Russian-led cybercrime network dismantled in global operation
European and North American cybercrime investigators say they have dismantled the heart of a malware operation directed by Russian criminals after a global operation involving British, Canadian, Danish, Dutch, French, German and US police.International arrest warrants have been issued for 20 suspects, most of them living in Russia, by European investigators while indictments were unsealed in the US against 16 individuals.Those charged include the alleged leaders of the Qakbot and Danabot malware operations, including Rustam Rafailevich Gallyamov, 48, who lives in Moscow and Aleksandr Stepanov, 39, AKA JimmBee and Artem Aleksandrovich Kalinkin, 34, AKA Onix, both of Novosibirsk, Russia, the US Department of Justice said.Cyber-attacks aimed at destabilising governments or simple theft and blackmail are becoming increasingly pernicious.The high-street retailer Marks & Spencer is one of the most high-profile and recent victims in the UK this month.
The Europeans led by the German crime agency, Bundeskriminalamt (BKA) released public appeals in its attempts to track down 18 suspects believed to be involved in the Qakbot malware family along with a third malware known as Trickbot.BKA and its international counterparts said the majority of the suspects were Russian citizens.The Russian national Vitalii Nikolayevich Kovalev, 36, already wanted in the US, is one of BKA’s most wanted.He is allegedly behind Conti, considered to be the most professional and best-organised ransomware blackmail group in the world with Kovalev described as one of the “most successful blackmailers in the history of cybercrime” by German investigators.Using the pseudonyms Stern and Ben, BKA allege he is claimed to have attacked hundreds of companies worldwide and extracted large ransom payments from them.
Kovolev, 36, from Volgorod, is believed to be living in Moscow, where several firms are registered in his name.He was identified by US investigators in 2023 as having been a member of Trickbot.Investigators now also believe he was at the helm of Conti and other blackmail groups, such as Royal and Blacksuit (founded in 2022).His own cryptowallet is said to be worth about €1bn.BKA said, along with international partners, of the 37 perpetrators they identified they had enough evidence to issue 20 arrest warrants.
The US attorney’s office in California at the same time unsealed the details of charges against 16 defendants who allegedly “developed and deployed the DanaBot malware”,The criminal infiltrations into victims’ computers were “controlled and deployed” by a Russia-based cybercrime organisation that has infected more than 300,000 computers around the world particularly in the US, Australia, Poland, India and Italy,It was advertised on Russian-language criminal forums and also had an “espionage variant used to target military, diplomatic, government and non-governmental organisations” the indictment states,“For this variant, separate servers were established, such that data stolen from these victims was ultimately stored in the Russian federation,”Also on the Europe most-wanted list as a result of the German operation is a 36-year-old Russian-speaking Ukrainian, Roman Mikhailovich Prokop, a suspected member of Qakbot, according to BKA.
Operation Endgame was instigated by the German authorities in 2022.The BKA president, Holger Münch, said Germany was a particular focus of cybercriminals.BKA in particular is investigating the suspected perpetrators’ involvement in gang-related activities and commercial extortion as well as membership of an overseas-based criminal organisation.Between 2010 and 2022 the Conti group focused specifically on US hospitals, increasing its attacks during the Covid pandemic.US authorities had offered a $10m reward to anyone who would lead them to its figureheads.
