• chevron_right

      Deepfake scammer walks off with $25 million in first-of-its-kind AI heist

      news.movim.eu / ArsTechnica · Monday, 5 February - 15:54

    An illustration of six people doing a video teleconference on a laptop computer.

    Enlarge (credit: Getty Images / Benj Edwards )

    On Sunday, a report from the South China Morning Post revealed a significant financial loss suffered by a multinational company's Hong Kong office, amounting to HK$200 million (US$25.6 million), due to a sophisticated scam involving deepfake technology. The scam featured a digitally recreated version of the company's chief financial officer, along with other employees, who appeared in a video conference call instructing an employee to transfer funds.

    Due to an ongoing investigation, Hong Kong police did not release details of which company was scammed.

    Deepfakes utilize AI tools to create highly convincing fake videos or audio recordings , posing significant challenges for individuals and organizations to discern real from fabricated content.

    Read 6 remaining paragraphs | Comments

    • chevron_right

      A startup allegedly “hacked the world.” Then came the censorship—and now the backlash.

      news.movim.eu / ArsTechnica · Friday, 2 February - 19:26 · 1 minute

    A startup allegedly “hacked the world.” Then came the censorship—and now the backlash.

    Enlarge (credit: WIRED staff/Getty Images )

    Hacker-for-hire firms like NSO Group and Hacking Team have become notorious for enabling their customers to spy on vulnerable members of civil society. But as far back as a decade ago in India, a startup called Appin Technology and its subsidiaries allegedly played a similar cyber-mercenary role while attracting far less attention. Over the past two years, a collection of people with direct and indirect links to that company have been working to keep it that way, using a campaign of legal threats to silence publishers and anyone else reporting on Appin Technology’s alleged hacking past. Now, a loose coalition of anti-censorship voices is working to make that strategy backfire.

    wired-logo.png
    For months, lawyers and executives with ties to Appin Technology and to a newer organization that shares part of its name, called the Association of Appin Training Centers, have used lawsuits and legal threats to carry out an aggressive censorship campaign across the globe. These efforts have demanded that more than a dozen publications amend or fully remove references to the original Appin Technology’s alleged illegal hacking or, in some cases, mentions of that company’s co-founder, Rajat Khare. Most prominently, a lawsuit against Reuters brought by the Association of Appin Training Centers resulted in a stunning order from a Delhi court: It demanded that Reuters take down its article based on a blockbuster investigation into Appin Technology that had detailed its alleged targeting and spying on opposition leaders, corporate competitors, lawyers, and wealthy individuals on behalf of customers worldwide. Reuters “temporarily” removed its article in compliance with that injunction and is fighting the order in Indian court.

    As Appin Training Centers has sought to enforce that same order against a slew of other news outlets, however, resistance is building. Earlier this week, the digital rights group the Electronic Frontier Foundation (EFF) sent a response—published here —pushing back against Appin Training Centers’ legal threats on behalf of media organizations caught in this crossfire, including the tech blog Techdirt and the investigative news nonprofit MuckRock.

    Read 17 remaining paragraphs | Comments

    • chevron_right

      23andMe changes arbitration terms after hack impacting millions

      news.movim.eu / ArsTechnica · Wednesday, 6 December - 21:20

    23andMe changes arbitration terms after hack impacting millions

    Enlarge (credit: Bloomberg / Contributor | Bloomberg )

    Shortly after 23andMe confirmed that hackers stole ancestry data of 6.9 million users , 23andMe has updated its terms of service, seemingly cutting off a path previously granted to users seeking public accountability when resolving disputes.

    According to a post on Hacker News , the "23andMe Team" notified users in an email that "important updates were made to the Dispute Resolution and Arbitration section" of 23andMe's terms of service on November 30. This was done, 23andMe told users, "to include procedures that will encourage a prompt resolution of any disputes and to streamline arbitration proceedings where multiple similar claims are filed."

    In the email, 23andMe told users that they had 30 days to notify the ancestry site that they disagree with the new terms. Otherwise, 23andMe users "will be deemed to have agreed to the new terms." The process for opting out is detailed in the site's ToS, instructing users to send written notice of their decision to opt out in an email to arbitrationoptout@23andme.com.

