A ‘Bulletproof’ Criminal VPN Was Taken Down in a Global Sting

As 2020 arrives To a close, it is perhaps only fitting that both the US government and the private sector are reducing the massive hacking spree and holding Russia widely responsible. There will be more news to come about SolarWinds supply chain attack And other elements of the broader campaign are possible, but meanwhile officials, security practitioners and researchers are all amazed at the question of how to draw the line on global espionage and prevent destructive and otherwise unacceptable hacking.

It is important to understand where things stand today Look back About the Trump administration’s cybersecurity policy, its merits (some of it accidental), and its shortcomings. Read below for President-Elect Joe Biden’s first critical comment about how his administration can be an increasingly important, yet difficult, question of implementing effective global norms in cyberspace.

And there is more. Every Saturday we round up stories of security and privacy that we do not break into or report deeply but think you should know about it. Click on the headlines to read them, and stay safe there!

on Tuesday, Europol, The US Department of Justice, and other international law enforcement agencies announced a coordinated sting against Safe-Int, a virtual private network popular with ransomware groups, spearfishers, and stolen data vendors. VPN-safe-inet.com, safe-inet.net and insorg.org- and other parts of its infrastructure are involved in an attempt to seize the three domains used to deliver, so user service and visitors only See law enforcement notifications of sites for their removal that cannot be reached. Officials did not provide information on which hacking group used the VPN, but they described it as specialized in “bulletproof” protection, meaning VPNs support uninterrupted criminal operations and complaints of abuse and even legislation Enforcement was willing to try to ignore the requests. “Criminals may run away, but they cannot hide from law enforcement and we will continue to outsource them together with our partners,” said Edwarddas Eleris, head of Europol’s European Cybercrime Center.

New research by Citizen Lab of the University of Toronto’s Citizen Lab of Global Research and Public Policy indicates that suspected government hackers outside Saudi Arabia and the United Arab Emirates compromised 36 smartphones in private al Jazeera Journalist and one Al Aarabi TV. The targeted campaign used an interaction-less or “zero-click” iPhone for the initial attack, a hacking technique Particularly dangerous Because it does not require any input from the target and hence it is difficult to defend. Hackers then used the infamous piece of NSO Group spyware, Known as PegasusTo deeply compromise and survey victims’ data and digital activity. The exploit series, called Kabate, affected iOS 13.5.1 and iPhone 11, which was on at the time of the attacks, along with other iOS versions and iPhones. It is believed that it does not affect iOS 14.

The Department of Homeland Security and the Federal Bureau of Investigation have added a website titled “People of the Enemies” for Iranian actors. The site included information such as the alleged addresses of state and federal election officials, including FBI Director Christopher Ray, and voting equipment manufacturers. The aim was to promote allegations that led to the loss of President Donald Trump in the recent US presidential election. The website is no longer accessible, but contains photographs of previously depicted targets superimposed with bull’s eyes. Although recently Russian actors are back in the news, Iranian hackers have been active throughout 2020 and A Specially focused On the US presidential election season.

President-Elect Joe Biden first hinted at how his administration could deal with cyber security issues and digital espionage on Tuesday. During an address in Willington, Delaware, Biden criticized the Trump administration for publicly reacting to the culprits in the SolarWinds supply chain attack. He also said that the Defense Department limited the briefings the Biden transition team received about the situation, “so I don’t know anything that suggests it is under control.” Biden said, “Cyberattacks should be regarded as a serious threat by our leadership at the highest level. This means being clear … responsible for the attack and taking meaningful steps to capture them.” The incoming president also said that his administration would work to establish “international rules of the road on cyberspace”.

More Great WIRED Stories