Search Results for “NICOLE PERLROTH”


April 30, 2020
Nicole Perlroth and Adam Goldman / New York Times

Nicole Perlroth and Adam Goldman / New York Times  
FBI Chief Christopher Wray, Currently an Advocate of Encryption Backdoors, Previously Argued in Favor of Strong End-to-End Encryption In His Law Practice

Christopher A. Wray, the director of the Federal Bureau of Investigation, has been pushing tech companies like Facebook to give law enforcement access to what he and Attorney General William Barr call “warrant-proof encryption,” but is fundamentally building encryption backdoors into communications apps. However, court documents in a separate matter between WhatsApp, which is owned by Facebook, and NSO Group, an Israeli spyware maker, revealed that Mr. Wray’s law firm previously argued in favor of strong end-to-end encryption while representing WhatsApp in a sealed 2015 case involving the Justice Department. In the earlier case, Wray, then a partner at King & Spalding, was hired to “analyze and protect” WhatsApp’s software from a Justice Department effort to weaken its encryption in order to conduct wiretap of a WhatsApp user’s data. Wray’s office said that back then “his duty of loyalty was to his client, and he did not put his personal views ahead of his clients’ interests or allow them to affect the legal work he did for clients” although now his duty of loyalty is to the United States.

Related: The Guardian, Tech Insider, Cyberscoop, Wall Street Journal, Reuters: U.S.

Tweets:@jsrailton @nicoleperlroth


May 10, 2020
David Sanger, Nicole Perlroth / New York Times

David Sanger, Nicole Perlroth / New York Times  
DHS and FBI to Formally Warn That China’s Top Hackers and Spies Aim to Steal Coronavirus Vaccine, Treatment Research

In the latest Trump Administration move to highlight the cyber threat China poses, the F.B.I. and the Department of Homeland Security will issue a warning that China’s most skilled hackers and spies are working to steal American research into vaccines and treatments for the coronavirus. This effort is part of a wider surge of cyberthreats by nation-states seeking to exploit the coronavirus pandemic. The warning comes as Israeli officials accuse Iran of mounting an attempt in late April to cripple water supplies as Israelis were confined to their houses. A draft of the warning reads that “valuable intellectual property and public health data through illicit means related to vaccines, treatments, and testing.”  It focuses on cybertheft and action by “nontraditional actors,” a euphemism for researchers and students inside educational institutions seeking to steal research.

Related: Daily Mail, WSJ.com, The Hill: Cybersecurity, New York Post

Tweets:@jsfslowi @idreesali @ericgeller @SangerNYT @JenGriffinFNC @peterjhasson @lukOlejnik

Daily Mail: US officials ‘plan to accuse China of preparing hackers to steal coronavirus vaccine’ from America’
WSJ.com: U.S. to Accuse China of Attempts to Hack Coronavirus Research
The Hill: Cybersecurity: FBI, DHS to accuse China of trying to hack coronavirus researchers: reports
New York Post: FBI to warn of Chinese hackers trying to steal coronavirus vaccine data

@jsfslowi: Two technically and operationally ignorant hacks attempt to make pursuit of priority intelligence requirements/needs sound like some Earth-shattering revelation:
@idreesali: "A draft of the forthcoming public warning, which officials say is likely to be issued in the days to come, says China is seeking “valuable intellectual property and public health data through illicit means related to vaccines, treatments and testing.”"
@ericgeller: In the next few days, DHS and the FBI will publicly accuse China of trying to steal U.S. research into coronavirus treatments and vaccines, officials tell NYT.
@SangerNYT: The US is preparing to accuse China of hacking into American networks for vaccine and coronavirus treatment research, just the tip of the spear in how the pandemic has redirected state-sponsored cyber attackers. Exclusive, with the great @nicoleperlroth
@JenGriffinFNC: U.S. to Accuse China of Trying to Hack Vaccine Data, as Virus Redirects Cyberattacks - The New York Times
@peterjhasson: "The F.B.I. and the Department of Homeland Security are preparing to issue a warning that China’s most skilled hackers and spies are working to steal American research in the crash effort to develop vaccines and treatments for the coronavirus."
@lukOlejnik: Countries accuse other countries over cyberattacks designed to steal #COVID19 information (e.g. about vaccine research). "a dozen countries have redeployed military and intelligence hackers to glean whatever they can about other nations’ virus responses" https://nytimes.com/2020/05/10/us/


