North Korea-tied hackers executed $620 million crypto heist: FBI

WASHINGTON — North Korean-tied hackers were responsible for a $620-million cryptocurrency heist last month targeting players of the popular Axie Infinity game, US authorities said Friday. 

The hack was one of the biggest to hit the crypto world, raising huge questions about security in an industry that only recently burst into the mainstream thanks to celebrity promotions and promises of untold wealth.

Last month's theft from the makers of Axie Infinity, a game where players can earn crypto through game play or trading their avatars, came just weeks after thieves made off with around $320 million in a similar attack.

"Through our investigations we were able to confirm Lazarus Group and APT38, cyber actors associated with (North Korea), are responsible for the theft," the FBI said in a statement.

Lazarus Group gained notoriety in 2014 when it was accused of hacking into Sony Pictures Entertainment as revenge for "The Interview," a satirical film that mocked North Korean leader Kim Jong Un.

North Korea's cyber-program dates back to at least the mid-1990s but has since grown to a 6,000-strong cyber warfare unit, known as Bureau 121, that operates from several countries including Belarus, China, India, Malaysia and Russia, according to a 2020 US military report.

North Korean hackers stole around $400-million worth of cryptocurrency through cyberattacks on digital currency outlets last year, blockchain data platform Chainalysis said in January. 

In the case of the Axie Infinity heist, attackers exploited weaknesses in the set-up put in place by the Vietnam-based firm behind the game, Sky Mavis.

The company had to solve a problem: the ethereum blockchain, where transactions in the ether cryptocurrency are logged, is relatively slow and expensive to use.

To allow Axie Infinity players to buy and sell at speed, the firm created an in-game currency and a sidechain with a bridge to the main ethereum blockchain.

The result was faster and cheaper -- but ultimately less secure.

The attack targeting its blockchain netted 173,600 ether and $25.5 million-worth of stablecoin, a digital asset pegged to the US dollar.

Agence France-Presse

FBI says it’s evaluating abuse allegations against Pitt

LOS ANGELES — The FBI says it’s gathering information about an incident involving Brad Pitt and his family aboard a private flight last week.

Spokeswoman Laura Eimiller said in a statement late Thursday that the agency is still evaluating whether to open its own investigation into allegations Pitt was abusive during the flight toward one of his six children with actress Angelina Jolie Pitt.

Several media outlets, using anonymous sources, have reported that the actor is under investigation by a child welfare agency because of the incident. The Los Angeles County Department of Children and Families refused to say whether it was investigating Pitt.

Messages left for Pitt’s representatives were not immediately returned.

Jolie Pitt filed for divorce Monday, saying she came to the decision “for the health of the family.”

source: entertainment.inquirer.net

Feds say they’ve accessed phone at center of Apple data case

NEW YORK—The US justice department said it has withdrawn a request to force Apple to reveal data from a cellphone linked to a New York drug case after someone provided federal investigators with the phone’s passcode.

Federal prosecutors said in a letter to US District Judge Margo Brodie that investigators were able to access the iPhone late Thursday night after using the passcode.

The government said it no longer needs Apple’s assistance to unlock the iPhone and is withdrawing its request for an order requiring Apple’s cooperation in the drug case.

“As we have said previously, these cases have never been about setting a court precedent; they are about law enforcement’s ability and need to access evidence on devices pursuant to lawful court orders and search warrants,” justice department spokesperson Emily Pierce said in a statement on Friday.

The justice department had sought to compel the Cupertino, California-based Apple to cooperate in the drug case, even though it had recently dropped a fight to compel Apple to help break into an iPhone used by a gunman in a December attack in San Bernardino that killed 14 people. In that case, a still-unidentified third-party came forward with a technique that managed to open the phone. That entity has not been named, and the justice department has not revealed the method used.

Representatives for Apple did not immediately respond to a request for comment on Friday night.

The tech giant had been fighting the justice department’s attempts and said in court papers last week the government’s request was extraordinary because there is likely minimal evidentiary value of any data on the phone and that Congress never authorized it to pursue such requests through the 1789 All Writs Act. It also said there is no proof Apple’s assistance was necessary and that the same technique the FBI was using to get information from the phone in California might work with the drug case phone.

But prosecutors had argued that the government needed Apple’s assistance to access the data, which they contended was “authorized to search by warrant.”

