Just over a week ago, an employee at a water treatment plant in Oldsmar, Florida, noticed that the cursor on his screen started moving on its own. Soon it was clicking through controls, raising the supply of lye in the water supply from 100 parts per million to 1,100 ppm, enough to cause serious damage to human tissue. Fortunately, the employee moved quickly to revert things to normal levels. It is still unclear who was behind this dramatic hack, and it’s a sober reminder of how exposed so many industrial systems remain despite years of warnings.
Facebook also seems to have ignored warnings about the proliferation of Covid-19 scams on its platform; researchers this week exposed multiple scams they found on both the social media network and the messaging service Telegram.
Cyberpunk 2077 developer CD Projekt Red had already been battered by players frustrated with the game’s rampant bugs and poor gameplay on legacy consoles. This week it disclosed that ransomware was recently added to its list of woes, as a hacker group claimed to have stolen internal documents as well as source code for its most popular games. CD Projekt Red said it would not pay the ransom.
Microsoft finally patched a vulnerability that was first introduced into its Windows Defender antivirus product—recently renamed Microsoft Defender—at least 12 years ago. A barcode scanner app started serving up adware to its millions of users after an update in December. And be sure to read the third installment of 2034, the fictional tale of an all-too-real-sounding future war with China.
And there’s more! Each week we round up all the news we didn’t cover in depth. Click on the headlines to read the full stories. And stay safe out there.
Since 2014, if you were in the market for a stolen credit card or identity on the dark web—or until recently out in the open—the Joker’s Stash has been your one-stop shop. According to analysis by blockchain analysis firm Elliptic, the operator of Joker’s Stash announced that they would close up shop this month after taking in what Elliptic pegs at over a billion dollars of cryptocurrency during their run. (It’s unclear whether JokerStash, the account that runs the marketplace, is…