Search Results for “Zack Whittaker”


November 15, 2019
Kate Fazzini / CNBC

Kate Fazzini / CNBC  
Justice Department Indicts Two Alleged Thieves for Using SIM Swapping in $550,000 Scheme

The Justice Department indicted two alleged thieves, Eric Meiggs and Declan Harrington, for targeting cryptocurrency executives and threatening their families, allegedly stealing or attempting to steal over $550,000 in a wide-ranging scheme. The indictment says that Meiggs and Harrington used cell phone SIM card swapping to gain access to victims’ crypto coin accounts, and sent hostile messages to targets, often threatening their families. The two men were charged wire fraud, computer fraud, and aggravated identity theft, among other charges.

Related: The Register – Security, BleepingComputer.com, Mashable, DataBreachToday.com, CNBC, Cyberscoop, Lawfare , Justice.gov, The Hacker News, DataBreachToday.com, The Next Web, Infosecurity Magazine

Tweets:@cfarivar @shanvav @zackwhittaker

The Register – Security: What a pair of Massholes! New England duo cuffed over SIM-swapping cryptocoin charges
BleepingComputer.com: Two Charged Over Crypto Theft via SIM Swapping, Death Threats
Mashable: Two Massholes arrested in SIM swapping for cryptocurrency scheme
DataBreachToday.com: DOJ: Pair Used SIM Swapping Scam to Steal Cryptocurency
CNBC: Thieves targeted crypto execs and threatened their families in wide-ranging scheme, says DOJ
Cyberscoop: Alleged SIM-swappers charged in $550,000 cryptocurrency scam
Lawfare : Two Massachusetts Men Charged with Cybercrimes
Justice.gov: Two Massachusetts Men Arrested and Charged with Nationwide Scheme to Steal Social Media Accounts and Cryptocurrency
The Hacker News: Two Arrested for Stealing $550,000 in Cryptocurrency Using Sim Swapping
DataBreachToday.com: DOJ: Pair Used SIM Swapping Scam to Steal Cryptocurency
The Next Web: SIM swappers arrested after allegedly trying to steal over $550K in cryptocurrency
Infosecurity Magazine: Alleged Crypto-Stealing SIM Swap Duo Charged

@cfarivar: Two Massachusetts men were arrested today and charged in U.S. District Court in Boston with conducting an extensive scheme to take over victims’ social media accounts and steal their cryptocurrency via SIM swapping. https://www.documentcloud.org/documents/6549571-Swapping.html … Indictment:
@shanvav: SIM-swappers beware: Two men have been indicted in Boston and arrested in relation to a $550,000 cryptocurrency scam that relied on taking control of users' phones through SIM-hijacking. Read up on the scam and charges on @CyberScoopNews
@zackwhittaker: Inbox: A pair of major SIM-swappers and scammers have been caught.


September 24, 2019
Alfred Ng / CNET

Alfred Ng / CNET  
Amazon-Owned Ring Considered Building Tool to Activate Nearby Smart Doorbell Video Cameras Triggered by 911 Emergency Calls

Amazon-owned home surveillance company Ring considered building a tool that would automatically activate the video cameras on nearby smart doorbells in the event of a 911 emergency call, according to emails obtained by CNET. Although not currently working on it, Amazon told a California police department in August 2018 that the function could arrive in the “not-so-distant future.” The goal of the automatic triggering would be to have nearby Ring cameras record and stream video that police could then use to investigate an incident. Ring currently faces a number of controversies over its partnerships with nearly 470 police departments across the country.

February 13, 2020
David McCabe, Katie Benner and Nicole Hong / New York Times

David McCabe, Katie Benner and Nicole Hong / New York Times  
Justice Department Brings Racketeering Charges Against Huawei, Accuses Company of Trying to Steal Trade Secrets From American Firms

Ratcheting up the Trump Administration’s campaign against what the U.S. government believes is a surveillance threat, the Justice Department unsealed an indictment against Chinese telecom tech provider Huawei accusing the company and its affiliates of a “pattern of racketeering activity.” It said the companies had worked to steal trade secrets from six unidentified American firms. The supposed stolen material includes source code, as well as the manuals for wireless technology. The DOJ said the indictment related to “decades-long efforts by Huawei, and several of its subsidiaries, both in the U.S. and in the People’s Republic of China, to misappropriate intellectual property, including from six U.S. technology companies, in an effort to grow and operate Huawei’s business.”

