Backlash Grows Against NHS Plan to Conceal Source Code Amid AI Hacking Risks

Posted on May 5, 2026 by Igor Mitreski

NHS England’s Commitment to Open Source Software

Mark Thomas/Shutterstock

NHS England software development — NHS England’s Commitment to Open Source Software

Mark Thomas/Shutterstock

NHS England’s recent move to withdraw open source code developed with taxpayer funds has led to significant backlash due to concerns over computer hacking by AI models.

Recent reports revealed that Mythos, an AI from Anthropic, can identify vulnerabilities in software, potentially enabling hackers to exploit systems using that software. Consequently, NHS England has mandated that all existing and future software must be restricted from public access by May 11 to mitigate these risks.

This shift contradicts NHS service standards, which advocate for software produced by staff to remain open source. This accessibility allows for the enhancement and utilization of tools without redundant efforts, a practice experts argue does not inherently bolster security.

In response, an open letter has amassed hundreds of signatures urging NHS England to reconsider its stance. At present, 682 signatories include writers and digital rights advocates. Notably, Cory Doctorow and former UK Health Secretary Matt Hancock have been approached for comments. Mr. Hancock labeled the initiative a “significant error” in a LinkedIn post, asserting that the decision undermines public investment.

“Opening source code has been one of the NHS’s most forward-thinking strategies. This work was funded by taxpayers; hence they should reap the rewards,” Mr. Hancock noted. “The empirical evidence also supports that open source code is subjected to more rigorous testing, is inherently more secure, and can be enhanced by talented individuals globally.”

Vlad Stefan Halbs, from the University of Edinburgh, co-signed the open letter. He has utilized Mythos to assess vulnerabilities within the NHS’s open source code, uncovering “multiple significant vulnerabilities” which were responsibly reported to the NHS before the project’s decommissioning.

“While we cannot confirm if our reported vulnerabilities triggered this course of action, they likely contributed,” Halbs remarked. “Routine security assessments and public disclosures, aided by large language models, can uncover similar vulnerabilities. Mythos merely streamlines the process. The fundamental issue, however, remains a severe underinvestment in cybersecurity, a problem that predates Mythos.”

Halbs speculates that backups of the NHS code will persist, potentially repurposed for training various AI models. Yet, he questions whether restricting access from GitHub will deter professionals dedicated to enhancing the quality and security of public services from contributing. “By closing access, we are alienating our supporters, not our adversaries,” Halbs concluded.

A report by the UK government-backed AI Security Institute (AISI) on Mythos indicated its limitations, revealing it could primarily target “small, poorly defended corporate systems,” and showing no evidence that genuinely secure networks were threatened.

Terrence Eden, a British civil servant with a history of advocating for public data access, criticized the decision as illogical.

“Trust in the NHS hinges on its openness, transparency, and honesty. Given our healthcare system’s reliance on digital technologies, open source is essential. It is our right to understand the operation of these tools. I urge the NHS to heed this petition and uphold its obligations to the community,” Eden stated.

The UK Department of Health and Human Services did not respond to inquiries. Meanwhile, a spokesperson for NHS England reiterated its stance: “To fortify our cybersecurity amid rapid AI model advancements, we are temporarily restricting access to certain NHS England source codes. Nonetheless, we will continue to publicly share source code whenever deemed essential.”

Topic:

Source: www.newscientist.com

UK NHS Scrambles to Conceal Software Amid AI Hacking Concerns

Posted on May 1, 2026 by Igor Mitreski

NHS Software: Publicly Accessible by Design

Mareks Perkons/Alamy

NHS Software Security — NHS Software: Publicly Accessible by Design

Mareks Perkons/Alamy

NHS England is swiftly retracting all software it developed from public access, due to concerns over potential hacking threats from advanced artificial intelligence. However, security experts deem this decision unnecessary and counterproductive.

The software produced by NHS has historically been open source, available on GitHub, allowing organizations to innovate and enhance services without duplicating efforts due to funding from public resources.

In light of recent developments, NHS England has issued new directives shared with staff. According to New Scientist, existing and forthcoming software must remain private. “All source code repositories must be private by default. Public access is only permitted under exceptional circumstances,” the guidance states, with a deadline for compliance set for May 11.

Recent reports highlighted that the AI system developed by Anthropic, called Mythos, could detect vulnerabilities in nearly any software, raising concerns about potential cyber breaches.

NHS England cites Mythos as a primary motivator for these new regulations, warning that public repositories heighten the risk of exposing sensitive information that savvy hackers may exploit. “This directive establishes a default closed posture for code while ensuring that organizations evaluate the impact of these changes,” they wrote.

Contrarily, the UK government-backed AI Security Institute (AISI) has found that Mythos primarily targets “small, poorly defended and vulnerable corporate systems,” indicating that truly secure software remains unharmed.

The recent measures contradict NHS service standards, mandating that software originating from public resources be open source. “Public services, funded by taxpayers, should remain reusable and modifiable by others unless deemed necessary otherwise,” as outlined in previous guidelines.

Open source software enhances trust and transparency in public services. The Horizon IT system utilized by the UK Post Office, which caused unjust accusations of theft, might have avoided turmoil if its code had been publicly accessible. Read more about the scandal here.

Terrence Eden, a British civil servant with experience in public data accessibility, criticized the recent move as illogical. “Is it possible for Mythos to scan a repository and identify a bug? Absolutely. But will it lead to a security issue in running NHS services? Highly unlikely,” Eden asserts. “This reaction seems to reflect a panic based on exaggerated fears about Mythos’s capabilities.”

Eden argues that open source solutions are actually more secure due to greater scrutiny from the community. Furthermore, NHS software has long been publicly accessible, meaning it exists in various backups regardless of new restrictions.

“Restricting access now is akin to closing the barn door after the horse has bolted,” Eden comments. “NHS staff are perplexed, uncertain about where this policy aims to lead.”

A spokesperson for NHS England stated: “To bolster our cybersecurity, we are temporarily limiting access to certain NHS England source code while we assess the rapidly evolving AI landscape. We will continue to share source code publicly where necessary.”

Topics:

Source: www.newscientist.com

Is Mythos, Anthropic’s AI for Hacking, a Cause for Concern?

Posted on April 23, 2026 by Igor Mitreski

Revolutionizing Online Security: Anthropic’s Project Glasswing

Jonathan Raa/NurPhoto, Getty Images

Anthropic's Project Glasswing website — Revolutionizing Online Security: Anthropic’s Project Glasswing

Jonathan Raa/NurPhoto, Getty Images

Recent developments have stirred significant concern in the tech world regarding Mythos. This cutting-edge technology is designed to swiftly identify cybersecurity weaknesses, which could pose serious risks to operating systems and software.

Understanding Mythos: What Are the Concerns?

Mythos, an artificial intelligence model developed by Anthropic, was inadvertently discovered during a routine excavation last month. Confidential content available on the company’s website revealed its existence, indicating it was left unguarded.

According to Anthropic, this model was intentionally kept hidden due to its remarkable ability to exploit vulnerabilities. It is known to uncover flaws in virtually any software, thereby granting unauthorized access.

Reportedly, Mythos has identified thousands of critical vulnerabilities across various platforms, but Anthropic remained tight-lipped when approached for comments. According to an article in New Scientist, the implications for public safety, national security, and economic factors are profound.

The organization asserted that the responsible decision was to keep Mythos under wraps.

Can Anyone Access Mythos?

Not entirely. Anthropic has opted to provide access to select technology and financial titans, including Amazon Web Services, Apple, Google, JPMorgan Chase, Microsoft, and NVIDIA, through Project Glasswing. This enables them to detect vulnerabilities in their own software before they are exploited.

Additionally, members of exclusive online forums reportedly gained unauthorized access to the prototype, speculating they deduced its online location. This incident highlights potential lapses in corporate cybersecurity measures.

Although initially intended to be a well-guarded secret, Mythos has gained traction and is being scrutinized by leading cybersecurity experts. Many corporations involved are also significant clients of Anthropic, amplifying the attention surrounding Mythos.

Cybersecurity expert Davy Ottenheimer described this situation in a blog post as a “valid technological capability turned into a threat to civilization, particularly benefiting those who have reconfigured it.”

Is The Threat as Alarming as Reported?

Researcher Kevin Curran from the University of Ulster shares that the exposure of Mythos has created alarm within the security industry, although experts are divided on its genuine threat level. He raises concerns about machines performing in seconds what would typically take seasoned human hackers months to accomplish.

However, there are indicators that there’s no immediate cause for alarm. Bobby Holley from Firefox, one of the privileged organizations with access to Mythos, noted in a blog post that his team was able to identify 271 vulnerabilities in web browsers, none of which were unprecedented or highly complex.