On Thursday, several law enforcement groups filed arguments in Brooklyn federal court saying they feared the public will stop aiding police if Apple is allowed to refuse to give up information from the phone in the drug case. The groups said they supported the government’s efforts to try to reverse a magistrate judge’s ruling earlier this year for Apple.

source: technology.inquirer.net

Apple remains in dark on how FBI hacked iPhone without help

WASHINGTON, United States — The FBI’s announcement that it mysteriously hacked into an iPhone is a public setback for Apple Inc., as consumers suddenly discover they can’t keep their most personal information safe. Meanwhile, Apple remains in the dark about how to restore the security of its flagship product.

The government said it was able to break into an iPhone used by a gunman in a mass shooting in California, but it didn’t say how. That puzzled Apple software engineers — and outside experts — about how the FBI broke the digital locks on the phone without Apple’s help. It also complicated Apple’s job repairing flaws that jeopardize its software.

The Justice Department’s announcement that it was dropping a legal fight to compel Apple to help it access the phone also took away any obvious legal avenues Apple might have used to learn how the FBI did it.

Magistrate Judge Sheri Pym vacated her Feb. 16 order, which compelled Apple to help the FBI hack their phone, on Tuesday.

The Justice Department declined through a spokeswoman to comment Tuesday.

A few clues have emerged. A senior law enforcement official told The Associated Press that the FBI managed to defeat an Apple security feature that threatened to delete the phone’s contents if the FBI failed to enter the correct passcode combination after 10 tries. That allowed the government to repeatedly and continuously test passcodes in what’s known as a brute-force attack until the right code is entered and the phone is unlocked.

It wasn’t clear how the FBI dealt with a related Apple security feature that introduces increasing time delays between guesses. The official spoke on condition of anonymity because this person was not authorized to discuss the technique publicly.

FBI Director James Comey has said with those features removed, the FBI could break into the phone in 26 minutes.

The FBI hacked into the iPhone used by gunman Syed Farook, who died with his wife in a gun battle with police after they killed 14 people in December in San Bernardino. The iPhone, issued to Farook by his employer, the county health department, was found in a vehicle the day after the shooting.

The FBI is reviewing information from the iPhone, and it is unclear whether anything useful can be found.

Apple said in a statement Monday that the legal case to force its cooperation “should never have been brought,” and it promised to increase the security of its products. CEO Tim Cook has said the Cupertino-based company is constantly trying to improve security for its users.

The FBI’s announcement — even without revealing precise details — that it had hacked the iPhone was at odds with the government’s firm recommendations for nearly two decades that security researchers always work cooperatively and confidentially with software manufacturers before revealing that a product might be susceptible to hackers.

The aim is to ensure that American consumers stay as safe online as possible and prevent premature disclosures that might damage a U.S. company or the economy.

As far back as 2002, the Homeland Security Department ran a working group that included leading industry technology industry executives to advise the president on how to keep confidential discoveries by independent researchers that a company’s software could be hacked until it was already fixed. Even now, the Commerce Department has been trying to fine-tune those rules. The next meeting of a conference on the subject is April 8 in Chicago and it’s unclear how the FBI’s behavior in the current case might influence the government’s fragile relationship with technology companies or researchers.

The industry’s rules are not legally binding, but the government’s top intelligence agency said in 2014 that such vulnerabilities should be reported to companies.

“When federal agencies discover a new vulnerability in commercial and open source software — a so-called ‘zero day’ vulnerability because the developers of the vulnerable software have had zero days to fix it — it is in the national interest to responsibly disclose the vulnerability rather than to hold it for an investigative or intelligence purpose,” the Office of the Director of National Intelligence said in a statement in April 2014.

The statement recommended generally divulging such flaws to manufacturers “unless there is a clear national security or law enforcement need.”

Last week a team from Johns Hopkins University said they had found a security bug in Apple’s iMessage service that would allow hackers under certain circumstances to decrypt some text messages. The team reported its findings to Apple in November and published an academic paper after Apple fixed it.

“That’s the way the research community handles the situation. And that’s appropriate,” said Susan Landau, professor of cybersecurity policy at Worcester Polytechnic Institute. She said it was acceptable for the government to find a way to unlock the phone but said it should reveal its method to Apple.

Mobile phones are frequently used to improve cybersecurity, for example, as a place to send a backup code to access a website or authenticate a user.

The chief technologist at the Center for Democracy and Technology, Joseph Lorenzo Hall, said keeping details secret about a flaw affecting millions of iPhone users “is exactly opposite the disclosure practices of the security research community. The FBI and Apple have a common goal here: to keep people safe and secure. This is the FBI prioritizing an investigation over the interests of hundreds of millions of people worldwide.”

source: technology.inquirer.net

Google will back Apple in court against the FBI

SAN FRANCISCO— Google will back Apple in its court battle with the FBI over the security of its iPhone.

