FBI launches operation to remotely remove Microsoft Exchange server backdoors

A Texas court has authorized an FBI operation to “copy and remove” backdoors from hundreds of Microsoft Exchange email servers in the United States, months after hackers used four previously undiscovered vulnerabilities to attack thousands of networks.

The Justice Department announced the operation on Tuesday, which it described as “successful.” It’s believed this is the first known case of the FBI effectively cleaning up private networks following a cyberattack.

In March, Microsoft discovered a new China state-sponsored hacking group — Hafnium — targeting Exchange servers run from company networks. The four vulnerabilities when chained together allowed the hackers to break into a vulnerable Exchange server and steal its contents. Microsoft fixed the vulnerabilities but the patches did not close the backdoors from the servers that had already been breached. Within days, other hacking groups began hitting vulnerable servers with the same flaws to deploy ransomware.

The number of infected servers dropped as patches were applied. But hundreds of Exchange servers remained vulnerable because the backdoors are difficult to find and eliminate, the Justice Department said in a statement.

“This operation removed one early hacking group’s remaining web shells which could have been used to maintain and escalate persistent, unauthorized access to U.S. networks,” the statement said. “The FBI conducted the removal by issuing a command through the web shell to the server, which was designed to cause the server to delete only the web shell (identified by its unique file path).”

The FBI said it’s attempting to contact owners of servers from which it removed the backdoors by email.

Assistant attorney general John C. Demers said the operation “demonstrates the Department’s commitment to disrupt hacking activity using all of our legal tools, not just prosecutions.”

The Justice Department also said the operation only removed the backdoors, but did not patch the vulnerabilities exploited by the hackers to begin with or remove any malware left behind.

Neither the FBI nor the Justice Department commented by press time.

#backdoor, #china, #computing, #cryptography, #cybercrime, #cyberwarfare, #department-of-justice, #federal-bureau-of-investigation, #hacking, #justice-department, #malware, #microsoft, #ransomware, #security, #security-breaches, #spyware, #technology, #texas, #united-states

0

Toyota fined $180 million for 10 years of noncompliance with EPA regs

Toyota fined $180 million for 10 years of noncompliance with EPA regs

(credit: Toyota)

On Thursday, Toyota reached a settlement with the US government over a decade of noncompliance with Clean Air Act reporting regulations. Under the law, defects or recalls that affect vehicle emissions equipment have to be reported to the Environmental Protection Agency.

But, says EPA assistant administrator Susan Bodine, “[f]or a decade Toyota failed to report mandatory information about potential defects in their cars to the EPA, keeping the agency in the dark and evading oversight.  EPA considers this failure to be a serious violation of the Clean Air Act.”

Manufacturers are supposed submit emissions defect information reports if they know of an emissions defect that affects at least 25 or more vehicles (or engines) of a particular model in a given model year. They also have to submit voluntary emissions recall reports when beginning a recall to fix an emissions problem, as well as quarterly reports on the progress of the recall.

Read 3 remaining paragraphs | Comments

#car-emissions, #cars, #department-of-justice, #environmental-protection-agency, #toyota

0

Visa will not acquire Plaid after running into regulatory wall

Visa and Plaid called off their agreement this afternoon, ending the consumer credit giant’s takeover of the data-focused fintech API startup.

The deal, valued at $5.3 billion at the time of its announcement, first broke cover on January 13th, 2020, or nearly one year ago to the day. However, the American Department of Justice filed suit to block the deal in November of 2020, arguing that the combination would “eliminate a nascent competitive threat that would likely result in substantial savings and more innovative online debit services for merchants and consumers.”

At the time Visa argued that the government’s point of view was “flawed.”

However, today the two companies confirmed the deal is officially off. In a release Visa wrote that it could have eventually executed the deal, but that “protracted and complex litigation” would take lots of time to sort out.

It all got too hard, in other words.

Plaid was a bit more upbeat in its own notes, writing that in the last year it has seen “an unprecedented uptick in demand for the services powered by Plaid.” Given the fintech boom that 2020 saw, as consumers flocked to free stock trading apps and neobanks, that Plaid saw growth last year is not surprising; after all, Plaid’s product sits between consumers and fintech companies, so if those parties were executing more transactions, the API startup likely saw more demand for its own offerings.

TechCrunch reached out to Plaid for comment on its plans as an independent company, also asking how quickly it grew during 2020.

While the Visa-Plaid deal was merely a single transaction, its scuttling doesn’t bode well for other fintech startups and unicorns that might have eyed an exit to a wealthy incumbent. The Department of Justice, in other words, may have undercut the chances of M&A exits for a number of fintech-focused startups – or at least created more skittishness around that possible exit path.

If so, expected exit valuations for fintech upstarts could fall. And that could ding both fintech-focused venture capital activity, and the price at which startups in the niche can raise funds. If the Visa-Plaid deal was a huge boon to fintech companies that used it as a signpost to help raise money at new, higher valuations, the inverse may also prove true.

#department-of-justice, #fundings-exits, #plaid, #startups, #tc, #visa

0

Cases against Facebook are reportedly coming… when FTC decides how

Giant monitors displaying the Facebook logo hang from the ceiling of an empty convention center.

Enlarge / All Facebook, no matter which way you look. (credit: Michael Short | Bloomberg | Getty Images)

After well over a year spent investigating Facebook, state and federal regulators are more than ready to start launching a slate of cases against Facebook, new reports say—that is, as soon as the agencies can agree on how they actually want to do it.

New suits against Facebook should come before the end of January, The Wall Street Journal writes. Both the Federal Trade Commission and a coalition of attorneys general for 47 states and territories are expected to take some kind of action.

The state and the federal probes are basically looking into two overall buckets of potentially anticompetitive behavior. The first has to do with Facebook’s effects on other businesses that could or do compete with it. That’s the investigation that delves into mergers and acquisitions, both large and small, as well as Facebook’s behavior toward companies that refuse a buyout.

Read 10 remaining paragraphs | Comments

#antitrust, #competition, #department-of-justice, #doj, #facebook, #federal-trade-commission, #ftc, #google, #instagram, #justice-department, #lawsuits, #policy, #whatsapp

0

DOJ says it seized over $1 billion in bitcoin from the Silk Road drugs marketplace

Two days ago, about $1 billion worth of bitcoin that had sat dormant since the seizure of the Silk Road marketplace in 2013, one of the biggest underground drug websites on the dark web, suddenly changed hands.

Who took it? Mystery over. It was the U.S. government.

In a statement Thursday, the Justice Department confirmed it had seized the 70,000 bitcoins generated in revenue from drug sales on the Silk Web marketplace. At the time of the seizure, the bitcoin was worth more than $1 billion.

“Silk Road was the most notorious online criminal marketplace of its day. The successful prosecution of Silk Road’s founder in 2015 left open a billion-dollar question. Where did the money go? Today’s forfeiture complaint answers this open question at least in part,” said U.S. Attorney David Anderson in remarks.

“$1 billion of these criminal proceeds are now in the United States’ possession,” he said.

Silk Road was for a time the “most sophisticated and extensive criminal marketplace on the Internet,” per the Justice Department statement. In 2013, its founder and administrator Ross Ulbricht was arrested and the site seized. Ulbricht was convicted in 2015 and sentenced to two life terms and an additional 40 years, for his role in the operation. Prosecutors said the site had close to 13,000 listings for drugs and other illegal services, and generated millions of bitcoin.

The Justice Department said Thursday that the seized bitcoin would be subject to forfeiture proceedings.

#computing, #cryptocurrency, #dark-web, #department-of-justice, #free-software, #internet, #ross-ulbricht, #security, #silk-road, #u-s-government, #united-states

0

DOJ files antitrust lawsuit challenging Visa’s $5.3 billion acquisition of Plaid

The Department of Justice has filed an antitrust lawsuit challenging Visa’s proposed $5.3 billion acquisition of Plaid .

News of the DOJ’s investigation first broke last month.

“By acquiring Plaid, Visa would eliminate a nascent competitive threat that would likely result in substantial savings and more innovative online debit services for merchants and consumers,” the DOJ wrote in its lawsuit.

The deal would violate Section 2 of the Sherman Act “and must be stopped,” the DOJ wrote in its filing, published by Bloomberg Law.

In a statement, Visa said it “strongly disagrees” with the DOJ’s “legally flawed” arguments.

