Review: The digital sleuths who demystified cryptocurrency

December 31, 2022Frank Articles alphabay, blockchain, chainalysis, cryptocurrency, cybercrime, dark web, digital underground, hacking, ransomware, silk road

By FRANK BAJAK
December 5, 2022

“Tracers In The Dark” by Andy Greenberg (Doubleday)

The year was 2011. Cryptocurrency was a little-understood novelty, and Sen. Chuck Schumer called a news conference to vent outrage over a one-stop online shop for illegal drugs whose technology made sellers “virtually untraceable.”

The New York lawmaker’s description of Silk Road helped seed a persisting myth that technology reporter Andy Greenberg exhaustively dispels in “Tracers in the Dark,” that transactions of Bitcoin and other cryptocurrencies can’t be tracked.

Greenberg sketches the evolution of a wholly new discipline in the surprisingly lively real-life police procedural, following law officers and programmers who invent and deploy cryptocurrency-tracking tools to catch a new breed of criminal. They take down Silk Road and other “dark web” markets and merchants, finger crypto money launderers and snare the sysadmin and users of Welcome to Video, a major South-Korea-based distributor of child sexual abuse material.

Best of the action are two takedown dramas. A young Quebecois behind the AlphaBay dark web market, Alexandre Cazes, lives large in Thailand, rocketing around in a Lamborghini, running up $12,000 restaurant bills and boasting of adulterous sexploits online. The other takedown is of a DEA agent and a Secret Service agent who illegally enriched themselves off Silk Road while investigating it – each wholly on their own.

FireEye CEO: Reckless Microsoft hack unusual for China

March 14, 2021March 14, 2021Frank Articles China, Exchange, FireEye, hacking, Hafnium, Kevin Mandia, Microsoft, web shell

By FRANK BAJAK and NATHAN ELLGREN
March 9, 2021

RESTON, Va. (AP) — Cyber sleuths have already blamed China for a hack that exposed tens of thousands of servers running Microsoft’s Exchange email program to potential hacks. The CEO of a prominent cybersecurity firm says it now seems clear China also unleashed an indiscriminate, automated second wave of hacking that opened the way for ransomware and other cyberattacks.

The second wave, which began Feb. 26, is highly uncharacteristic of Beijing’s elite cyber spies and far exceeds the norms of espionage, said Kevin Mandia of FireEye. In its massive scale it diverges radically from the highly targeted nature of the original hack, which was detected in January.

“You never want to see a modern nation like China that has an offense capability — that they usually control with discipline — suddenly hit potentially a hundred thousand systems,” Mandia said Tuesday in an interview with The Associated Press.

Mandia said his company assesses based on the forensics that two groups of Chinese state-backed hackers — in an explosion of automated seeding — installed backdoors known as “web shells” on an as-yet undetermined number of systems. Experts fear a large number could easily be exploited for second-stage infections of ransomware by criminals, who also use automation to identify and infect targets.

Reliability of pricey new voting machines questioned

February 13, 2020October 5, 2020Frank Articles Ballot-marking devices, Dominion Voting, Election security, ES&S, hacking

By FRANK BAJAK
February 23, 2020

Nearly 1 in 5 U.S. voters will cast ballots this year on devices that look and feel like the discredited paperless voting machines they once used, yet leave a paper record of the vote. But computer security experts are warning that these so-called ballot-marking devices still pose too much of a risk.

Ballot-marking machines were initially developed not as primary vote-casting tools but as “accessible” alternatives for the disabled. They print out paper records that are scanned by optical readers that tabulate the vote.

They cost at least twice as much as hand-marked paper ballots, which computer scientists prefer because paper can’t be hacked. That’s an important consideration as U.S. intelligence officials warn that malicious meddling in this year’s presidential contest could be worse than in 2016.

The machines have been vigorously promoted by the trio of privately held voting equipment vendors that control 88 percent of the U.S. market and are nearly unregulated at the federal level. They are expected to be used by some 40 million eligible voters more than in the 2018 midterm elections.

Experts: US anti-Huawei campaign likely exaggerated

September 11, 2019Frank Articles hacking, Huawei, state-sponsored hackers

February 28, 2019

By FRANK BAJAK

Since last year, the U.S. has waged a vigorous diplomatic offensive against the Chinese telecommunications giant Huawei, claiming that any nation deploying its gear in next-generation wireless networks is giving Beijing a conduit for espionage or worse.

But security experts say the U.S. government is likely exaggerating that threat. Not only is the U.S. case short on specifics, they say, it glosses over the fact that the Chinese don’t need secret access to Huawei routers to infiltrate global networks that already have notoriously poor security.

State-sponsored hackers have shown no preference for one manufacturer’s technology over another, these experts say. Kremlin-backed hackers, for instance, adroitly exploit internet routers and other networking equipment made by companies that are not Russian.

If the Chinese want to disrupt global networks, “they will do so regardless of the type of equipment you are using,” said Jan-Peter Kleinhans, a researcher at the Berlin think tank Neue Verantwortung Stiftung.