April 20, 2020
Natasha Singer, Nicole Perlroth / New York Times

Natasha Singer, Nicole Perlroth / New York Times  
Dropbox Engineers Were So Concerned About Zoom’s Security in 2019 That The Company Launched a Bug Bounty Program to Find Holes in the Video Conference App, Report

Despite what Zoom and some of its advisers say, the meteoric video conferencing app’s security woes don’t solely stem from the company’s scorching growth since the coronavirus crisis hit. Former Dropbox engineers say the company’s current security plight can be traced back two years or more, and they argue that the company’s failure to overhaul its security practices back then put its business clients at risk. The Dropbox engineers grew so concerned that vulnerabilities in the videoconferencing system might compromise its corporate security that the file-hosting giant took on the unusual step of policing Zoom’s security practices itself, launching in early 2019 a bug bounty program through a HackerOne Singapore to find holes in Zoom’s software code and that of a few other companies.  The engineers say they were “stunned” by the volume of bugs the bounty program uncovered in Zoom’s system.

Related: Sydney Morning Herald, MobileSyrup.com, Tech Insider

Tweets:@karaswisher @natashanyt @kimzetter


December 22, 2019
Mark Mazzetti, Nicole Perlroth and Ronen Bergman / New York Times

Mark Mazzetti, Nicole Perlroth and Ronen Bergman / New York Times  
Popular Middle Eastern Messaging App ToTok Is a Spying Tool From Likely Front Company of Offensive Cybersecurity Firm DarkMatter and Is Linked to Data-Mining Firm Pax AI

ToTok, a popular Middle Eastern messaging app, is a spying tool used by the government of the United Arab Emirates to try to track every conversation, movement, relationship, appointment, sound and image of those who install it on their phones, technical analysis and interviews with computer security experts indicate. The app was downloaded millions of times from the Apple and Google app stores by users throughout the Middle East, Europe, Asia, Africa, and North America, but counts most of its users in the Emirates. But ToTok was one of the most downloaded social apps in the United States last week. The firm behind ToTok, Breej Holding, is most likely a front company affiliated with DarkMatter, an Abu Dhabi-based cyberintelligence and hacking firm where Emirati intelligence officials, former National Security Agency employees, and former Israeli military intelligence operatives work. ToTok has also been linked by the intelligence community and technical experts to Pax AI, an Abu Dhabi-based data-mining firm that appears to be tied to DarkMatter. Moreover, it operates from the same Abu Dhabi building as the Emirates’ signals intelligence agency, which until recently was where DarkMatter was based. Google removed the app from its Play store after determining ToTok violated unspecified policies. Apple removed ToTok from its App Store on Friday and was still researching the app.

Related: CNET, Engadget, Silicon Angle, WIRED, Reddit – cybersecurity, Gizmodo, SlashGear, TechSpot, BGR,, Reddit – cybersecurity, fossbytes, Engadget, SiliconANGLE, MacRumors, Tech Insider, The Verge, Daily Dot, Mashable, AndroidHeadlines.com, Business Insider, TechNadu, CTech – 24/7, SlashGear » security, Boing Boing, Mercury News, AP Breaking NewsiMore, MacRumors, Deutsche Welle, Lifehacker, iPhone Hacks, Security – Computing, Security – Computing, HackRead, Daily Mail, TechSpot, The Register – Security, Objective-See

Tweets:@ronenbergman @meslackman @ronenbergman @JackRhysider @JediMammoth @amyfiscus @matt_odell @nicoleperlroth @nicoleperlroth @WilliamTurton @jennineak @okassim @thegrugq