Related: Justice Department, TechCrunch, DAILYSABAH, Courthouse News Service, Cyberscoop, Zero Hedge, City A.M. – Technology, ZDNet Security, Android Central , Trusted Reviews, The Hill: Cybersecurity, TechCrunch

Tweets:@TheJusticeDept @Reuters @CBS_Herridge @ZackWhittaker @campuscodi

DAILYSABAH: Huawei hit with new US charges of trade secrets theft
TribLIVE Today’s Stories: U.S. brings new charges against Chinese tech giant Huawei
Courthouse News Service: New Huawei Indictment Alleges Trade-Secret Theft, Secret Surveillance
Cyberscoop: U.S. charges Huawei with conspiracy to steal trade secrets, racketeering
Zero Hedge: US Continues Crackdown On Huawei, Adds Racketeering Conspiracy Charge
City A.M. – Technology: US hits Huawei with fresh charges over alleged trade secret theft
ZDNet Security: US charges Huawei with racketeering and conspiracy to steal trade secrets
Android Central : U.S. DOJ indicts Huawei for racketeering and stealing trade secrets
Trusted Reviews: The US has been “spying on other countries for quite some time” – Huawei hits back in extraordinary fashion
The Hill: Cybersecurity: US prosecutors bring new charges against China’s Huawei
TechCrunch: The US is charging Huawei with racketeering

@TheJusticeDept: Chinese Telecommunications Conglomerate Huawei and Subsidiaries Charged in Racketeering Conspiracy and Conspiracy to Steal Trade Secrets
@Reuters: U.S. brings new charges against Huawei and its CFO Meng Wanzhou, including racketeering and conspiring to steal trade secrets from six tech companies
@CBS_Herridge: Senate Intel leadership on Huawei new charges conspiracy, racketeering “..a damning portrait of an illegitimate organization that lacks any regard for the law. Intellectual property theft, corporate sabotage...market manipulation are part of Huawei's core ethos” #Huawei @CBSNews
@ZackWhittaker: ? Wow. DOJ just posted its superseding indictment against Huawei.
@campuscodi: This indictment is bonkers. You should really read it. US says Huawei had an internal "bonus program" rewarding employees who stole from competitors http://documentcloud.org/documents/6775728-Huawei-Et-Al-Third-Superseding-Indictment-Final-0.html


September 24, 2019
Bill Marczak, Adam Hulcoop, Etienne Maynier, Bahr Abdul Razzak, Masashi Crete-Nishihata, John Scott-Railton, and Ron Deibert / Citizen Lab

Bill Marczak, Adam Hulcoop, Etienne Maynier, Bahr Abdul Razzak, Masashi Crete-Nishihata, John Scott-Railton, and Ron Deibert / Citizen Lab  
Senior Members of Tibetan Groups Including Dalai Lama’s Office Were Hit by One-Click Mobile Spyware Used in Attacks on China’s Uighur Muslim Minority

In a campaign carried out by a single operator called POISON CARP, senior members of Tibetan groups received one-click mobile exploits that used malicious links in individually tailored WhatsApp text exchanges that led to code designed to exploit web browser vulnerabilities to install spyware on iOS and Android devices, and in some cases to OAuth phishing pages, researchers at Citizen Lab discovered. The operators sending the messages posed as NGO workers, journalists, and other fake personas. They deployed a total of eight Android browser exploits and one Android spyware kit, as well as one iOS exploit chain and iOS spyware. The iOS exploit and spyware was used in watering hole attacks reported by Google Project Zero  aimed at China’s minority Muslim Uighurs. A website used to serve exploits by POISON CARP was also observed in a campaign called by a Chines threat group “Evil Eye” reported by Volexity. From November 11 through November 14, Citizen Lab researchers observed 15 intrusion attempts against individuals from the Private Office of His Holiness the Dalai Lama, the Central Tibetan Administration, the Tibetan Parliament, and Tibetan human rights groups.

