Everything old was new again this week as ransomware came roaring back into the headlines, hitting a crucial Iowa grain cooperative, among other targets. And WIRED sat down with DeSnake, the former number two of the dark web marketplace AlphaBay, to hear about his reemergence and relaunch of AlphaBay four years after its takedown by law enforcement. "AlphaBay name was put in bad light after the raids. I am here to make amends to that," DeSnake said.
The Groundhog Day vibes continued with the annual release of Apple's latest mobile operating system, iOS 15. The new OS comes with a slew of privacy features, including more granular details about what your apps are up to, a mechanism to block email trackers, and a sort of VPN-Tor Frankenstein monster called iCloud Private Relay that protects your browsing activity. Use WIRED's handy guide to get up to speed and start changing some settings.
And if you want a DIY project that isn't tied to a tech company's walled garden, we've got tips on how to set up your own network attached storage (NAS) that plugs straight into your router and gives you a place to share files between your devices or easily store backups.
And there's more! Each week we round up all the security news WIRED didn’t cover in depth. Click on the headlines to read the full stories, and stay safe out there.
A letter to Congress shared with Motherboard shows that the US National Security Agency, the Central Intelligence Agency, and other members of the Intelligence Community use ad blockers on their networks as a security protection. "The IC has implemented network-based ad-blocking technologies and uses information from several layers, including Domain Name System information, to block unwanted and malicious advertising content,” the IC chief information officer wrote in the letter.
You may use an ad blocker to make your browsing experience more pleasant, but the tools also have potential defense benefits. Attackers who try to run malicious ads on unscrupulous ad networks or taint legitimate-looking ads can steal data or sneak malware onto your device if you click, or sometimes by exploiting web vulnerabilities. The fact that the IC views ads as an unnecessary risk and even a threat speaks to long-standing problems with the industry. The NSA and Cybersecurity and Infrastructure Security Agency have released public guidance in recent years advising the use of ad blockers as a security protection, but the IC itself wasn’t required to adopt the measure. Its members deployed ad blockers voluntarily.
The security division of Russian telecom giant Rostelecom took down a portion of a notorious botnet this week, thanks to a flaw introduced by the malicious platform’s developers. The error allowed Rostelecom to “sinkhole“ part of the system. A botnet is a zombie army of devices that have been infected with malware to centrally control coordinated operations. The platforms are often used for DDoS attacks, in which actors direct a firehose of junk traffic at a target’s web systems in an attempt to overload them.
The Meris botnet is currently the largest botnet available to cybercriminals and is thought to be made up of about 250,000 systems working collectively. It has been used against targets in Russia, the United States, and the United Kingdom, among others. The Rostelecom partial takedown is significant, because Meris attacks are powerful and challenging for targets to combat. Earlier this month, a Meris attack on the Russian tech giant Yandex broke the record for largest-ever volumetric DDoS attack. Yandex managed to defend itself against the assault.
European law enforcement in Italy and Spain have arrested 106 people on suspicion of running a massive fraud campaign over many years, with profits totaling more than $11.7 million in the last year alone. And police said this week that the individuals involved have ties to an Italian mafia group. The suspects allegedly ran phishing schemes, conducted business email compromise scams, launched SIM-swapping attacks, and generally perpetrated credit card fraud against hundreds of victims. The activity was also allegedly connected to drug trafficking and other property-related crimes. To actually extract funds from these digital scams, the suspects allegedly laundered stolen money through a system of money mules and shell companies. In addition to the arrests, law enforcement froze 118 bank accounts and seized computers, SIM cards, 224 credit cards, and an entire cannabis plantation in connection with the bust.