Amid ongoing restructuring efforts within the United States federal government, documents revealed by WIRED this week indicate that the Department of Defense is contemplating a workforce reduction of up to 75% in its divisions dedicated to preventing the spread of chemical, biological, and nuclear arms. Simultaneously, the US Army is employing its “CamoGPT” AI tool to “evaluate” policies related to diversity, equity, inclusion, and accessibility, as mandated by directives from the Trump administration. Initially, this AI service was created to enhance productivity and readiness within military operations.
Civil liberties groups in the US are urging the director of national intelligence, Tulsi Gabbard, to make public crucial details concerning Section 702 of the Foreign Intelligence Surveillance Act—an essential wiretap authority that is infamous for also capturing numerous communications (calls, texts, and emails) made or received by US citizens. Additionally, the US Justice Department announced charges on Wednesday against 10 accused hackers and two officials from the Chinese government for their involvement in cybercrimes that stretch back over a decade, part of China’s extensive hacking-for-hire network.
Current analysis from a collaborative team of researchers led by Human Security has found that at least a million low-cost Android devices, such as streaming TV boxes and tablets, have been compromised as part of a fraud and advertisement scam campaign dubbed Badbox 2.0. The researchers attribute this activity, which is believed to be originating from China, to an advancement of an earlier attempt to backdoor similar devices.
And there’s even more. Each week, we compile security and privacy news that we haven’t explored in detail. Click the headlines for the full stories and stay secure out there.
Two individuals believed to have participated in an operation to illegally secure nearly 1,000 concert tickets and other event entries—primarily for Taylor Swift’s Eras Tour—before reselling them for over $600,000 in profit have been apprehended and charged with potential crimes in Queens this week. Tyrone Rose, 20, and Shamara P. Simmons, 31, from Jamaica, Queens, were arrested and arraigned concerning the theft and sales, according to Queens district attorney Melinda Katz.
Between June 2022 and July 2023, it is alleged that 350 orders—totaling 993 tickets—on the ticketing platform StubHub were infiltrated via a third-party contractor named Sutherland. “The Sutherland employees, namely defendant Tyrone Rose and an unapprehended accomplice, purportedly exploited their access to StubHub’s system to navigate a backdoor into a secure section of the network where already sold tickets were assigned a URL and set for emailing to purchasers for download,” stated the district attorney’s office.
Following this, they allegedly sent URLs to another accomplice who has since passed away, the office reports, before listing the tickets on StubHub for resale. While investigations are ongoing, the District Attorney’s office estimates that the proceeds from the cybercrime reached approximately $635,000 and involved tickets for Ed Sheeran concerts, NBA games, and the US Open Tennis Championships.
Each year, criminals generate billions through the operations of sophisticated scam networks in Southeast Asia. As these operations have become increasingly advanced, so has the broader ecosystem that provides them with the necessary technology and services to execute their scams. Experts warn that no marketplace rivals Huione Guarantee—a Cambodian gray market facilitating scam services that researchers claim has conducted over $24 billion in transactions.
According to a report by Radio Free Asia this week, the banking branch of Huione Guarantee’s parent organization, Huione Group, had its financial license revoked by authorities in Cambodia. The report noted that the Huione Pay service lost its license due to non-compliance with “existing regulations.” Previous associations by the United Nations Office on Drugs and Crime and crypto tracing firm Elliptic have linked funds transiting through Huione Pay to cyber scam activities. “Any regulatory action against them should be welcomed, as they are willing facilitators of pig butchering and other fraud,” argued Tom Robinson, founder of Elliptic, to Radio Free Asia.
The US Department of Justice disclosed an operation this week in collaboration with Germany and Finland aimed at dismantling the digital infrastructure of the notorious Russian cryptocurrency exchange Garantex. This platform has been alleged to facilitate money laundering and other illicit transactions, including evasion of sanctions, for years. In its announcement, the DOJ stated that “transnational criminal organizations—including terrorist groups” have exploited the exchange. Law enforcement reported that the platform has processed at least $96 billion in cryptocurrency transactions since April 2019. US authorities announced the freezing of over $26 million in assets linked to money laundering as part of the Garantex operation.
This week, the FBI warned against scammers impersonating members of the BianLian ransomware group who are extorting corporate executives in the US. These impostors claim to have breached company networks and threaten to disclose sensitive data unless a ransom is paid. Such digital extortion tactics have become common enough that scammers seemingly believe they can make these claims and intimidate targets without even conducting an attack. The FBI noted that the scammers’ ransom requests claim to originate from BianLian, with figures ranging from $250,000 to $500,000 payable via a QR code linking to a Bitcoin wallet. The actual BianLian group has connections to Russia and has targeted critical US infrastructure since June 2022, according to a November alert from the US Cybersecurity and Infrastructure Security Agency.