“Even a single bug could set off alarms by 2025. With the sheer volume of vulnerabilities detected, one must question if it’s feasible to keep pace,” Hawley remarked. “Fortunately, none of the vulnerabilities we found could not have been uncovered by skilled human researchers.”

The AI Security Institute (AISI), established under the guidance of former British Prime Minister Rishi Sunak post-2023 UK AI Summit, assessed Mythos and discovered it predominantly targets smaller, poorly defended corporate systems, marking an advancement over previous models but still lacking the ability to compromise genuinely secure networks. AISI also indicated a rapid evolution in the situation, but refrained from commenting further.

Concerned expert Alan Woodward from the University of Surrey provides a pragmatic perspective on AI capabilities. He states, “AI may not uncover vulnerabilities that humans can’t, but it does so more quickly and thoroughly, identifying flaws that might elude human scrutiny. As illustrated by Mythos, AI enhances the efficiency of attackers, granting them speed and flexibility that complicates defenses, but it’s not insurmountable.”

In summary, while Mythos can pinpoint vulnerabilities rapidly, it appears to have yet to uncover any catastrophic dangers. However, this might present an opportunity to improve cybersecurity practices.

Can AI Hacking Be Beneficial?

“Vulnerabilities are finite, and we are entering a phase where we can identify them comprehensively,” Hawley notes. Essentially, if you are involved in software development or maintenance, you could utilize Mythos to dismantle and even patch your own code—potentially prior to its public release.

While it’s likely that AI will improve in detecting flaws, malicious actors will undoubtedly exploit this advancement. Yet, this could also serve to aid software developers. Companies managing dated, cumbersome legacy systems may, however, struggle to keep pace.

Even Anthropic suggests that AI-driven hacking will eventually favor defenders over attackers—though stating otherwise may complicate their justification for developing such technologies.

At its core, AI has made it easier to both attack and defend against cyber threats, but organizations that dismiss this technology will face significant disadvantages.

“Consider Mythos a wake-up call,” warns Curran. “Expect comparable capabilities in the hands of adversaries within the next 18 months. The opportunity to stay ahead is fleeting but still exists.”

Topics:

Source: www.newscientist.com

Unlocking Solutions: How Dream Hacking Can Help You Solve Complex Problems While You Sleep

Posted on February 18, 2026 by Igor Mitreski

One of the study participants fell asleep during the experiment.

Mia Lux

Your brain can be gently nudged to tackle complex problems in your sleep, enhancing your ability to solve them upon waking.

Neuroscientists and psychologists are increasingly employing techniques involving sound, touch, movement, and particularly olfactory stimuli to influence dreams. This innovative approach demonstrates potential for applications like helping smokers quit, treating chronic nightmares, and even enhancing creativity.

Now, Karen Koncoly and her team at Northwestern University in Illinois have revealed that this technique may also aid in problem-solving. The researchers enlisted 20 self-identified lucid dreamers—individuals aware that they are dreaming and able to control their narratives—and tasked them with solving puzzles in two sessions within a sleep lab. Each puzzle was associated with unique soundtracks, featuring soothing elements like birdsong and steel drums.

The researchers meticulously monitored participants’ brain and eye movements to pinpoint when they transitioned into the rapid eye movement (REM) phase of sleep, which is known for its vivid and imaginative dreams. Upon entering this phase, a selection of unresolved puzzles was paired with the corresponding soundtracks. Participants were prompted to demonstrate lucidity by executing at least two rapid eye movements from left to right, indicating they were aware of the sound cues while striving to solve the puzzles in their dreams.

The following morning, participants reported that those who listened to the soundtracks during sleep found the puzzle features prominently featured in their dreams, significantly boosting their chances of solving them. Approximately 40% of participants who dreamed about puzzles managed to solve them, while only 17% who didn’t dream of the puzzles could achieve the same.

While the exact reasons behind these findings remain unclear, it’s suggested that pairing sound stimuli with learning tasks while awake may activate the memory of the puzzle when hearing the same sound during sleep, through a process known as targeted memory reactivation. This appears to activate the hippocampus—an essential brain region for memory—prompting what may resemble a spontaneous reactivation of memories that facilitates learning.

Although dreams can manifest at any stage of sleep, Konkoly indicates that targeting REM sleep may enhance problem-solving capabilities. “REM dreams are highly associative and atypical, blending new and prior memories with imaginative thought,” she states. “During this stage, your brain is quite active, potentially allowing for unrestricted access to various sections of your mind.”

Researcher Karen Concoly prepares a participant for the study by fitting a cap to their head that records brain activity.

Karen Konkoly

Tony Cunningham and researchers at Harvard University affirm that this study indicates “individuals may consciously focus on unresolved issues while dreaming.”

However, some experts caution that dream engineering could interfere with the critical functions of sleep, such as clearing toxins from the brain. There are concerns about the potential for companies to exploit these findings by placing ads within personal devices, which Cunningham particularly highlights. “Our senses are already bombarded during waking hours by advertisements, emails, and work stress; sleep remains one of the few times of respite,” he notes.

Koncoly plans to explore why certain individuals exhibit varying responses to sound stimuli on different days. “During this study, I stayed up all night monitoring brainwaves and providing cues during REM sleep. Sometimes participants would signal a response, and other times, they wouldn’t. Occasionally, they would wake and incorporate relevant puzzles into their dreams, while at other times, they simply processed the sound without any further reaction. Why do identical stimuli manifest differently in the same state of consciousness?”

Topic:

This rewrite is optimized for SEO, incorporating relevant keywords, improving readability, and retaining the original HTML formatting, tags, and structure.

Source: www.newscientist.com

From Fun to Responsibility: Inspiring Young Gamers to Embrace Ethical Hacking and Cybersecurity

Posted on November 11, 2025 by

Video games have evolved significantly since their rise in popularity in the 1970s, leading to a remarkable surge in players. Today, there are around 3 billion gamers globally, with estimates indicating that over 90% of Gen Z engage in gaming for more than 12 hours a week. Contemporary gaming blockbusters are vibrant and imaginative, immersing young people in dynamic and expansive worlds they can explore and influence.

This burgeoning creative talent has caught the attention of criminals, who target children and teenagers within popular online games, transforming them into skilled hackers.

The financial and societal repercussions of cybercrime are staggering. It is predicted that global costs of cybercrime will reach: 12 trillion dollars by 2025. Moreover, research indicates that 69% of youth in Europe report having engaged in some form of cybercrime. In the UK, the last statistics released by the National Crime Agency in 2015 revealed that the average age for cybercrime suspects is 17, which is notably younger than for other criminal activities like drug offenses (37 years old).

“If you’re facing arrest at 17, it likely began around age 11,” states Fergus Hay, co-founder and CEO of The Hacking Games, an initiative aimed at helping young individuals channel their coding talents into legitimate paths. “This transition doesn’t happen instantly. Games are often the gateway that enables skill development and experimentation in a controlled setting. These young hackers are continually modifying and hacking games to exploit vulnerabilities.”

He further noted that social media platforms are integral, offering tools and steps for hacking while also fostering a desirable lifestyle and community belonging.

This challenge coincides with a notable uptick in serious cyber-attacks within the UK. The National Cyber Security Center (NCSC) recently reported a historic surge in large-scale cyber assaults. In the year leading to August 2025, GCHQ categorized 204 incidents as being of ‘national significance,’ an increase from 89 the prior year.

In response to these threats, Hay initiated the Hacking Games and collaborated with John Madeline, a cybersecurity expert, to realize a vision of “cultivating a generation of ethical hackers who will enhance global safety.”

“This is a generation of inherent hackers. They can either serve society positively or become a liability. If we can engage them, we can guide them towards becoming ethical rather than criminal hackers,” Madeline emphasizes.

The Hacking Games recently unveiled the HAPTAI platform, which assists in creating hacking aptitude profiles for youths by evaluating their performance in popular games and aligning those results with psychometric data. Subsequently, candidates are matched with suitable job roles and teams where they can flourish.

The projected global average annual cost of cybercrime is $23 trillion by 2027, fueled by threats from state entities and organized crime groups worldwide. These groups often seek out young individuals, steering them towards criminal activities.

For youths approached by these “cyber Fagins,” there is a lure of significant financial gain. Initial payments often come in the form of virtual currencies for gaming but can escalate to tens of thousands in real money or its virtual equivalent.

