The security woes of pro-Trump social media sites have been a theme of 2021: First, an absurdly basic bug in Parler allowed all of its posts to be scraped in the hours before it was dropped by its hosting provider and went offline. Then Gab was breached by hackers who stole and leaked 40 million of its posts, public and private. Now a site called Gettr, launched by a former Trump staffer, has become a third, strong contender in the competition for the worst security among pro-Trump social media sites, as hackers managed to hijack high-profile accounts and scrape tens of thousands of users’ private data, including email addresses and birthdates—all within hours of its launch.
Luckily for Gettr, there was far worse news to cover in the security world this week, namely the latest debacle in the ongoing global ransomware epidemic. WIRED’s Lily Hay Newman looked at the new details coming to light about the hack of the remote IT management tool Kaseya, which has resulted in thousands of companies being hit with ransomware, and the vulnerability that was reported to Kaseya nearly three months before it was used to pull off that attack. We also covered an ongoing fracas over a critical Microsoft print spooler bug, which the company tried—and failed!—to fix this week.
In other news, we looked at how Amazon’s Echo invisibly stores user data even after a reset, how European regulators and privacy watchdogs are pushing for a total ban on biometric surveillance, and how tough it remains to dump the password habit in favor of more secure authentication methods.
And there’s more. Each week we round up all the security news WIRED didn’t cover in depth. Click on the headlines to read the full stories, and stay safe out there.
Given the security missteps at Parler and Gab, it should come as no surprise that the latest startup seeking to gather Trump’s Twitter refugees has come into hackers’ sights too: On its launch day, July 4, hackers immediately scraped the site and leaked the non-public personal information of at least 85,000 users, including email addresses, usernames, names, and birthdates, as first spotted by cybersecurity firm Hudson Rock. That scraping of private data appears to have been made possibly by a leaky API—a problem pointed out by security professionals even before the site launched. In fact, many high-profile users of the site were also hacked more directly, by unknown means: Official accounts for far-right congresswoman Marjorie Taylor-Greene, former secretary of state Mike Pompeo, Steve Bannon, and even the site’s founder, former Trump staffer Jason Miller, were all hijacked by someone called “@JubaBaghdad.” Trump, for his part, has so far refused to join the service—perhaps in part because of its security woes, or because it’s also been flooded with Sonic the Hedgehog porn.
MIT Tech Review’s Patrick Howell O’Neill has produced a fascinating longread from the archives of the cybercriminal cat-and-mouse game: the story of how a joint operation among the FBI, Ukraine’s SBU intelligence agency, and the Russian FSB assembled to take down some of the biggest cybercriminals in Russia—and failed. The three agencies worked together for months to surveil and track the targets of their investigation, which included figures as notorious as Evgeniy Bogachev, the kingpin of a botnet operation known as Game Over Zeus, and Maksim Yakubets, the head of a group known as Evil Corp responsible for more than $100 million in digital theft and ransomware operations. Just at the moment when the agencies had coordinated their takedown, the Ukrainian SBU repeatedly delayed the operation—perhaps due to corruption in its ranks—and the Russian FSB stopped responding to the FBI entirely, ghosting its erstwhile allies. As Howell O’Neill writes, one of the biggest hacker manhunts in history—and a rare attempt at collaboration between US and Russian law enforcement—was foiled by “a maddening mixture of corruption, rivalry, and stonewalling.”
Last month the FBI and law enforcement agencies in Australia and Europe revealed that they had secretly taken over and run an encrypted phone company called Anom. They used the company to sell supposedly privacy-preserving phones to suspects of investigations around the world. The phones contained a secret backdoor they subsequently used to bust more than 800 alleged criminals. Now Motherboard has obtained and performed a hands-on analysis of one of the phones used in that sting operation. They detail how it hid its encrypted messaging features inside a fake calculator app, ran a custom operating system called ArcaneOS, and offered an emergency wipe feature. It also makes a fun souvenir from one of the largest-scale law enforcements ever pulled off by global agencies—as long you’re not one of the many owners who will end up in prison as a result.
In the midst of the Kaseya fallout this week, Bloomberg reported another incident of Russian hacking of an apparently different kind altogether: The hackers known as Cozy Bear, in the past linked with Russia’s foreign intelligence agency known as the SVR, breached the Republican National Committee, two people familiar with the matter told Bloomberg. The RNC itself denied that it was hacked or that any information was stolen—but then admitted that an RNC technology provider, Synnex, was hacked last weekend. It’s not clear whether the incident has any connection to the ransomware-focused hack of Kaseya, which has been tied to the Russian cybercriminal operators known as REvil. But given that the SVR is tasked with stealthy intelligence collection on all manner of political and government targets, it’s perhaps no surprise that it targeted the RNC, just as it famously targeted the DNC in 2016.
More Great WIRED Stories