Best Long-Reads of the Week, 7/2/22

Indian mercenary hackers have become the secret weapon of litigants, the Razzlekhan money-laundering couple are talking about a plea bargain, the greatest privacy threats pregnant people face, more

Metacurity is pleased to offer our free and paid subscribers this weekly digest of long-form infosec pieces and related articles that we couldn’t properly fit into our daily crush of news. Let us know what you think, and feel free to let us know if we missed something important by sending us a note to info@metacurity.com. Happy reading!

• Painstaking and in-depth research by Chris Bing and Raphael Satter of Reuters produced a must-read, bombshell revelation that Indian mercenary hackers have become the secret weapon of litigants looking to win their cases at all costs. The journalists created a unique database of more than 80,000 emails sent by Indian hackers to 13,000 targets over seven years and discovered that at least 75 U.S. and European companies, three dozen advocacy and media groups, and numerous Western business executives were the subjects of these hacking-for-hire attempts. In addition, the Indian hackers tried to break into the inboxes of some 1,000 attorneys at 108 law firms.
• Zeke Faux has this deep dive in Bloomberg about the Razzlekhan rapping couple that helped launder the proceeds from the $8 billion Bitfinex hack (now worth only about $2 billion given the collapse in the cryptocurrency market.) The New York couple, Ilya Lichtenstein and Heather Morgan, was busted by the feds, who ultimately retrieved nearly half of the stolen cryptocurrency. Prosecutors say they are talking with the couple’s lawyers about a plea bargain, and the next hearing in the case is scheduled for August. Still unaccounted for is a fifth of the missing bitcoins.
• Russell Brandom, Nicole Wetsman, Corin Faife, and Mary Beth Griggs offer this run-down in The Verge of the most significant privacy vulnerabilities for people seeking abortions in the post-Roe United States and how people can protect their information. From how law enforcement might investigate abortion-related “crimes” to protecting search histories from authorities to the dangers of period trackers, it’s clear that pregnant people now face immense personal risk from the digital footprints they leave on the internet and their devices.
• Nick Corasaniti and Alexandra Berzon offer this in-depth look at Tina Peters, a pro-Trump conspiracy theorist who has been charged with breaching voting systems while she was a clerk in Mesa County, Colorado, following the 2020 presidential campaign. Peters helped copy sensitive election software from county voting machines to prove the 2020 presidential election was rigged. Subsequent to the publication of this profile, Peters also finished in third place during last Tuesday’s Republican primary for Secretary of State in Colorado, a loss she blamed on voter fraud.
• The Protocol’s Kyle Alspach looks at how although Russia hasn’t run an intense cyber attack campaign against Ukraine’s allies yet, as many expected, no one should lower their shields. He spoke with twenty experts, including threat researchers, former government officials, and those with expertise on critical infrastructure and Russia, who warned that starting later this year, “Putin may give the green light for major cyberattacks aimed at disrupting critical infrastructure and supply chains in the West.”
• Justin Ling in Wired examines how sensor-packed Chinese cars on Western roads could become a privacy and national security risk. Chinese vehicles are about three ways from hitting the U.S. market significantly, and cybersecurity standards for vehicles are still considered substandard. Still, with the proper constraints, the data collected by these and U.S.-made vehicles could limit espionage and national security threats.