They approach young hackers and offer payment for their abilities, often using cryptocurrencies. Composite: Stocksy/Guardian Design

“When they identify talent displaying genuine hacking or game modification skills, they engage them under the guise of another youth, asking, ‘How would you utilize cryptocurrency?'” Hay explains. “Many are exceptionally bright, sometimes neurodivergent, employing games as a medium to push creative boundaries. They do not inherently possess a criminal mindset.”

The scale of the cybercrime issue in the UK has become increasingly evident over the past year, with businesses experiencing significant disruption and monetary loss. Major corporations, including Co-op, have reported losses amounting to millions due to hacking incidents, one of which saw four arrests as part of an ongoing investigation by the National Crime Agency.

As a socially conscious organization, Co-op is dedicated to community enhancement and has partnered with The Hacking Games to mitigate future cyber threats and foster opportunities for vulnerable youth.

“When they experienced a cyberattack, Co-op sought to understand the nature of the issue. Upon discovering underlying societal factors, they recognized their responsibility to grasp the root causes impacting youth and to collaborate with us to address these challenges, not just the technical aspects,” Madeline clarifies.

The Co-op has a longstanding tradition of community initiatives addressing issues like social mobility and isolation. Together, Co-op and The Hacking Games aim to establish a pilot program within the Co-op Academies Trust across Northern England. Sponsored by Co-op Group, the Trust encompasses a network of 38 academies with around 20,000 students, including primary, secondary, special schools, and universities, dedicated to guiding aspiring hackers towards legitimate career trajectories.

For this pilot, students will be selected based on their interests in gaming and technology. Through interactive and creative sessions, participants will delve into the principles of ethical hacking and understand its crucial role in cybersecurity. The program will also highlight career education, with reputable industry partners introducing talented youths to the vast prospects available in this rapidly expanding domain.

“Our academy students’ curiosity about technology-related roles is on the rise, yet there is scant data regarding their home gaming environments and whether these interests extend to hacking,” remarks Joe Sykes, careers director at Co-op Academies Trust. “As educators, we must confront these challenges directly—this initiative will undoubtedly provide fresh perspectives and foster insights for students eager to explore these pathways.”

Hay and Madeline aspire to bridge the cybersecurity skills gap by showcasing the potential of gifted young developers. Composite: Stocksy/Guardian Design

A Path to a Legitimate Career

Young gamers may find themselves simply altering game experiences without authorization or creating cheat codes to sell them on the dark web.

Some parents associated with The Hacking Games have only discovered their child’s online activities when asked about tax implications after their digital wallets reached $400,000 (£298,000).

“For the youth unsure about further education, many are starting to realize that substantial earnings can come from just a few keystrokes,” explains Madeline.

According to Hay and Madeline, it’s essential to engage young individuals before they stray too far, to identify their skills, recognize their potential, and integrate these into an educational framework that aims to fill the cybersecurity skills gap in the UK and globally—a concept Hay refers to as “intergenerational opportunities.”

“Many of these youths have felt marginalized in school and, at times, victimized. They possess a deep disdain for wrongdoers and bullies. If you understand their motivations, you can channel that into something positive,” he concludes.

Learn more

Source: www.theguardian.com

Age Verification Hacking Firm Possibly Exposes ID Photos of Discord Users | Social Media

Posted on October 9, 2025 by Igor Mitreski

Photos of government IDs belonging to approximately 70,000 global Discord users, a widely used messaging and chat application amongst gamers, might have been exposed following a breach at the firm responsible for conducting age verification procedures.

Along with the ID photos, details such as users’ names, email addresses, other contact information, IP addresses, and interactions with Discord customer support could also have fallen prey to the hackers. The attacker is reportedly demanding a ransom from the company. Fortunately, full credit card information or passwords were not compromised.

The incident was disclosed last week, but news of the potential ID photo leak came to light on Wednesday. A representative from the UK’s Information Commissioner’s Office, which oversees data breaches, stated: “We have received a report from Discord and are assessing the information provided.”

The images in question were submitted by users appealing age-related bans via Discord’s customer service contractors, which is a platform that allows users to communicate through text, voice, and video chat for over a decade.

Some nations, including the UK, mandate age verification for social media and messaging services to protect children. This measure has been in effect in the UK since July under the Online Safety Act. Cybersecurity professionals have cautioned about the potential vulnerability of age verification providers, which may require sensitive government-issued IDs, to hackers aware of the troves of sensitive information.

Discord released a statement acknowledging: “We have recently been made aware of an incident wherein an unauthorized individual accessed one of Discord’s third-party customer service providers. This individual obtained information from a limited number of users who reached out to Discord through our customer support and trust and safety teams… We have identified around 70,000 users with affected accounts globally whose government ID photos might have been disclosed. Our vendors utilized those photos for evaluating age-related appeals.”

Discord requires users seeking to validate their age to upload a photo of their ID along with their Discord username to return to the platform.

Nathan Webb, a principal consultant at the British digital security firm Acumen Cyber, remarked that the breach is “very concerning.”

Skip past newsletter promotions

“Even if age verification is outsourced, organizations must still ensure the proper handling of that data,” he emphasized. “It is crucial for companies to understand that delegating certain functions does not relieve them of their obligation to uphold data protection and security standards.”

Source: www.theguardian.com

South Korea Elevates Cyber Threat Levels Following Data Center Incident that Triggered Hacking Nightmare

Posted on September 30, 2025 by Igor Mitreski

South Korea’s intelligence agency has elevated the national cyber threat level due to fears that hackers may exploit the chaos caused by recent fires in government data centers, which have disrupted crucial digital infrastructure nationwide.

The National Cybersecurity Centre, managed by the Intelligence Reporting Agency, has raised its alert from “Warning” to “Warning” as of Monday, highlighting fears that hackers could take advantage of the vulnerabilities during recovery efforts.

The incident occurred on Friday evening at the National Information Resources Service in Great Jeon, approximately 140 kilometers (87 miles) south of Seoul. This facility is one of three operational government data centers that handle critical digital infrastructure across the nation.

Workers had relocated a Lithium-ion battery from the server room on the fifth floor to the basement when the fire started. It spread to other nearby batteries and servers, resulting in one worker sustaining first-degree burns, while firefighters managed to extinguish the blaze after 22 hours.

By Saturday morning, officials had shut down 647 government systems to prevent further damage. Government email and intranet systems were offline, along with mobile identification services, postal banks, complaint portals, and major government websites.

Schools lost access to student records, and tax deadlines passed without being processed. Real estate transactions faced delays due to the inability to verify digital documents. The national crematorium reservation system was impacted, and many hospitals and transport terminals initially left citizens without physical identification cards.

As of 1 PM on Tuesday, 89 out of the 647 affected systems had been restored, including significant government portals, postal services, and identity verification systems.

Officials estimate that 96 of the affected systems have suffered complete failure, necessitating a recovery period of about four weeks as they are moved to a large backup facility. This disruption is expected to persist through Chuseok, the major public holiday in early October.

President Lee Jae Myung issued an apology on Sunday. During a crisis meeting, he expressed dismay at the lack of a backup operating system, stating, “It was a foreseeable incident, but there were no countermeasures. It’s not that the measures didn’t work; they simply didn’t exist.”

When questioned about the backup procedures, an official remarked that they were “driving without a map.”

The upcoming Asia-Pacific Economic Cooperation (APEC) Summit, set to be hosted in the southeastern city of Kyoto at the end of October, has raised security concerns as officials from the US, China, and other regions plan to attend.

In October 2022, a fire involving a lithium-ion battery at Kakao, the company behind the popular messaging app KakaoTalk, resulted in millions losing access to messaging, taxis, and digital payments, leading to national chaos.

Following the Kakao incident, parliament passed legislation mandating redundant systems and intervals between batteries and other equipment for internet service providers and data center operators.

The left-leaning Hankyoreh newspaper questioned what last week’s failures indicated about “a nation that prides itself on being an information technology powerhouse.”

In a similar vein, the conservative Dong-a Ilbo remarked that referring to South Korea as a digital leader has become “embarrassing.”

Lawmakers from both the ruling party and the opposition have traded blame regarding the responsibility for the crisis. President’s Chief of Staff Kang Hoon-Sik directed authorities on Monday to focus on resolving the issue rather than criticizing the previous administration.

Source: www.theguardian.com

ICE Acquires Israeli-Made Spyware Capable of Hacking Phones and Encrypted Apps

Posted on September 3, 2025 by Igor Mitreski

Following the Trump administration’s decision, US immigration agents now have access to one of the most advanced hacking tools available globally, having secured a contract with Paragon Solutions, a company based in Israel, to develop spyware capable of infiltrating any phone, including encrypted applications.

The Department of Homeland Security initially established a contract with Paragon, a subsidiary of a US firm, in late 2024 during the Biden administration. However, this $2 million contract was suspended pending confirmation of an executive order that limits the application of US government spyware, as reported by Wired at that time.

