Slash_Account_Dot - Slashdot User

Submission + - Verizon gave confidential phone data to stalker (404media.co)

Submitted by Slash_Account_Dot on Friday December 08, 2023 @12:59PM

Slash_Account_Dot writes: The FBI investigated a man who allegedly posed as a police officer in emails and phone calls to trick Verizon to hand over phone data belonging to a specific person that the suspect met on the dating section of porn site xHamster, according to a newly unsealed court record. Despite the relatively unconvincing cover story concocted by the suspect, including the use of a clearly non-government ProtonMail email address, Verizon handed over the victim’s data to the alleged stalker, including their address and phone logs. The stalker then went on to threaten the victim and ended up driving to where he believed the victim lived while armed with a knife, according to the record.
The news is a massive failure by Verizon who did not verify that the data request was fraudulent, and the company potentially put someone’s safety at risk. The news also highlights the now common use of fraudulent emergency data requests (EDRs) or search warrants in the digital underworld, where criminals pretend to be law enforcement officers, fabricate an urgent scenario such as a kidnapping, and then convince telecoms or tech companies to hand over data that should only be accessible through legitimate law enforcement requests. As 404 Media previously reported, some hackers are using compromised government email accounts for this purpose.

Submission + - Mystery Customer for Palmer Luckey's Aircraft-Killing Drone Is US Special Forces (404media.co)

Submitted by Slash_Account_Dot on Friday December 01, 2023 @11:27AM

Slash_Account_Dot writes: U.S. Special Operations Command (USSOCOM) has paid over ten million dollars for a new autonomous aircraft made by Anduril, the defense startup run by Palmer Luckey, which is capable of carrying explosive warheads and taking down other aircraft, or re-landing itself if it doesn’t engage in an attack, 404 Media has found.

On Friday, Anduril announced the existence of the person-size drone called “Roadrunner.” In his own Twitter thread, Luckey said Roadrunner has been “operationally validated with an existing U.S. government customer,” but did not name the agency. Multiple publications which appeared to have the news under embargo, including Bloomberg and Defense One, added that the company is not allowed to say which customer bought the technology.

It took 404 Media around 25 seconds to find the customer is likely USSOCOM.

Submission + - Video shows a SIM swapper physically robs a T-Mobile for access to worker tablet (404media.co)

Submitted by Anonymous Coward on Friday November 10, 2023 @10:47AM

An anonymous reader writes: A young man sits in a car, pointing a cellphone camera out of the window, seemingly trying to remain undetected. As he breathes heavily in anticipation, he peers at a T-Mobile store across the road from where he is parked.
Suddenly, there is some commotion inside. An accomplice grabs something off a table where a T-Mobile employee is sitting. The accomplice, dressed in a mask and black baseball cap, then bursts out of the store and clumsily sprints towards the car.
The man in the vehicle starts laughing, then giggling uncontrollably like a child. The pair got what they came for: a T-Mobile employee’s tablet, the sort workers use everyday when dealing with customer support issues or setting up a new phone.

Submission + - How a 'Refund Fraud' Gang Stole $700,000 From Amazon (404media.co)

Submitted by Anonymous Coward on Tuesday November 07, 2023 @10:33AM

An anonymous reader writes: The U.S. government has indicted alleged members of a criminal group that uses insiders at Walmart and other techniques to commit “refund fraud” on a massive scale, according to recently unsealed court records. In short, the scam involves someone ordering an item from, say, Amazon—which in this case says it lost $700,000—receiving the item, and then using one of various tricks to get their money back from the retailer. The person is then free to sell the item online, and the criminal group takes a fee.
The indictment as well as 404 Media’s own research into refund fraud reveals a professionalized ecosystem of sellers and people providing various services as part of the wide-reaching scam. As well as malicious insiders, refund scammers take advantage of customer service representatives and online retailers’ lax refund policies to get expensive items for free. This is not a crime whose only victims are giant retailers, who may garner little sympathy. Delivery drivers, who already have very difficult jobs, are often dinged for misdelivering or failing to deliver a package, which is something these types of scams often rely on.

Submission + - "Encryption king" arrested in Istanbul (404media.co)

Submitted by Anonymous Coward on Monday November 06, 2023 @06:50PM

An anonymous reader writes: Hakan Ayik, an infamous drug trafficker who also popularized the use of certain brands of encrypted phones around the world, was arrested during a series of dramatic raids in Turkey last week. At one point a group of heavily armed Turkish tactical officers in brown and gray camouflage piled outside an apartment and banged on the door repeatedly. They then smashed the door down and moved inside with a riot shield, according to a video tweeted by Turkey’s Minister of the Interior. The video then showed a photograph of Ayik, shirtless and on his knees while staring straight ahead, surrounded by multiple officers.
It was a moment that capped off the arrest of Australia’s most wanted man, and a sign that Turkey is no longer a safe haven to organized criminals. But it was also something of a closing act on Anom, a brand of encrypted phone that the FBI secretly took over and managed for years after inserting a backdoor into the product, allowing agents to read tens of millions of messages sent across it. Ayik unknowingly helped the FBI gain that piercing insight into organized crime by selling the devices to other criminal associates. Given Ayik’s position as a trusted authority on what communications tools drug traffickers should use, one associate even referred to him as the “encryption king” in an Anom message I’ve seen.

