remaining cases, including one in which overseas app developers allegedly stole money through bogus investment apps and are being sued for violating YouTube Community Guidelines.

Royal Hansen, Google’s vice president for privacy, safety, and security engineering, says lawsuits that don’t result in defendants paying up or agreeing to stop the alleged misuse still can make alleged perpetrators’ lives more difficult. Google uses the rulings as evidence to persuade businesses such as banks and cloud providers to cut off the defendants. Other hackers might not want to work with them knowing they have been outed. Defendants also could be more cautious about crossing international borders and becoming newly subject to scrutiny from local authorities. “That’s a win as well,” Hansen says.

More to Come

These days, Google’s small litigation advance team meets about twice a week with other units across the company to discuss potential lawsuits. They weigh whether a case could set a helpful precedent to give extra teeth to Google’s policies or draw awareness to an emerging threat.

Team leader Day says that as Google has honed its process, filing cases has become more affordable. That should lead to more lawsuits each year, including some for the first time potentially filed outside the US or representing specific users who have been harmed, he says.

The tech giants' ever-sprawling empires leave no shortage of novel cases to pursue. Google’s sibling company Waymo recently adopted the affirmative litigation approach and sued two people who allegedly smashed and slashed its self-driving taxis. Microsoft, meanwhile, is weighing cases against people using generative AI technology for malicious or fraudulent purposes, says Steven Masada, assistant general counsel of the company’s Digital Crimes Unit.

The questions remain whether the increasing cadence of litigation has left cybercriminals any bit deterred and whether a broader range of internet companies will go on the legal offense.

Erin Bernstein, who runs the California office of Bradley Bernstein Sands, a law firm that helps governments pursue civil lawsuits, says she recently pitched a handful of companies across industries on doing their own affirmative litigation. Though none have accepted her offer, she’s optimistic. “It will be a growing area,” Bernstein says.

But Google’s DeLaine Prado hopes affirmative litigation eventually slows. “In a perfect world, this work would disappear over time if it’s successful,” she says. “I actually want to make sure that our success kind of makes us almost obsolete, at least as it relates to this type of work.”

BADBOX 2.0 Botnet Infects 1 Million Android Devices for Ad Fraud and Proxy Abuse

Source: https://thehackernews.com/2025/03/badbox-20-botnet-infects-1-million.html

More info: https://www.humansecurity.com/learn/blog/satori-threat-intelligence-disruption-badbox-2-0/

So, Anonymous Sudan, the group of probably Russian hackers whose intended goal is division in the West, is the group attacking Ao3 at the moment. They’ve issued a $30,000 dollar ransom demand, which is stupid because 1) the OTW isn’t gonna pay that, and 2) the OTW can’t pay that.

Ao3 and the OTW are run by donations. They don’t have the money to pay this even if they wanted to, and all indications are they’re not inclined to give money to Anonymous Sudan that they’ll just use to buy more additions to their botnets and bring down more websites

This day in history

Tonight (December 5), I'm at Flyleaf Books in Chapel Hill, NC, with my new solarpunk novel The Lost Cause, which 350.org's Bill McKibben called "The first great YIMBY novel: perceptive, scientifically sound, and extraordinarily hopeful."

#20yrsago Walt Disney’s FBI files https://memex.craphound.com/2003/12/06/walt-disneys-fbi-files/

#20yrsago Ska-anthem about duct tape https://web.archive.org/web/20031209020640/http://www.ducktapeclub.com/contests/roll/lyrics.asp?entryid=131

#15yrsago Britain’s “Great Firewall” set to restrict access to Wikipedia https://en.wikinews.org/wiki/British_ISPs_restrict_access_to_Wikipedia_amid_child_pornography_allegations

#15yrsago Workers in Argentina taking over dead factories and running them democratically https://www.newstatesman.com/long-reads/2007/08/argentina-workers-movement

#10yrsago https://memex.craphound.com/2013/12/06/what-nelson-mandelas-life-tells-us-about-the-legitimacy-of-democratic-nations/

