The worst part of your stolen iPhone may not be theft itself. Instead, is a phishing attack against people in your contacts. New research this week shows there’s a thriving ecosystem of tools that allow criminals to unlock iPhones and target the phone numbers they find inside.
Foxconn, the giant electronics manufacturing company known for its role in creating iPhones, revealed this week that it recently “experienced a cyber attack.” A ransomware group known as Nitrogen, claimed responsibility for the hack and said it stole 8 TB of data from the manufacturer. Although the theft has not yet been confirmed, the fact that Foxconn is still an important target is inescapable.
The skies above the US-Canada border are about to get even more crowded. The Department of Homeland Security and Research and Development Canada plans to conduct a test this fall trials of 5G-connected drones by gathering “real-time battlefield intelligence.”
In the Strait of Hormuz, meanwhile, Iran’s Revolutionary Guards are successfully blocking an important shipping lane. use a “mosquito ship” of small boats while the military operations of the United States and Israel continue to attack the country.
And not that all. Each week, we round up security and privacy news that we didn’t cover in depth ourselves. Click on the headlines to read the full story. And stay safe out there.
A lesson to future hackers and rogue employees: When you—and, say, your twin brother—decide to destroy your employer’s network, first remember to close the Microsoft Teams meeting where you were fired, so you don’t record yourself discussing your vengeful actions.
That lesson has now hopefully been dismissed for Muneeb and Sohaib Akhter, two hackers who have now pleaded guilty to damaging 96 government databases after they were fired from their jobs at federal firm Opexus. (Muneeb has since tried to rescind his guilty plea in a handwritten note to a judge.) Their employer had made the decision to fire the 34-year-old brothers after discovering their criminal records, which included numerous hacking and wire fraud charges for crimes as minor as stealing airline miles.
The Team Meeting where the two men were fired lasted only a few minutes. The detailed planning and execution of their revenge campaign, however, took hours and was all recorded by the same teams in a meeting they failed to score—which was transcribed in court document seen by Ars Technica.
“Still connected? Still using VPN?” Sohaib is heard telling his brother, who lived in the same house. “Delete all their databases?”
“We’re doing dirty now,” Muneeb says.
Instructure, the company that runs the Canvas education software, said Monday that it has reached an agreement with hackers calling themselves ShinyHunters who had disrupted Canvas in thousands of US schools and sent ransom messages to victims’ screens. In a message on its website, the company wrote that it “reached an agreement with the unauthorized actor involved in this incident.” The statement went on to claim that the data stolen by the hackers in their breach — including 275 million student records, according to the hackers — was “returned” to Instructure, destroyed on the hackers’ own systems, and that no Instructure customer would be compromised further. The guide did not clearly say whether it paid compensation, or how much it paid if so.
I’m glad that’s all resolved. (Until the well-motivated ransomware industry executes its next big disruption.)
The Dream Market was once the largest dark web marketplace for drugs and other contraband until it voluntarily shut down in 2019, following a series of raids that netted many of its sellers. Now, the alleged operator of the market has reportedly been tracked down and charged, more than seven years after the illegal market disappeared from the Internet. Owe Martin Andresen was arrested during raids on his home and two other locations earlier this month. US and German prosecutors say he made millions of dollars from Dream Market commissions, some of which was laundered through gold bars he allegedly bought from a company in Atlanta. Given that the Dream Market was launched in 2013—the same year that the original Silk Road drug market was busted—Andresen’s arrest could end the longest cyber drug investigation of all time.
OpenAI revealed that two of its employees were affected by a hacking attack on an open source project called TanStack, a popular library used to build web applications. In a blog post, the company said that it investigated the incident and observed unauthorized access and “credential-based filtering activity” in a subset of internal code repositories. The company found no evidence that user data was accessed or that its production systems were compromised. However, it now requires all MacOS users to update their OpenAI software by June 12.
The TanStack hijacking was part of a larger attack against open source packages used by software developers. Hackers embedded malware designed to steal people’s private data, which BleepingComputer information it included Git credentials, GitHub Action tokens, SSH keys, and Claude Code configuration.
Findem, a major US data agency that was previously caught hiding its data deletion page from Google, says it has taken steps to fix the problem after three years. The company told Democrats on the Joint Economic Committee this week that a former employee had embedded a “no index” code on the company’s website, preventing users from finding its opt-out controls through Google searches, but that company executives were unaware of the issue.
Fidem said it removed the regulation the day Senator Maggie Hassan, a member of the panel, published the February reportwhich called out the company for its performance, and for failing to answer the questions of the JEC minority. In the years since the page was de-indexed, Findem says, only 679 people visited it.
