Another week, another
crypto heist. This time, Ethereum Classic was the target, when hackers stole around $1.1 million
worth of coins by taking over 51-percent of the currency’s network.
Another familiar blunder came this week when it was revealed that technologically challenged convicted criminal Paul Manafort had yet another problem using basic tech
. This time, he and his lawyers failed to appropriately redact documents sent to the court, unwittingly revealing that special counsel Robert Mueller believes Manafort shared 2016 polling data with a known Russian spy during the campaign.
Speaking of Mueller, Garrett Graff lays out his to-do list for 2019
Terrorists are usingniche chat apps meant for gamers and business people. Your old tweets gave away a lot more location data than you thought
. Carriers keep saying they’ll stop selling that location data, but they continue to do it anyway
. Iranian hackers appear to be on a massive global hacking spree
using DNS hijacking to nab all sorts of data.
But it’s not all bad news. Yubico will finallymake a Yubikey—that amazing password-replacing authenticator— that works with your iPhone
That’s not all. As always, we’ve rounded up all the news we didn’t break or cover in depth this week. Click on the headlines to read the full stories. And stay safe out there.
Building off initial reports from the Information
, the Intercept reports this week that customers who own the Ring surveillance doorbell may have had strangers watching their videos. The site's sources say Amazon gave “unfettered” access to its customers’ feeds to researchers in the Ukraine. On top of this, Ring apparently gave engineers access to some customers’ live Ring feeds. All an engineer would reportedly need to watch a specific live customer feed was a person’s email address. A Ring spokesperson denied that claim.
Motherboard reporter Joseph Cox released a bombshell report
earlier this week, revealing that after giving a bounty hunter $300, the person was able to locate Cox’s phone. Cox learned that AT&T, T-Mobile, and Sprint were selling location data on their customers to third parties, and that data was landing in the hands of bounty hunters who used it to track most phones in the US. This exposed the fact that though carriers insist they don’t sell location tracking data to third parties, they, uh,still do. The revelation prompted calls for a federal investigation.
Last week, politicians and celebrities in Germany were doxxed
, their intimate information splashing out for all to see. This week, a 20-year-old hacker in the town of Hesse admitted to the Christmas advent-calendar-themed hack.
Dozens of .gov websites are currently insecure or inaccessible, thanks to lapsed Transport Layer Security certificates owing to the government shutdown. Netcraft reports that this includes sites for NASA, the US Court of Appeals, and the Department of Justice. Many certificates lapsed because the personnel needed to renew them are currently furloughed. Until the government shutdown ends, be careful with information you send on government websites, especially those that have payment portals or remote access services.
More Great WIRED Stories
- This YubiKey will soon free your iPhone from passwords
- What are all those selfiesdoing to your brain?
- The simple engineering that will keep NYC's L train rolling
- A wildfire wasextra close to home for this photographer
- Pan Am Flight 103 and Mueller's30-year search for justice
- :eyes: Looking for the latest gadgets? Check outour picks,gift guides, andbest deals all year round
- :envelope_with_arrow: Want more? Sign up for our daily newsletter
and never miss our latest and greatest stories
Hackers Remotely Kill a Jeep on the Highway—With Me in It
Two hackers have developed a tool that can hijack a Jeep over the internet. WIRED senior writer Andy Greenberg takes the SUV for a spin on the highway while the hackers attack it from miles away.