Submission + - AI Cameras Took Over One Small American Town. Now They're Everywhere (404media.co)

Submitted by Anonymous Coward on Thursday November 02, 2023 @09:39AM

An anonymous reader writes: This is a demonstration of Fusus, an AI-powered system that is rapidly springing up across small town America and major cities alike. Fusus’ product not only funnels live feeds from usually siloed cameras into one central location, but also adds the ability to scan for people wearing certain clothes, carrying a particular bag, or look for a certain vehicle.

404 Media has obtained a cache of internal emails, presentations, memos, photos, and more which provide insight into how Fusus teams up with police departments to sell its surveillance technology. All around the country, city councils are debating whether they want to have a system that qualitatively changes what surveillance cameras mean for a town’s residents and public agencies. While many have adopted Fusus, others have pushed back, and refused to have the hardware and software installed in their neighborhoods.

Submission + - ICE uses tool to find "derogatory" speech online (404media.co)

Submitted by Anonymous Coward on Tuesday October 24, 2023 @09:16AM

An anonymous reader writes: Immigration and Customs Enforcement (ICE) has used a system called Giant Oak Search Technology (GOST) to help the agency scrutinize social media posts, determine if they are “derogatory” to the U.S., and then use that information as part of immigration enforcement, according to a new cache of documents reviewed by 404 Media.
The documents peel back the curtain on a powerful system, both in a technological and a policy sense—how information is processed and used to decide who is allowed to remain in the country and who is not.
“The government should not be using algorithms to scrutinize our social media posts and decide which of us is ‘risky.’ And agencies certainly shouldn't be buying this kind of black box technology in secret without any accountability. DHS needs to explain to the public how its systems determine whether someone is a ‘risk’ or not, and what happens to the people whose online posts are flagged by its algorithms,” Patrick Toomey, Deputy Director of the ACLU's National Security Project, told 404 Media in an email. The documents come from a Freedom of Information Act (FOIA) lawsuit brought by both the ACLU and the ACLU of Northern California. Toomey from the ACLU then shared the documents with 404 Media.

Submission + - Inside a $30 million bitcoin laundering ring in New York (404media.co)

Submitted by Slash_Account_Dot on Friday October 20, 2023 @09:08AM

Slash_Account_Dot writes: For years, a gang operating in New York allegedly offered a cash-for-Bitcoin service that generated at least $30 million, with men standing on street corners with plastic shopping bags full of money, drive-by pickups, and hundreds of thousands of dollars laid out on tables, according to court records.
The records provide rare insight into an often unseen part of the criminal underworld: how hackers and drug traffickers convert their Bitcoin into cash outside of the online Bitcoin exchanges that ordinary people use. Rather than turning to sites like Coinbase, which often collaborate with and provide records to law enforcement if required, some criminals use underground, IRL Bitcoin exchanges like this gang which are allegedly criminal entities in their own right.

Submission + - Hackers compromise accounts of Kodex, company that does Big Tech's data requests (404media.co)

Submitted by Slash_Account_Dot on Thursday October 19, 2023 @07:33PM

Slash_Account_Dot writes: Hackers are targeting accounts on Kodex, a platform that connects law enforcement agencies and tech companies and which is designed to verify emergency requests for customer data, according to multiple online conversations between hackers viewed by 404 Media.
Screenshots from one of the compromised accounts shows a panel where a law enforcement officer, or a hacker, can potentially “create a new request.” The screenshots show a wide range of companies such as tech giants Meta and Microsoft’s LinkedIn; cryptocurrency exchanges Binance and Coinbase; social media platforms Pinterest, Discord, and Snapchat; financial service Fidelity, and gaming platform Roblox. The compromised account appears to belong to a national police force, but the screenshots do not include the agency’s full name.

