Webtagr - Technology News Summarizer

Trump's Unprecedented Assault on the First Amendment

2025-03-31

Following his re-election, the Trump administration has launched an unprecedented attack on the five pillars of the First Amendment: the right to petition, freedom of assembly, freedom of the press, freedom of speech, and freedom of religion. Through actions such as firing those processing FOIA requests, threatening sanctions against lawyers suing the government, defunding universities, suing news organizations, restricting government employee language, and rescinding protections for religious sites, the administration systematically erodes these fundamental rights. This mirrors the repressive tactics of Hungarian Prime Minister Viktor Orbán, raising serious concerns about the future of American democracy.

(krebsonsecurity.com)

Tech

LastPass Breach Fuels Massive Crypto Heists: FBI Confirms Link

2025-03-08

A 2022 LastPass breach, where hackers stole user master passwords, has led to a string of six- and seven-figure cryptocurrency heists. The FBI and Secret Service have confirmed a connection, stating that stolen passwords were used to access victims' crypto wallets. A $150 million theft from Ripple co-founder Chris Larsen resulted in $24 million being recovered. Security researchers found that victims were often older LastPass users with weak master passwords and had stored their crypto seed phrases in LastPass's "Secure Notes". LastPass denies direct responsibility, but experts criticize the company's response and urge users to improve password security practices.

(krebsonsecurity.com)

Tech

Kaspersky Network Allegedly Provides Transit for Notorious 'Bulletproof' Host

2025-03-04

KrebsOnSecurity reports that Prospero OOO, a notorious provider of 'bulletproof' web hosting for cybercriminals, has begun routing its operations through networks run by Kaspersky Lab, the Russian antivirus and security firm. Prospero OOO has long been a source of malware, botnet controllers, and phishing websites. Security experts express concern that Kaspersky's provision of network services, even if denied by Kaspersky, exacerbates worries about facilitating cybercrime. The use of Kaspersky's network as a transit point raises questions about its security practices, especially considering the US government's previous ban on Kaspersky software for federal agencies.

(krebsonsecurity.com)

Tech

Army Soldier Who Leaked Officials' Phone Records Sought Asylum, Faced Treason Question

2025-02-27

Cameron Wagenius, a 20-year-old U.S. Army soldier operating under the alias "Kiberphant0m," pleaded guilty to leaking phone records of high-ranking U.S. government officials. He was part of a hacking group that exploited a vulnerability in Snowflake's cloud storage to steal data from AT&T and other major corporations. Prosecutors revealed Wagenius searched online for non-extradition countries and inquired about whether hacking constitutes treason. He also attempted to sell stolen information to a foreign military intelligence service. Wagenius faces up to ten years in prison and a $250,000 fine, while his accomplices, one of whom is in Turkish custody, face similar charges.

(krebsonsecurity.com)

Tech

Mozilla's Continued Partnership with Onerep: A Year After Broken Promises?

2025-02-13

In March 2024, KrebsOnSecurity revealed that Onerep's founder also runs numerous people-search companies, including the data broker Nuwber. Following this revelation, Mozilla announced it would end its partnership with Onerep. However, nearly a year later, Onerep remains bundled with Firefox. Despite Mozilla's assurances of user data safety, the continued partnership raises questions about its commitment to its stated values. Further complicating matters, Onerep appears to be collaborating with another problematic people-search service, Radaris. This situation highlights the complexities and challenges within the personal data removal industry and prompts ethical considerations regarding data broker business models.

(krebsonsecurity.com)

Tech

Musk's DOGE Team: A 19-Year-Old Hacker and a Massive Government Data Breach

2025-02-09

Wired revealed that a 19-year-old working for Elon Musk's so-called "Department of Government Efficiency" (DOGE) gained access to sensitive US government systems despite his past association with cybercrime communities. This teen, a former member of 'The Com,' a distributed cybercriminal network, has raised serious concerns. Since Trump's second inauguration, DOGE has accessed vast amounts of sensitive data, controlling databases at the Treasury, OPM, and other departments. The 19-year-old, Edward Coristine, known online as "Big Balls," founded Tesla.Sexy LLC and runs the ISP Packetware, with links to cybercrime. His past actions are incompatible with government security clearance standards, leading to significant security risks and widespread lawsuits.

