This is your easyDNS #AxisOfEasy Briefing for the week of February 24th, 2025 our Technology Correspondent Joann L Barnes and easyCEO Mark E. Jeftovic send out a short briefing on the state of the ‘net and how it affects your business, security and privacy.

To Listen/watch this podcast edition with commentary and insight from Joey and Len the Lengend click here.

In this issue: 

• What Did You Get Done Last Week? (From the desk of Mark Jeftovic, easyDNS CEO)
• AI-Powered Phishing Scams: How Cybercriminals Use Deepfakes and Stolen Credentials to Hijack Accounts
• Private GitHub Repos Still Accessible via Microsoft Copilot, Security Firm Warns
• Sweden’s Encryption Battle: Signal Threatens Exit Over Proposed Backdoor Law
• New Linux Malware ‘Auto-Color’ Grants Hackers Full Remote Access with Advanced Evasion Tactics
• Massive Data Breach at DISA Global Solutions Exposes 3.3 Million Records, Including Sensitive Personal Data
  
  

Elsewhere Online:

-Mark

UK Secretly Orders Apple to Build Global iCloud Backdoor, Sparking Privacy Battle

The U.K. government has secretly ordered Apple to create a backdoor granting blanket access to all iCloud data globally, an unprecedented move in democratic nations. Issued last month under the sweeping *Investigatory Powers Act of 2016*—the “Snoopers’ Charter”—the order prohibits disclosure and mandates immediate compliance, even during appeal. Apple, typically cooperating case-by-case (e.g., the FBI’s terrorist phone case), faces a secret technical panel and judicial review but cannot delay enforcement. An Apple spokesperson declined to comment, though reports suggest the company may remove encrypted storage in the U.K., which wouldn’t satisfy demands for global access.

Western governments, particularly the U.S., have long sought unrestricted data access. In 2021, former FBI Director Chris Wray testified that encryption obstructs domestic extremism investigations. Law enforcement insists on “backdoors” balancing privacy and security, a claim experts reject, warning any access can be exploited. Critics liken encryption bans to China’s crackdown on Signal. The *Information Technology & Innovation Foundation* warns key escrow systems create attack vectors, exposing private data. The U.K. push, unlike prior Western attempts, is a unilateral mandate targeting a single company with global implications, pressuring Apple into a dilemma: compromise security or exit encrypted cloud services entirely.

Read: https://www.zerohedge.com/political/apple-ordered-provide-uk-govt-access-all-user-data-cloud

PlayStation Network Outage Leaves Gamers Stranded: PS4, PS5, and Online Services Down with No ETA

PlayStation Network (PSN) is down, locking PS4 and PS5 users out of account management, multiplayer gaming, and digital purchases. The outage extends to PlayStation Video, PlayStation Store, PlayStation Direct, and all PSN-connected devices, including PS3, PS Vita, PlayStation VR, and PlayStation Portal. Sony has not explained the cause or provided a resolution timeline.

Downdetector reports the outage began at 7:00 PM ET, affecting users across the U.S. and beyond. It mirrors a prior disruption that lasted hours. Potential causes include server overload—though no major game release justifies it—DDoS attacks, or an internal Sony error, which the company rarely acknowledges.

Frustrated players flooded Reddit. Some were mid-game when PSN disconnected; others, like new PS5 Pro owners, found their consoles useless without registration. *Helldivers 2* had just received a stealth PS5 Pro patch, but many couldn’t play. Worse, *Monster Hunter Wilds* launched its second beta, now unplayable. Sony’s customer support, per one Redditor, “ghosted” inquiries. Another called it “literally the worst time” for maintenance. With no updates from Sony, players are left watching a blank login screen, hoping PSN will return before their weekend plans expire.

Read: https://www.techtimes.com/articles/309316/20250208/playstation-network-status-red-alert-redditors-frustrated-over-sudden-psn-outage.htm

Update: PSN outage appears to be resolved at publication time.

China-Linked Disinformation Targets Freeland in Liberal Leadership Race, SITE Warns

Canada’s election security watchdog, SITE, has uncovered a PRC-linked disinformation campaign targeting Chrystia Freeland, a leading Liberal leadership candidate. The campaign, launched on WeChat and amplified by 30+ pro-Beijing accounts, echoes a 2021 effort that discouraged Chinese-Canadian voters from supporting Conservatives, particularly Kenny Chiu, falsely painted as anti-China. SITE briefed the Liberal Party and Freeland’s team, warning of continued foreign manipulation in Canadian politics.

WeChat articles attacking Freeland amassed 140,000+ interactions between Jan. 29 and Feb. 3, 2025, with SITE estimating 2–3 million users globally exposed. The false claims originated from WeChat’s most popular news account, an anonymous blog tied by China Digital Times to Beijing’s influence network. In 2021, similar falsehoods spread via WeChat, Douyin, and PRC-affiliated media, targeting Chiu and Conservatives. Three of the first Chinese-language news accounts to push the falsehoods belonged to a media group linked to China News Service, Beijing’s United Front Work Department’s overseas influence arm.

SITE suspects PRC actors view the 2021 effort as a success, given Conservative losses in Chinese-Canadian districts. The shift to attacking an internal Liberal contest suggests a broader strategy: shaping not just elections but leadership selection—deciding Canada’s next unelected Prime Minister.