#10yrsago Medieval kids’ birch-bark doodles https://erikkwakkel.tumblr.com/post/67681966023/medieval-kids-doodles-on-birch-bark-heres

#10yrsago Botnet of 20,000 point-of-sale machines https://arstechnica.com/information-technology/2013/12/credit-card-fraud-comes-of-age-with-first-known-point-of-sale-botnet/

#5yrsago Jamie Dimon is getting fed up with the protesters who “occupy” him everywhere he goes https://www.bloomberg.com/news/articles/2018-12-03/wherever-dimon-goes-activists-turn-his-speeches-into-spectacles

#5yrsago Wells Fargo blames “computer glitch” for its improper foreclosure on 545 homes https://www.cbsnews.com/news/wells-fargo-loan-modification-error-homeowners-who-went-into-foreclosure-seek-answers/

#5yrsago The third annual AI Now report: 10 more ways to make AI safe for human flourishing https://web.archive.org/web/20181206184028/https://ainowinstitute.org/AI_Now_2018_Report.pdf

#5yrsago Europe’s biggest sports leagues and movie studios disavow #Article13, say it will give #BigTech even more control https://www.eff.org/deeplinks/2018/12/letter-eu-european-film-companies-and-sports-leagues-disavow-article-13-say-it

#5yrsago On January 1, America gets its public domain back: join us at the Internet Archive on Jan 25 to celebrate https://creativecommons.org/2018/12/05/join-us-for-a-grand-re-opening-of-the-public-domain/

It's EFF's Power Up Your Donation Week: this week, donations to the Electronic Frontier Foundation are matched 1:1, meaning your money goes twice as far. I've worked with EFF for 22 years now and I have always been - and remain - a major donor, because I've seen firsthand how effective, responsible and brilliant this organization is. Please join me in helping EFF continue its work!

sometimes i get so mad about online advertising being so lawless compared to other mediums (ex. television ads occupying specific spots in programming or a small fraction of the screen while online ads can sprawl wherever the hell they want And bog down computer performance) i find myself wishing for someone to enact legislation leading to their regulation, but how likely of a possibility do you think that actually is?

it depends tbh. we do have related stuff like CCPA and GDPR (obligatory meme that I have saved on my phone:)

...so it's not impossible for further laws/regulations to crop up down the line. my main thoughts here are that (1) adtech changes so rapidly that I think any specific legislation is almost certainly doomed to become obsolete before long (compounded further by the fact that most lawmakers barely seem to understand the internet, let alone a fucking RTB supply chain lol), (2) enforcement would be a nightmare considering there are literally several hundred billion bid requests generated EVERY SINGLE DAY (googled this stat to make sure I wasn't misremembering and got another dr. fou link lol. can't escape this guy) and (3) believe it or not, the online advertising industry is largely self-governing... or at least tries to be.

an organization called the IAB (interactive advertising bureau) sets a ton of standards around not only the logistics of buying and selling ads (they are, for example, the creators of the OpenRTB protocol for real-time auctions), but also the quality of the ads and ad space being sold. there are tons of initiatives they've proposed that have widespread buy-in among the industry, like ads.txt, which everybody who's anybody uses these days.

you do, of course, have to buy in to what the IAB is metaphorically selling, but their decrees hold a lot of weight among all sections of the ads supply chain—both reputable buyers and reputable sellers regularly adjust their behavior based on IAB guidelines. for example, two of the things you mentioned:

"ads can sprawl wherever they want": the IAB has about a million guidelines for where ads can physically go on a page, how they can run (e.g., video ads must be muted by default or they aren't IAB compliant), and what percentage of the visual real estate they can use up. publishers obviously can and do violate these guidelines, but third-party tools exist to make sure your ads aren't running on pages that pull that shit. and as a rule, advertisers actively dislike buying ad space on awful cluttered pages because they know the pages are shitty and the impressions are less valuable.