CNET: Popular messaging app ToTok reportedly an Emirati spy tool
Engadget: Messaging app ToTok is reportedly a spying tool for the UAE
Silicon Angle: ToTok messaging app claimed to be an Emirati surveillance tool
WIRED: Uninstall ToTok, an Alleged Emirati Spy App, From Your Phone Now
Reddit – cybersecurity: ToTok, a popular Emirati messaging app that has been downloaded to millions of phones, is actually a spying tool used by the government of the United Arab Emirates to try to track every conversation, movement, relationship, appointment, sound and image of
Gizmodo: Uninstall ToTok, the Government Surveillance Tool Posing as a Chat App: Report
SlashGear: ToTok messaging app is the latest tool in government-sanctioned espionage
TechSpot: ToTok messaging app revealed as an UAE surveillance tool
BGR: The hottest new smartphone chat app is secretly spying on you, so uninstall it right now
Reddit – cybersecurity: ToTok, a popular Emirati messaging app that has been downloaded to millions of phones, is actually a spying tool used by the government of the United Arab Emirates to try to track every conversation, movement, relationship, appointment, sound and image of
fossBytes: Beware! This Popular Chat App Is An Alleged Spy Tool For The UAE
Engadget: Messaging app ToTok is reportedly a spying tool for the UAE
SiliconANGLE: ToTok messaging app claimed to be an Emirati surveillance tool
MacRumors: Apple Pulls Emirati Chat App ‘ToTok’ From App Store for Allegedly Spying on Users
Tech Insider: China’s Huawei endorsed an Emirati messaging app that reportedly tracked messages and photos sent by its millions of users
The Verge: Popular chat app ToTok is reportedly secret United Arab Emirates spying tool
Daily Dot: Messaging app ToTok may actually be an Emirati spy tool
Mashable: Messaging app ToTok is reportedly a secret UAE surveillance tool
AndroidHeadlines.com: New Report Claims ToTok App Is A Spy Tooll
Business Insider: Google and Apple have booted messaging app ToTok which was downloaded millions of times and reportedly a UAE spy tool
TechNadu: Apple and Google Remove ‘ToTok’ App from their Stores due to Spying Allegations
CTech – 24/7: Emirati Spying App Is Linked to Company Employing Former NSO Programmers, Report Says
SlashGear: ToTok messaging app is the latest tool in government-sanctioned espionage
Boing Boing: ToTok is a UAE spying tool, say US officials. Delete it now.
Mercury News: Report: UAE social media app ToTok is actually a surveillance tool
AP Breaking News: Report: Popular UAE chat app ToTok a government spy tool
iMore: Apple removes chat app ToTok from App Store over concerns it’s a spy tool
MacRumors: Apple Pulls Emirati Chat App ‘ToTok’ From App Store for Allegedly Spying on Users
Deutsche Welle: ToTok app is a ‘spying tool’ for UAE: report
Lifehacker: Delete the Scammy ‘ToTok’ App, and Use It As a Lesson in Avoiding Spyware
iPhone Hacks : Apple Removes ‘ToTok’ Chat App from the App Store for Acting as a Government Spy Tool
Security – Computing: Social messaging app ToTok outed as a spying tool for the UAE government
HackRead: ToTok app caught spying on millions of Android & iPhone users
Daily Mail : ToTok was removed from the Apple and Google app stores following claims it was spying on users
TechSpot : ToTok messaging app revealed as an UAE surveillance tool
The Register – Security: Emirati ‘surveillance app’ ToTok promoted by Huawei as Apple punts it from store
Objective-See: Mass Surveillance, is an (un)Complicated Business

