Scammers deepfake company CFO, trick employee into sending them $25m

According to CNN, scammers employed AI-powered “deepfakes” to impersonate a multinational company’s CFO during a video call, successfully deceiving an employee into transferring over $25 million. Despite appearing and sounding authentic, the individuals on the call were actually deepfake creations, as confirmed by Hong Kong police in a statement on Friday.

CNN reported that the victim received an email claiming to be the company’s CFO. Initially skeptical due to the email’s request for a significant monetary transfer to an offshore account, the employee’s doubts were successfully eliminated when the scammers organized a video call. During the call, the employee recognized the presence of the alleged CFO and other familiar colleagues, ultimately falling prey to the scam.

TrueMedia, a new nonprofit, aims to combat deepfakes and misinformation in the 2024 elections. They’re developing an AI tool by analyzing extensive deepfake footage to detect fabricated videos and audio. TrueMedia seeks public contributions of deepfake examples to build a comprehensive dataset and plans to launch a free web-based tool in Q1, initially catering to journalists, fact-checkers, and online influencers.

As bad as deepfakes are, we can envision problems we see with outfits like purport to flag “fake AI content”. As well intentioned as those may be, they could easily devolve into “fact checking” rackets like we’ve already seen with the likes of Snopes, Reuters and various outfits that under the hood, seem to be partisan, biased agenda enforcers rather than dispassionate referrees of truthiness.

The only surefire solution is via technologies like end-to-end cryptographic verification of all communications – which is entirely possible now that high performance blockchains are here.

Read: https://siliconangle.com/2024/02/04/scammers-used-deepfake-cfo-trick-company-employee-sending-25m/

Ex-CIA software engineer who leaked classified materials to WikiLeaks sentenced to 40 years

A former CIA software engineer has been sentenced to 40 years in prison for leaking classified information and possessing child sexual abuse material.

Joshua Schulte, 35, was found guilty in 2022 of four counts each of espionage and computer hacking and one count of lying to FBI agents after handing over classified materials to whistleblowing organization WikiLeaks.
Schulte was also convicted of contempt of court and making false statements in 2020, and possession of child abuse material last year.

The bulk of the sentence announced Thursday was imposed over the so-called Vault 7 leak, which revealed embarrassing details of the CIA’s spying overseas.

The leak, which the CIA called a “digital Pearl Harbor”, showed how US spies hacked Apple and Android smartphones and sought to turn internet-connected televisions into listening devices.

The security breach prompted US officials to plan for an “all-out war” against Wikileaks, including discussing the possible kidnapping or assassination of its founder Julian Assange, Yahoo News reported, citing anonymous officials.
Assange was indicted on espionage charges in 2019 – a move that prompted condemnation by press freedom organizations – and is currently in Britain fighting extradition to the US.

Judge Jesse M Furman said the full extent of the damage caused by Schulte would likely never be known “but I have no doubt it was massive”.

While US Attorney Damian Williams claimed  that Schulte had committed some of the “most brazen, heinous crimes of espionage in American history.” What Schulte really did was “whistleblowing.” 

He alerted the media to illegal domestic surveillance operations against the American public, and should have been protected under the Whistleblowing Proection Act, which has been Federal law in the US since 1989. I guess it doesn’t count if the entity you’re whistleblowing on is the federal government.

Read: https://abcnews.go.com/US/joshua-schulte-largest-leaker-cia-material-history-sentenced/story?id=106878389

Google Search to no longer make site backups while crawling the web

Google will no longer be keeping a backup of the entire Internet. Google Search’s “cached” links have long been an alternative way to load a website that was down or had changed, but now the company is killing them off. Google’s “Search Liaison” Danny Sullivan confirmed the feature removal in an X post, saying the feature “was meant for helping people access pages when way back, you often couldn’t depend on a page loading. These days, things have greatly improved. So, it was decided to retire it.”

The feature has been appearing and disappearing for some people since December, and currently, we don’t see any cache links in Google Search. All of Google’s support pages about cached sites have been taken down.

Cached links used to live under the drop-down menu next to every search result on Google’s page. As the Google web crawler scoured the Internet for new and updated web pages, it would also save a copy of whatever it was seeing. That quickly led to Google having a backup of basically the entire Internet, using what was probably an uncountable number of petabytes of data. Google is in the era of cost savings now, so assuming Google can just start deleting cache data, it can probably free up a lot of resources.