"big down computer performance": people call those heavy ads! the IAB sets standards around ad performance (the lighter the better, basically) and google chrome even implemented a feature that automatically kills heavy ads before they eat up your whole CPU. some performance based-issues are also caused by malvertising which is uhhh a whole other thing but no one likes it and everyone who matters is trying to stop it.

which isn't to be naive here or an industry shill or whatever because Fucking Obviously these problems persist. I actually had to email the advertising division at conde nast recently because I kept getting malicious redirect ads on their mobile site (they haven't responded yet... return my calls bitch!) so clearly even well-meaning reputable websites and ad platforms and advertisers continue to have issues with IVT and whatnot. the struggle is eternal.

but arguably so is the struggle against basically anything that's legislated, like property crime or whatever. I'm admittedly not optimistic that formal laws would fix digital advertising, only put a slightly hotter fire under people's asses to clean up their respective acts better. which is certainly a good thing, it's just a rapidly evolving game where the bad actors are always coming up with new tactics.

fun and related example: I read a recent retrospective about the kids behind the mirai botnet, which originally started out as a DDoS-for-hire scheme but pivoted to ad fraud when it turned out that was way more profitable. possibly the largest botnet ever (don't quote me on that though) and it was spun up by three teenagers!!!

Note to Self: DON'T USE UNITY ENGINE

Take FEE from Developers for Every copy for every game installed.

FREE GAMES the fees still apply estimate more than $25,000,000

Declare bankruptcy to the bank, loaner's and users. (??? Does Unity apply the same charges to Casino machines,slot websites, jackpot party, it's legally a gaming ain't it?)

I get FREE GAME, while DEVELOPER is CHARGED for that MY FREE COPY

So if I a Gamer become a Developer will be CHARGED for FREE GAMES even by multiple copies from one user

" That's bad " I feel bad for studio's situation :(

*Edit UPDATES (September 13 2023)

- Unity "regrouped" and now says ONLY the initial installation of a game triggers a fee (0.20$ per install){I hope there no glitches concerning installation}

- Demos mostly won't trigger fees (Keyword: MOSTLY what does that mean)

- Devs not charged fee for Game Pass, Thank God for the Indie Developers

- Charity games/bundles exempted from fees

Xbox is on the hook, for Gamepass?

*Edit Updates (September 13 2023)

Unity:

-Who is impacted by this price increase: The price increase is very targeted. In fact, more than 90% of our customers will not be affected by this change. Customers who will be impacted are generally those who have found a substantial scale in downloads and revenue and have reached both our install and revenue thresholds. This means a low (or no) fee for creators who have not found scale success yet and a modest one-time fee for those who have. (How big of scale of success before your charged?)

-Fee on new installs only: Once you meet the two install and revenue thresholds, you only pay the runtime fee on new installs after Jan 1, 2024. It’s not perpetual: You only pay once for an install, not an ongoing perpetual license royalty like a revenue share model. (???)(How do they know that from device)

-How we define and count installs: Assuming the install and revenue thresholds are met, we will only count net new installs on any device starting Jan 1, 2024. Additionally, developers are not responsible for paying a runtime fee on: • Re-install charges - we are not going to charge a fee for re-installs. •Fraudulent installs charges - we are not going to charge a fee for fraudulent installs. We will work directly with you on cases where fraud or botnets are suspected of malicious intent.

- Trials, partial play demos, & automation installs (devops) charges - we are not going to count these toward your install count. Early access games are not considered demos.

- Web and streaming games - we are not going to count web and streaming games toward your install count either.

- Charity-related installs - the pricing change and install count will not be applied to your charity bundles/initiatives.(Good)

•If I make a expansion pack does count as install, what if I made sequel?

•Fee apply to$200,000 USD (How does work for other countries)

So I charge $60 per ONE Videogame I will be charged fees once I sell about 3400 copies ($204000)

I then sell say 10,000copies(New Sequels as well)

(If I download game onto my computer twice they get charged 0.20, how ever if I redownload onto another device say Xbox, would they get charged again, charges may vary depending on how many games.)

OVERALL

Seems to force companies to charge customers higher prices on videogames to avoid a loss of profit.

*Edit Updates as of (September 22.2023)

- Your Game is made using a Unity Pro or Unity Enterprise plan.

