FBI
Latest
Mirai botnet hackers will serve their time working for the FBI
In December, three individuals behind the Mirai botnet pleaded guilty to federal charges that carried sentences of up to five years in prison and $250,000 in fines. But at a hearing held Tuesday, the three men -- Paras Jha, Josiah White and Dalton Norman -- were sentenced instead to five years of probation and 2,500 hours of community service. The catch though is that the community service has to include work with FBI.
How Google’s location-tracking issue affects you
Watching Twitter and Facebook commit reputational suicide over the past 20 months has been as painful as it has been entertaining -- entertaining in the sense that all anyone had to do was let the companies be themselves. The cost has been terrible, on democracy, the free press, at-risk populations and soon, I'll wager, on the economy. Still, it's hard not stay glued to our screens, waiting to see what awful things Facebook and Twitter do to us next. While we've been perversely absorbed by the epic-scale human rights incompetencies of Facebook and Twitter (and trying not to get, you know, murdered, jailed or exiled as a byproduct of the platforms), we kind of forgot about some of the other born-yesterday stewards of humanity. Like Google. Which has apparently been playing fast and loose with the whole "we don't track your location" thing.
Trump reportedly reverses Obama-era rules for US cyber operations
The Trump administration has reportedly reversed an Obama-era framework for how and when the US can use cyber attacks against foes. President Trump undid Presidential Policy Directive 20 yesterday according to the Wall Street Journal's sources, and with it reversed a classified framework detailing a multi-agency process that must be followed before carrying out an attack.
FBI warns banks about ATM cash-out scheme
The FBI is warning banks about a fraud scheme called an ATM cash-out, Krebs on Security reports. With this type of heist, attackers typically compromise a bank or payment card processor with malware, disable fraud controls and withdraw large sums of money -- sometimes millions of dollars -- with cloned bank cards. The FBI reportedly sent an alert to banks last week. "The FBI has obtained unspecified reporting indicating cyber criminals are planning to conduct a global Automated Teller Machine (ATM) cash-out scheme in the coming days, likely associated with an unknown card issuer breach and commonly referred to as an 'unlimited operation'," said the notice.
Anonymous deals with its QAnon branding problem
When you're a notorious hacking entity like Anonymous, and a pro-Trump conspiracy cult (QAnon) steals your branding (while claiming you're the impostor), the obvious thing to do is declare cyberwar. That's exactly what Anonymous did this past week in a press announcement, followed by a social media and press offensive. So far Anonymous has managed to take over QAnon's hashtags (while adding #OpQAnon and others) and dox a couple hundred members of Trump's pedophilia-obsessed, "deep state" doomsday cult. QAnon's mouthpieces responded exactly as we'd expect, with taunts and tweets saying: "These people are STUPID!! They have no brains and no skills. Typical 'empty threat' terrorists! But DO NOT click their links!! Virus city baby!!"
Three top FBI officials quit as US cybersecurity threats mount
Looming cybersecurity threats are reportedly behind the departure of several cybersecurity officials at the Federal Bureau of Investigation. According to The Wall Street Journal, three of the top FBI officials -- Scott Smith, David Resch, and Carl Ghattas -- are exiting the bureau.
'WannaCry hero' faces more federal malware charges
Marcus Hutchins, the cybersecurity researcher credited with helping stop last year's WannaCry virus, is facing four new charges related to malware he allegedly created to steal financial information. Now, the FBI says Hutchins lied about creating the malware called Kronos, and that he conspired with others to promote it online, including via YouTube.
FBI links North Korea hackers to two more malware attacks
The FBI and the Department of Homeland Security have linked more malware with North Korean hackers. The agencies say state-backed hackers called Hidden Cobra have likely used remote access tool Joanap and server message block worm Brambul to infiltrate the global media, aerospace, financial and critical infrastructure sectors. The attacks are part of a North Korea cyberattack campaign that has persisted since at least 2009, the agencies wrote in a Technical Alert.
Russia denies planning botnet cyberattack on Ukraine
Russia has denied planning a major cyberattack that would disrupt soccer's Champions League final this weekend. Ukraine's SBU security service said on Wednesday that malware infecting hundreds of thousands of routers was the work of Russian hackers preparing for an assault on the country. The attackers were accused of targeting Saturday's match in Kiev. According to Reuters, the Kremlin has strongly denied these accusations.
FBI seizes domain behind major Russian botnet
The FBI has seized a domain linked to what's believed to be a Russian botnet composed of 500,000 infected routers around the world. According to the Department of Justice, the botnet -- that is, a network of computers infected with malware -- is under the control of Russian hacking group "fancy bear" or "Sofacy." Authorities believe the group was also behind the Democratic National Committee breach during the Presidential Elections in 2016. Sofacy reportedly use a malware called "VPN Filter" to exploit the vulnerabilities in home office routers manufactured by by Linksys, MikroTik, NETGEAR, and TP-Link and QNAP.
FBI admits to 'over-counting' inaccessible mobile devices
For the last two years, the FBI has repeatedly claimed that thousands of phones linked to criminal investigations were inaccessible due to locks and encryption. Last year FBI Director Christopher Wray said it had failed to access 7,800 mobile devices, but tonight a Washington Post report reveals that number is incorrect. According to the Post, the accurate number is between 1,000 and 2,000, with a recent internal estimate putting at about 1,200 devices, and in a statement, the FBI responded: "The FBI's initial assessment is that programming errors resulted in significant over-counting of mobile devices reported." The official excuse is that errors caused by multiple databases resulted in devices being counted more than once, but the issue has been an FBI and DOJ pursuit of backdoor access to locked phones. Then-director James Comey cited the inflated figure during a debate over the San Bernardino shooters' locked iPhone, and it has come up again in relation to similar incidents. Without being provided any backdoor by Apple, law enforcement gained access to that device anyway, and as we've recently learned, there are tools it can use for newer phones. The government has repeatedly referred to "Going Dark" as a major problem it faces in investigations, suggesting tech companies are enabling criminals by strengthening privacy protections that they can't get around. But privacy advocates have long thought the agency was pumping up its numbers, and now it's case has taken a significant hit.
