The surveillance camera network in the US Capital was hijacked by Romanian ransomware, and charges have been filed against a pair that were arrested abroad.
Two of the five unnamed individuals cuffed this month in Romania (on suspicion of spreading ransomware earlier this year) are now facing US computer crime charges for their alleged role in taking over 123 out of 187 networked computers—computers that control Washington DC's CCTV cameras.
According to Europol (which led the arrests this week), two of those arrested are suspected of attacking American computer systems using the Cerber ransomware.
In an affidavit obtained by CNN—unsealed by mistake and then resealed—Secret Service agent James Graham laid out the basis for the US Department of Justice's computer fraud case against two Romanian nationals.
A justice department spokesperson confirmed the linkage of the arrests and the US court filing. The spokesperson said, "These are separate but related investigations and the people you name are among those arrested by Europol."
Graham described how around January 9, 2017, and January 12, 2017, the pair, as part of an alleged ransomware scheme, took control of the networked Windows computers used by the Washington DC Metropolitan Police to run their traffic cameras.
On January 12, having recognized that some of the cameras were offline, DC police IT staff and a Secret Service agent used Remote Desktop software to connect to one of the servers controlling the cameras.
They watched as the device with a number of open desktop windows was running unexpected software. The IT administrator subsequently blocked network access for the compromised device, which was then removed, along with two other computers, for forensic analysis.
Investigators determined that two ransomware variants, Cerber and Dharma, had been installed on the computers. They also found a text file, USA.txt, that contained 179,616 email addresses being used to spam intended ransomware victims. A text file with the same checksum was subsequently found in an email account associated with one of the defendants.
One of those email addresses stood out to investigators, and they were able to obtain access to its records from Google. Within that they found evidence to show that the two arrested were renting access to Cerber in order to infect victims, scramble their files, and extort money from them to restore the data.
The Europol release calls this "crime-as-a-service."
The various email accounts and IP addresses, and cross-references with fraud databases, provided enough details to ask Romanian officials for further digital data linked to the defendants.
Sent to us by: Roy W. Nash
Nissan Canada's vehicle-financing wing has been hacked, putting personal information on more than a million customers into the hands of miscreants.
In an email to Nissan car buyers, Nissan Canada admitted its computer systems were compromised, with "unauthorized person(s) gaining access to the personal information of some customers that have financed their vehicles through Nissan Canada Finance or Infiniti Financial Services Canada."
The note added, "We apologize for any frustration and anxiety this may cause our customers, and we thank you for your patience and support as we work through this issue." A similar message is now on the automaker's website.
According to Nissan Canada, the exposed data includes at least customer names, addresses, vehicle makes and models, vehicle identification numbers (VINs), credit scores, loan amounts, and monthly payment figures.
Nissan Canada admitted it discovered on Monday, December 11, that it had been hacked, and alerted the world, er, 10 days later.
No personal banking information, such as card numbers, were taken, we're told. However, the automaker is offering 12 months of free credit monitoring to its customers just in case scumbags do exploit the exposed records.
Sent to us by: Roy W. Nash
Tesla's Elon Musk has pledged to make a pick-up truck as part of future plans for the electric vehicle-maker.
Elon Musk made the promise on Twitter after asking his followers for suggestions about how the firm could improve.
He said the open-backed truck would follow the Model Y (a yet-to-be detailed car), which is expected to be based on its Model 3 sedan.
But experts note Tesla has suffered repeated delivery delays.
That has led some to question whether the loss-making company can meet its existing commitments—which also include a transport truck and sports car.
Musk has also made several promises about new features that Tesla intends to add to its existing vehicles, including intelligent windshield wipers.
Demand for pickup trucks has risen over the past year, despite a drop in demand for other types of light vehicles.
Musk had previously hinted at his plans for a pickup when an image showing an obscured pick-up was briefly shown being carried on the back of its Semi truck at the press conference announcing it in November.
In his tweets, Musk said the vehicle would likely be "slightly bigger" than Ford's bestselling F-150 pick-up to allow it to contain an unspecified "game-changing" feature.
Sent to us by: Roy W. Nash
Talk of long-range wireless charging has been around for some time, but we’ve yet to see a product that can charge devices from relatively long distances. Thanks to startup Energous, however, room-scale charging will soon be a reality, and available to everyone.
The San Jose-based company announced that the Federal Communications Commission (FCC) has just certified its “WattUp Mid Field transmitter,” which converts electricity into radio waves, and beams the power to any devices fitted with a receiver up to 3-feet away.
Wireless chargers have been around for several years, but most of them require a device to be in direct contact with the station. A startup called Pi recently released what it called the first-ever contactless-wireless charging product, which uses the same resonant induction tech as Qi, though its range is limited to one foot.
Energous’ power-at-a-distance system boasts a greater distance than Pi and is still able to charge multiple devices at once. Additionally, the WattUp ecosystem allows receivers and transmitters made by different manufactures to work together.
In addition to the Mid field transmitters, the company is also working on Far field transmitters that have a greater range and allow multiple transmitters to be linked together to cover large spaces. There’s also the Near field transmitter, a low-power solution that can be embedded into laptops, tablets, consoles, and more.
There are no WattUp devices available to consumers yet, but Energous will be showing off the technology at CES in a couple of weeks.
Sent to us by: Jeff Weston
Apple has changed the rules around how games on its app store will be using loot boxes.
These boxes are random rewards for gameplay and often give players benefits and power-ups that can be used in games.
In a change to its developer guidelines, Apple said games must now let players know the odds of getting particular items in the boxes.
Loot boxes have been controversial for some time with some experts saying they amount to a covert lottery.
In the updated guidelines, Apple said any in-game mechanism that rewards players with "randomised virtual items" must list the odds of receiving each type of item. In addition, it said, customers must be informed of these odds before they buy the boxes or rewards.
Many games offer extras to players that can change the appearance of the game, introduce new characters or bestow power-ups that help people as they play.
Some titles let people buy loot boxes with in-game funds they generate by playing or by spending real money to purchase the game's virtual cash.
The controversy over the crates was thrown into sharp focus last month with the release of the Star Wars Battlefront II game, which used them extensively. US politicians called for greater regulation of games that use loot boxes and crates—one politician saying that Battlefront II was a "Star Wars-themed online casino."
The backlash led Electronic Arts, the publisher of the Battlefront II, to re-work it to remove its reliance on the random reward system.
In the UK there have been calls for games that use the loot systems to be regulated just like other lotteries.
The UK's Gambling Commission said the boxes did not come under its control because the rewards they handed out were only usable in the game.
Sent to us by: Roy W. Nash