(krebsonsecurity.com)

Tech government oversight

FBI, Dutch Police Bust Massive Pakistan-Based Cybercrime Service

2025-01-31

The FBI and Dutch authorities this week dismantled a massive spam and malware distribution service operating out of Pakistan, known as “The Manipulators.” This group, previously profiled multiple times, provided cybercrime tools to transnational organized crime groups. The operation seized dozens of servers and domains, uncovering millions of victim records, including at least 100,000 from Dutch citizens. The service sold phishing kits, scam pages, and email extractors, facilitating Business Email Compromise (BEC) schemes that caused significant financial losses to victims. Ironically, despite their brazen public profile and past media attention, The Manipulators showed little regard for protecting their own or their customers' identities, leading to their downfall. This represents a major blow to cybercrime, but investigations are ongoing to track down buyers of their services.

(krebsonsecurity.com)

Tech

Mastercard's Five-Year-Old DNS Error

2025-01-22

A security researcher, Philippe Caturegli, uncovered a nearly five-year-old error in Mastercard's domain name server settings. This misconfiguration could have allowed anyone to intercept or divert internet traffic for the company by registering an unused domain name. Caturegli spent $300 to register the domain 'akam.ne' to prevent its exploitation by cybercriminals. Mastercard acknowledged the mistake but claimed no real security risk existed. The incident highlights the potential for significant vulnerabilities in even large organizations' DNS configurations.

(krebsonsecurity.com)

Tech DNS error Mastercard

Canadian Crypto Payment Processor Cryptomus Allegedly Aids Russia in Sanctions Evasion

2025-01-22

Cryptomus, a Canadian-registered financial firm, has been identified as the payment processor for dozens of Russian cryptocurrency exchanges and websites offering cybercrime services to Russian-speaking customers. Investigations reveal Cryptomus's registered address is a virtual office shared with numerous other financial entities, raising concerns about large-scale money laundering and sanctions evasion. Researchers found Cryptomus processed transactions for at least 122 cybercrime services, including those selling stolen accounts, anonymity services, and attack infrastructure. These transactions ultimately linked to accounts in major Russian banks, currently sanctioned by the US and other Western nations. The actual operations of Cryptomus and the legitimacy of its registered address are highly questionable, highlighting the potential for cryptocurrency to facilitate sanctions evasion.

(krebsonsecurity.com)

Tech sanctions evasion money laundering

Hacker News: Inside the Operations of a Prolific Voice Phishing Crew

2025-01-08

A KrebsOnSecurity article exposes the inner workings of a prolific voice phishing gang. The group abuses legitimate Apple and Google services, using spoofed phone numbers, phishing emails, and system messages to defraud victims. They even leverage an official Apple support line to send confirmation messages, building trust. The gang has a clear division of labor, including callers, operators, drainers, and owners. The article reveals how they use data breaches and automated tools to target victims, and details internal conflicts and betrayals. The incident highlights the importance of cybersecurity and exposes the complex operation of cybercrime groups.

(krebsonsecurity.com)

Tech voice phishing

US Army Soldier Arrested for AT&T, Verizon Extortion

2024-12-31

A 20-year-old US Army soldier, Cameron John Wagenius, has been arrested and indicted for his alleged role as Kiberphant0m, a cybercriminal who sold and leaked sensitive customer call records stolen from AT&T and Verizon earlier this year. Wagenius, a communications specialist stationed in South Korea, was linked to another cybercriminal, Connor Riley Moucka, who was also arrested for data theft and extortion. The indictment charges Wagenius with illegally transferring confidential phone records, including threats to leak call logs of the President and Vice President, and selling Verizon PTT customer call records and offering SIM-swapping services. The case highlights the need for strong internal security and demonstrates law enforcement's increasing effectiveness in apprehending cybercriminals.

(krebsonsecurity.com)

Tech cybercrime US Army soldier

One Click, Half a Million Lost: Sophisticated Crypto Phishing Scam Exploits Google Services

2024-12-20

Two victims lost nearly $500,000 in cryptocurrency after clicking on a fraudulent Google account recovery prompt. Scammers used a real Google phone number, forged Google security emails, and tricked victims into clicking a Google prompt on their phones, gaining control of their Gmail accounts. One victim's mistake was storing a picture of their cryptocurrency wallet's seed phrase in Google Photos, giving the scammers easy access to their funds. This incident highlights vulnerabilities in Google's authentication system and the sophistication of scammers using Google services for high-tech phishing attacks.

(krebsonsecurity.com)

Tech phishing cryptocurrency security google authentication