If you call your hacking conglomerate Evil Corp and steal tens of millions of dollars from banks and individuals over the course of a decade, you can probably expect an indictment at some point. For alleged Evil Corp leader Maksim Yakubets, it came this week, as US and UK authorities charged him and an associate with hacking thefts that totaled over $100 million. A separate criminal complaint also ties Yakubets to the infamous Zeus trojan. There’s also a $5 million reward out for information leading to the arrest of cybercriminal mastermind—but don’t hold your breath.
We also took a look at vulnerabilities caused by the sloppy implementation of Rich Communication Services, the protocol that’s on its way to replacing SMS for texting and more. Even if you’re not familiar with RCS, you’re going to encounter it on Android soon; Google recently made it the default for its stock Messenger app. But unless it and the various carriers who have embraced it as the future of texting get their acts together, it doesn’t look much more secure than the recent past.
Speaking of the past, Microsoft patched what it considered a low-severity bug in Microsoft Outlook in 2017. So far, so good. But hackers have since figured out how to get around that fix, leaving Outlook alarmingly exposed to attacks at a time when email has become a target. Security firm FireEye recently sounded a warning that it had seen lots of activity lately associated with the bug, ranging from state-sponsored hacking crews to, well, other security firms on pen-testing missions.
What’s a dead drop? We explain it in depth, and you don’t even have to go to a previously agreed upon hiding spot to read it. And we took a look at why DuckDuckGo might just be the Google Chrome alternative you’ve been pining for. And if you have some time to spare this weekend, spend it with these animal liberation activists who want jurors to have to experience the suffering of animals being sent to slaughter for themselves—in virtual reality.
Lastly, a serious note: Ewoks are the most tactically advanced fighters in the Star Wars universe. This is not up for debate. Thank you for your time.
And there’s more. Every Saturday we round up the security and privacy stories that we didn’t break or report on in-depth but which we think you should know about nonetheless. Click on the headlines to read them, and stay safe out there.
There’s nothing especially fancy about the way hackers parted a Chinese venture capital company from its million-dollar investment in an Israeli startup, but it’s an impressive example of the genre. The attackers noticed an email telegraphing the upcoming money transfer, and created fake domains that looked like the two companies respectively. By sending emails to each organization pretending to be from the other, the hackers were able to intercept every step of the ensuing correspondence, altering details along the way—like banking details. It’s all very clever! Highly illegal, of course, and morally wrong. But clever!
A virtual private network ostensibly keeps your internet browsing safe from prying eyes. But a newly disclosed vulnerability in Unix-based operating systems—that’s everything from Linux to macOS—leaves those VPN connections at risk of sniffing or even hijacking. The good news is that it’s a tricky exploit to pull off, so you’re probably not at risk unless a particularly talented hacker has eyes on you. The bad news? VPNs were already hard enough to trust.
On October 21, documents hit the internet that purported to show sensitive details about UK trade talks with the US. On Monday, Reuters reported that the release had the hallmarks of a coordinated Russian disinformation campaign. Friday afternoon, Reddit itself confirmed as much. Remember, friends! Russian intelligence operations haven’t slowed down since 2016, and they’re not going to.
More Great WIRED Stories
- Meet the activists risking prison to film VR in factory farms
- Everything you need to know about genetic testing
- Ewoks are the most tactically advanced fighting force in Star Wars
- Would you pay someone $40 to keep you focused on work?
- 15 passive-aggressive gifts for your terrible roommate
- ? Will AI as a field “hit the wall” soon? Plus, the latest news on artificial intelligence
- ??♀️ Want the best tools to get healthy? Check out our Gear team’s picks for the best fitness trackers, running gear (including shoes and socks), and best headphones.