According to recent updates, the suspension has been lifted. Public Procurement Documents now identify US Immigration Customs Enforcement (ICE) as the contracting agency.

This signifies that one of the most potent stealth cyber weapons ever engineered—created outside the United States—now resides with agencies that have been repeatedly accused of violating due process rights by private sectors and human rights organizations.

This information was first highlighted by journalist Jack Paulson in the All Source Intelligence Saback Newsletter.

Neither Paragon nor ICE immediately responded to inquiries for comments.

Once effectively utilized against a target, the hacking software known as Graphite can infiltrate any phone. By essentially gaining control over the device, users (in this instance, ICE) can monitor an individual’s location, access messages, view photos, and even read data stored in encrypted applications like WhatsApp and Signal. Additionally, spyware such as Graphite can function as a listening device by activating the phone’s recorder.

An executive order signed by the Biden administration sought to implement restrictions on the use of spyware by the US government, asserting that it must refrain from operating commercial spyware that poses significant risks to intellectual property or security concerns for the US, or creates a substantial risk of inappropriate usage by foreign entities. The Biden administration even took the extraordinary step of blacklisting rival spyware manufacturer NSO Group, underlining their alleged facilitation of targeted attacks on the mobile phones of adversaries, human rights defenders, and journalists.

Paragon aims to differentiate itself from NSO Group, stating that it exclusively engages with democratic entities and has a strict policy against providing services to clients that may misuse the technology against civil society members, such as journalists. Paragon has yet to disclose its clients, claiming no insight into how its clientele may target particular individuals.

Spyware developers like Paragon and NSO assert that their technologies are intended for preventing crime and curtailing terrorist threats. Nevertheless, past incidents have showcased the software being misused to harass innocent individuals, including those perceived as opponents of the government.

John Scott Railton, a senior researcher at the University of Toronto, stated that spyware like Graphite is being exploited by governmental bodies. He remarked that such tools are “designed for dictatorship, not democracies that prioritize freedom and individual rights.”

“The invasive and secretive nature of hacking abilities is corrupting. Consequently, a growing number of democratic surveillance scandals, including those involving Paragon’s Graphite, are emerging,” he added.

Paragon severed ties with Italy after it was uncovered that 90 individuals, including journalists and civil society figures, had been targeted with spyware across multiple countries. Those targeted by the Italian government included rights advocates critical of its dealings with Libya. Several journalists were also among those targeted, yet the motivations behind these hacking campaigns remain unclear.

The US government is apprehensive about deploying spyware technology outside its borders, as the companies providing these technologies to various nations pose potential security threats.

“As long as the same commercial spyware technology is shared among multiple governments, a built-in counterintelligence risk is present. All these entities are aware of the secret surveillance technologies employed by the US and can anticipate how to detect and counteract them,” Scott Railton remarked. “We remain uncertain of the implications since we face a shortage of avenues to cancel all foreign contracts with Paragon.”

Nadine Farid Johnson, the policy director at Columbia University’s Knight First Amendment Institute, dedicated to promoting free speech, expressed concerns over the “rapid and dramatic expansion of ICE’s budget and authority,” calling for congressional restrictions on the contexts in which spyware may be employed.

“Spyware like Paragon’s Graphite represents a profound threat to free speech and privacy,” Farid Johnson stated. “It has been previously used against journalists, human rights advocates, and political dissenters. The quiet reinstatement of the suspension order raises serious questions over whether certain administrative departments are bypassing the government’s own review protocols.”

Quick Guide

Please contact us about this story

show

The best public interest journalism relies on direct accounts from knowledgeable sources.

If you have any information to share on this topic, please reach out to us confidentially using the following methods:

Secure Messaging in the Guardian App

The Guardian app features a tool for submitting tips about stories. All messages are encrypted end-to-end and are disguised within the routine operations of the Guardian mobile app, preventing observers from knowing that you’re communicating with us.

If you haven’t yet downloaded the Guardian app, please do so (iOS/Android) and navigate to the menu to select ‘Secure Messaging’.

SecureDrop, Instant Messenger, Email, Phone, Post

If you’re able to use the TOR network securely without being tracked, you can send messages and documents to the Guardian through our SecureDrop platform.

Finally, our guide at theguardian.com/tips provides various secure contact methods and outlines their pros and cons.

Illustration: Guardian Design / Rich Cousins

Source: www.theguardian.com

NCA Investigates Cyberattacks on UK Retailers Linked to Scattered Spiders | Hacking

Posted on May 21, 2025 by Igor Mitreski

The hacker group referred to as the Scattered Spiders is a major focus in criminal investigations concerning cyberattacks against UK retailers, including Marks & Spencer, according to detectives.

The Scattered Spiders, a loosely organized collective of native English-speaking cybercriminals, have been strongly associated with hacking incidents involving M&S, cooperatives, and Harrods. M&S announced on Wednesday that it anticipates a financial impact of approximately £300 million following the recent system breach.

The UK’s National Crime Agency, tasked with combating cybercrime, stated that investigating this group is a priority.

“We are aware of groups publicly identified as Scattered Spiders, yet we maintain various theories as we pursue the evidence to identify the perpetrator,” I informed the BBC.

He added: “Given the extent of the damage we’re witnessing, apprehending the individual responsible for these attacks is our foremost objective.”

Last week, Google informed the Guardian that its UK-based members of the Scattered Spiders were actively “promoting” cyberattacks and warned the US that efforts to infiltrate the UK retailers’ systems were being mirrored in the US.

Targeting specific industries and locations is a common strategy among the Scattered Spider community, who utilize platforms like Discord and Telegram for communication.

Hackers affiliated with M&S deploy ransomware or malicious software that encrypts targeted files. This type of cybercrime is typically associated with Russian-speaking gangs, rather than native English speakers from the UK or the US.

“We are aware that Scattered Spiders predominantly communicate in English, but this does not necessarily imply that they are located in the UK. They engage in online discussions across a variety of platforms and channels.”

Reportedly, these hackers have utilized ransomware known as Dragon Force in their operations, functioning as a ransomware as a service that leverages another group of malware and infrastructure to distribute financial gains from attacks. Ransomware attackers generally request payment in cryptocurrency to unlock encrypted files and return stolen data.

Skip past newsletter promotions

Insights into the suspected Scattered Spiders can be found in a report from the US Department of Justice, which charged five individuals last year for targeting an unnamed American company through a “phishing” text message.

All defendants were in their twenties at the time of the allegations, with ages ranging from 20 to 25. Among them was Tyler Buchanan, 23, hailing from Scotland, who was extradited from Spain to the US.

Google also mentioned that “younger members” of the network often carry out various tasks, such as calling the company’s IT help desk or impersonating employees or contractors to gain access to computer systems. A former teenage hacker cited by the BBC remarked that it “would not surprise me” if a teenage hacker was behind a retail attack.

Source: www.theguardian.com

Judge Rules Men Accused of Hacking Can Be Sent to U.S. for Trial

Posted on May 1, 2025 by Igor Mitreski

A British court has approved the extradition of an Israeli individual charged by a New York prosecutor in a case involving an operation dubbed “hacking fatalen,” aimed at environmental organizations.

According to prosecutors, the company operated by 57-year-old Amit Forlit allegedly earned over $16 million by hacking more than 100 victims and stealing confidential data while working for major oil companies on behalf of a lobbying firm.

In a court submission from January, Forlit’s attorneys identified the company as ExxonMobil. Exxon is currently facing lawsuits from Democratic lawyers and local officials regarding its role in climate change, with claims that it has concealed knowledge about climate change for decades to maintain its oil sales. The lobbying firm mentioned in the filing is known as DCI Group.

Exxon has stated that it was not involved in and had no knowledge of the hacking activities, emphasizing, “If hacking is involved, we will condemn it in the strongest possible terms.”

A spokesman for DCI, Craig Stevens, stated that the firm has instructed its employees and consultants to follow the law and asserted that none of DCI’s guidance was linked to the hack that allegedly occurred a decade ago.

DCI also referred to “numerous billionaire donors still benefiting from the fossil fuel legacy,” describing them as “financiers of radical anti-oil activists and their billionaire backers.”

This remark hinted at the Rockefellers’ involvement in supporting organizations pursuing climate change litigation. The Rockefeller heirs, who amassed oil fortunes over a century ago, lead the Rockefeller Family Fund, which plays a significant role in the movement to sue oil companies over climate change. Lee Wasserman, its director, has reported being targeted in a hacking initiative.