“This action reflects a lack of understanding of Plaid’s business and the highly competitive payments landscape in which Visa operates,” the statement read. “The combination of Visa and Plaid will deliver substantial benefits for consumers seeking access to a broader range of financial-related services, and Visa intends to defend the transaction vigorously.”

“As we explained to the DOJ, Plaid is not a payments company. Visa’s business faces intense competition from a variety of players – but Plaid is not one of them. Plaid is a data network that enables individuals to connect their financial accounts to the apps and services they use to manage their financial lives, and its capabilities complement Visa’s. Together, Visa and Plaid will deliver better digital experiences and more choice for consumers in managing their money and financial data. Visa is confident that this transaction is good for consumers and good for competition,” the statement added.

Plaid co-founders William Hockey and Zach Perret. Image Credit: Plaid

As the Justice Department argues, Visa’s monopoly power in online debit is protected by barriers to entry and expansion. New challengers to Visa need connections with millions of consumers to attract merchants and need connections to thousands of merchants to attract new consumers, the DOJ said.

DOJ lawyers pointed to Mastercard’s inability to seize more than a quarter of the online debit market as a sign of Visa’s continued dominance. “Mastercard has neither gained significant share from Visa nor restrained Visa’s monopoly,” the lawyers wrote.

Visa also set up technical barriers by entering into restrictive agreements with merchants and banks to prevent competitors from growing their share of the online debit market.

“These entry barriers, coupled with Visa’s long-term restrictive contracts with banks, are nearly insurmountable, meaning Visa rarely faces any significant threats to its online debit monopoly. Plaid is such a threat,” according to the DOJ.

Companies like Venmo, Acorns, and Betterment are just some of the big startups that use Plaid to build their services.

“While Plaid’s existing technology does not compete directly with Visa today, Plaid is planning to leverage that technology, combined with its existing relationships with banks and consumers, to facilitate transactions between consumers and merchants in competition with Visa,” according to the DOJ.

And Visa was well aware of Plaid’s potential to disrupt its business. As early as March 2019, nearly nine months before the acquisition was announced, the vice president of corporate development and head of strategic opportunities expressed concerns about Plaid’s business.

“I don’t want to be IBM to their Microsoft,” the executive said, according to the lawsuit filed by DOJ. Visa’s chief executive also clearly acknowledged that Plaid was a threat.

The company estimated that Plaid could cost Visa’s debit business between $300 million and $500 million by 2024 if it were to continue operating as an independent company. It was, in the words of Visa’s executives an “[e]xistential risk” to its U.S. debit business and it could have forced Visa to accept lower margins — something that would be a boon to businesses and consumers.

#credit-cards, #debit-cards, #department-of-justice, #finance, #merchant-services, #payment-cards, #plaid, #tc, #united-states, #visa, #zach-perret

0

Apple search crawler activity could signal a Google competitor, or a bid to make Siri a one-stop-shop

Encouraged by the spate of antitrust activity brewing in both the Justice Department and on Capitol Hill, Apple may be developing a search competitor to Google, according to a report in the Financial Times.

That would be a move ripe with irony as the push for an end to anti-competitive practices is seemingly creating greater competition among the largest companies which already dominate the technology industry rather than between those established companies and more nimble upstarts.

Signs of Apple’s resurgent interest search technologies can be found in both a subtle but significant change to the latest version of the iOS 14 iPhone operating system and increasing activity from Apple’s spidering tools that are used to scour the web and refine search functionality, the Financial Times reported.

Apple is now showing its own search results and linking directly to websites when users type queries from its home screen in iOS 14. For context, this is a behavior that has been known for a while as people have seen the feature pop up in beta versions of iOS. And the search volume being up on Apple’s crawler is something that Jon Henshaw of Coywolf had noted back in August.

Sources cited by the Financial Times said that the change marked a significant step-change in Apple’s in-house search development and could be the basis for a broader push into search.

The Cupertino, Calif.-based company certainly has the expertise. A little less than three years ago it nabbed Google’s head of search, John Giannandrea in what was widely seen as an attempt to shore up Apple’s foundations in artificial intelligence and voice search via Siri. Because of the way that Apple is organized internally, it’s unlikely that Giannandrea will be devoting full-time effort to both a potential “search product” and Siri . But it’s within the realm of possibility that he could be lending his expertise to a team working on a separate feature.

Any development of a search tool would be a third way for Apple, which now uses Google as its default search service thanks to a lucrative contract between the two (one that’s also at the heart of a Justice Department inquiry into Google’s purported anti-competitive activities around search). The only other major search services on the market rely on Microsoft’s Bing to power their results.

While the signs do point to an actual uptick in activity, there could be an explanation for Apple’s crawler activity that’s less heavy on corporate skunkworks skulduggery and more in line with goals that Apple’s stated pretty clearly.

While the story about Apple getting into direct competition with Google on search makes for a great headline, the uptick in activity could be explained equally as rationally by Siri getting more search queries and being more of an interlocutor between Apple and search services like Google or Microsoft’s Bing. This disintermediation is something that Google began years ago and has even modified and expanded over the years to combat the same kind of behavior from Siri.

Making Siri a one-stop-shop could inoculate Apple in the scenario where they are forced to enable a search provider choice in the iOS onboarding flow by regulation. It won’t do anything to help Google though, who pays Apple billions because iOS users are worth way more than any other mobile web users to its business. Google, for its part, says that when people have a choice they still pick Google anyway. Perhaps another reason why making Siri the search equivalent of an overtalker is the strong play for Apple.

TechCrunch has reached out to Apple for comment and will update when we hear back.

 

 

#apple, #apple-inc, #artificial-intelligence, #california, #computing, #cupertino, #department-of-justice, #google, #google-search, #google-voice-search, #iphone, #itunes, #john-giannandrea, #messages, #microsoft-bing, #operating-system, #search-results, #siri, #software, #tc, #techcrunch, #the-financial-times, #voice-search

0

The DOJ investigating Visa’s $5.3 billion bid for Plaid on antitrust grounds

It’s not just big tech that’s getting the antitrust treatment from the Department of Justice.

Late Monday afternoon, the Department of Justice tipped its hand that it was investigating Visa’s proposed $5.3 billion acquisition of the venture-backed Plaid, which allows applications to connect with a users’ bank account.

It’s a tool that powers a good chunk of the new fintech offerings from a whole slew of products and the Justice Department has apparently spent the past year looking into how the deal would effect the broader market for new financial services offerings coming from a number of tech startups.

The revelation that the DOJ was taking a closer look at the Plaid acquisition came from a petition filed in the U.S. Court for the District of Massachusetts to compel Bain & Co., the consulting firm that worked on Visa’s bid for Plaid, to comply with the agency’s civil investigative demand.

The DOJ is alleging that Bain has withheld documents demanded under the CID by asserting that it had some privilege over the documents — effectively stalling the DOJ’s investigation.

“American consumers rely on the Antitrust Division to investigate mergers promptly and thoroughly,”  said Assistant Attorney for the Antitrust Division Makan Delrahim, in a statement.  “Collecting relevant third-party documents and data is essential to the division’s ability to analyze these transactions.  Too often, third parties seek to flout these requirements, hoping the division will lose interest and focus its enforcement efforts elsewhere.”

DOJ first asked Bain for documents related to Visa’s pricing strategy and competition against other debit card networks in June. The feds intended to use that information to analyze the effects of Visa’s attempted acquisition on the broader financial services market. Bain refused to produce the documents by claiming that the information was privileged.

Visa’s bid for Plaid isn’t the only big fintech acquisition that’s in the DOJ’s sights, according to a report in The Wall Street Journal. Federal regulators are also looking at MasterCard’s $1 billion bid for the fintech startup Finicity, and Intuit’s $7 billion pitch to acquire the credit advisory and lending marketplace, Credit Karma Inc.

“The division’s petition against Bain is aimed at securing relevant documents and making clear that the division will hold third parties to the deadlines and specifications in the CIDs we issue,” Delrahim said. “Third parties, like Bain, must comply fully and expeditiously with our civil investigative demands and provide the documents and data we need to discharge our duties and serve the American people.”

#att, #bain-co, #companies, #credit-cards, #department-of-justice, #finance, #intuit, #massachusetts, #mastercard, #merchant-services, #payment-cards, #plaid, #tc, #the-wall-street-journal, #visa

0

What we know about the DOJ’s antitrust case against Google so far

Multistory glass building with huge Google logo.