Most suspects are operating in Russia, some also in Dubai,Their extradition to Europe or the US was unlikely, Münch said, but their identification was significant and damaging to them,“With Operation Endgame 2,0, we have once again demonstrated that our strategies work – even in the supposedly anonymous darknet,”
OpenAI buys iPhone architect’s startup for $6.4bn
OpenAI is buying an untested startup for $6.4bn, the ChatGPT maker’s biggest acquisition yet. The hardware startup, called io, was founded by Apple design guru Jony Ive, known best as one of the principal architects of the iPhone. Ive and OpenAI’s CEO, Sam Altman, said in a blog post that their partnership has been two years in the making.“A collaboration built upon friendship, curiosity and shared values quickly grew in ambition,” they wrote in the blog post, which offered scant details on upcoming devices
Scattered Spider is focus of NCA inquiry into cyber-attacks against UK retailers
A hacker community known as Scattered Spider is a key suspect in a criminal inquiry into cyber-attacks against UK retailers including Marks & Spencer, detectives have said.Scattered Spider, a loose collective of native English-speaking cybercriminals, has been strongly linked with hacks against M&S, the Co-op and Harrods. M&S said on Wednesday it will take an estimated £300m hit to profits after its systems were hacked last month.The UK’s National Crime Agency, whose remit includes combating cybercrime, said the group was a focus in its investigations.“We are looking at the group that is publicly known as Scattered Spider, but we’ve got a range of different hypotheses and we’ll follow the evidence to get to the offenders,” Paul Foster, the head of the NCA’s national cybercrime unit, told the BBC
Most AI chatbots easily tricked into giving dangerous responses, study finds
Hacked AI-powered chatbots threaten to make dangerous knowledge readily available by churning out illicit information the programs absorb during training, researchers say.The warning comes amid a disturbing trend for chatbots that have been “jailbroken” to circumvent their built-in safety controls. The restrictions are supposed to prevent the programs from providing harmful, biased or inappropriate responses to users’ questions.The engines that power chatbots such as ChatGPT, Gemini and Claude – large language models (LLMs) – are fed vast amounts of material from the internet.Despite efforts to strip harmful text from the training data, LLMs can still absorb information about illegal activities such as hacking, money laundering, insider trading and bomb-making
‘Every person that clashed with him has left’: the rise, fall and spectacular comeback of Sam Altman
From Elon Musk to his own board, anyone who has come up against the OpenAI CEO has lost. In a gripping new account of the battle for AI supremacy, writer Karen Hao says we should all be wary of the power he now wieldsThe short-lived firing of Sam Altman, the CEO of possibly the world’s most important AI company, was sensational. When he was sacked by OpenAI’s board members, some of them believed the stakes could not have been higher – the future of humanity – if the organisation continued under Altman. Imagine Succession, with added apocalypse vibes. In early November 2023, after three weeks of secret calls and varying degrees of paranoia, the OpenAI board agreed: Altman had to go
Elon Musk claims he will step back from political donations in near future
Elon Musk claimed on Tuesday that he would decrease the amount of money he spends on politics for the foreseeable future. If true, the reduction would represent a significant turnaround after the world’s richest person positioned himself as the Republican party’s most enthusiastic donor over the last year.“I think, in terms of political spending, I’m going to do a lot less in the future,” Musk said during a video interview with Bloomberg News at the Qatar Economic Forum.Bloomberg’s Mishal Husain asked the Tesla CEO if he had decided how much to spend on midterm elections, which elicited Musk’s response. When asked why he was pulling back, Musk said flatly: “I think I’ve done enough” – drawing laughs from the audience, although it was unclear if he was joking
Almost half of young people would prefer a world without internet, UK study finds
Almost half of young people would rather live in a world where the internet does not exist, according to a new survey.The research reveals that nearly 70% of 16- to 21-year-olds feel worse about themselves after spending time on social media. Half (50%) would support a “digital curfew” that would restrict their access to certain apps and sites past 10pm, while 46% said they would rather be young in a world without the internet altogether.A quarter of respondents spent four or more hours a day on social media, while 42% of those surveyed admitted to lying to their parents and guardians about what they do online.While online, 42% said they had lied about their age, 40% admitted to having a decoy or “burner” account, and 27% said they pretended to be a different person completely
Sónar festival hit with artist boycott over alleged links to Israel
Jimmy Kimmel on Republicans’ mega-bill: ‘Takes from the poor and gives to the rich, brazenly’
Stephen Colbert on Trump’s ‘big, beautiful bill’: ‘Like the husky guy at a male strip club’
‘I’m still standing’: Kevin Spacey makes his comeback at chaotic Cannes gala
Jon Stewart on CNN’s Biden book: ‘Selling you a book about news they should have told you’
Arena: if you liked Rocky, you’ll love Rocky with monsters