    Read 10 remaining paragraphs | Comments

    • chevron_right

      Hackers stole ancestry data of 6.9 million users, 23andMe finally confirmed

      news.movim.eu / ArsTechnica · Monday, 4 December - 22:48

    Hackers stole ancestry data of 6.9 million users, 23andMe finally confirmed

    Enlarge (credit: Bloomberg / Contributor | Bloomberg )

    It's now been confirmed that an additional 6.9 million 23andMe users had ancestry data stolen after hackers accessed thousands of accounts by likely reusing previously leaked passwords.

    This is a much larger number of accounts than 23andMe previously disclosed in a Securities and Exchange Commission filing , which estimated that 0.1 percent of users—approximately 14,000, TechCrunch estimated —had accounts accessed by hackers using compromised passwords.

    After the cyberattack was reported, Wired estimated that "at least a million data points from 23andMe accounts" that were "exclusively about Ashkenazi Jews" and data points from "hundreds of thousands of users of Chinese descent" seemed to be exposed. But beyond those estimates, for two months, all the public knew was that 23andMe's filing noted that “a significant number of files containing profile information about other users’ ancestry" were also accessed.

    Read 9 remaining paragraphs | Comments

    • chevron_right

      What are “drainer smart contracts” and why is the FBI warning of them?

      news.movim.eu / ArsTechnica · Saturday, 5 August, 2023 - 15:01

    What are “drainer smart contracts” and why is the FBI warning of them?

    Enlarge (credit: Getty Images)

    The FBI is advising potential NFT buyers to be on the lookout for malicious websites that use “drainer smart contracts” to surreptitiously loot cryptocurrency wallets.

    The websites present themselves as outlets for legitimate NFT projects that provide new offerings. They’re promoted by compromised social media accounts belonging to known NFT developers or accounts made to look like such accounts. Posts frequently try to create a sense of urgency by using phrases such as “limited supply” or by referring to the promotion as a “surprise” or the result of a previously unannounced token minting.

    “The spoofed websites invite victims to connect their cryptocurrency wallets and purchase the NFT,” FBI officials wrote in a Friday advisory . “The victims unknowingly connect their cryptocurrency wallets to a drainer smart contract, resulting in the transfer of cryptocurrency and NFTs to wallets operated by criminals.”

    Read 5 remaining paragraphs | Comments

    • chevron_right

      Is cybersecurity an unsolvable problem?

      news.movim.eu / ArsTechnica · Saturday, 27 May, 2023 - 13:12 · 1 minute

    cover art

    Enlarge (credit: Farrar, Straus and Giroux)

    In November 1988, a graduate student at Cornell University named Robert Morris, Jr. inadvertently sparked a national crisis by unleashing a self-replicating computer worm on a VAX 11/750 computer in the Massachusetts Institute of Technology's Artificial Intelligence Lab. Morris had no malicious intent; it was merely a scientific experiment to see how many computers he could infect. But he made a grievous error, setting his reinfection rate much too high. The worm spread so rapidly that it brought down the entire computer network at Cornell University, crippled those at several other universities, and even infiltrated the computers at Los Alamos and Livermore National Laboratories.

    Making matters worse, his father was a computer scientist and cryptographer who was the chief scientist at the National Security Agency's National Computer Security Center . Even though it was unintentional and witnesses testified that Morris didn't have "a fraudulent or dishonest bone in his body," he was convicted of felonious computer fraud. The judge was merciful during sentencing. Rather than 15–20 years in prison, Morris got three years of probation with community service and had to pay a $10,000 fine. He went on to found Y Combinator with his longtime friend Paul Graham , among other accomplishments.