Enlarge / If the company got broken up, maybe each business would take a different color with them when they go. (credit: JHVEPhoto | Getty Images)

The Justice Department today filed a landmark antitrust case against Google. The hotly anticipated, long-awaited lawsuit accuses Google of using its market dominance to force unfair contract terms on suppliers and competitors, to the detriment of competition and the marketplace.

The suit might just be the biggest thing in antitrust since the DOJ sued Microsoft in the 1990s… or it might not. Even though the investigation that led here has been going on for 16 months, a suit like this is the beginning, not the end, of the process. So here’s everything we know—and more importantly, everything we still don’t—about what this blockbuster case really means.

What does the suit allege?

The complaint (PDF) lays out the case that Google used “exclusionary agreements and anticompetitive conduct” to become dominant in the search marketplace, and then kept abusing that market dominance to prevent nascent rivals from gaining enough of a toehold potentially to become real competition.

Read 39 remaining paragraphs | Comments

#antitrust, #department-of-justice, #explainers, #faq, #google, #justice-department, #policy

0

Equity Shot: The DoJ, Google, and the suit could mean for startups

Hello and welcome back to Equity, TechCrunch’s venture capital-focused podcast where we unpack the numbers behind the headlines.

It’s a big day in tech because the US Federal Government is going after Google on anti-competitive grounds. Sure, the timing appears crassly political and the case is not picking up huge plaudits thus far for its air-tightness, but that doesn’t mean we can ignore it.

So Danny and I got on the horn to chat it up for about 10 minutes to fill you in. For reference, you can read the full filing here, in case you want to get your nails in. It’s not a complicated read. Get in there.

As a pair we dug into what stood out from the suit, what we think about the historical context, and also noodled at the end about what the whole situation could mean for startups; it’s not all good news, but adding lots of competitive space to the market would be a net-good for upstart tech companies in the long-run.

And consumers. Competition is good.

You can read TechCrunch’s early coverage of the suit here, and our look at the market’s reaction here. Let’s go!

Equity drops every Monday at 7:00 a.m. PT and Thursday afternoon as fast as we can get it out, so subscribe to us on Apple PodcastsOvercastSpotify and all the casts.

#department-of-justice, #equity-podcast, #google, #government, #startups

0

Investors appear to shrug at antitrust lawsuit aimed at Google

Investors do not seem concerned that the Department of Justice filed an antitrust suit against Google earlier today.

The suit, seen by some as a stunt near the election, is one of a multi-part push to change the face of the technology industry, which has seen its wealth and power expand in recent years. For example, technology companies now constitute nearly 40% of the value of the S&P 500, ahead of a 1999-era 37% share, according to The Wall Street Journal.

At the same time, the rising tide lifting many tech boats has provided huge gains to its largest players as well. Alphabet, Microsoft, Amazon and Apple are each worth north of $1 trillion apiece, making them historically valuable companies even amidst an economic downturn.

Those market caps do not appear to be in danger.

Today after lunch during regular trading hours the tech-heavy Nasdaq Composite index is up 0.86%, while Alphabet is up 0.91%, directly in line with broader trading. Shares of Alphabet initially rose this morning before giving back their gains. However, since those morning lows, shares of the tech giant have recovered to edge ahead of the market.

Investor reaction could shift regarding Google’s antitrust liabilities in time. The Department of Justice suit is hardly the only legal issue that the search giant is currently grappling with. But not today.

#alphabet, #antitrust, #department-of-justice, #google, #government, #tc

0

Justice Dept. files long-awaited antitrust suit against Google

Will the sun ever set on the Google empire?

Enlarge / Will the sun ever set on the Google empire? (credit: 400tmax | Getty Images)

The Department of Justice today filed a landmark antitrust suit against Google, alleging that the company behaved anticompetitively and unfairly pushed out rivals in its search businesses.

A company does not have to be a literal monopoly, with no available competition of any kind, to be in violation of antitrust law. The law is instead primarily concerned with what a company does to attain dominance and what it does with that dominant position once it’s at the top. And according to the DOJ’s complaint (PDF), Google did indeed abuse its outsized market power to tilt the playing field in its favor and keep potential rivals out.

“Google is the gateway to the Internet,” Deputy Attorney General Jeffrey Rosen said in a call with reporters. “It has maintained its power through exclusionary practices that are harmful to competition.”

Read 6 remaining paragraphs | Comments

#alphabet, #antitrust, #competition, #department-of-justice, #doj, #google, #justice-department, #lawsuits, #policy

0

John McAfee arrested, indicted on tax evasion charges, sued for fraud

John McAfee gesticulating on his yacht outside Havana, Cuba, during an interview with AFP in June 2019.

Enlarge / John McAfee gesticulating on his yacht outside Havana, Cuba, during an interview with AFP in June 2019. (credit: Adalberto Roque | AFP | Getty Images)

Noted cybersecurity eccentric John McAfee is under arrest in Spain awaiting extradition to the United States after being indicted on federal tax evasion charges.

The Department of Justice unsealed the indictment (PDF) yesterday, following McAfee’s arrest by Spanish authorities at Barcelona’s airport over the weekend.

The filing alleges that McAfee deliberately not only avoided paying federal taxes from tax years 2014 through 2018 but also tried to hide considerable assets from the IRS. He allegedly hid those assets—including a yacht, a vehicle, real estate, bank accounts, and cryptocurrency—by purchasing and titling them under “the name of a nominee.”

Read 10 remaining paragraphs | Comments

#department-of-justice, #doj, #john-mcafee, #justice-department, #mcafee, #policy, #sec, #securities-and-exchange-commission

0

Justice Dep’t. sends its Section 230 rewrite to Congress

Cartoon hands hold out a band-aid over the words Section 230.

Enlarge (credit: Aurich Lawson / Getty Images)

The Department of Justice today dropped a proposed “recalibration” of one of the most important laws governing the US Internet into Congress’s lap and urged legislators to act to remove a liability protection on which nearly every website and app currently relies.

Attorney General Bill Barr sent the proposed legislation—an extension of his June wish list—to Speaker of the House Nancy Pelosi and Vice President Mike Pence (in his role as President of the Senate) this morning.

“For too long Section 230 has provided a shield for online platforms to operate with impunity,” Barr said in a written statement. “Ensuring that the internet is a safe, but also vibrant, open, and competitive environment is vitally important to America,” he added. “We therefore urge Congress to make these necessary reforms to Section 230 and begin to hold online platforms accountable both when they unlawfully censor speech and when they knowingly facilitate criminal activity online.”

Read 24 remaining paragraphs | Comments

#congress, #department-of-justice, #doj, #justice-department, #laws, #legislative-proposal, #policy, #section-230

0

States, DOJ reportedly meeting this week to plan Google antitrust suit

Google's in everything. Perhaps too much everything, regulators now worry.

Enlarge / Google’s in everything. Perhaps too much everything, regulators now worry. (credit: Omar Marques | SOPA Images | LightRocket | Getty Images)

Multiple investigations into Google parent Alphabet’s competition practices may finally be reaching a head, as state and federal regulators meet today to plan next steps for one or more lawsuits against the company.

Attorneys from the Department of Justice are meeting today with attorneys general from several different states about imminent plans to file an antitrust suit against Google, the Washington Post and Bloomberg report.

The DOJ began its antitrust probe of “market-leading online platforms” a little more than a year ago, without naming names. Google was widely assumed to be one of the targets, and the company confirmed last September that it was indeed under investigation.

Read 4 remaining paragraphs | Comments

#alphabet, #antitrust, #department-of-justice, #doj, #google, #justice-department, #lawsuits, #policy

0

Justice Department says WeChat users won’t be penalized under Trump’s executive order

In a Wednesday filing in federal court, the United States government said that users who use or download WeChat “to convey personal or business information” will not be subject to penalties under President Donald Trump’s executive order banning transactions with the Tencent-owned messaging app.

Trump issued the executive order against WeChat on August 6, the same day he issued a similar one banning transactions with ByteDance, the parent company of TikTok, claiming national security concerns. Both orders caused confusion because they are set to go into effect 45 days after being issued, but said that Secretary of Commerce Wilbur Ross will not identify what transactions are covered until then.

