This week saw a flurry of activity related to hackers in Iran. On Wednesday, a joint advisory from the US, UK, and Australia said that Iranian nation state hackers were targeting critical infrastructure targets. The following day, the US Justice Department indicted two Iranian men in connection with 2020 election interference. Russia and China may typically headline the conversation around foreign hacking threats, but Iran has been increasingly asserting itself over the last several years.
Another country that’s been surprisingly active lately with its cyberattacks lately? Belarus! Since 2019, it’s been broadly assumed that the so-called Ghostwriter hacking and misinformation group was Russia, given both its tactics and targets. But security firm Mandiant this week revealed that Ghostwriter is in fact an operation with ties to the Belarus military, focused on meddling with NATO interests as well as those of the country’s neighbors.
We also took a look at the best password managers around—and yes, you do need one. Android users may also want to check out a new feature from DuckDuckGo that blocks trackers in apps across your phone. And speaking of blocking things, NordicTrack has made it harder for its customers to access a “God mode” that let them watch whatever they wanted on their treadmill’s giant display—so they’re fighting back by sharing workarounds online.
Lastly, take a few minutes out of your day to read this in-depth investigation into how Amazon’s lax data security let down its customers. It’s full of details that you won’t soon forget.
And there’s more! Each week we round up all the security news WIRED didn’t cover in depth. Click on the headlines to read the full stories, and stay safe out there.
In a “kids these days” for the record books, a Canadian teen was arrested this week for allegedly stealing $36.5 million worth of cryptocurrency from a single US victim. That’s the largest theft of its kind. As with so many youth-related cryptocurrency thefts lately, the apparent method was a so-called SIM-swap attack, in which the culprit transfers a target’s phone number to their own device, enabling them to intercept SMS-based two-factor authentication codes. There are ways to protect yourself against a SIM-swap, but no guaranteed way to stop them; even Jack Dorsey’s own Twitter account fell to the method. In this case, investigators allege that the teen used their their haul in part to purchase a high-value gamer tag, which are popular items in the SIM-swap community.
Of the many criminal hacking gangs operating in Russia, few have caused as much damage over the years as Evil Corp. According to the FBI, the group had wracked up at least $100 million by 2019 by stealing from hundreds of banks around the world. Like so many online gangs, they’ve recently embraced malware as well, apparently targeting the National Rifle Association in a recent attack. This week, a reporter from the BBC traveled to Moscow and a nearby town in search of Evil Corp members Igor Turashev and Maksim Yakubets.
Last weekend, thousands of emails went out from the FBI warning that the recipients had been the victims of a cyberattack. In fact, it was the FBI itself that had been compromised. A hacker compromised the agency’s email system, meaning they were able to send fake messages with legitimate FBI headers. Fortunately their interest, as told to cybersecurity reporter Brian Krebs, was prankery rather than outright chaos.
In an incident reminiscent of last year’s Cam4 leak, the adult streaming site Stripchat exposed the data of 65 million users, 421,000 models, and 719,000 chat messages over a period of three days earlier this month. The lapse was discovered by a security researcher and appears to have been addressed fairly quickly; it’s unclear if any bad actors accessed the data before Stripchat secured it. The stakes for these types of sites are especially high, though, for performer and customer alike, making any exposure of private information a cause for particular concern.
More Great WIRED Stories