- Your Game is created or will be upgraded to the next major Unity version releasing in 2024.

- Your Game meets BOTH thresholds of $1,000,000 (USD) gross revenue (GROSS= Before Deductions & Taxes) on a trailing 12 month basis(?) AND 1,000,000 *lifetime initial engagements.

As for counting the number of *initial engagements, it will depend on your game and distribution platforms.

Some example metrics that we recommend are number of units sold or first-time user downloads.

This list is not comprehensive, but you can submit an estimate based on these metrics. Hope this helps! You can also find more information here: https://unity.com/pricing-updates

I'm sorry, Did that User say runtime fee is still tied to the number of installations (WTF Runtime Fee)

•Qualify(Ew) for the run-time fee:

1) are on Pro and Enterprise plans

2) have upgraded to the Long Term Support (LTS) version releasing in 2024 (or later)

3) You have crossed the $1,000,000 (USD) in gross revenue (GROSS= Before Deductions & Taxes)(trailing 12 months)

4) 1,000,000 initial engagements

( I noticed that it doesn't seem to mention International Revenue. Only the USD)

•Delete Unity

•Deletes Game before they make million

•Make $900,000 then make Game Free

•Make Game Free and implore people for their generosity

•Change Game Engine

Too tired to do the math...

Leverage Redemption Log: The Turkish Prisoner Job

So that name feels like a reference to the "Spanish Prisoner" (the original form of what is now known as the "Nigerian Prince" con). --- 2 crooked cops sitting in a car, complaining that there isnt enough crime for them to hit a quota. One of them is playing hexagordle or whatever its called. Guy name Delgado is leaving the house (that was the cartel from the OG series wasnt it?) Rodrigo is walking to his car like he's got shit in his pants. Cops plant a gun. And Rodrigo is about to be sent to prison cause crooked cops. --- Harry is at a courthouse trying to talk to a runaway prosecutor. Harry is already working Rodrigo's case. Its Golf Job Girl! (i dont remember your name, thats not an insult im just shit with names)

Its Harry's turn to run a con. (he still doesnt know how to steal a catchphrase) --- Parker is clicking a pen in a car. Parker is right, surveilance is boring. Operation Bigger Fish is a go!

Parker has stolen the free smoothie (come on man, not cool. This guy is only trying to prevent himself from getting framed by the cops.) Cops have taken the bait, Sophie is playing the "criminal" to be targeted. Harry is playing himself. (Sophie has brought on 2 understudies as bodyguards), also Breanna, why are you putting so many cuts into your camerafootage. Jumping from cam 1 to cam 3 every other sentence. --- Ok so the plan is to leave the cops alone around a bunch of cash and cocaine and let them "help themselves" while hidden cameras roll. Simple plan.

Oh Romero's family problems just chased him down in prison. Time for an improvised jailbreak! --- Plan has changed, tell the two stooges that the drug deal has been postponed, then kidnap Rodrigo in court. We can get the stooges vengeance for their victims can wait until after we ensure their victims dont die in prison.

Breanna has set up a botnet to astroturf up an anti-hotsauce factory protest. (probably based on the Irwindale Sriracha lawsuit. Yes i had to google the city.)

Quick read of the signs, prop department should be proud of the simple Jalapeno sign. Good work!

GolfGirl catches onto it pretty quickly that Harry is about to do a thing. (DAQ protocol engaged) Elliot is in a shared holding with Rodrigo.

The coffee is smoking. Cops are walking down the staircase, Beardy boy has a concious. Or at least is worried this might bite them in the behind. Woman is clearly the mastermind. "i did it by the book for years, it got me nowhere". Ah, so thats how we're playing this episode. The instruments of state-sponsored violence cant be evil only misguided cause what if the government wont give our production company their subsidies no more. (even the "evil cops" episode is copaganda nowadays)

And we frame the protesters for a chemical attack. Because the solution to innocent people getting their lives ruined by cops framing them for crimes they didnt commit is to frame a bunch more innocents for crimes they didnt commit. --- And the team enters in hazmat suits. Romero is having a panic attack/asthma thing.