Submission + - ICE, CBP, Secret Service All Illegally Used Smartphone Location Data (404media.co)

Submitted by Slash_Account_Dot on Thursday October 05, 2023 @06:00PM

Slash_Account_Dot writes: In a bombshell report, an oversight body for the Department of Homeland Security (DHS) found that Immigration and Customs Enforcement (ICE), Customs and Border Enforcement (CBP), and the Secret Service all broke the law while using location data harvested from ordinary apps installed on smartphones. In one instance, a CBP official also inappropriately used the technology to track the location of coworkers with no investigative purpose.
For years U.S. government agencies have been buying access to location data through commercial vendors, a practice which critics say skirts the Fourth Amendment requirement of a warrant. During that time, the agencies have typically refused to publicly explain the legal basis on which they based their purchase and use of the data. Now, the report shows that three of the main customers of commercial location data broke the law while doing so, and didn’t have any supervisory review to ensure proper use of the technology. The report also recommends that ICE stop all use of such data until it obtains the necessary approvals, a request that ICE has refused.

Submission + - Journalists test an iPhone-to-HDMI adaptor which demands location/browsing data (404media.co)

Submitted by Slash_Account_Dot on Friday September 29, 2023 @11:16AM

Slash_Account_Dot writes: I recently got my hands on an ordinary-looking iPhone-to-HDMI adapter that mimics Apple’s branding and, when plugged in, runs a program that implores you to “Scan QR code for use.” That QR code takes you to an ad-riddled website that asks you to download an app that asks for your location data, access to your photos and videos, runs a bizarre web browser, installs tracking cookies, takes “sensor data,” and uses that data to target you with ads. The adapter’s app also kindly informed me that it’s sending all of my data to China.
The cord was discovered by friend of 404 Media John Bumstead, an electronics refurbisher and artist who buys devices in bulk from electronics recyclers. Bumstead tweeted about the cord and was kind enough to send me one so I could try it myself. Joseph has written about malicious lightning cables and USB cables made by hackers that can be used for keystroke logging and spying. While those malicious lightning cables are products marketed for spying, the HDMI adapter Bumstead has been found in the wild and is just another crappy knockoff cable sold on Amazon’s increasingly difficult to navigate website. This HDMI adapter is designed to look exactly like Apple’s same adapter. Here they are side-by-side:

Submission + - Getting data from NSA would take "days" so another agency bought data instead (404media.co)

Submitted by Slash_Account_Dot on Tuesday September 26, 2023 @10:25AM

Slash_Account_Dot writes: A federal counterintelligence agency tracking hackers has bought data harvested from the backbone of the internet by a private company because it was easier and took less time than getting similar data from the NSA, according to internal U.S. government documents. According to the documents, going through an agency like the NSA could take “days,” whereas a private contractor could provide the same data instantly.

The news is yet another example of a government agency turning to the private sector for novel datasets that the public is likely unaware are being collected and then sold.

Submission + - Top Google image result for "tank man" is an AI "selfie" of the man (404media.co)

Submitted by Slash_Account_Dot on Wednesday September 20, 2023 @09:19AM

Slash_Account_Dot writes: The first thing you’ll see if you search Google for “tank man” right now will not be the iconic picture of the unidentified Chinese man who stood in protest in front of a column of tanks leaving Tiananmen Square, but an entirely fake, AI-generated selfie of that historical event.
While the AI-generated selfie doesn’t appear to be deliberate misinformation, it highlights an inherent problem with the current state of generative AI and the internet: It is exceedingly easy to use AI tools to generated endless images, text, and audio with little more than a click of a button, and as this content floods every online platform, we, and the platforms we use to surface information, still don’t have a good way to identify and differentiate it from human-made content, manually or automatically.

Submission + - Lithuania was the country that secretly intercepted encrypted msgs for the FBI (404media.co)

Submitted by Slash_Account_Dot on Monday September 11, 2023 @09:27AM

Slash_Account_Dot writes: That country “requested its participation be kept confidential,” according to a document I previously obtained. The document said the third country was a European Union member but did not name the country itself. “The FBI is neither now nor in the future in a position to release the identity of the aforementioned third country,” the document added.

That country was Lithuania, 404 Media has learned from a source briefed on the operation but who did not work on it on the U.S. side.

Submission + - 2D to 3D AI startup was actually humans doing the work manually (404media.co)

Submitted by Slash_Account_Dot on Wednesday September 06, 2023 @11:35AM

Slash_Account_Dot writes: An artificial intelligence company, whose founder Forbes included in a 30 Under 30 list recently, promises to use machine learning to convert clients’ 2D illustrations into 3D models. In reality the company, called Kaedim, uses human artists for “quality control.” According to two sources with knowledge of the process interviewed by 404 Media, at one point, Kaedim often used human artists to make the models. One of the sources said workers at one point produced the 3D design wholecloth themselves without the help of machine learning at all.

The news pulls back the curtain on a hyped startup and is an example of how AI companies can sometimes overstate the capabilities of their technology. Like other AI startups, Kaedim wants to use AI to do tedious labor that is currently being done by humans. In this case, 3D modeling, a time consuming job that video game companies are already outsourcing to studios in countries like China.

Slashdot Top Deals