Last year, Forlit was arrested in connection with a major trial in New York for allegedly committing wire fraud, conspiracy to commit wire fraud, and hacking offenses that could lead to lengthy prison sentences. His legal team contended that he should not be extradited due to concerns about a fair trial in the U.S., given the political climate surrounding climate change litigations.

They argued that “one motive for the prosecution appears to be an effort to advance political agendas against ExxonMobil, with Forlit being collateral damage.”

Forlit’s attorneys also expressed concerns about his safety at the Metropolitan Detention Center, New York’s only federal prison, which has been criticized for violence and dysfunction. High-profile detainees have included individuals such as Luigi Mangione, Sam Bankman-Fried, and Shawn Combs (Puff Daddy/Diddy).

The Westminster Magistrate’s Court dismissed these worries, but Forlit has the option to appeal. His attorney did not immediately respond to inquiries for comments.

One targeted entity was a coalition of concerned scientists who have extensively researched the fossil fuel industry’s influence on climate science disinformation. This group also engages in source attribution science, estimating how specific companies contribute to global warming effects like rising sea levels and wildfires. Their findings support lawsuits against the oil sector.

The organization became aware of hacking attempts following a 2020 report from Citizen Lab, a cybersecurity watchdog from the University of Toronto, which revealed that hackers were targeting American nonprofits working on the #ExxonKnew campaign.

A coalition of concerned scientists has received suspicious emails in which hackers attempted to extract passwords or deploy malicious software. Prosecutors from the U.S. Attorney’s Office in the Southern District of New York have initiated an investigation.

One of Forlit’s associates, Aviram Azari, pleaded guilty in New York to charges including computer breaches, wire fraud, and identity theft, receiving a six-year prison sentence.

Forlit manages two Israel-registered security and intelligence newsletter firms, one of which is registered in the U.S. His clientele includes a lobbying firm representing “one of the world’s largest oil and gas companies” involved in ongoing climate change litigation. Exxon has its historical roots in Irving, Texas.

The lobbying firm selected targets for Mr. Forlit, who then passed the list to Azari. Azari, who owned another Israeli-based company, employed individuals from India to gain illegal access to accounts. This information was reportedly utilized to gather documents from oil companies and the media, allegedly undermining the integrity of the civil investigation, according to the filings.

Source: www.nytimes.com

Data Insights: Are Electric Vehicles at Risk from Cyber Espionage and Hacking?

Posted on April 29, 2025 by Igor Mitreski

Mobile phones and desktop computers have long been targets of cyber espionage, but how vulnerable are electric vehicles?

On Monday, a newspaper reported that a British defense company, engaged with the UK government, advised its staff against connecting mobile devices with Chinese-made electric vehicles due to concerns over potential data extraction by Beijing.

This article examines the security issues related to electric vehicles.

Can an electric car snoop on you?

Security experts quoted by the Guardian suggest that electric vehicles, being the most advanced vehicles on the market, could be vulnerable to hacking.

Rafe Pilling, director of threat intelligence at cybersecurity firm SecureWorks, notes that electric vehicles can produce a wealth of data that could interest a hostile state.

“There are numerous opportunities to compromise these vehicles as they collect data,” he states.

He further explains that WiFi or mobile connectivity can enhance data access for manufacturers through the “over-the-air” software update feature.

“Modern vehicles equipped with over-the-air updates, various sensors, and external cameras could potentially be repurposed as surveillance tools,” he adds.

A mobile phone connected to a car via a charging cable or Bluetooth is another significant data source, he mentions.

Should all car drivers be worried?

Experts indicate that individuals in sensitive sectors, such as government or defense, should exercise caution.

“If you’re working on a sixth-generation fighter jet and connect your work phone to your personal vehicle, be mindful that this connection could compromise your mobile data,” states a researcher at the Royal United Services Institute Think Tank.

Nate Drier, tech lead at cybersecurity firm Sophos, highlights the option to select “don’t trust” when connecting a phone charger to a car; however, this would forfeit many functionalities, such as music streaming or messaging.

“Most people tend to maintain that connection for the convenience it brings,” he acknowledges.

Pilling adds that even rental car users should remain vigilant.

“Generally, individuals may leave copies of their contacts and sensitive information in their car’s entertainment and navigation system, often forgetting to remove them before relinquishing the vehicle, making phone synchronization a risky move,” he advises.

Why are Chinese vehicles the focus of concern?

China is a significant producer of electric vehicles (EVs) through brands like BYD and XPENG. Coupled with the Chinese state’s practices in cyber espionage, this raises concerns. For instance, China’s National Intelligence Act of 2017 mandates all organizations and citizens to “support, assist, and cooperate” with national intelligence efforts.

“Chinese law compels companies to align with national security, so one must consider the possibility of surveillance capabilities in their vehicles,” he notes, albeit admitting that there is “no evidence” currently linking Chinese vehicles to espionage.

Experts believe that while electric vehicles are a concern, devices like mobile phones, smartwatches, and other wearables are more likely targets for spying.

What does the UK government say?

A government representative refrained from commenting on specific security protocols but affirmed that “protecting national security is our utmost priority, and strict procedures are in place to ensure government sites and information are adequately safeguarded.”

A more detailed statement released last month by Defence Minister Koker, indicated that the Ministry of Defence (MOD) is collaborating with other government bodies to understand and mitigate potential security threats from all types of vehicles, not just those manufactured in China.

Further reports state that while there are no overarching policy prohibitions on the movement of Chinese-made vehicles, EVs incorporating Chinese components have been banned from sensitive military locations.

Nevertheless, individual defense entities may impose stricter requirements for vehicles in particular settings.

BYD was reached for commentary, while Xpeng stated it is “committed to upholding and complying with applicable UK and EU privacy laws and regulations.”

SMMT, a trade association representing British automakers, responded:

“Our industry is dedicated to maintaining a high standard of customer data protection, which includes the responsible use of data. Features such as apps and paired phones can be removed from vehicles based on individual manufacturers’ guidelines, ensuring drivers feel secure.”

Source: www.theguardian.com

China government dismisses allegations of hacking US Treasury | Cybercrime

Posted on December 31, 2024 by Igor Mitreski

The Chinese government has responded to allegations linking Chinese government-supported attackers to the recent cyber breach at the U.S. Treasury Department, dismissing the accusations as “baseless.”

The breach was carried out through a third-party cybersecurity service provider, according to a letter from the Treasury to lawmakers. The hackers were able to access keys used by vendors to bypass certain parts of the system.

The Treasury Department confirmed that the incident took place earlier in the month, allowing the attackers to remotely access the workstation and obtain some unclassified documents.

China refuted the claims on Tuesday, stating that it opposes all forms of hacker attacks and especially rejects the propagation of false information for political motives.

Speaking on behalf of the Foreign Ministry, Mao Ning said, “We have consistently refuted these unfounded accusations without supporting evidence.”

The Treasury Department reported the breach to the U.S. Cybersecurity and Infrastructure Security Agency after being informed by the third-party provider and is collaborating with law enforcement to assess the situation.

A department spokesperson stated, “The compromised services have been disabled, and there is no indication that the attackers continued to infiltrate Treasury systems or data.”

In a letter to the Senate Banking Committee leadership, the Treasury Department stated, “Based on available evidence, this incident appears to be the work of a Chinese state-sponsored Advanced Persistent Threat (APT) actor.”

APT refers to a cyber attack where an intruder gains unauthorized access to a target and remains undetected for an extended period.

The ministry did not disclose the extent of the impact of the breach but promised to provide further details in a subsequent report.

“The Treasury Department treats any threat to our nation’s systems and data with utmost seriousness,” the spokesperson emphasized.

Several countries, including the United States, have expressed concerns about Chinese government-supported hacking campaigns targeting their governments, militaries, and enterprises.

While the Chinese government has denied the allegations, it has previously stated that it opposes and cracks down on all forms of cyber attacks.

In September, the U.S. Department of Justice announced the neutralization of a global cyber attack network affecting 200,000 devices, allegedly operated by Chinese government-backed hackers.

In February, U.S. authorities revealed the dismantling of a hacker network called Bolt Typhoon that targeted critical public infrastructure at China’s direction.

In 2023, Microsoft disclosed that China-based hackers had infiltrated email accounts at numerous U.S. government agencies in search of intelligence information.

The hacker group “Storm-0558” breached the email accounts of around 25 organizations and government agencies, including the State Department and Commerce Secretary Gina Raimondo.

Source: www.theguardian.com

What was China’s motive for hacking global phone networks? | Technology

Posted on December 12, 2024 by Igor Mitreski

CChinese hackers have breached dozens of telecommunications companies around the world. The breach, dubbed “Salt Typhoon” by Microsoft cybersecurity researchers, allows cybercriminals to access information about who texted or called whom, as well as some messages. This provides unprecedented access to content, which is a much higher technical hurdle to clear. Cyber attack.

