This is your easyDNS #AxisOfEasy Briefing for the week of February 3rd,  2025 our Technology Correspondent Joann L Barnes and easyCEO Mark E. Jeftovic send out a short briefing on the state of the 'net and how it affects your business, security and privacy.

To Listen/watch this podcast edition with commentary and insight from Joey and Len the Lengend click here.

In this issue: 

• Trapped in a Scam Call Center A Young Worker’s Shocking Story
• Google Quietly Drops AI Weapons Pledge Amid Military Partnerships
• Fake Job Interviews Spread New Mac Malware, Researchers Warn
• Paragon Confirms US Government as Customer Amid WhatsApp Spyware

Elsewhere Online:

Trapped in a Scam Call Center A Young Worker’s Shocking Story

A 21-year-old Syrian refugee, forced into a scamming operation in Dubai, has revealed the dark reality of online fraud. Trapped in a desert office, his passport was confiscated, leaving him no choice but to deceive victims.

Known as Beard, he was made to run a “pig butchering” romance scam, a scheme that costs Australians billions. “I had no idea what I was walking into,” he said. The operation targeted vulnerable people, using emotional manipulation to steal their savings.

News.com.au’s investigation found banks could prevent many scams but fail to act. The outlet has launched People Before Profit, urging the Australian government to follow the UK’s example and require banks to compensate scam victims.

Since October, UK law mandates refunds within five days, except in cases of gross negligence. Advocates argue similar policies in Australia could protect victims and force banks to take responsibility. Without action, thousands more will continue to suffer.

Read:
https://www.news.com.au/finance/money/costs/21yo-who-scams-people-looking-for-romance-on-dating-apps-reveals-tricks/news-story/e9e274895ab6bea6ef0eb6575a92ef88

Google Quietly Drops AI Weapons Pledge Amid Military Partnerships

Google quietly deleted its pledge not to build AI for weapons or surveillance from its AI principles page, a change first noticed by Bloomberg. The erased section, “applications we will not pursue,” was still visible last week but is now gone. Asked for comment, Google pointed TechCrunch to a new blog post on “responsible AI,” emphasizing collaboration between companies, governments, and organizations to create AI that “protects people, promotes global growth, and supports national security.”

Google’s updated AI principles now focus on mitigating harmful outcomes, avoiding unfair bias, and aligning with “widely accepted principles of international law and human rights.” The company has faced internal protests over its contracts providing cloud services to the U.S. and Israeli militaries. Employees have objected to Google’s involvement in military projects, but the company insists its AI is not used to harm humans. However, the Pentagon’s AI chief recently told TechCrunch that some companies’ AI models are accelerating the U.S. military’s kill chain.

Read: https://techcrunch.com/2025/02/04/google-removes-pledge-to-not-use-ai-for-weapons-from-website/

Fake Job Interviews Spread New Mac Malware, Researchers Warn

North Korean hackers have added new macOS Ferret malware variants to the "Contagious Interview" campaign. The attack tricks job seekers into installing malware disguised as interview software. SentinelOne researchers reported new undetected samples on February 3, 2025. Apple is updating XProtect to block known variants.

Once installed, the malware runs scripts and impersonates a Google Chrome update. It also drops JavaScript-based "BeaverTail" and a Python backdoor called "InvisibleFerret." These tools harvest browser data and crypto wallet credentials.

SentinelOne researchers identified a new variant called "FlexibleFerret." It evaded XProtect and dates back to November 2023. "This suggests that the threat actors are happy to expand the vectors," the researchers stated.

Initially, the campaign targeted job seekers, but its reach is growing. Hackers now use fake comments to distribute malware, aiming at developers and other victims.

Read: https://www.darkreading.com/threat-intelligence/ferret-malware-added-contagious-interview-threat-campaign

Paragon Confirms US Government as Customer Amid WhatsApp Spyware

Paragon Solutions, an Israeli spyware firm, has confirmed selling its surveillance technology to the U.S. government and allied nations, claiming strict policies against targeting journalists and civil society figures. However, WhatsApp has accused Paragon’s spyware of being used in a hacking campaign that affected around 90 individuals, including Italian journalist Francesco Cancellato and Libya-based activist Husam El Gomati. Despite these allegations, Paragon has not provided details on how it enforces its policies, whether it investigates abuse claims, or if it has ever terminated contracts for violations. WhatsApp has since issued a cease-and-desist letter, but Paragon has declined to comment.

Unverified reports suggest that Italy may be a Paragon customer, raising concerns given that Cancellato had investigated the youth wing of Italy’s ruling Fratelli d’Italia party, exposing racist and fascist sympathies among its members. El Gomati, another alleged target, has been outspoken about Italy’s immigration policies with Libya. Meanwhile, Paragon’s U.S. subsidiary previously signed a $2 million contract with ICE, and the company was the subject of a $900 million acquisition bid from U.S. private equity firm AE Industrial. Neither Paragon nor AE Industrial have commented on these developments.

Read: https://techcrunch.com/2025/02/04/spyware-maker-paragon-confirms-u-s-government-is-a-customer/

Elsewhere Online:

Canadian Accused of $65M DeFi Fraud, Manipulating Smart Contracts
Read: https://hackread.com/canadian-charged-kyberswap-indexed-finance-defi-hack/

Cybercriminals Exploit Go Resty and Node Fetch for Widespread Account Takeovers
Read: https://thehackernews.com/2025/02/cybercriminals-use-axios-and-node-fetch.html

EU Disinformation Code Hardens, Platforms Enforce Rules Ahead of German Vote
Read: https://reclaimthenet.org/eu-disinformation-code-dsa-censorship-germany-elections

Phishing Campaign Leverages ADFS Flaws to Hijack Education Accounts
Read: https://www.darkreading.com/cyberattacks-data-breaches/attackers-education-sector-hijack-microsoft-accounts