Tag Archive for: Indict

9 Years After the Mt. Gox Hack, Feds Indict Alleged Culprits

/in


Apple’s Worldwide Developer’s Conference this week included an array of announcements about operating system releases and, of course, the company’s anticipated mixed-reality headset, Vision Pro. Apple also announced that it is expanding on-device nudity detection for children’s accounts as part of its efforts to combat the creation and distribution of child sexual abuse material. The company also debuted more flexible nudity detection for adults.

Internal documents obtained by WIRED revealed new details this week about how the imageboard platform 4chan does, and does not, moderate content—resulting in a violent and bigoted morass. Researchers like a group at the University of Texas, Austin, are increasingly developing support resources and clinics that institutions like local governments and small businesses can lean on for critical cybersecurity advice and assistance. Meanwhile, cybercriminals are expanding their use of artificial intelligence tools to generate content for scams, but defenders are also incorporating AI into their detection strategies.

New insight from North Korean defectors illustrates the fraught digital landscape within the reclusive nation. Surveillance, censorship, and monitoring are rampant for North Koreans who can get online, and millions of others have no digital access. And research released this week from the internet infrastructure company Cloudflare sheds light on the digital threats facing participants in the company’s Project Galileo program, which provides free protections to civil society and human rights organizations around the world.

And there’s more. Each week we round up the security stories we didn’t cover in depth ourselves. Click on the headlines to read the full stories. And stay safe out there.

The US Department of Justice on Friday indicted two Russian men, Alexey Bilyuchenko and Aleksandr Verner, for the 650,000-bitcoin hack of Mt. Gox. The two appear to have been charged in absentia while evading arrest in Russia—unlike one of their alleged accomplices, Alexander Vinnik, who was previously convicted in 2020.

Bilyuchenko and Verner are accused of breaching Mt. Gox in 2011, in the earliest days of that original bitcoin exchange’s…

Source…

Feds indict Swiss hacker behind massive Verkada breach

/in


The feds have filed criminal charges against a prolific Swiss hacker who took credit for breaking into more than 150,000 security cameras run by a Silicon Valley startup.

A Seattle grand jury indicted Tillie Kottmann, the 21-year-old hacktivist who claimed to be behind last week’s massive breach of Verkada, which allowed hackers to peep on prisons, schools, hospitals and major companies such as Tesla.

Known by the monikers “deletescape” and “tillie crimew,” Kottmann has hacked dozens of companies and government agencies and published private data from more than 100 entities on the internet since 2019, prosecutors say.

While it doesn’t mention the Verkada attack, the Thursday indictment focuses on eight hacks that Kottmann, who uses they/them pronouns, carried out from February 2020 to January of this year.

The targets included six private companies, a federal contractor and the Washington State Department of Transportation, the feds said. Prosecutors didn’t name any of the firms, but descriptions in the indictment match Kottmann’s past statements about their hacks of Japanese automaker Nissan and computer-chip giant Intel.

Prosecutors noted that Kottmann openly boasted about some of the hacks in Twitter posts, like one from May 2020 that said, “i love helping companies open their source code.”

The feds also claim Kottmann and others promoted their hacking and made money “by designing and selling clothing and paraphernalia related to computer hacking activity and anti-intellectual-property ideology.”

Kottmann is still in Lucerne, Switzerland, but has been made aware of the charges, which came about a week after Swiss authorities carried out search warrants related to the alleged hacks, according to the feds.

Kottmann didn’t immediately respond to a Twitter message seeking comment. But they recently told Forbes they expected “consequences” for their hacking, which aimed to expose poor security at powerful entities.

“I don’t want to help companies,” Kottmann told the outlet. “The whole hacker thing, in my opinion should be more about trying to improve the world.”

That idealism, however, hasn’t…

Source…

Feds Indict North Korean Hackers for Years of Heists and Scams

/in


Most surprising, perhaps, is the extent of the hackers’ alleged schemes as cryptocurrency scammers and even would-be entrepreneurs. The indictment outlines how the North Koreans—specifically Kim Il—made plans to launch a cryptocurrency token scheme called Marine Chain, which would sell a blockchain-based stake in marine vessels including cargo ships. According to the British think tank the Royal United Services Institute, Marine Chain was identified by the United Nations as a North Korean sanctions-evasion scheme in 2018; it’s not clear if it ever got off the ground.

In another cryptocurrency theft scheme, the hackers are charged with creating a long list of malicious cryptocurrency apps with names like WorldBit-Bot, iCryptoFx, Kupay Wallet, CoinGo Trade, Dorusio, Ants2Whales, and CryptoNeuro Trader, all designed to surreptitiously steal victims’ cryptocurrencies. The US Cybersecurity and Infrastructure Security Agency issued an advisory Wednesday about the malware family integrated into those apps known as AppleJeus, warning that the malicious apps have been distributed by hackers posing as legitimate cryptocurrency firms, who sent the apps in phishing emails or tricked users into downloading them from fake websites. Security firm Kaspersky had warned about versions of AppleJeus as early as 2018.

The indictment demonstrates the United States’ growing willingness to indict foreign hackers for cyberattacks and cybercriminal schemes that don’t merely target US institutions, says Greg Lesnewich, a threat intelligence analyst at security firm Recorded Future. For some of the charges, he points out, Americans were impacted only as the holders of cryptocurrency stolen from international exchanges. “It’s an expansion of what the US is willing to prosecute for, even if the victims aren’t US entities,” he says.

At the same time, Lesnewich says the long arc of the crimes the indictment describes also show North Korea has expanded its ambitions to use and steal cryptocurrency in any way that might help fund its sanctions-starved government. “They’re using very ingenious methods to steal cryptocurrency now,” says Lesnewich. “They’re clearly putting some of their ‘best’ people on…

Source…