In perhaps the cutest hacker story of the year, a trio of technologists from India found an novel way to bypass Apple’s location restrictions on the AirPod Pro 2 so they could enable the headphones’ hearing aid feature for their grandmothers. The break-in required a homemade Faraday cage, a microwave, and a lot of trial and error.
On the other end of the technological advancement spectrum, the US military is currently testing an AI-enabled machine gun that can automatically target swarms of drones. The Bullfrog, built by Allen Control Systems, is one of several advanced weapons technologies being developed to combat the growing threat of affordable, miniature drones on the battlefield.
The U.S. Department of Justice announced this week that an 18-year-old from California pleaded guilty to carrying out or organizing more than 375 swatting attacks across the United States.
And of course Donald Trump. This week we published a practical guide to protecting yourself from government surveillance. Of course, WIRED has been covering the dangers of government surveillance for decades. But with the president-elect clearly threatening to jail his political enemies – whoever they may be – now is probably a good time to brush up on your digital best practices.
In addition to potential surveillance of U.S. citizens, U.S. Immigration and Customs Enforcement began increasing its surveillance arsenal the day after Trump won re-election. Meanwhile, experts expect the incoming administration to roll back cybersecurity rules put in place under President Joe Biden while taking a tougher stance against state-sponsored hostile hackers. And if all this political upheaval makes you feel like protesting, watch out: An investigation published jointly by WIRED and The Marshall Project found that mask bans in several states add a up-to-date, complicated level to the exercise of free speech.
And that’s not all. Each week, we summarize privacy and security news that we haven’t covered in detail ourselves. Click on the headlines to read full stories and stay secure.
In August 2016, approximately 120,000 bitcoins – then worth approximately $71 million – were stolen in a hack of the Bitfinex cryptocurrency exchange. Then in 2022, as the value of the cryptocurrency skyrocketed, law enforcement officers in Modern York arrested husband and wife Ilya Lichtenstein and Heather Morgan in connection with the hacking and laundering of vastly inflated stolen cryptocurrency worth $4.5 billion. (Investigators recovered $3.6 billion in funds at that time.)
Fraudsters are increasingly using artificial intelligence as part of their criminal tools, using the technology to create deepfakes, translate scripts and escalate the efficiency of their operations. However, artificial intelligence is also turned against cheaters. British telecommunications company Virgin Media and its mobile operator O2 have created a up-to-date “AI grandma” that can respond calls from scammers and keep them talking. According to The Register, the system uses various artificial intelligence models that listen to what the fraudster is saying and respond immediately. In one case, the company says it kept a fraudster on the line for 40 minutes and in another case it provided false personal information. Unfortunately, the system (at least at the moment) is not able to directly receive calls to your phone; instead, O2 created a special phone number for the system, which the company says it managed to get on lists of numbers dialed by fraudsters.
In a up-to-date legal strategy aimed at those trying to hold commercial spyware providers accountable, lawyer Andreu Van den Eynde, who was allegedly the victim of an NSO Group spyware hack, directly accuses two of the company’s founders, Omri Lavi and Shalev Hulio, and one of its directors, Yuval Somekh, about hacking crimes in the lawsuit. Barcelona-based nonprofit Iridia announced this week that it had filed a complaint in a Catalan court. Van den Eynde was reportedly the victim of a hacking campaign that used NSO’s notorious Pegasus spyware against at least 65 Catalans. Van den Eynde and Iridia originally sued NSO Group in a Barcelona court in 2022, along with affiliates Osy Technologies and Q Cyber Technologies. “Those responsible for NSO Group must explain their specific activities,” the legal representative of Iridia and Van den Eynde wrote in the complaint, which was written in Catalan and translated by TechCrunch.
Research released this week by mobile device management firm Jamf found that North Korea-linked hackers were working to implant malware into macOS apps built using a specific open-source software development kit. The campaigns focused on cryptocurrency targets and featured infrastructure similar to systems used by the notorious North Korean group Lazarus. It is unclear whether this action led to actual compromise of the victim or was still in the testing phase.
Financially motivated and state-backed hackers have fewer opportunities to exploit malware targeting Apple Macs than hacking tools that infect Microsoft Windows or Linux desktops and servers. So when Mac malware appears, it’s usually a niche problem, but it can also be a revealing indicator of hacker trends and priorities.