@ronenbergman: NEW: the popular messaging App ToTok, one of the most-downloaded in Apple and Google app stores during the last months, is in fact, a sophisticated hacking tool used by the government of the UAE . W\ @MarkMazzettiNYT @nicoleperlroth
@meslackman: Scared yet? “ToTok is actually a spying tool used by the government of the United Arab Emirates to try to track every conversation, movement, relationship, appointment, sound and image of those who install it on their phone.”
@ronenbergman: It Seemed Like a Popular Chat App. It’s Secretly a Spy Tool. New York Times investigative report by @MarkMazzettiNYT @nicoleperlroth and my small contribution
@JackRhysider: Remember operation Raven? UAE and Darkmatter are still at it. This time we find out they made a chat app to spy on people. The average person has no chance...
@JediMammoth: What's the worst that can happen when a country has no checks a balances? They get called out multiple times, and then keep moving forward in their operations to target, track, traffic, and enslave their adversaries... And the world stays silent...
@amyfiscus: New York Times reporters were told that this popular messaging app was secretly an Emirati spy tool. They asked Apple and Google for comment. Both removed it from their app stores
@matt_odell: “You don’t need to hack people to spy on them if you can get people to willingly download this app to their phone. By uploading contacts, video chats, location, what more intelligence do you need?”
@nicoleperlroth: This reporting entailed a ton of work and helped cut off Emirati surveillance of millions, including Americans. If you can’t read it, please consider a subscription to the @nytimes Its journalism like this that I’m so proud and grateful to do.
@nicoleperlroth: ToTok claims it was removed from the Apple and Google stores for a “technical issue.” It was removed because of our story: https://nytimes.com/2019/12/22/us/politics/totok-app-uae.html?smid=nytcore-ios-share
@WilliamTurton: nyt reports that an app, "ToTok," downloaded millions of times on android and iphones is actually a secret spying app developed by notorious emirati spyware developer darkmatter
@jennineak: 1. "ToTok" lol 2. The Emirati government is trying to track every conversation, movement, relationship, appointment, sound and image of those who've got the app on their phone 3. The likely firm behind it employs former Israeli military spies and NSA spies https://nytimes.com/2019/12/22/us/politics/totok-app-uae.html
@okassim: “..the firm behind ToTok, Breej Holding, is most likely a front company affiliated with DarkMatter, an Abu Dhabi-based cyberintelligence and hacking firm ... DarkMatter is under F.B.I. investigation”
@thegrugq: Technical deep dive on ToTok


January 13, 2020
Nicole Perlroth and Matthew Rosenberg / New York Times

Nicole Perlroth and Matthew Rosenberg / New York Times  
Russia Broke Into Servers of Ukrainian Gas Company Burisma Using Same Techniques Deployed Against DNC in 2016, Ostensible Goal Was to Dig Up Dirt on Hunter Biden, Security Experts

Russian military hackers broke into Burisma, the Ukrainian gas company at the center of the scandal that led to the impeachment of Donald Trump, according to security experts. Democratic presidential candidate Joe Biden’s son, Hunter Biden, served on the board of Burisma. Donald Trump got caught pressuring Ukraine to dig up dirt on Biden’s son in a quid pro quo for military aid which led to the House of Representatives to impeach him shortly before Christmas. The hacks into Burisma by the Russians began in November 2019 as the impeachment efforts against Trump heated up, leading security experts to believe that the Russians were also seeking to dig up dirt on Hunter Biden in a bid to assist Trump. The tactics deployed by Russia were similar to those used against the DNC in 2016. Phishing emails sent by Russia’s GRU Fancy Bear hacking team to Burisma employees directed them to sites designed to steal login credentials, researchers at security firm Area 1 say. The hackers fooled some of the Burisma employees and managed to get inside one of Burisma’s servers.

Related: Area 1 Security (PDF), The Verge, TORONTO STAR, Zero Hedge, Business Insider, Axios, CNN.comRT News, Marketwatch, Wall Street Journal, Washington Post, Reuters, Daily Mail, TIME, AP Breaking News, TribLIVE, Bloomberg Politics, GlobalNews.ca, South China Morning Post, Newsweek, TORONTO STAR, Thomas Brewster – Forbes

Tweets:@nicoleperlroth @allMattNYT @kyledcheney @kylegriffin1 @JoyceWhiteVance @neal_katyal @MarshallCohen @atrupar @nickconfessore @RVAWonk @selectedwisdom @kenvogel @kylegriffin1 @noahshachtman @RidT @RidT @RidT @kylegriffin1 @rosenbergerlm @kyleehmke @Bing_Chris