With that deadline now looming at the end of this week, WeChat users in America are still uncertain about the app’s future. Though WeChat is the top messaging app by far in China, where it also serves as an essential conduit for payments and other services, the U.S. version of the app has relatively limited features. It is used by Chinese-Americans, and other members of the Chinese disapora in the U.S., to keep in touch with their family and other people in China. With other popular messaging apps, like Facebook Messenger and WhatsApp, banned in China, WeChat is often the most direct communication channel available to them.

The U.S. government’s filing (embedded below) was made as part of a request for a preliminary injunction against the executive order brought by the U.S. WeChat Users Alliance, a non-profit organization initiated by attorneys who want to preserve access to WeChat for users in the U.S. A hearing is scheduled for Thursday.

In it, attorneys from the Justice Department said the U.S. Commerce Department is continuing to review transactions and will clarify which ones are affected by Sept. 20, but “we can provide assurances that [Secretary Ross] does not intend to take actions that would target persons or groups whose only connection to WeChat is their use or downloading of the app to convey personal or business information between users, or otherwise define the relevant transaction in such a way that would impose criminal or civil liability on such users.”

But in a response (also embedded below), the U.S. WeChat Users Alliance said that the Department of Justice’s filing instead demonstrates why a preliminary injunction is necessary. “Having first failed to articulate any actual national security concerns, the administration’s latest ‘assurances’ that users can keep using WeChat, and exchange their personal and business information, only further illustrates the hollowness and pre-textual nature of the Defendants’ ‘national security rationales.’”

The U.S. WeChat Users Alliance filed for the injunction on August 21. In an open letter published on its site, it said a complete ban of WeChat “will severely affect the lives and the work of millions of people in the U.S. They will have a difficult time talking to family relatives and friends back in China. Countless people or businesses who use WeChat to develop and contact customers will also suffer significant economic losses.”

The group also believes that the executive order “violates many provisions of the U.S. Constitution,” and the Administrative Procedure Act.

#apps, #china, #department-of-justice, #messaging, #policy, #tc, #tencent, #u-s-government, #wechat

0

Justice Dept. charges five Chinese members of APT41 over cyberattacks on U.S. companies

WASHINGTON, DC – DECEMBER 09: The Justice Department building on a foggy morning on December 9, 2019 in Washington, DC. (Photo by Samuel Corum/Getty Images)

The Justice Department has announced charges against five alleged Chinese citizens, accused of hacking over 100 companies in the United States, including tech companies, game makers, universities, and think tanks.

Zhang Haoran and Tan Dailin were charged in August 2019 with over two-dozen counts of conspiracy, wire fraud, identity theft and charges related to computer hacking. Prosecutors also added nine additional charges against Jiang Lizhi, Qian Chuan, and Fu Qiang last month.

Prosecutors also charged two businessmen, who were arrested in Malaysia, for their role in trying to profit from the group’s intrusions into game companies to steal and sell digital goods and virtual currency.

“Today’s charges, the related arrests, seizures of malware and other infrastructure used to conduct intrusions, and coordinated private sector protective actions reveal yet again the Department’s determination to use all of the tools at its disposal and to collaborate with the private sector and nations who support the rule of law in cyberspace,” said assistant attorney general John C. Demers.

“This is the only way to neutralize malicious nation state cyber activity,” he said.

The hackers are accused of being members of the China-backed APT41 hacking group, also known as “Barium,” to steal source code, customer data, and other valuable business information from businesses in the U.S., Australia, Brazil, Hong Kong, South Korea and other countries.

The indictments said that the hackers worked for a front company, Chengdu 404, which purports to be a network security company but prosecutors say was a cover for the hackers. The alleged hackers used a number of known security vulnerabilities to break into companies and launch attacks against a company’s supply chains, allowing the hackers to break into other companies. The indictments confirm earlier research from security firm FireEye that said APT41 hackers used vulnerabilities against networking gear to break into their victims’ networks.

The hackers also allegedly stole code-signing certificates, which can be used to trick computers into thinking malware is from a legitimate source and safe to run. Last year, APT41 was blamed for a supply chain attack at computer maker Asus, which saw the attackers push a backdoor to at least hundreds of thousands of computers using the company’s own servers.

Prosecutors said the hackers tried to make money by launching ransomware attacks and cryptojacking schemes, which hijack computers with malware to mine cryptocurrency.

After the indictments were filed, prosecutors said they obtained warrants to seize websites, domains, and servers associated with the group’s operations, effectively shutting them down and hindering their operations.

The alleged hackers are still believed to be in China, but the allegations serve as a “name and shame” effort employed by the Justice Department in recent years against state-backed cyber attackers.

#computer-security, #cyberattack, #department-of-justice, #federal-bureau-of-investigation, #government, #hacker, #internet-security, #justice-department, #ransomware, #security, #security-breaches, #united-states

0

Dirty diesel engines will cost Daimler $1.5 billion in DoJ settlement

A 1980s Mercedes-Benz diesel belches exhaust fumes in London. People expected diesel engines of this vintage to be dirty, but we had a right to expect that diesel engines sold over the past decade complied with emissions laws. Turns out, they don't.

Enlarge / A 1980s Mercedes-Benz diesel belches exhaust fumes in London. People expected diesel engines of this vintage to be dirty, but we had a right to expect that diesel engines sold over the past decade complied with emissions laws. Turns out, they don’t. (credit: Richard Oliver/Getty Images)

In 2020 it seems more usual to read about the US Environmental Protection Agency rolling back pollution laws or arguing that big business should be allowed to do what it wants. But apparently the agency does occasionally work as intended. Earlier this week, together with the US Department of Justice and the California Air Resources Board, it held Daimler AG—parent company to Mercedes-Benz—accountable for selling diesel vehicles fitted with emissions defeat devices.

EPA and CARB found that all was not right with the Daimler’s diesel engines in the wake of the 2015 Volkswagen emissions scandal. EPA told Daimler it was going to conduct some additional tests of the company’s four- and six-cylinder diesel engines “using driving cycles and conditions that may reasonably be expected to be encountered in normal operation and use, for the purposes of investigating a potential defeat device.”

In doing so, it discovered several auxiliary emission control devices that were not described in the homologation paperwork submitted by Daimler. In total, about 160,000 Sprinter vans and about 90,000 Mercedes-Benz vehicles are affected, between model years 2009 and 2016.

Read 3 remaining paragraphs | Comments

#cars, #daimler, #daimlerchrysler, #defeat-device, #department-of-justice, #diesel, #environmental-protection-agency, #epa

0

Apple opens up — slightly — on Hong Kong’s national security law

After Beijing unilaterally imposed a new national security law on Hong Kong on July 1, many saw the move as an effort by Beijing to crack down on dissent and protests in the semi-autonomous region.

Soon after, a number of tech giants — including Microsoft, Twitter and Google — said they would stop processing requests for user data from Hong Kong authorities, fearing that the requested data could end up in the hands of Beijing.

But Apple was noticeably absent from the list. Instead, Apple said it was “assessing” the new law.

When reached by TechCrunch, Apple did not say how many requests for user data it had received from Hong Kong authorities since the new national security law went into effect. But the company reiterated that it doesn’t receive requests for user content directly from Hong Kong. Instead, it relies on a long-established so-called mutual legal assistance treaty, allowing U.S. authorities to first review requests from foreign governments.

Apple said it stores iCloud data for Hong Kong users in the United States, so any requests by Hong Kong authorities for user content has to be first approved by the Justice Department, and a warrant has to be issued by a U.S. federal judge before the data can be handed over to Hong Kong.

The company said that it received a limited number of non-content requests from Hong Kong related to fraud or stolen devices, and that the number of requests it received from Hong Kong authorities since the introduction of the national security law will be included in an upcoming transparency report.

Hong Kong authorities made 604 requests for device information, 310 requests for financial data, and 10 requests for user account data during 2019.

The report also said that Apple received 5,295 requests from U.S. authorities during the second half of last year for data related to 80,235 devices, a seven-fold increase from the previous six months.

Apple also received 4,095 requests from U.S. authorities for user data stored in iCloud on 31,780 accounts, twice the number of accounts affected during the previous six months.

Most of the requests related to ongoing return and repair fraud investigations, Apple said.

The report said it received 2,522 requests from U.S. authorities to preserve data on 6,741 user accounts, allowing law enforcement to obtain the right legal process to access the data.

Apple also said it received between 0-499 national security requests for non-content data on between 15,500 and 15,999 users or accounts, an increase of 40% on the previous report.

Tech companies are only allowed to report the number of national security requests in ranges, per rules set out by the Justice Department.