Turns out the cops, while evil, are actually good at their job and now we have our victim charged with attempted jailbreak.

Harry has to make a tough call, cant get into a high-speed chase with the foodtruck (not only does it compromise elliots entire food-based Lucille army, the Lucille Legion is also not meant for stealth not speed) --- Sophie shows Harry her Eiffel Tower Salesman Trunk, mentions her mentor. (we're seeding more Sophie Lore) Harry has homework.

Covers arent blown, they're recyclable. (Narco in town on mysterious business, Federal officer in jail.) --- Did these bodies get buried in a tic-tac-toe formation normally, or did Breanna make this entire setpiece from scratch in an actual graveyard?

Sophie arrives to let Breanna and Parker "die" in character now that our cops are hooked. Elliot warns us that another hit is coming in the morning. (we're gonna have to kill this guy and set him up with the Leverage Witness Protection Division) --- Elliot reminds Rodrigo that the real bad-guy here is still theoretically the as-of-yet unidentified housing corpo that is bribing a congressman into presuring the cops. (if these people dont get rounded up at the end of episode, it'll all feel sort of hollow)

Elliot pretends to be a fellow gang-member/hitman angry that Rodrigo isnt actually a delgado.

Huh, using a key as a hilt on a shiv. Creative.

Cops are here to break out Elliot and Rodrigo. --- Old gator-zoo abandoned after Katrina. (turns out you dont need ghosts when you have Gators)

"im not a moron i just have a lot of concussions", His constant references to sportsball. Are we really weaving in a CTE storyline in the middle of this Evil Cops story? If so, its a verry nuanced characterdetail to give our crook of the week.

Billy Brainbash is starting to recognise Elliot from somewhere. --- The un-tied boat (untied as in "was never tied" not as in "has had the tie-ing undone") buys us enough time to fake a gator attack without needing to blank their guns.

Ok even if the guns werent blanks we just unloaded them on the "gators" so Sophie is safe.

Flashback shows Breanna making Gatordroids (i mean didnt even need a flashback. The gators were pretty clearly props by the way Elliot dropped them. Or maybe im just getting too familiar with the show) --- Meanwhile our crooked cops are at (presumeably the prosecutor's) stashhouse. Yup its the Prosecutor (McShane really was the smart one.) --- Harry presures the judge to pressure the prosecutor to investigate the Quota's.

Breanna found the Bagmans house. (turns out, cash money takes up a lot of space and only some houses built in the story-apropriate era have enough space between their walls. Add in his area of operation and it narrows down to 1) --- Harry Wilson, Law Criminal. Has a ring to it. (also the "con artist" line gets a 10/10)

The IoT Explosion: A New Security Battlefield

The Internet of Things (IoT) has changed the way we live, work, and even think about technology. From connected cars to smart thermostats, IoT devices have becoming somewhat common. With this explosion, however, cybersecurity finds a new battlefield. IoT clearly has advantages, but its weaknesses are also becoming rather well-known. Drawing on the findings of The Internet of Things: New Threats Emerge by IEEE, Why IoT Security Is So Critical by McKinsey Digital, and Your Fridge Is a Hacker's Playground by Wired, I will argue that IoT presents both amazing opportunities and significant challenges for network security, thus cybersecurity professionals must keep ahead of the threats.

IoT has a major issue since many devices are designed with convenience in mind rather than security. The Internet of Things: New Threats Emerge claims that IoT devices often lack basic security features such strong passwords, encryption, and automated software upgrades (p. 3). We always stress in my networking classes that a network is only as powerful as its weakest point. From printers to coffee makers, each of your hundreds of linked gadgets becomes a possible point of attack. I once did a lab where we simulated an IoT attack by exploiting a vulnerable webcam, and it was shocking how quickly we could gain access to an entire network.

Strong security measures are difficult to add since IoT devices can have low computing capability. Many IoT devices are so tiny and cheap that manufacturers give speed to market top priority above security aspects, as Why IoT Security Is So Critical notes (p. 2). This results in what is known as "security debt," the theory that today's short cuts will lead to more major issues down road. Sometimes in the haste to introduce fresh devices, firms overlook important flaws. This reminds me of when I tried setting up a smart home hub for a project; it worked great but came with a default admin password of “1234” — a disaster waiting to happen if users don’t change it.