Area 1 Security:PHISHING BURISMA HOLDINGS (PDF)
The Verge: Burisma targeted by Russia-linked phishing attack, raising election-meddling fears
TORONTO STAR: Russians hacked Burisma, the Ukrainian gas company at centre of impeachment
Zero Hedge: Here Comes Wikigate 2: NYT Claims Russian Hackers Successfully “Breached” Burisma
Business Insider: Explosive new report says Russia hacked the Ukrainian company Burisma Holdings to get dirt on the Bidens
Axios: Report: Russian hackers successfully targeted Ukrainian gas company Burisma
CNN.com: Russians hack energy company that played major role in Trump Ukraine scandal
RT News: UkraineGate documentary shows Joe Biden’s ‘someone solid’ for Ukrainian General Prosecutor was anything but
Marketwatch: The Wall Street Journal: Russians reportedly hacked Burisma during Trump impeachment probe
Wall Street Journal: Russians Breached Burisma During Trump Impeachment Probe
Washington Post: Russian spies hacked Ukrainian gas company at heart of Trump impeachment trial
Reuters: Russian hackers targeted Ukrainian company at center of impeachment storm: cybersecurity firm
Daily Mail: Russian military hacked Ukrainian gas company at center of impeachment row to ‘find dirt on Bidens’
TIME: Russian Agents Hacked Ukrainian Company at Center of Impeachment Probe, Security Firm Says
AP Breaking News: Russians hacked company key to Ukraine scandal: researchers
TribLIVE: Cybersecurity: Russians hacked company key to Ukraine scandal
Bloomberg Politics: Russian Hackers Attacked Burisma in Midst of Impeachment Inquiry
GlobalNews.ca: Researchers say Russians hacked Ukraine company at centre of Trump impeachment
South China Morning Post: Russian hackers targeted Burisma amid impeachment inquiry, cyber firm says
Newsweek: Hunter Biden-Linked Ukraine Firm Hacked by Russian Agency That Targeted Clinton Campaign
TORONTO STAR: Russians hacked Burisma, the Ukrainian gas company at centre of impeachment
Thomas Brewster – Forbes: Russian Hackers Target Burisma, Claim Ex-NSA Agents

@nicoleperlroth: BREAKING: As the November impeachment hearings got underway, Russia's GRU hacked Burisma in what appears to be a repeat of 2016, when GRU hackers breached the DNC and then selectively leaked emails to hurt Clinton's candidacy. https://nytimes.com/2020/01/13/us/politics/russian-hackers-burisma-ukraine.html with @AllMattNYT
@allMattNYT: NEW: Russians Hacked Ukrainian Gas Company at Center of Impeachment - Timing and scale of the attacks suggest the Russians were looking for the same kind of dirt on Biden that Trump wanted from Ukraine - @nicoleperlroth @AllMattNYT
@kyledcheney: Wow: Russians hacked Burisma.
@kylegriffin1: Breaking via NYT: Russians hacked Burisma. The hacking attempts began in early November. It is not yet clear what the hackers found, or precisely what they were searching for.
@JoyceWhiteVance: You probably saw this season 3 plot twist coming-Russia hacked Burisma, where Hunter Biden was on the board, after the Trump scandal broke & likely looking for negative info on Biden.
@neal_katyal: Russia, if you are listening ...
@MarshallCohen: This might be the most important news of the day. Russia could leak Burisma emails, and slip in some doctored emails, to harm Biden later on, if he is the Democratic nominee. The 2016 playbook all over again.
@atrupar: Trump seems to be getting some help in the search for Biden dirt
@nickconfessore: Russian agents have been hacking into Burisma, possibly looking for the kind of incriminating material the president and his defenders have sought via Giuliani and others. @nicoleperlroth & @AllMattNYT report.
@RVAWonk: Russia's military intelligence unit carried out a successful phishing campaign targeting Burisma, the Ukrainian gas company where Hunter Biden worked, and which is now at the center of the impeachment scandal. Seems like Russia was listening.
@selectedwisdom: No surprise. To be expected. As discussed with our #FIE2020 - Russia hacking probability vis-a-vis Biden. #1 Ukraine-Burisma-Hunter Biden #2 Biden health
@kenvogel: RUSSIA HACKED BURISMA: In an apparent effort to collect damaging information about the BIDENS, Russian military hackers used phishing emails to access a server at the gas company that paid HUNTER BIDEN, scoop @nicoleperlroth & @AllMattNYT .
@kylegriffin1: Interested to see what the Republicans who pushed the falsehood that Ukraine hacked the 2016 election think of this NYT report.
@noahshachtman: I hope my fellow editors will think hard — really hard, a lot harder than they did in 2016 — before publishing any material hacked by the Russians.
@RidT: A reported hacking attempt against "Burisma Holdings and some of its subsidiaries and partners" is getting a lot of attention right now, *allegedly* by GRU. Here's the underlying report in question: https://cdn.area1security.com/reports/Area-1-Security-PhishingBarismaHoldings.pdf?mod=article_inline < ?Caution advised, based on what we currently know
@RidT: The report makes a strong attribution claim (no estimative language, no analysis of competing hypotheses) solely based on TTPs, without access to any victim network (it appears, unless I'm missing something). That's problematic. This isn't wrong:
@RidT: Ignore the weak attribution evidence for now. What does that even mean? — An attack is "successful" if and when the attacker successfully breaches a target, not because it looks good. Did Area 1 have access to victim forensics or not? It appears the answer is no from the report.
@kylegriffin1: Ex-FBI official Frank Figliuzzi on the NYT report: "Make no mistake. This is a full-on attack on our 2020 election." @TheLastWord
@rosenbergerlm: I told ??@washingtonpost ? the GRU campaign “demonstrates that there are a lot of targets that can be attacked by those who would interfere in our elections. We should expect to see more of these reports. The goal is to undermine our institutions.”
@kyleehmke: So just to be explicit about our research @ThreatConnect, we initially came across the cubenergy-my-sharepoint[.]com by exploiting some consistencies that we've seen in previous Fancy Bear infrastructure.
@Bing_Chris: Russian hackers targeted Ukrainian company at center of impeachment storm https://reut.rs/2uHmLli — new details and background about the operation, including Biden camp comment and more.