The company also published two FBI national security letters, or NSLs, from 2019, which the company petitioned to make public. These letters are subpoenas issued by the FBI with no judicial oversight and often with a gag order preventing the company from disclosing their existence. Since the introduction of the Freedom Act in 2015, the FBI was required to periodically review the gag orders and lift them when they were no longer deemed necessary.

Apple also said it received 54 requests from governments to remove 258 apps from its app store. China filed the vast majority of requests.

#apple, #department-of-justice, #government, #icloud, #law-enforcement, #operating-systems, #security, #transparency-report

0

Decrypted: Tesla’s ransomware near miss, Palantir’s S-1 risk factors

Another busy week in cybersecurity.

In case you missed it: A widely used messaging app used by over a million protesters has several major security flaws; a little-known loophole has let the DMV sell driver’s licenses and Social Security records to private investigators; and the U.S. government is suing to reclaim over $2.5 million in cryptocurrency stolen by North Korean hackers from two major exchanges.

But this week we are focusing on how a Tesla employee foiled a ransomware attack, and, ahead of Palantir’s debut on the stock market, how much of a risk factor is the company’s public image?


THE BIG PICTURE

Russian charged with attempted Tesla ransomware attack

$1 million. That’s how much a Tesla employee would have netted if they accepted a bribe from a Russian operative to install malware on Tesla’s Gigafactory network in Nevada. Instead, the employee told the FBI and the Russian was arrested.

The Justice Department charged the 27-year-old Russian, Egor Igorevich, weeks later as he tried to flee the United States. According to the indictment, his plan was to ask the employee to deliberately deploy ransomware on the Gigafactory’s network, grinding the network to a halt for a ransom of several million dollars. The would-be insider threat is likely the first of its kind, one ransomware expert told Wired, as financially driven hackers continue to up their game.

Tesla founder Elon Musk tweeted earlier this week confirming that Tesla was the target of the failed attack.

The attack, if carried out, could have been devastating. The indictment said that the malware was designed to extract data from the network before locking its files. This data-stealing ransomware is an increasing trend. These hacker groups not only encrypt a victim’s files but also exfiltrate the data to their servers. The hackers typically threaten to publish the victim’s files if the ransom isn’t paid.

#computer-security, #computing, #cryptography, #cybercrime, #decrypted, #department-of-justice, #driver, #encryption, #facebook, #florida, #malware, #mayfield, #nevada, #ransomware, #security, #security-breaches, #software, #startups, #tampa, #ten-eleven-ventures, #tesla, #u-s-government, #united-states

0

Why movie theaters are in trouble after DOJ nixes 70-year-old case

Disney logo adorns a container of movie theater popcorn.

Enlarge / The House of Mouse is the shadow lurking in the future of movie theaters. (credit: Aurich Lawson / Getty Images)

If you went to the movies in 2019, you probably saw a Disney movie. Seven of the top 10 highest-grossing films released in the United States last year were distributed by the House of Mouse, and hundreds of millions of people went to see them on thousands of screens. Some weeks it felt like the entire film industry was Disney: Captain Marvel and the rest of the Avengers (Endgame) competed for your attention for a while, as Aladdin, The Lion King, and Toy Story 4 kept up a steady drumbeat of animation until Elsa dropped back onto hapless households in Frozen II. In amongst that morass, though, there were still other movies shown, many of them popular with audiences and critics alike.

But now, the rule that prevented a studio from buying up a major theater chain is now gone—opening up the possibility that your local cinema could go whole hog and become a true Disneyplex before you know it.

On Friday, a federal judge agreed to the Department of Justice’s petition to vacate the Paramount Consent Decrees, a landmark 1948 ruling that forbade vertical integration in the film sector and ended the Hollywood studio system. In isolation, the decision could raise some concerns. In a world where theaters are decimated thanks to a pandemic and consolidation among media firms is already rampant, the future for independent theaters looks grim.

Read 39 remaining paragraphs | Comments

#antitrust, #biz-it, #competition, #department-of-justice, #disney, #gaming-culture, #justice-department, #paramount, #policy

0

Twitter says Android security bug gave access to direct messages

Twitter says a security bug may have exposed the private direct messages of its Android app users, but said that there was no evidence that the vulnerability was ever exploited.

The bug could have allowed a malicious Android app running on the same device to siphon off a user’s direct messages stored in the Twitter app by bypassing Android’s in-built data permissions. But, Twitter said that the bug only worked on Android 8 (Oreo) and Android 9 (Pie), and has since been fixed.

A Twitter spokesperson told TechCrunch that the bug was reported by a security researcher “a few weeks ago” through HackerOne, which Twitter uses for its bug bounty program.

“Since then, we have been working to keep accounts secure,” said the spokesperson. “Now that the issue has been fixed, we’re letting people know.” Twitter said it waited to let its users know in order to prevent someone from learning about the issue and taking advantage of it before it was fixed.

The notice sent to affected Twitter users. (Image: TechCrunch)

Twitter said the vast majority of users had updated their Twitter for Android app and were no longer vulnerable. But the company said about 4% of users are still running an old and vulnerable version of its app, and users will be notified to update the app as soon as possible.

Many users began noticing in-app pop-ups notifying them of the issue.

News of the security issue comes just weeks after the company was hit by a hacker, who gained access to an internal “admin” tool, which along with two other accomplices hijacked high-profile Twitter accounts to spread a cryptocurrency scam that promised to “double your money.” The hack and subsequent scam netted over $100,000 in scammed funds.

The Justice Department charged three people — including one minor — allegedly responsible for the incident.

#android, #computing, #department-of-justice, #google-allo, #hackerone, #kik-messenger, #operating-systems, #security, #smartphones, #software, #spokesperson, #tc, #twitter

0

Amazon says police demands for customer data have gone up

Amazon has said the number of demands for user data made by U.S. federal and local law enforcement have increased during the first half of 2020 than during the same period a year earlier.

The disclosure came in the company’s latest transparency report, published Thursday.

The figures show that Amazon received 23% more subpoenas and search warrants, and a 29% increase in court orders compared to the first half of 2019. That includes data collected from its Amazon.com retail storefront, Amazon Echo devices and its Kindle and Fire tablets.

Breaking those figures down, Amazon said it received:

  • 2,416 subpoenas, turning over all of partial user data in 70% of cases;
  • 543 search warrants, turning over all of partial user data in 79% of cases;
  • 146 court orders, turning over all of partial user data in 74% of cases.

The number of requests to the company’s cloud services, Amazon Web Services, also went up compared to a year earlier.

But it’s not clear what caused the rise in U.S. government demands for user data. A spokesperson for Amazon did respond to a request for comment.

But the company saw the number of overseas requests drop by about one-third compared to the same period a year earlier. Amazon rejected 92% of the 177 overseas requests it received, turning over partial user data in 10 cases and all requested data in four cases.

Amazon also said it received between 0 and 249 national security requests, flat from previous reports. Justice Department rules on disclosing classified requests only allow companies to respond in numerical ranges.

Amazon was one of the last major tech companies to issue a transparency report, despite mounting pressure from privacy advocates. But its report remains far lighter on details compared to its Silicon Valley rivals.

The company’s Ring smart camera division, despite facing criticism for its poor security practices and its close relationships with law enforcement, has yet to release any data related to police requests for user data.

#amazon-alexa, #amazon-echo, #articles, #assistant, #business, #cloud-services, #department-of-justice, #hardware, #kindle, #law-enforcement, #publishing, #security, #transparency-report, #u-s-government, #united-states, #web-services

0

Garmin global outage caused by ransomware attack, sources say

An ongoing global outage at sport and fitness tech giant Garmin was caused by a ransomware attack, according to two sources with direct knowledge of the incident.

The incident began late Wednesday and continued through the weekend, causing disruption to the company’s online services for millions of users, including Garmin Connect, which syncs user activity and data to the cloud and other devices. The attack also took down flyGarmin, its aviation navigation and route-planning service.

Portions of Garmin’s website were also offline at the time of writing.

Garmin has said little about the incident so far. A banner on its website reads: “We are currently experiencing an outage that affects Garmin.com and Garmin Connect. This outage also affects our call centers, and we are currently unable to receive any calls, emails or online chats. We are working to resolve this issue as quickly as possible and apologize for this inconvenience.”

The two sources, who spoke on the condition of anonymity as they are not authorized to speak to the press, told TechCrunch that Garmin was trying to bring its network back online after the ransomware attack. One of the sources confirmed that the WastedLocker ransomware was to blame for the outage.