This cyber attack hit three of the largest telecommunications networks in the United States. Communications of government officials in Washington, D.C., have been intercepted, as have Internet browsing records kept by the same telecommunications companies. Hackers attempted to crack the cell phones of Donald Trump and J.D. Vance, as well as Kamala Harris’ campaign staff, and may have succeeded. Even the US eavesdropping program was compromised. The call records stored there were stolen. A U.S. senator called it “the worst communications hack in our nation’s history.” In the same week, British telecommunications giant BT announced The company had withstood and avoided “attempts to compromise” its conferencing services.

The hacker group, also known as FamousSparrow, has been active since 2020 and has previously targeted government agencies in Israel, Saudi Arabia, Brazil, Canada, Guatemala and Burkina Faso, according to cybersecurity firm Eset. China has another favorite target, and it has targeted it even more aggressively than previous governments. Hotel. In all of these countries, as well as the UK, France, Lithuania, and Taiwan, the group has compromised hotels’ digital systems and stolen data.

According to U.S. intelligence agencies, salt typhoons have been occurring for one to two years and are still ongoing. U.S. analysts, as well as independent cybersecurity researchers, blamed the cyberattack on the Chinese government. China denies involvement.

The US National Security Adviser has urged employees to avoid using regular texting apps and instead save all communications to encrypted messaging apps such as Signal, WhatsApp, and FaceTime. That’s good advice. Security authorities in Australia, New Zealand, and Canada have issued similar warnings.

Is this hack part of an elaborate and coordinated response to the escalating chip trade war between the U.S. and China? On Monday, the Chinese government launched an antitrust investigation into Nvidia. . Last week, Chinese regulators banned exports of minerals essential to semiconductor manufacturing, such as gallium and germanium, to the United States. Earlier this year, the United States banned the sale of cutting-edge semiconductor chips to China. Washington, which has regulatory power over Nvidia, TSMC, and others, seeks geopolitical advantage through AI, and without powerful chips it cannot create useful AI models. China is at a disadvantage because it cannot imitate or dethrone NVIDIA. So did China hack in response? It’s possible, but hacking telecommunications networks is not as closely related to the semiconductor industry as the “give me the chip or else” argument. If the Chinese government had hacked Jensen Huang’s phone…it would have ended in a trade war retaliation.

I call Salt Typhoon old-fashioned espionage.

Justices admit TikTok ban disenfranchises Americans, but upholds it anyway

…

How much money did the tech industry spend on the US presidential election?

…

Wider TechScape

Source: www.theguardian.com

Why the potential hacking of satellites in orbit is a major cause for concern

Posted on June 29, 2024 by Igor Mitreski

Picture this: a hacker sitting at their laptop, frantically typing code as it flashes across the screen. Suddenly, they successfully hack into a satellite. Sounds like a scene from a James Bond movie, doesn’t it? But in reality, it poses a real threat.

Contrary to the dramatic portrayal in movies, hacking a satellite is much more complex than simply having a laptop and a strong internet connection. The issue of cybersecurity in space is becoming increasingly concerning as the number of operational satellites continues to grow.

By the end of 2022, there were 6,718 operational satellites orbiting the Earth, representing a significant increase from the previous year. With 10,206 objects in space, predominantly satellites, the space environment is rapidly expanding.

Satellites play crucial roles in GPS navigation, military surveillance, and banking systems, making them attractive targets for potential hackers. But despite their vulnerability, instances of successful hacks on satellites are rare. So, how can a satellite be hacked, and what are the potential consequences?

How can a satellite be hacked?

While space may seem like a distant realm filled with satellites in remote galaxies, most satellites actually orbit in low earth orbit (LEO), between 99 and 1,243 miles above Earth. Physically accessing a satellite remains a challenge, but there are various methods hackers can employ to compromise satellites without venturing into space.

According to Anuradha Dhamal Dey, a SpaceX space ecosystem manager at Satellite Applications Catapult, potential satellite hacking methods include physical attacks, cyber attacks, and the use of kinetic anti-satellite (ASAT) technology. These methods have raised concerns about the security of space-based systems.

ASAT refers to any means of destroying a satellite, with kinetic ASAT involving physical strikes on satellites, such as through ballistic missiles or drones. While kinetic ASAT attacks are unprecedented outside of testing scenarios, non-kinetic attacks using malware or viruses pose a theoretical threat to satellite security.

Despite these risks, no actual satellite hacks have occurred yet. In 2023, the US Air Force organized Hack the Sat event to test satellite vulnerabilities, with three teams successfully breaching a satellite’s security.

What will happen?

While satellite hacking remains theoretical, the potential consequences of a successful attack are significant. Space plays a vital role in various industries, from national security and defense to everyday services like food delivery and entertainment.

Source: www.sciencefocus.com

China’s hacking poses challenge for Western governments in coordinating response

Posted on March 29, 2024 by Igor Mitreski

The phrase ‘tip of the iceberg’ comes to mind as the UK government announces its plans to impose sanctions on two individuals and an entity for their alleged involvement in a cyber attack targeting British MPs in 2021. It seems like just the beginning. But underestimating the situation would be a mistake.

Home Secretary James Cleverley emphasized that these sanctions send a strong message that “targeting elected officials and electoral processes will not be tolerated.”

Despite this, some experts interpret the US’s decision to prosecute seven individuals associated with a hacking group called APT31 as a sign of trouble for Britain. They were involved in a widespread hacking operation, sending over 10,000 malicious emails to various individuals across multiple continents, including politicians, officials, journalists, and China critics.

Cybersecurity professor Alan Woodward from the University of Surrey believes that while the sanctions may not bring about immediate change in the UK’s cybersecurity, they are necessary to show solidarity with the US. However, he warns that more significant actions are needed to address the issue effectively.

The UK government also disclosed a historic hacking attempt, attributing it to “Chinese state-affiliated entities” targeting the Election Commission’s system from 2021 to 2022. The Chinese embassy in London denied these allegations, calling them baseless. However, the sanctioned entities were not directly linked to this specific incident, causing confusion among cybersecurity experts.

The broader context of Chinese cyber attacks reveals a pattern that all Western governments, including the UK, must navigate carefully. APT31 and other Chinese hacking groups have targeted countries like France, Finland, and New Zealand, according to reports. Such attacks underscore the challenges posed by China’s aggressive cyber activities.

Recent data breaches from Chinese cybersecurity company iSoon shed light on the extent of Chinese hacker activity and their pursuit of government contracts. With China being a leader in government-sponsored cyber exploitation, Western governments struggle to formulate a unified response to these threats.

The complexities of dealing with Chinese cyber attacks highlight the need for coordinated efforts among Western nations. China’s strategic denial and plausible deniability tactics make it challenging to hold them accountable for their actions. This, coupled with the elusive impact of data breaches, complicates the cybersecurity landscape.

While Russia’s hacking often causes immediate discord, China’s approach is more calculated, shaping global perceptions subtly. Understanding the nuances of Chinese cyber activities is crucial for international security experts, who view China as a long-term climate change compared to Russia’s intermittent storm.

The recent indictment of hackers linked to Chengdu 404 and the ongoing cyber operations against China reveal the ongoing struggle between intelligence activities and political espionage. As accusations and sanctions fly back and forth, the complexity of the cybersecurity landscape continues to evolve.

Source: www.theguardian.com

GPT-4 Developer Tools Allows for Autonomous Website Hacking

Posted on February 23, 2024 by Igor Mitreski

Some AIs may be able to hack websites without human assistance

Ole.CNX/Shutterstock

Researchers have discovered that OpenAI’s artificial intelligence model GPT-4 has the ability to hack websites and steal information from online databases without any human assistance. This suggests that individuals and organizations without hacking expertise could unleash AI agents to carry out cyberattacks.

“You literally don’t have to understand anything; you just let the agent hack your website on its own,” he says. Daniel Kang At the University of Illinois at Urbana-Champaign. “We believe this will significantly reduce the required expertise…

Source: www.newscientist.com

North Korea and Iran have been found using AI for hacking, Microsoft reveals

Posted on February 15, 2024 by Igor Mitreski

Microsoft announced on Wednesday that adversaries of the United States, primarily Iran and North Korea, and to a lesser extent Russia and China, are starting to take advantage of generative artificial intelligence to launch or coordinate offensive cyber operations.

Microsoft disclosed that it collaborated with business partner OpenAI to identify and prevent numerous threats exploiting the AI technology it developed.