Related: TechCrunch, Motherboard, Boing Boing, Forbes, Cyberscoop, TechNadu

Tweets:@fabiochiusi @jason_koebler @k_sec @zackwhittaker @jeffstone500 @thegrugq

TechCrunch: Tibetans hit by the same mobile malware targeting Uyghurs
Motherboard: Hackers Tried to Compromise Phones of Tibetans Working for Dalai Lama
Boing Boing: Son of Ghostnet: the mobile malware that targets Tibetans at home and abroad
Forbes: Androids And iPhones Hacked With Just One WhatsApp Click — And Tibetans Are Under Assault
Cyberscoop: A cyber-espionage effort against Tibetan leaders leveraged known Android, iOS vulnerabilities
TechNadu: Tibetans Using Android Were Also Targeted by the Uyghur iOS Malware

@fabiochiusi: “Citizen Lab said a number of Tibetan victims were targeted with malicious links sent in WhatsApp messages by individuals purporting to work for Amnesty International and The New York Times”
@jason_koebler: NEW: Citizen Lab detected attempted hacking attempts against Tibetans working for the Dalai Lama. Not from a known spyware vendor; given recent surveillance against Uygur population, could be China
@k_sec: "The campaign is the first documented case of one-click mobile exploits used to target Tibetan groups...we collected one iOS exploit chain, one iOS spyware implant, eight distinct Android exploits, and an Android spyware package"
@zackwhittaker: Citizen Lab said the malware campaign "uses the same exploits, spyware and infrastructure" to target Tibetans as well as Uyghurs, including officials in the Dalai Lama’s office, parliamentarians and human rights groups. My earlier coverage:
@jeffstone500: a new report from the digital rights group @citizenlab details how hackers who hit China's Uighur population also targeted Tibetan leaders, some of whom worked for the Dalai Lama.
@thegrugq: Haha. My guess was Tibetan diaspora rather than Uyghur. I should have gone with “why not both?”


February 20, 2020
Andy Greenberg / Wired

Andy Greenberg / Wired  
U.S. State Department, UK’s NCSC Blame Russia’s GRU for October Cyberattacks in Georgia, Linked for the First Time to Sandworm Hacking Group

U.S. State Department officials and the U.K.’s NCSC, an arm of the country’s intelligence agency GCHQ, issued statements blaming the Russian military intelligence agency known as the GRU for cyberattacks that hit Georgia in October. Those attacks defaced thousands of websites and disrupted the broadcasts of two television stations, Imedi and Maestro. The U.S., U.K., and allied intelligence agencies have attributed the assaults to the GRU’s Main Center for Special Technology, or GTsST, which the State Department also explicitly linked for the first time to the notorious Russian hacker group known as Sandworm. Sandworm was also tied to the destructive NotPetya worm that spread from Ukraine in 2017, causing $10 billion in damage, and the Olympic Destroyer malware that sabotaged the 2018 Winter Olympics in Pyeongchang. The same unit of GRU is also tied to the BlackEnergy attack of December 2015 that shut off part of Ukraine’s electricity grid, with 230,000 people losing power for between 1 – 6 hours, the NCSC notes.