One other news outlet appeared to confirm that the outage was caused by WastedLocker.

Garmin’s online services have been down for days. The cause is believed to be ransomware, according to two sources with direct knowledge of the incident. (Screenshot: TechCrunch)

WastedLocker is a new kind of ransomware, first discovered by security researchers at Malwarebytes in May, operated by a hacker group known as Evil Corp. Like other file-encrypting malware, WastedLocker infects computers, and locks the user’s files in exchange for a ransom, typically demanded in cryptocurrency.

Malwarebytes said that WastedLocker does not steal or exfiltrate data before encrypting the victim’s files, unlike other, newer ransomware strains. That means companies with backups may be able to escape paying the ransom. But companies without backups have faced ransom demands as much as $10 million.

The FBI has also long discouraged victims from paying ransoms related to malware attacks.

Evil Corp has a long history of malware and ransomware attacks. The group, allegedly led by a Russian national Maksim Yakubets, is known to have used Dridex, a powerful password-stealing malware that was used to steal more than $100 million from hundreds of banks over the past decade. Later, Dridex was also used as a way to deliver ransomware.

Yakubets, who remains at large, was indicted by the Justice Department last year for his alleged part in the group’s “unimaginable” amount of cybercrime during the past decade, according to U.S. prosecutors.

The Treasury also imposed sanctions on Evil Corp, including Yakubets and two other alleged members, for their involvement in the decade-long hacking campaign.

By imposing sanctions, it’s near-impossible for U.S.-based companies to pay the ransom — even if they wanted to — as U.S. nationals are “generally prohibited from engaging in transactions with them,” per a Treasury statement.

Brett Callow, a threat analyst and ransomware expert at security firm Emsisoft, said those sanctions make it “especially complicated” for U.S.-based companies dealing with WastedLocker infections.

“WastedLocker has been attributed by some security companies to Evil Corp, and the known members of Evil Corp — which purportedly has loose connections to the Russian government — have been sanctioned by the U.S. Treasury,” said Callow. “As a result of those sanctions, U.S persons are generally prohibited from transacting with those known members. This would seem to create a legal minefield for any company which may be considering paying a WastedLocker ransom,” he said.

Efforts to contact the alleged hackers were unsuccessful. The group uses different email addresses in each ransom note. We sent an email to two known email addresses associated with a previous WastedLocker incident, but did not hear back.

A Garmin spokesperson could not be reached for comment by phone or email on Saturday. (Garmin’s email servers have been down since the start of the incident.) Messages sent over Twitter were also not returned. We’ll update if we hear back.

#apps, #crime, #crimes, #cybercrime, #department-of-justice, #gadgets, #garmin, #hacker, #hardware, #health, #malware, #ransomware, #security, #security-breaches, #spokesperson, #united-states

0

DoJ suggested OANN should call FBI about NPR’s tipline, emails show

The most salacious tips obviously also have the most dramatic backlighting.

Enlarge / The most salacious tips obviously also have the most dramatic backlighting. (credit: Andrew Brookes | Getty Images)

A representative from the Department of Justice suggested in 2018 that the Federal Bureau of Investigation should have a look into NPR’s use of a secure, encrypted tipline, newly publicized emails reveal.

Reporter Jason Leopold obtained an email exchange from DOJ officials from a Freedom of Information Act (FOIA) request and shared them on Twitter. The email thread begins with an April 2018 message from Neil McCabe, who was at the time a reporter at One America News Network (OANN), a far-right cable news channel best known for boosting and spreading conspiracy theories. McCabe was writing to Lauren Ehrsam Gorey, who was then a spokesperson in the DoJ’s Office of Public Affairs (i.e., the department’s communications and public relations division).

“Can you find out if DOJ is cool with NPR running a Tor-enabled tip email?” McCabe wrote, adding a link to NPR’s instructions for sending in confidential tips.

Read 8 remaining paragraphs | Comments

#department-of-justice, #doj, #encryption, #fbi, #federal-bureau-of-investigation, #foia, #justice-department, #npr, #oann, #policy, #securedrop, #tor

0

DOJ accuses Chinese hackers of trying to steal COVID-19 research data

The Department of Justice seal as seen during a press conference in December 2019.

Enlarge / The Department of Justice seal as seen during a press conference in December 2019. (credit: Samuel Corum | Getty Images)

Two state-sponsored hackers in China targeted US businesses in a “sophisticated and prolific threat” for more than 10 years, both for financial gain and to steal trade secrets, the Department of Justice said today.

The 11-count indictment (PDF), which was made public today, alleges Li Xiaoyu and Dong Jiazhi worked with China’s Ministry of State Security (MSS) and other agencies to hack into “hundreds of victim companies, governments, non-governmental organizations, and individual dissidents, clergy, and democratic and human rights activists in the United States and abroad.”

Li and Dong were allegedly infiltrating networks of businesses in a wide array of sectors, including “high tech manufacturing; civil, industrial, and medical device engineering; business, educational, and gaming software development; solar energy; and pharmaceuticals,” including defense contractors, since at least September 2009. In recent months, prosecutors allege, the two were seeking ways in to “the networks of biotech and other firms publicly known for work on COVID-19 vaccines, treatments, and testing technology” in at least 11 countries, including the US.

Read 7 remaining paragraphs | Comments

#china, #chinese-espionage, #covid-19, #department-of-justice, #doj, #espionage, #hackers, #hacks, #justice-department, #national-security, #policy, #spies

0

US charges two Chinese spies for a global hacking campaign that targeted COVID-19 research

U.S. prosecutors have charged two Chinese nationals, said to be working for China’s state intelligence bureau, for their alleged involvement in a massive global hacking operation that targeted hundreds of companies and governments for more than a decade.

The 11-count indictment, unsealed Tuesday, alleges Li Xiaoyu, 34, and Dong Jiazhi, 33, stole terabytes of data from high-technology companies, around the world — including the United States, the prosecutors said.

More recently, the prosecutors accused the hackers of targeting the networks of over a dozen U.S. companies in Maryland, Massachusetts and California developing vaccines and treatments for COVID-19.

The indictment comes just weeks after both the FBI and Homeland Security warned that China was actively trying to steal U.S. research data related to the coronavirus pandemic.

The FBI’s ‘wanted’ poster for Li Xiaoyu and Dong Jiazhi. (Image: FBI)

The hackers were first discovered after they targeted a U.S. Department of Energy network in Hanford, Washington, the Justice Department said. The hackers also targeted companies in Australia, South Korea, and several European nations. The hackers used known but unpatched vulnerabilities in widely-used web server software to break into their victims’ networks. By gaining a foothold onto the network, the hackers installed password-stealing software to gain deeper access to their systems. The prosecutors said that the hackers would “frequently” return to the networks — in some cases years later.

According to the indictment, the hackers stole “hundreds of millions of dollars” worth of trade secrets and intellectual property. The prosecutors also allege that the hackers stole data related to military satellite programs, military wireless networks, and high-powered microwave and laser systems from defense contractors.

The hackers are said to have targeted their victims on behalf of China’s intelligence services, but also hacked personal financial gain. Prosecutors said in one case, the hackers “sought to extort cryptocurrency” from a victim company by threatening to publish the victim’s stolen source code online.

John C. Demers, U.S. assistant attorney general for national security, said that the indictments were “concrete examples” of how China used hackers to “rob, replicate, and replace” non-Chinese companies in the global marketplace.

Demers also accused China of providing a safe-haven for the hackers.

“China has now taken its place, alongside Russia, Iran and North Korea, in that shameful club of nations that provide a safe haven for cyber criminals in exchange for those criminals being ‘on call’ to work for the benefit of the state, here to feed the Chinese Communist party’s insatiable hunger for American and other non-Chinese companies’ hard-earned intellectual property, including COVID-19 research,” said Demers.

If prosecuted, the hackers could each face more than 40 years in prison. But since the hackers are believed to still be in China, any extraditions to the U.S. are unlikely.

#australia, #china, #chinese-communist-party, #computer-security, #computing, #cybercrime, #department-of-justice, #federal-bureau-of-investigation, #hacker, #identity-theft, #information-age, #iran, #north-korea, #policy, #russia, #security, #security-breaches, #south-korea, #u-s-department-of-energy, #united-states, #washington, #web-server

0

Justice Department proposes major overhaul of Sec. 230 protections

Photoshopped image of Attorney General Bill Barr rolling a giant boulder labeled Section 230 up a mountain.

