|In this issue:
- Facebook de-platforms Australia
- Silver Sparrow malware contains hooks for macOS
- The Bloomberg piece on Supermicro refuted by security analysts
- WallStreeBets goes to Washington for Gamestop hearings
- I find myself wondering what the device was….
- Ransomware: US cities hit with CUBA strain while Egregor gang busted
- Greenwald: Congress pressuring Big Tech to censor more
- Should the Federal Reserve buy Bitcoin?
- Announcement: easyWhois to transition to Domainhelp
Facebook de-platforms Australia
The big news this week was in the continuing spat between the Australian government and Facebook, where the government wanted Facebook to pay license fees to news sources for links shared across the platform.
In an earlier edition we reported on how Facebook threatened to quit Australia should the government go through with their scheme. Last week Australians found themselves with the inability to read or share items from most news sources via Facebook.
Personally I think this just further exemplifies the Ouroboros (that archetypical symbol of the snake eating its own tail) of Big Tech and Big Government eating each other. The government is frantically trying to monetize a new communications medium that threatens to disrupt even them, while Facebook’s response may incentivize Aussies to use something other than Facebook. Somebody put on the popcorn.
This is of interest to Canadians in particular with the Trudeau government signalling its intention to pass Bill C-10, which contains provisions similar to the Aussies:
As we went to press today, the news broke that Facebook and the Australian government had reached a deal, according to the WSJ the government will change the legislation in a manner that satisfies Facebook. I wish the voting public could do that.
Silver Sparrow malware contains hooks for macOS
A malware kit has been discovered which could infect Apple computers running Mac OSX on the new M1 chip, it just doesn’t have any known payloads at this time.
“Though we haven’t observed Silver Sparrow delivering additional malicious payloads yet, its forward-looking M1 chip compatibility, global reach, relatively high infection rate, and operational maturity suggest Silver Sparrow is a reasonably serious threat, uniquely positioned to deliver a potentially impactful payload at a moment’s notice.”
It appears to be infectious, already detected in nearly 30,000 computers across 153 countries.
It appears as of yesterday, Apple has taken steps within the app store to prevent the spread of Silver Sparrow, see:
The Bloomberg piece on Supermicro refuted by security analysts
If you recall, last week we ran that piece on Supermicro out of Bloomberg that alleges the company’s supply chain has been compromised and chips introduced that send telemetry home to China.
At least one security researcher is calling b/s on the entire story, including the earlier piece by Bloomberg.
@pwnallthethings on Twitter has put out a lengthy twitter thread outlining the perceived shortcomings in the story. We were called out on Twitter by at least one person for running the Bloomberg piece, so here is the refutation:
WallStreeBets goes to Washington for Gamestop hearings
After the WallStreetBets / GameStop short squeeze and debacle earlier this month, the US Senate commenced hearings into investigating how
the wrong people got rich a rag-tag rabble from the depths of Reddit were able to destabilize the Wall Street establishment.
Interactive Brokers CEO Tom Peterffy went on CNBC and said the Gamestop short squeeze, had it been allowed to continue “could have brought down the financial system” while EU regulators allege that the /r/WallStreetBets crew that acted in concert “may have violated stock manipulation laws” (translation: when Jim Cramer hits his noisemaker and screams at everybody to buy some unicorn on national TV, that’s not manipulation. But if a bunch of nobodies on Reddit all move in the same direction at once and squeeze some hedge fund’s nuts, that’s manipulation. Kapish?)
I find myself wondering what the device was….
Every once in awhile I see the oddest things just by watching my hometown police twitter feed.
This time it was an announcement that a Toronto man faces charges for mail fraud and possession of stolen goods. He was ordering goods over the internet, and then returning them for refunds.
According to the release, “the man had put a device in the package which would eventually remove the labels” after he had dropped them to the post office.
Because the post office recorded receiving them, the man received his refunds. Then I guess (it’s not entirely clear in the PR), since they were undeliverable, they would have been returned to his address?
Multiple US cities hit with data breach as payment processor suffers ransomware attack
The payment provider Automatic Funds Transfer Services (AFTS) has been hit with the Cuba Ransomware strain, and it turns out that numerous US municipalities use them for processing payments.
That means that many of these cities have not experienced data breaches, as Cuba exfiltrates data that traverses the networks it infects before it locks down the victim’s files.
“The potential data exposed varies depending on the city or agency, but may include names, addresses, phone numbers, license plate numbers, VIN numbers, credit card information, scanned paper checks, and billing details.”
They also publicly post their victims breached data on their website in order to shame them into paying the ransom.
Also in the world of ransomware, some of the affiliates for the Egregor ransomware strain have been busted. We touched on that one in AxisOfEasy 173, it’s the one that starts blasting out ransom notes on every available printer on an infected network. Egregor’s “business model”, is to spread via the use of a channel of affiliates, who work on infecting networks they can access in exchange for a cut of the ransom revenues. A joint operation between French and Ukrainian authorities has nabbed some of these affiliates as well as some financial and logistical support people.
Greenwald: Congress pressuring Big Tech to censor more
Glenn Greenwald is worried that the new administration is building on the last one to push Big Tech toward more censorship to such an extent that it threatens the First Amendment to the US Constitution (that’s the one about being able to say whatever the hell you want).
‘House Democrats have made no secret of their ultimate goal with this hearing: to exert control over the content on these online platforms. “Industry self-regulation has failed,” they said, and therefore “we must begin the work of changing incentives driving social media companies to allow and even promote misinformation and disinformation.” In other words, they intend to use state power to influence and coerce these companies to change which content they do and do not allow to be published.’
I am also worried about this and am expecting new laws in both the US and Canada to come forth under the guise of “curbing domestic terrorism” or “misinformation” that will, instead, criminalize free speech and dissent.
Should the Federal Reserve buy Bitcoin?
I heard this on Sunday Reads edition of Coindesk’s Breakdown, it is an audible version of Alex Treese’s “Why the US Needs Bitcoin.”
With Bitcoin hitting a $1 Trillion market cap headed into the weekend, and more companies actively buying it and holding it on their assets as a reserve asset (something easyDNS has been doing since 2013. We also carry physical gold on our balance sheet), would the time ever come when the US Federal Reserve would acquire Bitcoin as another strategic reserve asset?
The idea of a central bank buying Bitcoin isn’t new, the first central bankers to suggest it may have been Barbados’ Winston Moore and Jeremy Stephen who wrote a paper back in 2015 suggesting the BCD consider holding up to 1% of its foreign currency reserves in Bitcoin.
Announcing: easyWhois to transition to Domainhelp
It is time to overhaul our easyWhois lookup utility which has been around nearly as long as easyDNS, has been used the world over, referenced in textbooks and used in online courses.
With the future of the whois protocol itself unclear, the transition to the next generation RDAP directories just as murky, we decided to consolidate the myriad other tools we’ve built out over the years (like our SPFWizard and “What is my Resolver”) and consolidate them all under Domainhelp.com
Domainhelp is in “beta” status, and we haven’t yet redirected the traffic from the other sites to it, but it is there and you can take it for a spin. It contains the various lookups contained at easyWhois and a few new ones, including a utility for generating QR Codes.
We’ll be adding more utilities in the near future.