In a blog post, the company stated that these techniques are still in their early stages and are not particularly novel or unique, but they do broaden the capabilities of U.S. rivals to use large-scale language models to infiltrate networks and exert influence, emphasizing the importance of publicly exposing this.

Cybersecurity companies have been using machine learning to detect anomalous behavior within networks for years, but the introduction of OpenAI’s ChatGPT-led large-scale language model has intensified the cat-and-mouse game, as both criminals and aggressive hackers are leveraging it.

Microsoft’s investment in OpenAI is substantial, and the company noted in its announcement on Wednesday that generative AI is anticipated to power malicious social engineering and lead to the development of more advanced deepfakes and voice clones, at a time when disinformation is on the rise and threats to democracy are rampant, with more than 50 countries holding elections in a year.

Microsoft provided examples of how adversaries were using large-scale language models, including the disabling of AI accounts and assets for specific groups.

The North Korean cyber-espionage group known as Kimsky used the model to study foreign think tanks and generate content for spear-phishing hacking campaigns.

The Iranian Revolutionary Guards Corps utilized large-scale language models for social engineering, troubleshooting software issues, and researching ways to bypass detection on compromised networks, using phishing emails and accelerated email creation.

The Russian military intelligence unit, Fancy Bear, employed the model to study satellite and radar technology potentially linked to the Ukraine war.

China’s cyber-espionage group known as Aquatic Panda targeted various industries, higher education, and governments from France to Malaysia, with limited exploration of how large-scale language models can enhance technical operations, and another Chinese group, Maverick Panda, interacted with the model to gather information on high-profile individuals and regions.

On another blog, OpenAI announced that its current GPT-4 model chatbots are “limited to malicious cybersecurity tasks beyond what is already achievable with publicly available non-AI-powered tools,” a situation that cybersecurity researchers aim to change.

Jen Easterly, head of the U.S. Cybersecurity and Infrastructure Security Agency, informed Congress of the growing threat from China and the potential impact of artificial intelligence, stressing the need to develop AI with security in mind.

Amidst concerns about the irresponsible release of large language models, Microsoft and other companies are facing criticism for not taking focused action to address vulnerabilities, which has disappointed some cybersecurity experts who advocate for creating more secure underlying models to counter potential misuse.

Edward Amoroso, a professor at New York University and former AT&T chief security officer, emphasized the increasingly powerful role of AI and large-scale language models as potential weapons in cyber warfare, stating that they ultimately pose a threat to every nation-state.

Source: www.theguardian.com

Cybercrime: Record $1.1 billion paid in ransom by hacking victims last year

Posted on February 7, 2024 by Igor Mitreski

Ransomware gangs experienced a resurgence last year, with victims paying $1.1 billion to hackers, a record high according to a study.

Following a lull in 2022, cybercriminals intensified operations in 2023, targeting hospitals, schools, and major corporations worldwide.

Chainalysis, a cryptocurrency research firm, reported that ransom payments doubled compared to 2022, with $567 million paid out that year.

The report highlighted the “big game hunting” aspect of attacks last year, with a higher proportion of ransom payments exceeding $1 million as wealthier companies were targeted.

“2023 will be the year of a major resurgence in ransomware, with record payout amounts and a significant increase in the scope and complexity of attacks. This is a significant reversal from the decline observed in 2022,” Chainalysis said.

In a ransomware attack, hackers typically infiltrate a target’s computer system, infect it with malware, and encrypt files, rendering them inaccessible. New trends involve attackers extracting data such as staff and customer details from IT systems and demanding payment to unlock the files or delete stolen data copies.

Chainalysis attributed the decline in payments in 2022 to factors including Russia’s invasion of Ukraine. Most ransomware groups are linked to Eastern Europe, the former Soviet Union, and Russia. Some fraudsters have been disrupted or turned ransomware into politically motivated cyberattacks.

The FBI disrupted the Hive ransomware group by obtaining their decryption keys and preventing victims from paying a $130 million ransom. Chainalysis also cited research showing a rise in the number of attackers and ransomware variants involved in attacks over the past year.

“The main thing we’re seeing is an astronomical increase in the number of attackers conducting ransomware attacks,” said Alan Liska, an analyst at cybersecurity firm Recorded Future.

According to Recorded Future, 538 new ransomware variants are expected in 2023, indicating the emergence of new and independent groups. The Clop group emerged as a key player last year by claiming responsibility for the hack of payroll provider Zellis, affecting customers like British Airways, Boots, and the BBC.

The British Library is still recovering from a ransomware attack by the rebranded group Rhysida that targeted the library in October.

The growth of ‘ransomware-as-a-service’, renting malware to criminals in exchange for a share of the profits, and the activity of ‘initial access brokers’ who sell vulnerabilities in potential targets’ networks to ransomware attackers have become trends.

Ellie Ludlum, a partner specializing in cybersecurity at British law firm Pinsent Masons, anticipates the rise in attacks to continue. “This increase is expected to continue in 2024, with continued focus on mass data exfiltration by threat actor groups, which may result in increased ransom payments by affected companies,” she stated.

Source: www.theguardian.com

FBI Director Warns of Chinese Hacking Threat to US Infrastructure Following Blockade of Bolt Typhoon Botnet

Posted on February 1, 2024 by Igor Mitreski

U.S. officials claim to have stopped an attempt by China to plant malware that could potentially damage civilian infrastructure. If the U.S. and China were to go to war, officials warn that Beijing could disrupt the daily life of U.S. citizens. The FBI director issued this warning, stating that he was in a position to carry out such disruptions.

The operation resulted in the destruction of a botnet comprised of hundreds of small office and home routers located in the U.S. that had been hijacked by Chinese hackers in order to hide their tracks with malware. The operation was successful in accomplishing this.

U.S. officials said that the ultimate targets of the attackers included water treatment plants, power grids, and transportation systems in the United States.

These claims align with assessments made by external cybersecurity companies like Microsoft. In May, Microsoft revealed that state-sponsored Chinese hackers had been targeting critical U.S. infrastructure, laying the technological groundwork for potentially disrupting vital communications between the U.S. and Asia during future crises.

Some of the operation, attributed to a group of hackers known as Bolt Typhoon, was halted after the FBI and Justice Department officials obtained a search and seizure order in a Houston federal court in December. U.S. authorities have not disclosed the impact of the disruption, stating that the disrupted botnet was merely “a form of infrastructure used by Bolt Typhoon to obfuscate its activities.” The hackers concealed their actions within normal web traffic and infiltrated their targets through multiple channels, including cloud and internet providers.

FBI Director Chris Wray expressed concern that not enough public attention is being paid to cyber threats that affect “all Americans.” He made this statement before the House Select Committee on the Chinese Communist Party.

Jen Easterly, director of the Cybersecurity and Infrastructure Security Agency at the Department of Homeland Security, echoed similar sentiments during the hearing, emphasizing that China’s cyber threats endanger the lives of Americans at home through disrupted pipelines, telecommunications, contaminated water facilities, and crippled transportation systems, with the goal of inciting social panic and chaos.

The United States has become more aggressive in recent years in its efforts to disrupt and dismantle both criminal and state-sponsored cyber operations. Wray also warned that Chinese government-backed hackers were aiming to steal trade secrets and personal information and influence foreign countries to ultimately supplant the United States as the world’s biggest superpower.

State-sponsored hackers, particularly those from China and Russia, are adept at adapting and finding new infiltration methods and routes, further complicating the threat.

U.S. authorities have long been worried about such hackers lurking in U.S. infrastructure. The older routers used by the Bolt Typhoon group were no longer receiving security updates from their manufacturers, making them easy targets for cyber attacks. Due to the urgency of the situation, U.S. cyber operators removed the malware from these routers without directly notifying their owners and added code to prevent reinfection.

According to Easterly, Chinese cyber attackers took advantage of a fundamental technological flaw in the U.S. that made it easy for them to carry out their attacks. U.S. officials stated that allies were also affected by the Bolt Typhoon hack of critical infrastructure, but they declined to disclose potential actions they might take in response to the attack.

China has repeatedly dismissed the U.S. government’s hacking allegations as baseless, claiming instead that the U.S. is the biggest perpetrator of cyberattacks. However, outgoing US Cyber Command and National Security Agency head Gen. Paul Nakasone stated that “responsible cyber attackers” were not targeting civilian infrastructure and had no reason to do so.

Source: www.theguardian.com

Turning Stress into a Positive Force: Hacking Strategies for a Stress-Free Life

Posted on January 17, 2024 by Igor Mitreski

Many of us have felt some amount of stress over the past few years. Exhibit A for me is my teeth. A recent trip to the dentist confirmed that I had been clenching my jaw for months due to the pandemic. This was the result of the normal stress of deadlines, compounded by the demands of two young children, four of whom had broken bones.