Because of their immense scope, IoT networks appeal also to hackers. Andy Greenberg's book Your Fridge Is a Hacker's Playground details how millions of IoT devices were stolen to create the infamous Mirai botnet, which brought forth significant internet disruptions in 2016 (p. 1). Using basic weaknesses like unchangeable default passwords, the hackers took over devices and started a large distributed denial-of- service (DDoS) attack. This example shows how small, overlooked devices can have huge consequences. It's not just about someone hacking your smart lightbulb — it’s about that lightbulb being used as a weapon in a much larger cyberattack.

Still, there are solutions being developed despite the difficulties. The Internet of Things: New Threats Emerge claims that methods include network segmentation, automatic patching, IoT-specific firewalls can greatly lower risks (p. 5). In my security management classes, we learned that isolating IoT devices from sensitive parts of a network is one of the best practices. This way, even if a smart device is compromised, it can’t easily be used to access more critical systems.

In my opinion, the future of IoT security will depend on both technology and awareness. Manufacturers have to be under pressure to create safer products from the beginning; users have to be educated to change passwords, apply updates, and treat every device as a possible weakness. From healthcare to transportation, as someone studying Network and Security Management, I think it's imperative to support security standards across all businesses utilizing IoT.

In essence, the Internet of Things has created a new and exciting digital landscape, but it has also opened the door to serious security risks. As described in The Internet of Things: New Threats Emerge, Why IoT Security Is So Critical, and Your Fridge Is a Hacker's Playground, the convenience of smart devices must be balanced with smart security practices. Protecting our constantly linked world calls for awareness, creativity, and a will to close the gaps that IoT has brought about. After all, in cybersecurity, ignoring the “small stuff” can sometimes cause the biggest problems.

Works Cited

Greenberg, Andy. "Your Fridge Is a Hacker’s Playground." Wired, 2017.

"The Internet of Things: New Threats Emerge." IEEE Innovation at Work, 2020.

"Why IoT Security Is So Critical." McKinsey Digital, 2021.

An indictment from the US Department of Justice may have solved the mystery of how disgraced cryptocurrency exchange FTX lost over $400 million in crypto. The indictment, filed last week, alleges that three individuals used a SIM-swapping attack to steal hundreds of millions in virtual currency from an unnamed company. The timing and the amount stolen coincides with FTX's theft. Meanwhile, in a letter obtained by WIRED this week, seven lawmakers have demanded the DOJ stop funding biased and inaccurate predictive policing tools until the agency has a way to ensure law enforcement won’t use them in a way that has a “discriminatory impact.”

In Florida, prosecutors say a 17-year-old named Alan Winston Filion is responsible for hundreds of swatting attacks around the United States. The news of his arrest was first reported by WIRED days before law enforcement made it public. It was the culmination of a multi-agency manhunt to piece together a trail of digital breadcrumbs left by the teenager. In Ukraine, unmanned aerial vehicles have been powerful tools since the Russian invasion began in February 2022. But as the war rages on, another kind of unmanned robot has increasingly appeared on the front-lines: the unmanned ground vehicle, or UGV.

For months lawyers affiliated with an India based hacker-for-hire firm called Appin Technology have used legal threats to censor reporting about the company’s alleged cyber mercenary past. The EFF, Techdirt, MuckRock, and DDoSecrets are now pushing back, publicly sharing details for the first time about the firm's efforts to remove content from the web. It’s a dangerous world out there, so we’ve also got a list of some major patches issued in January that you can use to update your devices to keep them secure.

And there’s more. Each week, we highlight the news we didn’t cover in-depth ourselves. Click on the headlines below to read the full stories. And stay safe out there.