Last week, a court ordered Apple to help the FBI hack into a locked iPhone used by one of the San Bernardino killers in December’s shooting spree. Apple opposes the order.

Google now plans to file a “friend of the court” brief on Apple’s behalf within the next week, a person familiar with the situation said. The person asked not to be identified because Google is still drafting the document.

Google makes the Android software that powers most smartphones in the world. Like Apple, it fears creating a precedent that authorities could use to read messages, photos and other sensitive information stored on phones.

Apple filed its formal objection in the case Thursday.

source: technology.inquirer.net

Key US military command’s Twitter, YouTube sites hacked

WASHINGTON—Hackers claiming to work on behalf of Islamic State militants seized control of the Twitter and YouTube sites of the military’s US Central Command on Monday. The Pentagon swiftly suspended the sites and said it appears that no classified material was breached.

The hacker group appears to be the same one that is under FBI investigation for hijacking the websites or Twitter feeds of media outlets in the last month, including a Maryland television station and a New Mexico newspaper.

The Central Command Twitter site was filled with threats that said “American soldiers, we are coming, watch your back.” Other postings appeared to list names, phone numbers and personal e-mail addresses of military personnel as well as PowerPoint slides and maps.

Most of the material was labeled “FOUO,” which means “For Official Use Only,” but none of it appeared to be classified or sensitive information, suggesting the hackers did not breach classified material.

One of the documents appeared to be slides developed by the Massachusetts Institute of Technology’s Lincoln Laboratory, a federally funded research and development center focused on national security. The slides appeared to depict what it called “scenarios” for conflict with North Korea and China.

An ‘annoyance’

“This is little more than a prank or vandalism. It’s inconvenient and it’s an annoyance. But that’s all it is,” said Col. Steve Warren, a Pentagon spokesman. “It in no way compromises our operations in any way shape or form.”

Warren said Pentagon officials are in contact with Twitter and YouTube to ensure that military passwords and other security for such public websites are adequate.

The tweets came shortly after US Central Command posted its own tweets about the US and partner nations continuing to attack Islamic State terrorists in Iraq and Syria and one repeating a report that said France will deploy an aircraft carrier to the fight.

The hackers titled the Central Command Twitter page “CyberCaliphate” with an underline that said “i love you isis.” And the broader message referred to the ongoing airstrikes against the Islamic State group in Iraq and Syria and threatened, “We broke into your networks and personal devices and know everything about you. You’ll see no mercy infidels. ISIS is already here, we are in your PCs, in each military base.”

It added: “US soldiers! We’re watching you!”

The intrusion on the military Twitter account carried the same logo, CyberCaliphate name and photo that appeared on the Albuquerque Journal’s website in late December when one of its stories was hacked. And earlier this month, it appeared that the same hackers breached the Journal’s Twitter account and also took over the website and Twitter feed of WBOC-TV in Salisbury, Maryland.

The FBI at the time acknowledged it was looking into the Albuquerque case, and WBOC said it was also in contact with the agency.

Some IS militant videos also were posted on the Central Command’s YouTube site, purporting to show military operations and explosions.

“This is something we’re obviously looking into, and something we take seriously,” White House spokesman Josh Earnest said. But he cautioned against comparisons to the broader hack attack against Sony. “There’s a pretty significant difference between what is a large data breach and the hacking of a Twitter account,” he said.

A senior defense official confirmed that the two accounts were compromised and said US Central Command was taking appropriate measures to address the matter. The official spoke on condition of anonymity because the official was not authorized to speak about it publicly on the record.

The military suspended the Central Command Twitter site and terminated the YouTube site. This is not the first time that US government websites or other accounts have been hacked. It was not clear whether the site was attacked by the insurgent group or by sympathizers.–Lolita C. Baldor with Josh Lederman   

source: technology.inquirer.net

Metallica Help Police Search for Murderer

Metallica frontmant James Hetfield has filmed a public service video to aid law enforcement officials in tracking down a man suspected of murderering Virginia Tech student Morgan Harrington after the band's 2009 gig in Charlottesville, Virginia. Hetfield shared a police sketch of the suspect and urged fans to speak up. "Remember, any information – no matter how small you might think it is – could be that crucial piece investigators need to help solve the case," he says.

FBI officials have used DNA evidence found with Harrington's corpse to link her killer to a 2005 sexual assault in Fairfax City, Virginia. Police fear that the suspect is predatory, and may attack other women if he has not already. The Jefferson Area Crime Stoppers organization is offering $100,000 for any information leading to an arrest, and Metallica has put up a $50,000 reward.

article source: rollingstone.com