The Covid-19 pandemic has provided boundless opportunities for scammers since January at least. But a group of fraudsters known as Scattered Canary has reached new depths, ripping off state unemployment systems for millions of dollars just as funds are running dangerously low.
It’s not all bad news, though. For the past several months, the FBI has once again been pressuring Apple to undermine its encryption so that it could get into a mass shooter’s iPhones. And just as it did in 2016, the agency ultimately relented after it was able to determine the passwords on its own. Go figure!
Facebook also did good this week, managing to add safety alerts to its Messenger app to let people know when a scammer or worse might be on the other end of the chat, all without breaking the end-to-end encryption of its Secret Conversations feature. And while researchers concocted a dangerous new amplification technique for distributed denial-of-service attacks—one that could potentially have crippled large portions of the internet—the affected companies appear to have protected themselves against it before a bad actor got wise. And Chrome took a big step to shut down cryptojacking and other resource-draining ads.
We took a look at ShinyHunters, a hacking group that hit over a dozen companies at the beginning of May in search of dark web profit. A hardware wallet is still the safest place to stash your cryptocurrency, but new research is a healthy reminder that they’re not infallible. And if you’re tired of spam, consider using one of these apps that provides a burner email to duck it.
WIRED contributor Garrett Graff took a ha