China’s Hackers Keep Targeting US Water and Electricity Supplies

For years Western security officials have warned about the threat of China collecting data about millions of people and the country’s hackers infiltrating sensitive systems. This week, Federal Bureau of Investigation director Christopher Wray said hackers affiliated with the Chinese Communist Party are constantly targeting US critical infrastructure, such as water treatment plants, the electrical grid, and oil and gas pipelines. Wray’s testimony, at a House subcommittee on China, came as the FBI also revealed it removed malware from hundreds of routers in people’s homes and offices that had been planted by the Chinese hacking group Volt Typhoon.

“China’s hackers are positioning on American infrastructure in preparation to wreak havoc and cause real-world harm to American citizens and communities,” Wray said in the public appearance. “Low blows against civilians are part of China’s plan.” The FBI director added that China has a bigger hacking operation than “every other major nation combined,” and claimed that if all of the FBI’s cyber-focused agents were assigned to work on issues related to China, they would still be outnumbered “by at least 50 to 1.”

While concerns about the scale of China’s espionage and cyber operations aren’t new, the US intelligence community has been increasingly vocal and worried about critical infrastructure being targeted by Volt Typhoon and other groups. “The threat is extremely sophisticated and pervasive,” NSA officials warned in November. In May 2023, Microsoft revealed it had been tracking Volt Typhoon intrusions at communications and transportation infrastructure, among other critical infrastructure, in US states and Guam.

The FBI and DOJ, also revealed this week that they remotely removed the KV Botnet malware from hundreds of routers infected by Volt Typhoon. The impacted routers, from Cisco and Netgear, were mostly at the end of their life, but were being used as part of wider operations. “​​The Volt Typhoon malware enabled China to hide, among other things, pre-operational reconnaissance and network exploitation against critical infrastructure like our communications, energy, transportation, and water sectors,” Wray said. It isn’t the first time US officials have obtained a court order to remotely wipe devices infected by hackers, but the move is still rare.

‘Untraceable’ Monero Transactions Have Been Traced, Police Claim

Since the first cryptocurrencies emerged more than a decade ago, there has been the assumption that the blockchain-based digital currencies are anonymous and untraceable. They are, in fact, very traceable. Researchers have shown how people can be linked to the transactions they make and law enforcement have used the techniques to help bust illicit dark web markets and catch pedophiles. There are, however, still some privacy-focused cryptocurrencies that appear to be less traceable than Bitcoin. This includes Monero, which is increasingly being adopted by sellers of child sexual abuse materials.

This week investigators in Finland said Moreno-tracing helped reveal the identity of a hacker who allegedly attacked psychotherapy company Vastaamo in 2020, stealing thousands of patient records and threatening to leak them unless people paid a ransom. Investigators from the Finnish National Bureau of Investigation claim they used heuristic analysis to infer where funds were moved to. The investigators did not reveal the full methods of how they allegedly traced the Monero payments, however, they add to the growing body of evidence that cryptocurrency tracing firms and investigators may be able to track the currency.

Russia Likely Behind a Spike in GPS Interference, Officials Say

Planes flying over Europe have faced a spike in accuracy issues with GPS systems used for navigation in recent months. The head of Estonia’s Defense Forces has claimed that Russia is likely the source of this interference, according to an interview with Bloomberg. “Someone is causing it, and we think it’s Russia,” Martin Herem told the publication, adding that Russia may be testing its electronic warfare capabilities and “learning” the most effective tactics. Across Europe, and particularly the Baltics region, there has been a reported increase in GPS jamming, with Finland reporting large interferences in December and pilots repeatedly reporting issues with their navigation systems.

Vault 7 Hacking Tools Leaker Joshua Schulte Sentenced to 40 Years

In 2017, the Vault 7 leaks exposed some of the CIA’s most sophisticated hacking tools, including how the agency could compromise routers, phones, PC, and TVs. Joshua Schulte, a former CIA engineer in the agency’s Operations Support Branch who prosecutors identified as being behind the data breach and responsible for leaking the materials to Wikileaks, was convicted in numerous trials in recent years. Schulte, who denied the allegations, has been sentenced to 40 years in prison for the espionage and also for possessing thousands of child abuse images. Judge Jesse Furman, sentencing Schulte, said he had caused “untold damage to national security.” In June 2022, The New Yorker published this comprehensive investigation into the data breach and Schulte’s troubled history working at the agency.