A broken tooth is a small fry. Last year, the American Psychological Association Two-thirds of people in the US report feeling more stressed due to the pandemic, found, and predicted “a mental health crisis that could have serious health and social consequences for years to come.” Increased risks of diabetes, depression, and cardiovascular disease are all associated with high stress levels. Just thinking about it makes me feel stressed.

But maybe we just need to think about stress differently. At least, that's the surprising conclusion of researchers studying the mind-body relationship. They say there are natural benefits to feeling stressed, and if we change the way we “think about stress,” we can turn things around and make stress have a positive impact on our lives. maybe. Fortunately, there are some simple hacks that can help you do this, and you can expect to see improved physical health, clarity of thought, increased mental strength, and increased productivity. Masu.

There's no denying that too much stress can have a negative impact on your body and mind. In the West, it has been linked to all six major causes of death: cancer, heart disease, liver disease, accidents, lung disease, and suicide. Your immune system may be weakened, making you more susceptible to infections and less infectious.

Source: www.newscientist.com

British Teenager, Arion Courtaj, Sentenced for Hacking ‘Grand Theft Auto VI’

Posted on December 23, 2023 by Igor Mitreski

The teenager behind the infamous hacking incident in which footage of the unreleased Grand Theft Auto VI game was leaked online has been detained indefinitely under the Mental Health Act.

Arion Kurtaj, 18, a “principal figure” in the Lapsus$ group, has hacked into major technology companies, including Rockstar Games, the developer of the highly successful video game series.

He stole code and footage from the unreleased Grand Theft Auto VI. The long-awaited sequel It will be in stores next year, more than 10 years after it was last released.

Kurtaj Some of the stolen footage has been released In an online forum, he blackmailed developer Rockstar, threatening to release its source code if it did not contact him last September.

Judge Patricia Rees said the hack “cost Rockstar a significant loss of incalculable marketing opportunities,” adding that in addition to thousands of hours of employee labor, the company lost more than $1.5 million in outside help alone. It said it cost about $1.2 million (approximately £1.2 million).

Kurtaj also said that over a 14-month period from July 2021 to September last year, when he was 16 and 17 years old, he had access to broadband provider BT, mobile phone operator EE, software companies NVIDIA and Uber. targeted and demanded millions of dollars.

Psychiatrists had ruled that Kurtaj, who is autistic, was unfit to face charges or stand trial.

However, the jury found he had committed 12 criminal acts. The charges included six counts of committing a fraudulent act to interfere with the operation of a computer, three counts of extortion, two counts of fraud, and failure to comply. After a two-month incident, he served a Section 49 notice to disclose the keys after failing to hand over his mobile phone password when asked by police.

read more:
GTA VI trailer: What we learned from the first look at the next Grand Theft Auto game

The judge ordered him to remain in hospital indefinitely, with restrictions under Section 41 of the Mental Health Act, meaning he could only be discharged if the Attorney-General gives permission.

Courtaj, who cannot be named because of his age, pleaded guilty to one count of computer fraud and one count of fraud and was sentenced along with a 17-year-old boy who was also convicted of one count of fraud. received. He committed extortion and fraudulent activities that interfered with the operation of computers.

“You two were at the center of a series of cyber crimes carried out by a group of hackers calling themselves Lapsus$,” the judge said.

“The group targeted major technology companies, subjecting them to hacking, blackmail, and fraud.”

The court heard that the young man was a member of the group from July 2021, when he was 15, to February last year, and was involved in crimes against EE/BT and Nvidia, with the hack costing the company $5 million (approx. The court found that the remediation costs amounted to $1. .

The judge said the boy, who has been diagnosed with autism, also carried out a “brazen hack” into the City of London Police system to access CCTV footage.

This teenager used an international government official’s email address to send emergency disclosure requests to companies including Discord, Google and Uber, obtaining personal information about the people he targeted before scamming youth courts. He was also found guilty of stalking, the court heard.

He was given a Youth Rehabilitation Order including an 18-month supervision requirement and a six-month prohibited behavior requirement to stop using VPNs.

Source: news.sky.com

Apple’s latest update includes security measures to protect stolen phones from hacking attempts by thieves

Posted on December 17, 2023 by Igor Mitreski

This is the perfect protection against hacking attacks.

Have you ever felt dizzy thinking your phone might be stolen? There’s no need to worry. Apple has devised a powerful new weapon in the fight against cybercrime. It’s a new IOS update called Stolen Device Protection that prevents thieves from accessing your smartphone with stolen passwords.

“In rare cases, a thief can steal your device by watching you enter your passcode, but Stolen Device Protection adds a sophisticated new layer of protection,” an Apple spokesperson said, says the person. said in a statement.

This bold new security feature, released Tuesday as an iOS 17.3 developer beta, is especially useful when users change their Apple ID password, remove Face ID, or remove other sensitive features. , requires the use of a biometric access code such as a face or fingerprint.

Whenever a user’s device is in an unfamiliar location, stolen device protection is initiated and the user is then required to complete the aforementioned protocol.

“In the rare case that a thief steals your device by watching you enter your passcode, Stolen Device Protection adds a sophisticated new layer of protection,” an Apple spokesperson said. Masu. Denphoto – Stock.adobe.com

As an additional safeguard against “smash-and-grab” operations, users must re-enter their data after an hour to confirm the change, effectively rendering any passcode hacking attempt futile.

Stolen Device Protection is currently only available to beta testers, but will be available to all users once Apple releases the final version of iOS 17.3. TechCrunch reported.

An Apple spokesperson said the move is part of an ongoing campaign to protect smartphone users “as threats to user devices continue to evolve.”

Last month, the release of a new iPhone feature, NameDrop, set off alarm bells. This allows a user to instantly share contact information with his iPhone or Apple Watch nearby, instead of physically handing the phone over to someone.

While it did speed up the information exchange process, viewers became concerned that users were unknowingly sharing their information with unknown iPhone users.

Source: nypost.com

Mondo News

All of the latest tech and science news from all over the world.

Tag Archives: hacking

Backlash Grows Against NHS Plan to Conceal Source Code Amid AI Hacking Risks

UK NHS Scrambles to Conceal Software Amid AI Hacking Concerns

Is Mythos, Anthropic’s AI for Hacking, a Cause for Concern?

Unlocking Solutions: How Dream Hacking Can Help You Solve Complex Problems While You Sleep

From Fun to Responsibility: Inspiring Young Gamers to Embrace Ethical Hacking and Cybersecurity

A Path to a Legitimate Career

South Korea Elevates Cyber Threat Levels Following Data Center Incident that Triggered Hacking Nightmare

ICE Acquires Israeli-Made Spyware Capable of Hacking Phones and Encrypted Apps

Please contact us about this story

NCA Investigates Cyberattacks on UK Retailers Linked to Scattered Spiders | Hacking

Judge Rules Men Accused of Hacking Can Be Sent to U.S. for Trial

Data Insights: Are Electric Vehicles at Risk from Cyber Espionage and Hacking?

Can an electric car snoop on you?

Should all car drivers be worried?

Why are Chinese vehicles the focus of concern?

What does the UK government say?

China government dismisses allegations of hacking US Treasury | Cybercrime

What was China’s motive for hacking global phone networks? | Technology

Justices admit TikTok ban disenfranchises Americans, but upholds it anyway

How much money did the tech industry spend on the US presidential election?

Wider TechScape

Why the potential hacking of satellites in orbit is a major cause for concern

How can a satellite be hacked?

What will happen?

China’s hacking poses challenge for Western governments in coordinating response

GPT-4 Developer Tools Allows for Autonomous Website Hacking

North Korea and Iran have been found using AI for hacking, Microsoft reveals

Cybercrime: Record $1.1 billion paid in ransom by hacking victims last year

FBI Director Warns of Chinese Hacking Threat to US Infrastructure Following Blockade of Bolt Typhoon Botnet

Turning Stress into a Positive Force: Hacking Strategies for a Stress-Free Life

British Teenager, Arion Courtaj, Sentenced for Hacking ‘Grand Theft Auto VI’

Apple’s latest update includes security measures to protect stolen phones from hacking attempts by thieves

Social Issues Behind Crime

A Path to a Legitimate Career

Please contact us about this story

Can an electric car snoop on you?

Should all car drivers be worried?

Why are Chinese vehicles the focus of concern?

What does the UK government say?

Justices admit TikTok ban disenfranchises Americans, but upholds it anyway

How much money did the tech industry spend on the US presidential election?

Wider TechScape

How can a satellite be hacked?

What will happen?