The death of cached sites will mean the Internet Archive has a larger burden of archiving and tracking changes on the world’s webpages.

If you were using google cache to find older versions of web pages (or perhaps an original media report after it gets stealth edited) is to use third-party archival systems like archive.org (easyDNS client) or archive.is to find snapshots as they change.

Read: https://arstechnica.com/gadgets/2024/02/google-search-kills-off-cached-webpages/

Patched iPhone kernel bug exploited in attacks, CISA issues warning

CISA has issued a warning today about an actively exploited patched kernel security flaw that affects Apple iPhones, Macs, TVs, and watches. Tracked as CVE-2022-48618 and discovered by Apple’s security researchers, the bug was disclosed on January 9th through an update to a security advisory that was initially published in December 2022. It is still unknown whether the vulnerability was silently patched over two years ago when the advisory was first released, as the company has not provided any clarification on this matter.

In a recent disclosure, the company stated, “An attacker with unrestricted read and write privileges may potentially circumvent Pointer Authentication.” Apple acknowledged a report suggesting this particular issue may have been exploited in earlier versions of iOS prior to iOS 15.7.1. This vulnerability in authentication mechanisms allows attackers to bypass Pointer Authentication, a security feature intended to prevent the exploitation of memory corruption vulnerabilities.

In recent updates, Apple addressed the first zero-day vulnerability of this year (CVE-2024-23222), which was exploited in attacks. This zero-day bug involved a WebKit confusion issue that allowed attackers to achieve code execution on iPhones, Macs, and Apple TVs that were susceptible to the vulnerability. Apple released security patches to mitigate this risk.

Read: https://www.bleepingcomputer.com/news/security/cisa-warns-of-patched-iphone-kernel-bug-now-exploited-in-attacks/

The original advisory: https://nvd.nist.gov/vuln/detail/CVE-2022-48618

Latest Lock and Code Episode: Bruce Schneier predicts future of AI-powered spying

If the internet helped create the era of mass surveillance, then artificial intelligence will bring about an era of mass spying. That’s the latest prediction from noted cryptographer and computer security professional Bruce Schneier, who, in December, shared a vision of the near future where artificial intelligence—AI—will be able to comb through reams of surveillance data to answer the types of questions that, previously, only humans could.

“Spying is limited by the need for human labor,” Schneier wrote. “AI is about to change that.”
As theorized by Schneier, if fed enough conversations, AI tools could spot who first started a rumor online, identify who is planning to attend a political protest (or unionize a workforce), and even who is plotting a crime.

But “there’s so much more,” Schneier said.

“To uncover an organizational structure, look for someone who gives similar instructions to a group of people, then all the people they have relayed those instructions to. To find people’s confidants, look at whom they tell secrets to. You can track friendships and alliances as they form and break, in minute detail. In short, you can know everything about what everybody is talking about.”

“Surveillance-based manipulation is the business model [of the internet] and anything that gives a company an advantage, they’re going to do.”

Read: https://www.malwarebytes.com/blog/podcast/2024/01/bruce-schneier-predicts-a-future-of-ai-powered-mass-spying-lock-and-code-s05e03

Elsewhere Online:

With just $15, get a fake ID that clears KYC/AML from OnlyFake
Read: https://www.nobsbitcoin.com/ai-powered-service-churns-out-fake-ids-capable-of-passing-kyc-aml-for-as-little-as-15/

Dutch military network fell prey to Chinese cyber espionage last year
Read: https://www.reuters.com/technology/cybersecurity/china-cyber-spies-hacked-computers-dutch-defence-ministry-report-2024-02-06/

Massive security breach exposes Canadian government data
Read: https://www.cbc.ca/news/politics/global-affairs-security-breach-1.7099290

Exploitable Mastodon vulnerability enables unauthorized access to decentralized accounts
Read: https://thehackernews.com/2024/02/mastodon-vulnerability-allows-hackers.html

Cloudflare falls victim to Okta Supply-Chain data breach, impacting Atlassian Bitbucket, Confluence, and Jira platforms
Read: https://www.darkreading.com/threat-intelligence/cloudflare-falls-victim-okta-breach-atlassian-systems-cracked

Previously on #AxisOfEasy