Read: https://www.thebureau.news/p/breaking-canada-election-monitor

U.S., U.K., and Australia Sanction Russian Hosting Provider for Aiding LockBit Ransomware

The U.S., Australia, and the U.K. sanctioned Zservers, a bulletproof hosting (BPH) provider in Barnaul, Russia, for enabling LockBit, a ransomware-as-a-service (RaaS) group. The U.S. Treasury’s OFAC, Australia’s Foreign Affairs and Trade Department, and the U.K.’s Foreign Commonwealth and Development Office coordinated the sanctions, targeting Zservers and two administrators for leasing infrastructure to LockBit affiliates.

Law enforcement identified Zservers’ criminal role after it advertised BPH services on cybercriminal forums. BPH providers offer undetectable infrastructure to evade law enforcement. Zservers leased numerous IP addresses and servers to LockBit, including a subleased IP linked to a LockBit affiliate’s laptop found by Canadian law enforcement in 2022, running a virtual machine used for LockBit malware. That year, a Russian cybercriminal purchased Zservers’ IPs*, likely for LockBit chat servers. In 2023, Zservers leased infrastructure to another LockBit affiliate, including a Russian IP.

Sanctions block financial transactions and disrupt infrastructure but may not dismantle LockBit, as ransomware groups adapt. Experts say sanctions raise costs for cybercriminals, forcing reliance on less effective alternatives. Companies must monitor evolving attacker tactics, enhance incident response, and prepare for persistent ransomware threats.

Read: https://www.darkreading.com/cyber-risk/feds-sanction-russian-hosting-provider-lockbit-attacks

OmniGPT Data Breach Exposes 30,000 Users, Millions of AI Chat Logs, and Sensitive Credentials

A hacker, “Gloomer,” claims to have breached OmniGPT, an AI chatbot platform integrating ChatGPT-4, Claude 3.5, Perplexity, Google Gemini, and Midjourney, leaking 30,000 user emails, phone numbers, and 34,270,455 chat lines. Posted on Breach Forums at 10:04 AM Sunday, the leak contains messages, API keys, billing details, credentials, and over 8,000 email addresses shared in chats. It also includes file upload links—containing office projects, market reports, police verification certificates, WhatsApp screenshots, and personal documents—potentially exposing companies and individuals to financial fraud, data theft, and corporate espionage.

OmniGPT, serving a global user base, appears to have been disproportionately breached in Brazil, Italy, India, Pakistan, China, and Saudi Arabia. Experts warn that AI innovation is outpacing security, with Jason Soroko of Sectigo and Andrew Bolster of Black Duck emphasizing risks to privacy, cybersecurity, and psychological safety, citing IEEE 7014 ethical AI standards. GDPR violations could trigger fines and legal action.

OmniGPT has not responded. Users should change passwords, enable 2FA, monitor financial activity, and revoke compromised API keys. This breach exposes not just chat data but also trust in AI as a “digital confidant,” raising alarms about data governance and AI security failures at scale.

Read: https://hackread.com/omnigpt-ai-chatbot-breach-hacker-leak-user-data-messages/

How cybercrooks lure you in and scam you with fake “work from home” gigs

This piece is a thread we pulled from from LinkedIn posted by Troy Gochenour, an investigator for the Global Anti-Scam Organization – which combats various forms of online scams: pig butchering, fake work-from-home, shopping triangulation, et al.

He lays out the entire arc of a fake “work from home” job scam, involving “missions” – which can be anything from (presumably) boosting reviews or otherwise mining clicks – but it’s really just a ruse to get you to deposit into your “earnings” account to get yourself up to the next payout threshold.

I wanted to run it here because a I’ve seen this happen in the real world, in one case a business in my neighbourhood owned by a couple of brothers, and one of them fell for more than one of these scams – losing over $65,000 CAD between across them (and one of the partners even has a degree in computer engineering!)

These scams aren’t limited to technical newbies – they are sophisticated, have elaborate interfaces (which are 100% shams) and complimented with a healthy dose of social engineering to lure and defraud the unsuspecting.

Read: https://axisofeasy.com/aoe/how-cybercrooks-lure-you-in-and-scam-you-with-fake-work-from-home-gigs/

Elsewhere Online:

SystemBC RAT Now Targets Linux, Expanding Threat Landscape
Read: https://hackread.com/systembc-rat-targets-linux-ransomware-infostealers/

Cybersecurity Researcher Uncovers 2.7 Billion IoT Records Exposed
Read: https://www.infosecurity-magazine.com/news/iot-data-breach-exposes-27-billion/

Italy Faces Scrutiny Over Paragon Spyware Used to Target Journalists
Read: https://www.securityweek.com/italian-government-denies-it-spied-on-journalists-and-migrant-activists-using-paragon-spyware/

Trudeau Pushes for Government and Private Sector Partnership to Control AI
Read: https://reclaimthenet.org/justin-trudeau-ai-censorship-push-free-speech-threat

Lee Enterprises Confirms Cybersecurity Incident, Investigates Impact
Read: https://techcrunch.com/2025/02/10/media-giant-lee-enterprises-confirms-cyberattack-as-news-outlets-report-ongoing-disruption/