Mandiant M Trends Over 450,000 Hours of Cyber Threat Report

Mandiant M Trends 2025: Frontline Insights and Advice. Increased attack sophistication helps threat actors keep ahead of developing cyber defences. This trend is seen in many encounters, especially with Chinese-related organisations.

These actors have demonstrated their ability to use proxy networks like botnets, target edge devices and platforms without endpoint detection and response, develop custom malware ecosystems, exploit zero-day vulnerabilities in security and other appliances, and use custom obfuscators. These extra steps are taken to evade detection, slow analysis, and stay on systems longer.

Not all effective attacks are complex. Attackers often exploit opportunities. This includes using infostealer credentials to obtain first access. Infostealer use has risen so significantly in Mandiant that stolen credentials are now the second most prevalent initial infection vector in 16% of investigations. Attackers are also exploiting cloud migration weaknesses and insecure data repositories to steal credentials and other sensitive data.

Today, Mandiant M Trends 2025, the 16th annual study, helps organisations remain ahead of all threats. Developers examine several trends and give incident response data and analysis to advise defenders about the latest cyberthreats.

Data and Trends

Over 450,000 hours of Mandiant Consulting investigations underpinned M-Trends 2025. The data comes from targeted attack activity investigations between January 1 and December 31, 2024. The primary M-Trends 2025 findings are:

In 2024, 8% of threat groups were fuelled by espionage and 55% by money, a continuous trend.

Exploits remain the most common initial infection vector (33%), although stolen credentials become the second most common (16%) in 2024.

The primary industries targeted are financial (17.4%), business and professional services (11.1%), high tech (10.6%), government (9.5%), and healthcare (9.3%).

The median stay duration globally rose from 10 to 11 days in 2023. Median dwell time was 10 days when organisations identified harmful activity internally, 5 days when adversaries notified (particularly ransomware), and 26 days when external entities notified.

M-developments 2025 covers more topics than only infostealer, cloud, and unsecured data repository:

The Democratic People's Republic of Korea exploits residents as remote IT contractors and fake identities to generate money and achieve government aims.

Iranian threat actors will target Israeli firms in 2024 and use a variety of methods to enhance incursions.

Attackers target cloud-based centralised authority repositories, including single sign-on portals, for widespread access.

Blockchains and cryptocurrencies used for money laundering, theft, and illicit activity financing.

Organisational Advice

Every item in M-Trends 2025 offers valuable cybersecurity advice for organisations, many of which are relevant to several trends. Additionally, firms should:

Implement a tiered security plan that emphasises hardening, least privilege, and vulnerability management.

Use FIDO2 multi-factor authentication for all user accounts, especially privileged ones.

Buy cutting-edge detection equipment and develop incident reaction plans.

Improve monitoring and recording to identify suspicious activity and reduce dwell time.

Consider danger hunting to detect compromise.

Implement strong cloud deployment and migration security.

Check cloud environments for problems and vulnerabilities regularly.

Reduce insider risk by restricting access, detecting suspicious activity, and carefully screening staff, especially remote workers.

Keep up with threat intelligence, alter security plans, and regularly assess and adapt security policies and processes to address new risks.

Prepare to Respond

Mandiant M Trends has always provided security specialists with firsthand knowledge of the latest, emerging attacks and relevant lessons for organisational security.

Mandiant M Trends 2025 exists!

Cyber crises often include Mandiant professionals assessing and investigating the newest assaults. Our annual M-Trends report shares our results with the security community to continue providing essential information to those charged with securing organisations.

For more details visit Govindhtech.com

FBI joint operation takes down massive Chinese botnet

Source: https://cyberscoop.com/fbi-operation-china-botnet-flax-typhoon/

More info:

https://media.defense.gov/2024/Sep/18/2003547016/-1/-1/0/CSA-PRC-LINKED-ACTORS-BOTNET.PDF

https://blog.lumen.com/derailing-the-raptor-train/