close
close

Mondor Festival

News with a Local Lens

Bitfinex Hacker Gets 5 Years for  Billion Bitcoin Heist
minsta

Bitfinex Hacker Gets 5 Years for $10 Billion Bitcoin Heist

In the cutest hacker story of the year, a trio of technologists in India found an innovative way to bypass Apple location restrictions on AirPod Pro 2 so they can activate the hearing aid function of the headphones for their grandmothers. The hack involved a homemade Faraday cage, a microwave, and lots of trial and error.

At the other end of the technological advancement spectrum, the U.S. military is currently testing an AI-enabled machine gun capable of automatically targeting swarms of drones. The Bullfrog, built by Allen Control Systems, is one of several advanced weapons technologies being developed to combat the growing threat of small, inexpensive drones on the battlefield.

The US Department of Justice announced this week that an 18-year-old California boy had admitted to committing or orchestrating more than 375 swatting attacks across the United States.

And then, of course, there is the Donald Trump in all of this. This week we published a practical guide to protecting yourself from government surveillance. WIRED has, of course, covered the dangers of government surveillance for decades. But when the president-elect explicitly threatens to jail his political enemies, whoever they may be, it’s probably a good time to review your digital best practices.

In addition to potential surveillance of U.S. citizens, U.S. Immigration and Customs Enforcement began to strengthen its surveillance arsenal the day after Trump’s re-election. At the same time, experts expect the new administration rolling back cybersecurity rules instituted under President Joe Biden while taking a harder line against state-sponsored hackers. And if all this political upheaval makes you want to protest, beware: investigation co-published by WIRED and The Marshall Project found that mask bans instituted in several states add a complicated new layer to the exercise of free speech.

And that’s not all. Every week, we round up privacy and security news that we haven’t covered in depth ourselves. Click on the headlines to read the full stories and stay safe.

In August 2016, around 120,000 bitcoins, worth around $71 million at the time, were stolen in a hack of cryptocurrency exchange Bitfinex. Then, in 2022, as the value of cryptocurrency had skyrocketed, law enforcement officials New York arrested husband and wife Ilya Lichtenstein and Heather Morgan regarding the hacking and laundering of the stolen $4.5 billion in cryptocurrency. (At the time, $3.6 billion in funds had been recovered by law enforcement investigators.)

This week, after pleading guilty in 2023, Lichtenstein was sentenced to five years in prison for carrying out the hack and laundering the profits. With subsequent cryptocurrency spikes and additional hack-related seizures, the US government has now been able to recover more than $10 billion in assets. A series of operational safety failures by Lichtenstein made much of the illicit cryptocurrency easy for authorities to seize, but investigators also applied sophisticated cryptocurrency tracing methods to discover how the funds were stolen and then moved.

Aside from the brazen scale of the heist, Lichtenstein and Morgan gained notoriety and ridicule after their arrest thanks to a series of Forbes articles written by Morgan and rap videos posted on YouTube under the name “Razzlekhan”. Morgan, who also pleaded guilty, is scheduled to be sentenced Nov. 18.

Fraudsters are increasingly adopting AI into their criminal tools, using the technology to create deepfakes, translate scripts and make their operations more efficient. But artificial intelligence also turns against scammers. British telecommunications company Virgin Media and its mobile operator O2 have created a new “AI granny” capable of responding phone calls from scammers and let them talk. The system uses different AI models, according to The Register, which listen to what a scammer says and respond immediately. In one case, the company claims it kept a scammer online for 40 minutes and provided others with false personal information. Unfortunately, the system (at least for now) cannot answer calls made to your phone directly; instead, O2 created a specific phone number for the system, which the company claims it managed to place in lists of numbers called by fraudsters.

In a new legal strategy aimed at those trying to hold commercial spyware providers accountable, lawyer Andreu Van den Eynde, allegedly hacked with NSO Group’s spyware, directly accuses two of the founders of the company, Omri Lavie and Shalev Hulio, and one of its directors. , Yuval Somekh, for computer hacking crimes in a trial. The Barcelona-based human rights non-profit Iridia announced this week that it had filed a complaint with a Catalan court. Van den Eynde was allegedly the victim of a hacking campaign using NSO’s notorious Pegasus spyware against at least 65 Catalans. Van den Eynde and Iridia initially sued NSO Group in a Barcelona court in 2022 with their subsidiaries Osy Technologies and Q Cyber ​​Technologies. “Those responsible for the NSO Group must explain their concrete activities,” wrote a legal representative for Iridia and Van den Eynde in the complaint, written in Catalan and translated by TechCrunch.

A study released this week by mobile device management company Jamf found that hackers linked to North Korea were working to plant malware in macOS apps created with a particular open-source SDK . The campaigns focused on cryptocurrency-related targets and involved infrastructure similar to the systems used by North Korea’s notorious Lazarus Group. It is unclear if the activity actually compromised the victim or if it was still in the testing phase.

Financially motivated, state-backed hackers have less opportunity to use malware targeting Apple Mac computers than hacking tools that infect Microsoft Windows or Linux desktops and servers . So when Mac malware appears, it’s usually a niche spot, but it can also be a telling indicator of trends and priorities among hackers.