Related: Gov.uk, Reuters, Kyiv Post, Digital Journal, DAILYSABAH, Telegraph, CNN.com, The Hill: Cybersecurity, Eurasianet, AP Top News, Boing Boing, Cyberscoop, Bloomberg, Sydney Morning Herald, BBC News, Channel News Asia, SecurityWeek, Sky News, Stars and Stripes, Washington Free Beacon, The Register, South China Morning Post, New York Times

Tweets:@a_greenberg @a_greenberg @a_greenberg @a_greenberg @a_greenberg @a_greenberg @zackwhittaker @gordoncorera @gordoncorera @razhael @RidT @RidT @RidT @johnhulquist @jc_stubbs

Gov.uk: UK condemns Russia’s GRU over Georgia cyber-attacks
Reuters: UK blames Russia for ‘totally unacceptable’ cyber attacks on Georgia
Kyiv Post: Reuters: US accuses Russia of cyberattack in Georgia that disrupted websites, TV stations
Digital Journal: US, UK blame Russia for 2019 cyberattacks in Georgia
DAILYSABAH: Russia blamed for 2019 mass hack in Georgia
Telegraph : British spies blame Russian ‘Sandworm’ unit for cyberattack on Georgia
CNN.com: US and UK accuse Russia of major cyber attack on Georgia
The Hill: Cybersecurity: Pompeo, foreign partners condemn Russian cyberattack on country of Georgia
Eurasianet : Russia blamed in massive cyber attack against Georgia – Eurasianet
AP Top News: Georgia blames Russia for major cyber-attack, US, UK agree
Boing Boing: ‘Sandworm’ hacking group linked to Russian GRU’s Main Center for Special Technology, says U.S.
Cyberscoop : In rare move, State Department calls out Russia for attacks on Georgia last year
Bloomberg: Russia Blamed for Georgia Cyber Attack That Raises Sanction Risk
Sydney Morning Herald : ‘There must be consequences’: Australia, US and UK slam Russia over Georgian hacking
BBC News : UK says Russia’s GRU behind massive Georgia cyber-attack
Channel News Asia: UK blames Russia for ‘totally unacceptable’ cyber attacks on Georgia
SecurityWeek: US, UK Blame Russia for 2019 Cyber Attacks in Georgia
Sky News: UK and US blame Russia for ‘reckless’ cyber attacks
Stars and Stripes: US joins others in accusing Russia of cyberattack on Republic of Georgia
Washington Free Beacon: Georgia, Backed by U.S. and Britain, Blames Russia for ‘Paralyzing’ Cyberattack
The Register: GRU won’t believe it: UK and US call out Russia for cyber-attacks on Georgia last year
South China Morning Post: Russia launched ‘reckless, brazen’ cyberattacks against Georgian government, US and UK say
New York Times: U.S. and Allies Blame Russia for Cyberattack on Georgia

@a_greenberg: US officials have blamed Russia's GRU for cyberattacks that hit the country of Georgia in October, defacing thousands of websites and disrupting two TV channels. A rare move to call out Russian hacking whose victims aren't the US or NATO.
@a_greenberg: The State Department and UK's NCSC also confirm in their statements for the first time that the hackers known as Sandworm (the subject of my book) are controlled by the GRU's Main Center for Special Technology/GTsST, aka GRU Unit 74455. And the NCSC lists their whole rap sheet:
@a_greenberg: Calling out the Georgian attacks, a US official tells me, is meant to make the rules clearer for the Kremlin: These sorts of disruptive cyberattacks are not ok, even against countries in Russia's backyard. (Also I imagine this has something do to with our own upcoming election?)
@a_greenberg: For me and anyone who read my book SANDWORM (and for those who haven't, spoiler alert I guess?) this is a big deal: the UK and US government's confirmation of an answer to a multi-year mystery, finally identifying the Kremlin's most dangerous hacker group.
@a_greenberg: And here's @JohnHultquist in my book, calling it in the fall of 2018:
@a_greenberg: Also enormous credit to @matonis who did much of the work to connect the dots, as detailed in this book excerpt:
@zackwhittaker: U.S. and its allies are blaming Russia's GRU for a series of cyberattacks in Georgia (the country) last year, which took down two television stations.
@gordoncorera: NEW-UK's @ncsc and Foreign Office say Russia's GRU responsible for October 2019 cyber attacks on Georgia. Says GRU's Main Centre of Special Technologies targeted web hosting providers and also interrupted the service of several national broadcasters
@gordoncorera: Targeting of broadcasters has been a GRU tactic at least back to 2015 and takedown of TV5Monde. That led to fears UK media would be taken off air in upcoming election (details below from Russians Among Us). Something you would expect US to be thinking about in 2020....
@razhael: UK blames Russia for 'totally unacceptable' cyber attacks on Georgia
@RidT: Today's joint U.S.-British attribution release on GRU operations in Georgia in Oct 2019 is big news. The primary sources are noteworthy. State Dept: https://web.archive.org/web/20200220143813/https://www.state.gov/the-united-states-condemns-russian-cyber-attack-against-the-country-of-georgia/ FCO (with GCHQ byline): https://web.archive.org/web/20200220150129/https://www.gov.uk/government/news/uk-condemns-russias-gru-over-georgia-cyber-attacks The UK statement is more detailed and more interesting.
@RidT: This is how you do it — much, much respect to @GCHQ/@NCSC for spelling out, in clear terms, their confidence level on attributing this particular operation to the Main Centre of Special Technologies/GTsST/74455.
@RidT: Very good to have this official, finally. Just in time for my NotPetya infosec class at 2pm ;)
@johnhulquist: There it is. Government confirming Sandworm is GRU Unit 74455 and tying their actions together.
@jc_stubbs: “We do not want Georgia to become Russia’s next cyber-range" - Our story on today's Sandworm/GRU unit 74455 attribution. Up to 12 countries expected to issue supporting statements https://reut.rs/32dC9CL