Enlarge (credit: Aurich Lawson / Getty Images)

The Department of Justice today released a set of proposals calling for sweeping reform to the law that grants immunity to apps and websites for the content users post or share to them, following months of political rhetoric about the supposed suppression of conservative speech online.

The proposal outlines recommended changes to Section 230 of the Communications Decency Act of 1996. “The time is ripe to realign the scope of Section 230 with the realities of the modern internet,” the DOJ wrote. “We must ensure that the internet is both an open and safe space for our society.”

The report (PDF) stems from a nearly year-long investigation into Big Tech that began in the department’s Antitrust Division last July. The DOJ said at the time that the probe would “consider the widespread concerns that consumers, businesses, and entrepreneurs have expressed about search, social media, and some retail services online.” The agency did not name names, but Amazon, Facebook, and Google were widely considered to be on the list.

Read 15 remaining paragraphs | Comments

#congress, #department-of-justice, #free-speech, #josh-hawley, #justice-department, #policy, #politics, #section-230

0

Microsoft pitched its facial recognition tech to the DEA, new emails show

Microsoft tried to sell its facial recognition technology to the Drug Enforcement Administration as far back as 2017, according to newly released emails.

The American Civil Liberties Union obtained the emails through a public records lawsuit it filed in October, challenging the secrecy surrounding the DEA’s facial recognition program. The ACLU shared the emails with TechCrunch.

The emails, dated between September 2017 and December 2018, show that Microsoft privately hosted DEA agents at its Reston, Va. office to demonstrate its facial recognition system, and that the DEA later piloted the technology.

It was during this time Microsoft’s president Brad Smith was publicly calling for government regulations covering the use of facial recognition.

But the emails also show that the DEA expressed concern with purchasing the technology, fearing criticism from the FBI’s use of facial recognition at the time that caught the attention of government watchdogs.

Critics have long said this face-matching technology violates Americans’ right to privacy, and that the technology disproportionately shows bias against people of color. But despite the rise of facial recognition by police and in public spaces, Congress has struggled to keep pace and introduce legislation that would oversee the as-of-yet unregulated space.

But things changed in the wake of the nationwide and global protests in the wake of the death of George Floyd, which prompted a renewed focus about law enforcement and racial injustice.

An email from a Microsoft account executive inviting DEA agents to its Reston, Va. office to demo its facial recognition technology. (Source: ACLU/supplied)

Microsoft was the third company last week to say it will no longer sell its facial recognition technology to police until more federal regulation is put into place, following in the footsteps of Amazon, which put a one-year moratorium on selling its technology to police. IBM went further, saying it will wind down its facial recognition business entirely.

But Microsoft, like Amazon, did not say if it would no longer sell to federal departments and agencies like the DEA.

“It is bad enough that Microsoft tried to sell a dangerous technology to a law enforcement agency tasked with spearheading the racist drug war, but it gets worse,” said Nathan Freed Wessler, a senior staff attorney at the ACLU. “Even after belatedly promising not to sell face surveillance tech to police last week, Microsoft has refused to say whether it would sell the technology to federal agencies like the DEA,” said Wessler.

“This is troubling given the U.S. Drug Enforcement Administration’s record, but it’s even more disturbing now that Attorney General Bill Barr has reportedly expanded this very agency’s surveillance authorities, which could be abused to spy on people protesting police brutality,” he said.

Lawmakers have since called for a halt to the DEA’s covert surveillance of protesters, powers that were granted by the Justice Department earlier in June as protests spread across the U.S. and around the world.

When reached, DEA spokesperson Michael Miller declined to answer our questions. A spokesperson for Microsoft did not respond to a request for comment.

#attorney-general, #congress, #dea, #department-of-justice, #facial-recognition, #george-floyd, #government, #law-enforcement, #learning, #president, #privacy, #security, #spokesperson, #surveillance, #united-states, #video-surveillance, #virginia

0

Decrypted: DEA spying on protesters, DDoS attacks, Signal downloads spike

This week saw protests spread across the world sparked by the murder of George Floyd, an unarmed Black man, killed by a white police officer in Minneapolis last month.

The U.S. hasn’t seen protests like this in a generation, with millions taking to the streets each day to lend their voice and support. But they were met with heavily armored police, drones watching from above, and “covert” surveillance by the federal government.

That’s exactly why cybersecurity and privacy is more important than ever, not least to protect law-abiding protesters demonstrating against police brutality and institutionalized, systemic racism. It’s also prompted those working in cybersecurity — many of which are former law enforcement themselves — to check their own privilege and confront the racism from within their ranks and lend their knowledge to their fellow citizens.


THE BIG PICTURE

DEA allowed ‘covert surveillance’ of protesters

The Justice Department has granted the Drug Enforcement Administration, typically tasked with enforcing federal drug-related laws, the authority to conduct “covert surveillance” on protesters across the U.S., effectively turning the civilian law enforcement division into a domestic intelligence agency.

The DEA is one of the most tech-savvy government agencies in the federal government, with access to “stingray” cell site simulators to track and locate phones, a secret program that allows the agency access to billions of domestic phone records, and facial recognition technology.

Lawmakers decried the Justice Department’s move to allow the DEA to spy on protesters, calling on the government to “immediately rescind” the order, describing it as “antithetical” to Americans’ right to peacefully assembly.

#ceo, #cloudflare, #computer-security, #cybercrime, #cyberwarfare, #decrypted, #department-of-justice, #extra-crunch, #federal-government, #george-floyd, #google, #government, #information-technology, #inky, #insight-partners, #internet-security, #iphone, #israel, #lastline, #law-enforcement, #market-analysis, #matthew, #matthew-prince, #minneapolis, #moxie-marlinspike, #national-security, #online-harassment, #police-brutality, #prevention, #privacy, #security, #series-b, #startups, #surveillance, #team8, #techcrunch, #united-states, #vmware

0

FBI and DHS accuse Chinese hackers of targeting U.S. COVID-19 research

In a rare joint public statement, the FBI and Homeland Security’s cybersecurity advisory unit CISA have accused top Chinese hackers of trying to steal U.S. research related to the coronavirus strain, known as COVID-19.

The statement, published today, said that Chinese hackers “have been observed attempting to identify and illicitly obtain valuable intellectual property and public health data related to vaccines, treatments and testing from networks an personnel associated with COVID-19-related research,” it reads.

“China’s efforts to target these sectors pose a significant threat to our nation’s response to COVID-19,” it reads.

Both the FBI and CISA said organizations should bolster their cybersecurity defenses.

The joint statement follows a similar announcement between U.S. and U.K. authorities last week, which warned that hackers are using password spraying — a common attack that uses recycled or default passwords to break into systems — against healthcare bodies and medical research organizations “that provide medical support services and supplies in a concerted effort to prevent incidents and enable them to focus on their response to COVID-19.”

Research firms and pharmaceutical giants have scrambled to find a vaccine for the COVID-19 strain, which experts have said is likely the only way that strict lockdown restrictions can be lifted across the world.

To date, there have been more than 4.2 million confirmed cases since it was first discovered in December.

U.S. authorities have long accused China of hacking into U.S. systems. Since 2018, Justice Department prosecutors have brought charges against several hackers, said to be working for the Chinese government, for the 2015 Anthem breach, dozens of technology giants and governmental organizations, and more recently Chinese military hackers who stole close to 150 million records from credit giant Equifax.

Beijing has repeatedly denied accusations of hacking.

But China isn’t the only government accused of using its offensive cyber prowess to steal coronavirus research. Earlier this week, Reuters reported that Iran-backed hackers targeted U.S. drugmaker Gilead, whose antiviral drug remdesivir is the only treatment that has so far shown to help patients suffering from COVID-19.

#beijing, #china, #cisa, #computer-security, #computing, #cybercrime, #cyberwarfare, #department-of-justice, #federal-bureau-of-investigation, #gilead, #government, #identity-theft, #security, #united-kingdom, #united-states

0

US Marshals says prisoners’ personal information taken in data breach

A data breach at the U.S. Marshals Service exposed the personal information of current and former prisoners, TechCrunch has learned.

A letter, sent to those affected and obtained by TechCrunch, said the Justice Department notified the U.S. Marshals on December 30, 2019 of a data breach affecting a public-facing server storing personal information on current and former prisoners in its custody. The letter said the breach may have included their address, date of birth and Social Security number, which can be used for identity fraud.

