The Internet Archive is under attack. On top of multiple extinction-threatening lawsuits against the organization that created and maintains the Wayback Machine, hackers this week breached the Internet Archive, stole 31 million user account details, and defaced its website—all while archive.org struggled to stay online thanks to a barrage of distributed denial-of-service attacks. As of Friday, the site remained “temporarily offline.”
In a dark twist of fate, a judge this week cleared the way for the US Treasury Department to take possession of 69,000 bitcoins stolen from the Silk Road dark web market; meanwhile, the former IRS investigator who personally seized the bitcoins, Tigran Gambaryan, remains in a Nigerian jail cell on charges related to the actions of his current employer, embattled crypto exchange Binance. Members of Congress and other officials have called for the US government to do more to ensure Gambaryan’s release given his direct role in a series of major criminal cases and in pioneering crypto-investigation techniques. As for those seized Silk Road bitcoins, they are now worth $4.4 billion and will likely be auctioned off.
Security researchers this week detailed a pernicious malware that worms its way into Linux machines and uses a variety of techniques to evade detection. Dubbed Perfctl, the malware hides itself by creating files that match those typically found within Linux instances, using tricks to prevent admin tools from recording its activities, and more. All of this is done with the goal of remaining on an infected machine to keep carrying out a variety of malicious activities. Researchers estimate that millions of Linux devices could be vulnerable.
Finally, we dissected the ways in which Google’s decision to not kill third-party tracking cookies in its Chrome browser could continue to impact your privacy.
And that’s not all. Each week, we round up the security and privacy news we didn’t cover in depth ourselves. Click the headlines to read the full stories. And stay safe out there.
Police use of honeypots to catch cybercriminals red-handed is nothing new. But creating an entirely new cryptocurrency to catch pump-and-dump schemers? Now that’s something special. The US Department of Justice revealed this week that the FBI made a new Ethereum-based crypto token, NexFundAI, specifically to trick people who manipulate crypto markets and take them down.
While the investigation ultimately resulted in charges against 18 people and other entities for alleged fraud and crypto market manipulation, the blast radius of the scheme also impacted some regular retail investors who are not accused of any crimes, although US officials did not provide details about those investments. A US prosecutor involved in the case told reporters, however, that the investigation netted a total of $25 million in funds, which will be returned to investors. Trading on NexFundAI has since been disabled.
National Public Data, a data broker based in Florida, is having a bad year. In August, hackers published 2.9 billion records stolen from NPD last December that included names, mailing addresses, phone numbers, email addresses, and Social Security numbers—a giant trove the hackers claim impacted “the entire population of USA, CA, and UK.” Then came the inevitable lawsuits against NPD, which is now filing for bankruptcy. Those proceedings have revealed new details, including the fact that NPD is run by a single person, Salvatore Verini, Jr, who operated the business out of his home on around $2,500 worth of equipment. A document filed in a bankruptcy court by one of NPD’s debtors states that the breach may have impacted “hundreds of millions” of people.
Discord users in Russia and Turkey this week found they were suddenly unable to connect to the online chat application. Authorities in both countries later revealed that Discord had been blocked for allegedly facilitating illegal activity. Russia’s internet regulator, Roskomnadzor, said in a statement the block “is necessary to prevent the use of the messenger for terrorist and extremist purposes, the recruitment of citizens for their commission, the sale of drugs, in connection with the placement of illegal information.” Turkish authorities, meanwhile, banned the messaging app after a court decision involving child abuse material that was allegedly hosted on Discord servers. According to BleepingComputer, some Discord users in those countries were able to access the app using a VPN that routed their connections through foreign IP addresses—potentially good news for Russian troops who were reportedly disrupted by the block.
Law enforcement use of face recognition technology to pin crimes on Americans is far more widespread than previously known, according to a newly published investigation by The Washington Post. Records obtained by the Post found that police in 15 states used face recognition tools in “more than 1,000 investigations over the past four years.” Despite its apparent widespread use, police departments frequently seek to hide their use of the technology, which has been found to inaccurately identify people who are then charged with crimes they did not commit. As an assistant public defender in Minnesota told Post reporters, police likely obscure their use of face recognition because they “want to avoid the litigation surrounding reliability of the technology.”