January 8, 2020
Joe Tidy / BBC News

Joe Tidy / BBC News  
Travelex Confirms Reports of REvil Malware Attack, Gang Behind Malware Says It Wants $6 Million Payment

Currency exchange giant Travelex has finally confirmed earlier reports that the malware that has taken down the company’s network and systems since New Year’s Eve is indeed Sodinokibi ransomware, also known as REvil. The gang behind the ransomware says it is demanding a $6 million payment from Travelex to restore files. They say they gained access to Travelex’s systems six months ago and to have downloaded 5GB of sensitive customer data including dates of birth, credit card information, and national insurance numbers are all in their possession. The Metropolitan Police have been leading an investigation into the attack since January 2. Travelex websites across Europe, Asia and the US have been offline since December 31 with a message to visitors that they are down for “planned maintenance.”

Related: CNN.com, The Guardian, MSSP Alert, Manchester Evening News, Cyberscoop, The Mac Observer, CNBCChannel News Asia, Reuters, Financial Times, Finextra, City A.M. – Technology, The Verge, Irish Examiner, ITV News, Associated Press, iNews, Security – Computing, Digital Trends, Silicon UK, Engadget, Tech Xplore, NDTV Gadgets360.com, Bitcoinist.com, The Register – Security, Spyware News

Tweets:@zackwhitakker @joetidy

CNN.com: Travelex says its computer systems are offline following a cyberattack
The Guardian: Travelex ‘being held to ransom’ by hackers said to be demanding $3m
MSSP Alert: Travelex Ransomware Attack: Hackers Demand Millions
Manchester Evening News: Foreign exchange company Travelex is being held to ransom by hackers
Cyberscoop: Sodinokibi ransomware plagues Travelex currency exchange as investigation continues
The Mac Observer: Travelex Infected With Sodinokibi Ransomware, Attacker Wants $3M
CNBC: Travelex currency exchange hobbled by week-long ransomware attack
Channel News Asia: Forex firm Travelex says ransomware behind last week’s cyberattack
Reuters : Forex firm Travelex says ransomware behind last week’s cyberattack
Financial Times: Travelex hackers demand ransom to protect data
Finextra : Hackers hold Travelex to ransom
City A.M. – Technology: Travelex held to ransom by hackers
The Verge: Travelex currency exchange is offline following a malware attack
Irish Examiner : Travelex ‘being held to ransom’ by New Year’s Eve cyber attackers – Irish Examiner
ITV News : Travelex ‘being held to ransom’ by New Year’s Eve cyber attackers – ITV News
Associated Press: Report: Ransomware takes down online currency exchange
iNews: Travelex hack: how a cyber attack by Sodinokibi ransomware hit the travel money firm – and what it means for you
Security – Computing: Travelex: Met Police called-in last week as Travelex FINALLY admits Sodinokibi ransomware attack
Digital Trends: Hackers demand $6M from largest retail currency dealer in ransomware attack
Silicon UK: Travelex Facing Ransom Demand After Attack
Engadget: International money transfer service Travelex held ransom by hackers
Tech Xplore – electronic gadgets, technology advances and research news: Report: Ransomware takes down online currency exchange
NDTV Gadgets360.com: Travelex Currency Exchange Taken Down After Being Hit by Ransomware: Report
Bitcoinist.com: Bitcoin Ransom Worth $6 Million Demanded by Travelex Hackers
The Register – Security: The Six Million Dollar Scam: London cops probe Travelex cyber-ransacking amid reports of £m ransomware demand, wide-open VPN server holes
Spyware News: Sodinokibi ransomware appears to be guilty of Travelex attack