But the notice didn’t say how many current and former prisoners are affected by the breach.

As the law enforcement arm of the federal courts, U.S. Marshals are tasked with capturing fugitives and serving federal arrest warrants. Last year, U.S. Marshals arrested over 90,000 fugitives and served over 105,000 warrants.

A spokesperson for the Justice Department did not respond to a request for comment by email or phone.

It’s the latest federal government security lapse in recent weeks.

The Defense Information Systems Agency, a Dept of Defense division charged with providing technology and communications support to the U.S. government — including the president and other senior officials — said a data breach between May and July 2019 resulted in the theft of employees’ personal information.

Last month, the Small Business Administration admitted that 8,000 applicants, who applied for an emergency loan after facing financial difficulties because of the coronavirus pandemic, had their data exposed.

#computer-security, #data-breach, #data-security, #department-of-justice, #government, #privacy, #security, #security-breaches, #spies

0

Senator pushes DOJ to launch criminal antitrust probe of Amazon

We like to imagine Attorney General Barr is telling Hawley, "Just hold that thought, maybe."

Enlarge / We like to imagine Attorney General Barr is telling Hawley, “Just hold that thought, maybe.” (credit: Drew Angerer | Getty Images)

Amazon is already facing a bevy of antitrust probes, both in the United States and overseas. Just about every state, federal, and international regulator with any kind of competition regulation power is investigating the company over some aspect of its business. Sen. Josh Hawley (R-Mo.), however, wants to add one more to the pile and is calling on the Justice Department to launch a criminal probe.

“Recent reports suggest that Amazon has engaged in predatory and exclusionary data practices to build and maintain a monopoly,” Hawley wrote today in a letter (PDF) to Attorney General William Barr. “These practices are alarming for America’s small businesses under ordinary circumstances. But at a time when most small retail businesses must rely on Amazon because of coronavirus-related shutdowns, predatory data practices threaten these businesses’ very existence.”

The recent report to which Hawley refers is last week’s Wall Street Journal exposé, which found that Amazon employees accessed third-party merchants’ data as a matter of habit in order to launch their own in-house products and undercut the marketplace vendors who rely on Amazon as a platform.

Read 4 remaining paragraphs | Comments

#amazon, #antitrust, #congress, #department-of-justice, #doj, #justice-department, #policy

0

YouTube sellers found touting bogus coronavirus vaccines and masks

YouTube has been criticized for continuing to host coronavirus disinformation on its video sharing platform during a global health emergency.

Two US advocacy groups which campaign for online safety undertook an 18-day investigation of the video sharing platform in March — finding what they say were “dozens” of examples of dubious videos, including videos touting bogus vaccines the sellers claimed would protect buyers from COVID-19.

They also found videos advertising medical masks of unknown quality for sale.

There have been concerns about shortages of masks for front-line medical staff, as well as the risk of online scammers hawking low grade kit that does not offered the claimed protection against the virus.

Google said last month that it would temporarily take down ads for masks from its ad network but sellers looking to exploit the coronavirus crisis appear to be circumventing the ban by using YouTube’s video sharing platform as an alternative digital shop window to lure buyers.

Researchers working for the Digital Citizens Alliance (DCA) and the Coalition for a Safer Web (CSW) initiated conversations with sellers they found touting dodgy coronavirus wares on YouTube — and were offered useless ‘vaccines’ for purchase and hundreds of masks of unknown quality.

“There was ample reason to believe the offers for masks were dubious as well [as the vaccines], as highlighted by interactions with representatives from some of the sellers,” they said.

Their report includes screengrabs of some of the interactions with the sellers. In one a seller tells the researchers they don’t accept credit cards — but they do accept CashApp, PayPal, Google or Amazon gift cards or Bitcoin.

The same seller offered the researchers vaccines priced at $135 each, and suggested they purchase MMR/Varicella when asked which one is “the best”. Such a vaccine, even if it functioned for MMR/Varicella, would obviously offer no protection against COVID-19.

Another seller was found to be hawking “COVID-19 drugs” using a YouTube account name “Real ID Card Fake Passport Producer”.

“How does a guy calling himself ‘Real ID Card Fake Passport Producer’ even get a page on YouTube?” said Eric Feinberg, lead researcher for CSW, in a statement accompanying the report. “It’s all too easy to get ahold of these guys. We called some of them. Once you contact them, they are relentless. They’ll call you back at all hours and hound you until you buy something. They’ll call you in the middle of the night. They are predators looking to capitalize on our fear.”

A spokesman for the DCA told us the researchers compiled the report based on content from around 60 videos they identified hawking coronavirus-related ‘cures’ or kit between March 6-24.

“There are too many to count. Everyday, I find more,” added Feinberg.

The groups are also critical of how YouTube’s platform risks lending credibility to coronavirus disinformation because the platform now displays official CDC-branded banners under any COVID-19 related material — including the dubious videos their report highlights.

“YouTube also mixes trusted resources with sites that shouldn’t be trusted and that could confuse consumers — especially when they are scared and desperate,” said DCA executive director, Tom Galvin, in a statement. “It’s hard enough to tell who’s legitimate and who’s not on YouTube.”

The DCA and CSW have written letters to the US Department of Justice and the Federal Trade Commission laying out their findings and calling for “swift action” to hold bad actors accountable.

YouTube, and its parent company Google, are shirking their formal policy that prohibits content that capitalizes off sensitive events,” they write in a letter to attorney general Barr.

“Digital Citizens is sharing this information in the hopes your Justice Department will act swiftly to hold bad actors, who take advantage of the coronavirus, accountable. In this crisis, strong action will deter others from engaging in criminal or illicit acts that harm consumers or add to confusion and anxiety,” they add.

Responding to the groups’ findings a YouTube spokesperson said some of the videos the researchers had identified had not received many views.

After we contacted the company about the content YouTube told us it had removed three channels identified by the researchers in the report for violating its Community Guidelines.

In a statement YouTube added:

Our thoughts are with everyone affected by the coronavirus around the world. We’re committed to providing helpful information at this critical time, including raising authoritative content, reducing the spread of harmful misinformation and showing information panels, using WHO / CDC data, to help combat misinformation. To date, there have been over 5B impressions on our information panels for coronavirus related videos and searches. We also have clear policies against COVID-19 misinformation and we quickly remove videos violating these policies when flagged to us.

The DCA and CSW also recently undertook a similar review of Facebook’s platform — finding sellers touting masks for sale despite the tech giant’s claimed ban on such content. “Facebook promised CNN when they did a story on our report about them that the masks would be gone a week ago, but the researchers from CSW are still finding the masks now,” their spokesman told us.

Earlier this week the Tech Transparency Project also reported still being able to find masks for sale on Facebook’s platform. It found examples of masks showing up in Google’s targeted ads too.

#ad-network, #coalition-for-a-safer-web, #coronavirus, #covid-19, #department-of-justice, #digital-citizens-alliance, #federal-trade-commission, #google, #online-disinformation, #online-safety, #paypal, #social, #youtube

0

Justice Dep’t tackles coronavirus scam site, first of probably many

Stock photo of hands operating a laptop while holding a credit card.

Enlarge / Fraudulent websites never actually look like this, really, but if you come across one that does, maybe don’t put in your credit card information. (credit: boonchai wedmakawand | Getty Images )

The US Department of Justice is keeping busy during the coronavirus crisis: the agency has filed its first—but unfortunately, almost certainly not last—suit to take down a fraudulent scheme allegedly trying to profit off Americans’ fears about the virus.

The DOJ said late Sunday that it filed suit in Austin against the operators of website coronavirusmedicalkit.com and issuing a restraining order requiring the registrar to block access to it. (As of this writing the site is indeed offline.)

The site operators were engaging in a “predatory wire fraud scheme,” the suit (PDF) alleges. When it was online, the site claimed that the World Health Organization was offering free vaccine kits for COVID-19. All users had to do to get these “free” kits was enter their credit card information and pay $4.95 for shipping. The site also featured an image of Dr. Anthony Fauci—the director of the National Institute of Allergy and Infectious Diseases and current leading US expert in infections disease—to make itself look more official.

Read 5 remaining paragraphs | Comments

#coronavirus, #covid-19, #department-of-justice, #doj, #fraud, #justice-department, #policy, #scams

0