Prime suspect in CIA ‘Vault 7’ hack still hasn’t been charged
Last year WikiLeaks published a ton of secret documents about the Central Intelligence Agency's (CIA) hacking capabilities. The breach -- the largest loss of classified documents in the agency's history -- revealed its far-reaching abilities to snoop on modern technology, including software designed to takeover smartphones and turn smart TVs into surveillance kit. Now, the prime suspect has been identified, but despite being in prison since August, has not been charged for his role in the breach, since referred to as Vault 7.
NYT: FBI and DOJ are looking into Cambridge Analytica
Cambridge Analytica already shut down, because it couldn't cope with ongoing probes and scandals. But that doesn't mean the DOJ is going to let things go -- according to The New York Times, the Justice Department and the FBI have started investigating the political data firm, questioning former employees and banks that handled its businesses in recent weeks. Authorities' questions apparently focused on the firm's financial dealings, though they also sought to better understand how it acquired and used personal data pulled from Facebook and other sources. They also got in contact with Facebook itself, though the social network refused to tell NYT what they talked about.
Bipartisan bill aims to prevent the government from forcing backdoors
A number of US Representatives introduced the Secure Data Act today, bipartisan legislation aimed at preventing the government from forcing backdoors into encrypted products and services. The act was introduced by Representatives Zoe Lofgren (D-CA) and Thomas Massie (R-KY) and was cosponsored by Jerrold Nadler (D-NY), Ted Poe (R-TX) and Matt Gaetz (R-FL). "Encryption backdoors put the privacy and security of everyone using these compromised products at risk," Lofgren said in a statement. "It is troubling that law enforcement agencies appear to be more interested in compelling US companies to weaken their product security than using already available technological solutions to gain access to encrypted devices and services."
After Math: Robot revolutionaries
The whole "fear of SkyNet" trope is a bit moot at this point, seeing as how robots have already infiltrated our roads, skies and cafeteria-style eateries. You can already see it happening with Lyft adding 30 self-driving vehicles to its Las Vegas fleet, Sphero debuting yet another domestic robopanion, and gangs leveraging drone swarms to blindside the FBI. Numbers, because how else are we going to learn to speak the binary language of our future overlords?
Criminals used a drone swarm to disrupt an FBI hostage rescue
Drones are what you make of them. One person's wedding videographer is another person's drug mule. And while hobbyist drones were first used for simple jobs like sneaking contraband into prisons, over the years they've become the criminal's Swiss Army knife of gizmos. The FBI's Joe Mazel told a crowd at the AUVSI Xponential conference this week about a particularly organized gang that used drones to interfere with a hostage situation last winter. As Defense One reports, a swarm of small drones descended on an FBI hostage team, performing "high-speed low passes" in an effort "to flush them" from their position. "We were then blind," Mazel added.
US and UK warn that Russia has been hacking routers worldwide
This morning, reports surfaced that UK Prime Minister Theresa May has been briefed on possible incoming Russian-based cyberattack that could lead to the release of compromising information about the country's lawmakers. But the threat has been expanded beyond gaining leverage on politicians. UK cyber intelligence agency NCSC, the FBI and the DHS have jointly accused Russian-based attackers of engaging a campaign for months trying to compromise routers, switches and firewalls around the world to hijack the Internet's infrastructure.
US lawmakers question FBI's decision to sue Apple in 2016
After the 2015 San Bernardino shooting, the FBI sued Apple to forcibly unlock the suspect's iPhone, asserting that the agency had exhausted all options before taking legal action. In the event, the bureau ended up reportedly paying an external vendor to break into the device. But last month, the Department of Justice poked holes in that justification with a report stating the FBI didn't do everything it could before bringing Apple to court. Today a bipartisan group of lawmakers sent a fact-finding letter to the agency's director Christopher Wray questioning whether the FBI could indeed have taken other action before the lawsuit.
Backpage.com was seized by the federal government
Classifieds website Backpage.com has been seized and disabled by the federal government. When you visit the website now, you'll see a message saying it and all affiliated websites have been taken over "as part of an enforcement action by the Federal Bureau of Investigation, the US Postal Inspection Service and the Internal Revenue Service Criminal Investigation Division, with analytical assistance from the Joint Regional Intelligence Center." The message goes on to name a handful of other enforcement groups involved in the action and states that more information will be provided by the US Department of Justice later this evening. Backpage is the second largest classifieds website.
DOJ: FBI prematurely took Apple to court over San Bernardino iPhone
In 2016, the debate over whether manufacturers should aid law enforcement officials in unlocking criminals' phones became very heated as the FBI took Apple to court over its refusal to unlock the San Bernardino shooter's iPhone. At the time, the agency said Apple was its only shot at getting access to whatever was stored on Syed Farook's iPhone 5c but it later used an outside vendor to crack the phone and get to its data. Now, the Justice Department's Office of the Inspector General has released a report that says the FBI didn't do everything it could to find a solution before seeking a court order against Apple.