@zackwhitakker: New: After a period of quiet, Travelex now confirms Sodinokibi (REvil) ransomware was the cause of its cyberattack last week. It says there's "no evidence" that data was exfiltrated, and that it "does not currently anticipate any material financial impact" for its parent company.
@joetidy: TRAVELEX: NEW STATEMENT. Company admits that it is Ransomware and it is indeed REvil. However, it says there is no evidence that data has been stolen.


September 19, 2018
Zack Whittaker / TechCrunch

Zack Whittaker / TechCrunch  
Magecart Credit Card Skimming Malware Infected Retailer NewEgg’s Website for Over a Month

A credit card skimming attack took place on giant U.S. retailer Newegg’s website, attributable to the same gang known as Magecart that stole nearly 400,000 payment card details from British Airways, researchers at Volexity and RiskIQ report. The hackers injected 15 lines of card skimming code on the online retailer’s payments page which remained there from August 14 to September 18, siphoning credit card data from the site a server controlled by the hackers. NewEgg removed the code on Tuesday after Volexity informed them of the infection.

Related: PCMag.comZDNet Security, Volexity Blog, RiskIQ, [H]ardOCP News, CNET NewsMotherboard, AppleInsider, Techmeme, SlashdotThe Mac Observer, CTOvision.com, Blog – Volexity, The Verge, HotHardware.com, Neowin, CNET News, Engadget, TechSpot, RiskIQArs Technica UK, The Register – Security, PCMag.com, PCMag.com, ZDNet Security, BleepingComputer.comCyberscoop, The Hacker News, Softpedia NewsTom’s Hardware, PCGamer

PCMag.com: Researchers Blame Digital Card Skimmers for British Airways Hack
ZDNet Security: Magecart claims another victim in Newegg merchant data theft
Volexity Blog: Magecart Strikes Again: Newegg in the Crosshairs
RiskIQ: Another Victim of the Magecart Assault Emerges: Newegg
[H]ardOCP News: Financial Info Leaked in Newegg Data Breach
CNET News: Newegg data breach exposed customer credit card info, says report – CNET
Motherboard: Hackers Steal Credit Cards From Newegg, Researchers Say
AppleInsider: Newegg card skimming hack stole customer payment details for over a month
Techmeme: Threat researcher: hackers stole customer credit cards in a month-long data breach at online retailer Newegg, between August 14 and September 18 (Zack Whittaker/TechCrunch)
Slashdot: Hackers Stole Customer Credit Cards in Newegg Data Breach
The Mac Observer: Newegg Breach Resulted in loss of Credit Card Data
CTOvision.com: Hackers stole customer credit cards in Newegg data breach
Blog – Volexity: Magecart Strikes Again: Newegg in the Crosshairs
The Verge: Newegg users’ credit card info was exposed to hackers for a month
HotHardware.com: Newegg Website Was Infiltrated By Hackers For Nearly A Month, Customer Financial Data Stolen
Neowin: Newegg customers may have had their credit card information stolen
CNET News: Newegg data breach exposed customer credit card info, says report – CNET
Engadget: Newegg fell victim to month-long card skimming hack
TechSpot: Newegg hit by same hacker group that targeted British Airways
RiskIQ: Another Victim of the Magecart Assault Emerges: Newegg
Ars Technica UK: NewEgg cracked in breach, hosted card-stealing code within its own checkout
The Register – Security: Card-stealing code that pwned British Airways, Ticketmaster pops up on more sites via hacked JS
PCMag.com: Researchers Blame Digital Card Skimmers for British Airways Hack
ZDNet Security: Magecart claims another victim in Newegg merchant data theft
BleepingComputer.com: Newegg Credit Card Info Stolen For a Month by Injected MageCart Script
Cyberscoop: Magecart strikes again, this time at electronics retailer Newegg
The Hacker News: Hackers Steal Customers’ Credit Cards From Newegg Electronics Retailer
Softpedia News: Credit Card Information of Millions of Newegg Customers Stolen Since August 13
Tom’s Hardware: Newegg Security Was Cracked by Hackers for Over a Month
PCGamer: Hackers installed ‘sophisticated’ malware on Newegg’s servers to steal customer data


