But wait, there’s more. Each week, we round up the security news we didn’t cover in-depth ourselves. Click the headlines to read the full stories, and stay safe out there.
ALPHV, a prolific group of hackers who extort companies with ransomware and leak their stolen data, said earlier this week that it had breached security camera maker Ring and threatened to dump the company’s data online if it doesn’t pay. “There’s always an option to let us leak your data …” the hackers wrote in a message to Ring on their leak site. Ring has so far responded with a denial, telling Vice’s Motherboard, “We currently have no indications of a ransomware event,” but it says it’s aware of a third-party vendor that has experienced one. That vendor, Ring says, doesn’t have access to any customer records.
Meanwhile, ALPHV, which has previously used its BlackCat ransomware to target companies like Bandai Namco, Swissport, and hospital firm Lehigh Valley Health Network, stands by its claim to have breached Ring itself, not a third-party vendor. A member of the malware research group VX-Underground shared with WIRED screenshots of a conversation with an ALPHV representative who says that it’s still in “negotiations” with Ring.
Amid the ongoing ransomware epidemic, it’s no surprise that Ring isn’t alone in facing extortion problems. So too is Maximum Industries, a supplier of rocket parts for Elon Musk’s SpaceX. The hackers, a well-known ransomware gang known as LockBit, taunted Musk on their website, threatening to sell the stolen information to the highest bidder if Maximum doesn’t pay by their March 20 deadline. “I would say we were lucky if Space-X contractors were more talkative. But I think this material will find its buyer as soon as possible,” the hackers wrote. “Elon Musk we will help you sell your drawings to other manufacturers.”
Google’s Project Zero, its security research team devoted to finding unknown vulnerabilities in widely used tech products, warned Thursday that it had discovered severe hackable flaws in Samsung chips used in dozens of Android devices. In total, the researchers found 18 distinct vulnerabilities in Samsung’s Exynos modems for smartphones, but they say that four of them are particularly critical and would allow a hacker to “remotely compromise a phone at the baseband level with no user interaction, and require only that the attacker know the victim’s phone number.” Project Zero only rarely publishes information on unpatched vulnerabilities. But it says that it gave Samsung 90 days to fix the flaws, and it hasn’t yet. A bit of public shaming, perhaps, might spur Samsung to move faster to protect Google’s users from an insidious form of attack.
Since 2017, the cryptocurrency “mixer” service ChipMixer quietly grew into a powerhouse of cryptocurrency money laundering, taking in users’ coins, mixing them with others and then sending them back to obscure the money’s trail across blockchains. In the process, the Department of Justice says it laundered $3 billion worth of criminal funds, including ransomware payments, North Korean hackers’ stolen loot, and even profits from the sale of child sexual exploitation materials. Now, in a bust carried out by multiple European law enforcement agencies and coordinated by Europol as well as the FBI and DHS, ChipMixer has been taken offline and its infrastructure seized. The site’s alleged creator, 49-year-old Vietnamese national Minh Quốc Nguyễn, remains out of reach: He’s been charged with money laundering only in absentia.
But the most intriguing result of the case may have more to do with the meltdown of the now notorious cryptocurrency exchange FTX: A portion of FTX’s funds that were stolen in the midst of its bankruptcy proceedings in November were funneled into ChipMixer. Seizing the servers of that mixing service may well foil the FTX thieves’ attempt to evade tracing and help solve one of the central mysteries of that high-profile heist.
Only in the cryptocurrency world, where thefts of more than half a billion dollars now occur multiple times a year, does the stealing of $200 million merit the lowest spot on a news roundup. Early this week, the distributed trading protocol Euler Finance lost nearly $200 million in cryptocurrency to hackers who found a vulnerability in its code. At first, Euler, the company behind that protocol, offered to let the hackers keep $20 million if they returned the rest of the funds. But after that offer was ignored—in fact, the hackers have sent the funds to the Tornado Cash mixing service in the hopes of covering their tracks—the firm has announced a $1 million bounty on the hackers’ heads.
