Tag Archive for: Citizen

US citizen pleads guilty to advising DPRK on cryptocurrency • The Register

/in


A US citizen has admitted to helping the Democratic People’s Republic of Korea (DPRK) to establish cryptocurrency capabilities and faces up to 20 years jail for his actions.

The Department of Justice (DoJ) on Monday revealed that Virgil Griffith, a US citizen resident in Singapore, hatched plans in 2018 to help an individual in the hermit kingdom mine cryptocurrency.

In 2019 Griffith visited North Korea and spoke at a local cryptocurrency conference. The DoJ alleges that Griffth and his co-conspirators “provided instruction on how the DPRK could use blockchain and cryptocurrency technology to launder money and evade sanctions” and “how blockchain technology such as ‘smart contracts’ could be used to benefit the DPRK, including in nuclear weapons negotiations with the United States”.

The DoJ alleges that after the conference, Griffith “attempted to recruit other US citizens to travel to North Korea and provide similar services to DPRK persons, and attempted to broker introductions for the DPRK to other cryptocurrency and blockchain service providers”.

North Korea stands accused of multiple attacks on cryptocurrency infrastructure, conducted to help it secure funds it cannot access thanks to international sanctions imposed in protest at the DPRK’s human rights record.

Or, perhaps more accurately, its record of terrible human rights abuses – the United Nations’ Commission of Inquiry on Human Rights in the Democratic People’s Republic of Korea found that the nation’s government has conducted “systematic, widespread, and gross human rights violations, some amounting to crimes against humanity”.

The USA therefore prohibits exports of almost anything to the DPRK without a licence. And such a licence is not granted easily.

Almost every nation on Earth sanctions the DPRK for those activities, its belligerent pursuit of nuclear weapons,…

Source…

Microsoft, Google, Citizen Lab blow lid off zero-day bug-exploiting spyware sold to governments • The Register

/in


Analysis Software patches from Microsoft this week closed two vulnerabilities exploited by spyware said to have been sold to governments by Israeli developer Candiru.

On Thursday, Citizen Lab released a report fingering Candiru as the maker of the espionage toolkit, an outfit Microsoft code-named Sourgum. It is understood the spyware, code-named DevilsTongue by Microsoft, exploited at least a pair of zero-day holes in Windows to infect particular targets’ machines.

Redmond said at least 100 people – from politicians, human rights activists, and journalists, to academics, embassy workers and political dissidents – have had their systems infiltrated by Sourgum’s code; about half are in Palestine, and the rest dotted around Israel, Iran, Lebanon, Yemen, Spain, the United Kingdom, Turkey, Armenia, and Singapore.

Once it has comprehensively compromised a Windows PC, DevilsTongue can exfiltrate the victim’s files, obtain their login credentials for online and network accounts, snoop on chat messages, and more. Candiru also touts spyware that can infect and monitor iPhones, Android devices, and Macs, as well as Windows PCs, it is claimed. The products are said to be on sale to government agencies and other organizations, which then use the espionage software against their chosen targets.

“Candiru’s apparent widespread presence, and the use of its surveillance technology against global civil society, is a potent reminder that the mercenary spyware industry contains many players and is prone to widespread abuse,” Citizen Lab, part of the University of Toronto, said in its report.

“This case demonstrates, yet again, that in the absence of any international safeguards or strong government export controls, spyware vendors will sell to government clients who will routinely abuse their services.”

We’re told that at least 764 domain names…

Source…

Israeli firm sold tools to hack Windows, says Microsoft and Citizen Lab

/in


An Israeli technology company sold a tool to hack into Microsoft Windows, Microsoft and technology human rights group Citizen Lab said on Thursday.

The hacking tool vendor, Candiru, created and sold a software exploit that can penetrate Windows, one of many intelligence products sold by a secretive industry that finds flaws in common software platforms for their clients, said a report by Citizen Lab.

Technical analysis by security researchers details how Candiru’s hacking tool spread around the globe to numerous unnamed customers, and was then used to target various civil society organizations, including a Saudi dissident group and a left-leaning Indonesian news outlet, the reports by Citizen Lab and Microsoft say.

Attempts to reach Candiru for comment were unsuccessful.

Evidence of the exploit recovered by Microsoft Corp. suggested it was deployed against users in several countries, including Iran, Lebanon, Spain and the United Kingdom, according to the Citizen Lab report.

“Candiru’s growing presence, and the use of its surveillance technology against global civil society, is a potent reminder that the mercenary spyware industry contains many players and is prone to widespread abuse,” Citizen Lab said in its report.

Microsoft fixed the discovered flaws on Tuesday through a software update. Microsoft did not directly attribute the exploits to Candiru, instead referring to it as an “Israel-based private sector offensive actor” under the code name Sourgum.

“Sourgum generally sells cyberweapons that enable its customers, often government agencies around the world, to hack into their targets’ computers, phones, network infrastructure, and internet-connected devices,” Microsoft wrote in a blog post. “These agencies then choose who to target and run the actual operations themselves.”

Candiru’s tools also exploited weaknesses in other common software products, like Google’s Chrome browser.

Source…

Tips protect from cybercrime as online use increases | Preston Citizen

/in


As a result of the pandemic and its aftermath many Idahoans are relying on their phones, laptops and other devices more than ever for work, school, and to stay connected. This increase in online activity corresponds with greater consumer exposure to cyber-attacks and scammers seeking to exploit victims.

There definitely have been more reports of it recently. I believe it is due to people spending more time online and doing more over the internet,” said Preston Police Chief Dan McCammon. “We have taken complaints that range from people being contacted through email, phone, and all the social media apps. There are scams where the suspect tries to get the victim to believe there is a warrant out for them, or they are talking to the IRS and need to make a payment that day, or they have a child or grandchild in jail and bail money is needed. Then there is the classic one where the victim is notified they won a jackpot to a lottery they have never played, or a rich person died and they are only last living heir to a fortune and you only need to send a few hundred dollars to get the money sent to you,” he said.

Consider these five tips to stay safe online.

Clear out cyber clutter

Think of this as spring cleaning for your digital space. A good digital spring cleaning can prevent cyber criminals from accessing old information that could help them figure out how to get to your new information. To clean up files stored on your devices, first back up important files and then delete unused or outdated files. Empty your desktop recycling bin to help permanently remove deleted files.

Update logins and passwords

Opting for the same password for multiple applications makes it easier for a scammer to access your information. Instead, choose a unique password, preferably eight characters or longer that does not contain personal information or common words. An easy way to double your login protection is to enable multi-factor authentication (MFA) whenever possible. Review the privacy and security options each platform provides to prevent granting access to unwanted visitors.

If you connect, you must protect

One of the best defenses…

Source…