November 15, 2019
What Next TBD

What Next TBD  
How WhatsApp Got Hacked

The New York Time’s Nicole Perlroth talks about the Facebook lawsuit against a little-known Israeli spyware firm called NSO Group. Facebook is accusing NSO of supplying technology that enabled a hack of 1,400 WhatsApp accounts. Perlroth talks about what the lawsuit means for the spyware industry? And why are governments lining up to buy these products?

November 10, 2019
Vindu Goel and Nicole Perlroth / New York Times

Vindu Goel and Nicole Perlroth / New York Times  
NSO Group’s Spyware Infected 121 WhatsApp Users in India, 22 Were Rights Activists, Journalists and Civil Rights Lawyers

In India,121 WhatsApp users were targeted with NSO Group spyware, the Facebook-owned messaging service said in a recent letter to the government in the wake of its lawsuit against the Israeli surveillance technology company. The targeted Indians were subject to surveillance where every keystroke, call, and GPS location on their phones had probably been recorded by the Pegasus surveillance software, which is sold by NSO. At least 22 were human rights activists, journalists, and civil rights lawyers, according to a tally by the news site Scroll.in. It’s unclear whether the central government led by Prime Minister Narendra Modi was behind the WhatsApp infections. Despite NSO’s recent pledge to ensure that its government clients limit the use of its spyware to crime and terrorism, it’s not sure how exactly the company planned to hold its clients to account.

Related: PogoWasRight.org

Tweets:@nicoleperlroth @vindugoel @snowden


July 13, 2019
Nicole Perlroth / New York Times

Nicole Perlroth / New York Times  
FEC Says Cybersecurity Firm Area 1 Security Can Provide Discounted Anti-Phishing Services to Presidential Candidates

The Federal Election Commission (FEC)  said that security company Area 1 Security could immediately start helping 2020 presidential candidates defend their campaigns from the kinds of malicious phishing attacks that Russian hackers exploited in the 2016 election. The FEC made its advisory decision one month after FEC attorneys told the Commission to deny Area 1 Security’s request because it would be violating campaign finance laws that prohibit corporations from offering free or discounted services to federal candidates. The FEC determined that Area 1 could provide anti-phishing services to candidates because the company was not offering the campaigns special, discounted pricing, but simply offering the same lower-tier cost that was available to other organizations of similar size and financial resources.

Related: Cyberscoop, TechCrunch, The Hill, Krebs on Security, Engadget

Tweets:@jeffstone500 @nicoleperlroth @orenfalkowitz