The Chinese government has quietly arrested a handful of hackers at the urging of the U.S. government — an unprecedented step to defuse tensions with Washington at a time when the Obama administration has threatened economic sanctions.
The action came a week or two before President Xi Jinping’s state visit to Washington late last month. The hackers had been identified by U.S. officials as having stolen commercial secrets from U.S. firms to be sold or passed along to Chinese state-run companies. The arrests come amid signs of a potential change in the power balance between the U.S. and Chinese governments on commercial cyberespionage, one of the most fraught issues between the two countries.Read more
Months before its technology became the centerpiece of Samsung’s new mobile payment system, LoopPay, a small Massachusetts subsidiary of the South Korean electronics giant, was the target of a sophisticated attack by a group of government-affiliated Chinese hackers.
As early as March, the hackers — alternatively known as the Codoso Group or Sunshock Group by those who track them — had breached the computer network of LoopPay, a start-up in Burlington, Mass., that was acquired by Samsung in February for more than $250 million, according to several people briefed on the still-unfolding investigation, as well as Samsung and LoopPay executives.Read more
A new species of malware that shows fullscreen ads is flourishing on Apple devices in China and Taiwan. The development follows reports last month that apps loaded with malware had to be purged from the company's App Store.
The malicious software, dubbed YiSpecter, is reportedly able to install and launch arbitrary iOS apps, replace existing apps with those it downloads, hijack other apps' execution to display advertisements, change Safari's default search engine, bookmarks and opened pages, and upload device information. In China, QVOD was popular for its ability to allow users to share pornographic content.Read more
Uber is off to a rocky start in China. The company threatened to punish any of its drivers that took part in protests against the taxi app, a large number of trips in the country are false trips concocted by drivers looking to make some easy yuan on Uber's dime.
Now, it looks like Chinese fraudsters are using hacked Uber accounts to take free trips. In May, thousands of Uber accounts were for sale on the dark web, for as little as $1 each. In August, the price of hacked accounts dropped to just 40 cents. Those accounts were accessed by hackers because Uber customers had used the same password in their taxi app as one for another service.Read more
Relations between Russia and the United States are not hopeless, and the two countries can undertake various joint diplomatic efforts, Andrei Krutskikh, Russian Foreign Ministry’s ambassador-at-large and presidential special envoy in international cooperation in information security, said.
The UN’s Group of Governmental Experts submitted a report presenting the rules of the road in cyberspace that all nations should respect, emphasizing that the countries should not intentionally damage each other’s infrastructure with cyber-attacks. Representatives from 20 countries were involved in the preparation of the report.Read more
A group of China-linked hackers that has mowed through the databanks of major American health insurers and stolen personnel records of U.S. military and intelligence agencies has struck at the heart of the nation’s air-travel system.
Sabre Corp., which processes reservations for hundreds of airlines and thousands of hotels, confirmed that its systems were breached recently, while American Airlines Group Inc., the world’s biggest carrier, said it is investigating whether hackers had entered its computers. Both companies were hacked as part of the same wave of attacks that targeted insurer Anthem Inc. and the U.S. government’s personnel office.Read more
The Sunday Times produced what at first sight looked like a startling news story: Russia and China had gained access to the cache of top-secret documents leaked by former NSA contractor turned whistleblower Edward Snowden.
Not only that, but as a result, Britain’s overseas intelligence agency, the Secret Intelligence Service, better known as MI6, had been forced “to pull agents out of live operations in hostile countries”. These are serious allegations and, as such, the government has an obligation to respond openly. The story is based on sources including “senior officials in Downing Street, the Home Office and the security services”.Read more
The Obama administration is scrambling to assess the impact of a massive data breach involving the agency that handles security clearances and US government employee records, with suspicion quickly falling on China, which has been accused of carrying out cyber-espionage against the US in the past.
Government officials familiar with the situation told the hack occurred at the Office of Personnel Management and the Interior Department, and could potentially affect four million people at every federal agency. The OPM is the human resources department for the federal government and does checks for security clearances.Read more
A popular coding website of the USA is enduring an onslaught of Internet traffic meant for China’s most popular search engine, and security experts say the episode likely represents an attempt by China to shut down anticensorship tools.
The attack on a service world-wide software development used by programmers and major tech firms appears to underscore how China’s Internet censors increasingly reach outside the country to clamp down on content they find objectionable. Security experts said the traffic onslaught directed huge amounts of traffic from overseas users of Chinese search giant Baidu Inc. to GitHub.Read more
Are you tired of punching in numbers or swiping strange patterns to unlock your smartphone? Some of the new phones are sporting fingerprint scanners and facial recognition, but a new device from ZTE uses a very different biometric security measure to lock its screen.
EyeVerify’s technology uses an ordinary front-facing camera — its only requirement is that it takes photos at least one megapixel large. EyeVerify authenticates users by looking at vein patterns formed by blood vessels. One major question is what EyeVerify does better than fingerprint scanners, which have become the de facto biometric security measure for smartphones.Read more