September 25, 2018
Zack Whittaker / TechCrunch

Zack Whittaker / TechCrunch  
Domain Register Tierranet Pulls Zoho Offline Due to Three Phishing Complaints About Zoho-Hosted Email Users

Web-based office suite company Zoho was pulled offline after the company’s domain registrar Tierranet received phishing complaints. As a consequence, thousands of businesses that rely on Zoho for their operations couldn’t access their email, documents and files, and other business-critical software during the suspension. TierraNet received three complaints about Zoho-hosted email users in the past two months, which resulted in the domain blocking. Zoho blocked two of the suspicious accounts and is investigating the third.

October 30, 2019
Mike Isaac / New York Times

Mike Isaac / New York Times  
Uber and Lynda.com Hackers Plead Guilty in Federal Court, Each Faces Up to Five Years in Prison and a Fine of $250,000

Two men, Brandon Glover, a 26-year-old Florida resident, and Vasile Mereacre, a 23-year-old Canadian national, pleaded guilty before Judge Lucy Koh of the United States District Court for the Northern District of California to charges of computer hacking and an extortion conspiracy related to data breaches of Lynda.com and Uber. The Lynda.com breach, which occurred in December 2016, affected around 55,000 accounts, and the company warned another 9.5 million customers about the breach. The Uber breach, revealed in 2017, affected more than 57 million people and was complicated by the fact that Uber paid the two men $100,000 in bitcoin for a supposed “bug bounty,” which was ultimately perceived to be a hush-money payment by Uber. Glover and Mereacre could each face a maximum of five years in federal prison and a fine of up to $250,000 upon sentencing, which will occur in 2020.

Related: SecurityWeek,, ZDNet, iTnews – Security, DataBreaches.net, Reuters, AP Breaking News, The Register – Security, CNET, Cyberscoop

Tweets:@zackwhittaker


June 13, 2019
Sam Biddle, Matthew Cole / The Intercept

Sam Biddle, Matthew Cole / The Intercept  
Controversial Cybersecurity Firm DarkMatter Reportedly Targeted The Intercept, Discussed Breaching Publication’s Computers in Retaliation for Negative Coverage of UAE

Controversial cybersecurity firm DarkMatter working on behalf of the United Arab Emirates (UAE) discussed targeting The Intercept and breaching the computers of its employees in retaliation for negative mentions of the Emirati government, according to two sources. Reuters earlier this year revealed that DarkMatter hired ex-National Security Agency hackers and other U.S. intelligence and military veterans together with Emirati analysts to compromise the computers of political dissidents at home and abroad, including American citizens in a project code-named Project Raven, having first poached the team from Maryland-based cybersecurity firm CyberPoint. It is not clear if an attack against The Intercept was ever carried out. DarkMatter denies that it targeted The Intercept.