    The " Morris Worm " is just one of five hacking cases that Scott Shapiro highlights in his new book, Fancy Bear Goes Phishing: The Dark History of the Information Age in Five Extraordinary Hacks . Shapiro is a legal philosopher at Yale University, but as a child, his mathematician father—who worked at Bell Labs—sparked an interest in computing by bringing home various components, like microchips, resistors, diodes, LEDs, and breadboards. Their father/son outings included annual attendance at the Institute of Electrical and Electronics Engineers convention in New York City. Then, a classmate in Shapiro's high school biology class introduced him to programming on the school's TRS-80, and Shapiro was hooked. He moved on to working on an Apple II and majored in computer science in college but lost interest afterward and went to law school instead.

    Read 29 remaining paragraphs | Comments

    • chevron_right

      White House challenges hackers to break top AI models at DEF CON 31

      news.movim.eu / ArsTechnica · Monday, 8 May, 2023 - 16:42 · 1 minute

    An AI-generated image of the White House in front of a cybernetic background.

    Enlarge / An AI-generated image of the White House in front of a cybernetic background. (credit: Midjourney)

    On Thursday, the White House announced a surprising collaboration between top AI developers, including OpenAI, Google, Antrhopic, Hugging Face, Microsoft, Nvidia, and Stability AI, to participate in a public evaluation of their generative AI systems at DEF CON 31 , a hacker convention taking place in Las Vegas in August. The event will be hosted by AI Village , a community of AI hackers.

    Since last year, large language models (LLMs) such as ChatGPT have become a popular way to accelerate writing and communications tasks, but officials recognize that they also come with inherent risks. Issues such as confabulations , jailbreaks, and biases pose challenges for security professionals and the public. That's why the White House Office of Science, Technology, and Policy endorses pushing these new generative AI models to their limits.

    "This independent exercise will provide critical information to researchers and the public about the impacts of these models and will enable AI companies and developers to take steps to fix issues found in those models," says a statement from the White House, which says the event aligns with the Biden administration's AI Bill of Rights and the National Institute of Standards and Technology's AI Risk Management Framework .

    Read 7 remaining paragraphs | Comments

    • chevron_right

      North Korean hackers target security researchers with a new backdoor

      news.movim.eu / ArsTechnica · Friday, 10 March, 2023 - 22:13

    Stock image of a young woman, wearing glasses, surrounded by computer monitors in a dark office. In front of her there is a see-through displaying showing a map of the world with some data.

    Enlarge (credit: Getty Images)

    Threat actors connected to the North Korean government have been targeting security researchers in a hacking campaign that uses new techniques and malware in hopes of gaining a foothold inside the companies the targets work for, researchers said.

    Researchers from security firm Mandiant said on Thursday that they first spotted the campaign last June while tracking a phishing campaign targeting a US-based customer in the technology industry. The hackers in this campaign attempted to infect targets with three new malware families, dubbed by Mandiant as Touchmove, Sideshow, and Touchshift. The hackers in these attacks also demonstrated new capabilities to counter endpoint detection tools while operating inside targets’ cloud environments.

    “Mandiant suspects UNC2970 specifically targeted security researchers in this operation,” Mandiant researchers wrote.

    Read 9 remaining paragraphs | Comments

    • chevron_right

      What Twitter’s 200 million email leak really means

      news.movim.eu / ArsTechnica · Saturday, 7 January, 2023 - 12:40

    Twitter logo

    Enlarge (credit: Rosie Struve; Getty Images)

    After reports at the end of 2022 that hackers were selling data stolen from 400 million Twitter users, researchers now say that a widely circulated trove of email addresses linked to about 200 million users is likely a refined version of the larger trove with duplicate entries removed. The social network has not yet commented on the massive exposure, but the cache of data clarifies the severity of the leak and who may be most at risk as a result of it.

    From June 2021 until January 2022, there was a bug in a Twitter application programming interface, or API, that allowed attackers to submit contact information like email addresses and receive the associated Twitter account, if any, in return. Before it was patched, attackers exploited the flaw to “scrape” data from the social network. And while the bug didn't allow hackers to access passwords or other sensitive information like DMs, it did expose the connection between Twitter accounts, which are often pseudonymous, and the email addresses and phone numbers linked to them, potentially identifying users.

    Read 9 remaining paragraphs | Comments