One of the most common U.S. fears — that Huawei might install software “backdoors” in its equipment that Chinese intelligence could use to tap into, eavesdrop on or interrupt data transmissions — strikes some experts as highly unlikely.

Priscilla Moriuchi, who retired from the National Security Agency in 2017 after running its Far East operations, does not believe the Huawei threat is overblown. But she called the odds of the company installing backdoors on behalf of Chinese intelligence “almost zero because of the chance that it would be discovered,” thus exposing Huawei’s complicity.

APNewsBreak: Georgia election server wiped after suit filed

April 8, 2018April 8, 2018Frank Articles Election security, Georgia, hacking, server wiped

A computer server crucial to a lawsuit against Georgia election officials was quietly wiped clean by its custodians just after the suit was filed, The Associated Press has learned.

The server’s data was destroyed July 7 by technicians at the Center for Elections Systems at Kennesaw State University, which runs the state’s election system. The data wipe was revealed in an email sent last week from an assistant state attorney general to plaintiffs in the case that was later obtained by the AP. More emails obtained in a public records request confirmed the wipe.

The lawsuit, filed July 3 by a diverse group of election reform advocates, aims to force Georgia to retire its antiquated and heavily criticized election technology. The server in question, which served as a statewide staging location for key election-related data, made national headlines in June after a security expert disclosed a gaping security hole that wasn’t fixed six months after he reported it to election authorities.

Aging, rickety U.S. elections system vulnerable to hacking

January 16, 2017Frank Articles elections, hacking, security, vote, voting tech

By FRANK BAJAK AND MICHAEL RUBINKAM

Dec. 26, 2016

ALLENTOWN, Pa. (AP) — Jill Stein’s bid to recount votes in Pennsylvania was in trouble even before a federal judge shot it down Dec. 12. That’s because the Green Party candidate’s effort stood almost no chance of detecting potential fraud or error in the vote — there was basically nothing to recount.

Pennsylvania is one of 11 states where the majority of voters use antiquated machines that store votes electronically, without printed ballots or other paper-based backups that could be used to double-check the balloting. There’s almost no way to know if they’ve accurately recorded individual votes — or if anyone tampered with the count.

More than 80 percent of Pennsylvanians who voted Nov. 8 cast their ballots on such machines, according to VotePA, a nonprofit seeking their replacement. A recount would, in the words of VotePA’s Marybeth Kuznik, a veteran election judge, essentially amount to this: “You go to the computer and you say, ‘OK, computer, you counted this a week-and-a-half ago. Were you right the first time?'”

These paperless digital voting machines, used by roughly 1 in 5 U.S. voters last month, present one of the most glaring dangers to the security of the rickety, underfunded U.S. election system. Like many electronic voting machines, they are vulnerable to hacking. But other machines typically leave a paper trail that could be manually checked. The paperless digital machines open the door to potential election rigging that might not ever be detected.

What’s more, their prevalence magnifies other risks in the election system, such as the possibility that hackers might compromise the computers that tally votes, by making failures or attacks harder to catch. And like other voting machines adopted since the 2000 election, the paperless systems are nearing the end of their useful life — yet there is no comprehensive plan to replace them.

READ FULL ARTICLE

South America hacker team targets dissidents, journalists

December 10, 2015October 22, 2017Frank Articles Citizen Lab, cyberespionage, cyberspying, Ecuador, hacking, Hacking Team, Packrat

By FRANK BAJAK

LIMA, Peru (AP) — A shadowy cyber-espionage group that sent malware to the prosecutor whose mysterious death transfixed Argentina early this year has been hitting targets in left-leaning nations across South America, the Internet watchdog group Citizen Lab reported Wednesday.

The breadth and brazenness of the hackers’ activity bear the hallmarks of state sponsorship. So do its targets.

The group has been attacking opposition figures and independent journalists in Ecuador with spyware. It also ran dummy websites. The most elaborate, geared toward Venezuela, is a constantly updated news site featuring dubiously sourced “scoops” on purported corruption among the ruling socialists. In Ecuador, a similarly faux site seemed tailored to attract disgruntled police officers.

The researchers launched the three-month probe after determining that spyware found on the smartphone of Argentine prosecutor Alberto Nisman was written to send pilfered data to the same command-and-control structure as malware sent to targets infected in Ecuador. They said the hackers had a “keen and systematic interest in the political opposition and the independent press” in the three nations, all run by allied left-wing governments. That suggests it may have operated on behalf of one or more of those governments, the 60-page report said.

In September, the hackers threatened a Citizen Lab researcher as he poked around in a U.S.-based machine the group had infected.

“We’re going to analyze your brain with a bullet — and your family’s, too,” read a message that popped up on his computer screen. “You like playing the spy and going where you shouldn’t, well you should know that it has a cost — your life!”

That’s rare behavior among professional hackers, perhaps indicating little fear of criminal prosecution, said Morgan Marquis-Boire, one of the researchers.

In November, the group attempted to infect the computer of an Associated Press reporter, who was also investigating it, with a phishing attack aimed at stealing his Google password.

READ FULL STORY