An anonymous reader quotes a report from KrebsOnSecurity: Federal authorities have arrested and indicted a 20-year-old U.S. Army soldier on suspicion of being Kiberphant0m, a cybercriminal who has been selling and leaking sensitive customer call records stolen earlier this year from AT&T and Verizon. As first reported by KrebsOnSecurity last month, the accused is a communications specialist who was recently stationed in South Korea. Cameron John Wagenius was arrested near the Army base in Fort Hood, Texas on Dec. 20, after being indicted on two criminal counts of unlawful transfer of confidential phone records. The sparse, two-page indictment (PDF) doesn't reference specific victims or hacking activity, nor does it include any personal details about the accused. But a conversation with Wagenius' mother -- Minnesota native Alicia Roen -- filled in the gaps.

Roen said that prior to her son's arrest he'd acknowledged being associated with Connor Riley Moucka, a.k.a. "Judische," a prolific cybercriminal from Canada who was arrested in late October for stealing data from and extorting dozens of companies that stored data at the cloud service Snowflake. In an interview with KrebsOnSecurity, Judische said he had no interest in selling the data he'd stolen from Snowflake customers and telecom providers, and that he preferred to outsource that to Kiberphant0m and others. Meanwhile, Kiberphant0m claimed in posts on Telegram that he was responsible for hacking into at least 15 telecommunications firms, including AT&T and Verizon. On November 26, KrebsOnSecurity published a story that followed a trail of clues left behind by Kiberphantom indicating he was a U.S. Army soldier stationed in South Korea.

[...] Immediately after news broke of Moucka's arrest, Kiberphant0m posted on the hacker community BreachForums what they claimed were the AT&T call logs for President-elect Donald J. Trump and for Vice President Kamala Harris. [...] On that same day, Kiberphant0m posted what they claimed was the "data schema" from the U.S. National Security Agency. On Nov. 5, Kiberphant0m offered call logs stolen from Verizon's push-to-talk (PTT) customers -- mainly U.S. government agencies and emergency first responders. On Nov. 9, Kiberphant0m posted a sales thread on BreachForums offering a "SIM-swapping" service targeting Verizon PTT customers. In a SIM-swap, fraudsters use credentials that are phished or stolen from mobile phone company employees to divert a target's phone calls and text messages to a device they control.

An anonymous reader quotes a report from the Boston Globe: Every weekday morning at 8:30, Preston Thorpe makes himself a cup of instant coffee and opens his laptop to find the coding tasks awaiting his seven-person team at Unlocked Labs. Like many remote workers, Thorpe, the nonprofit's principal engineer, works out in the middle of the day and often stays at his computer late into the night. But outside Thorpe's window, there's a soaring chain-link fence topped with coiled barbed wire. And at noon and 4 p.m. every day, a prison guard peers into his room to make sure he's where he's supposed to be at the Mountain View Correctional Facility in Charleston, Maine, where he's serving his 12th year for two drug-related convictions in New Hampshire, including intent to distribute synthetic opioids.

Remote work has spread far and wide since the pandemic spurred a work-from-home revolution of sorts, but perhaps no place more unexpectedly than behind prison walls. Thorpe is one of more than 40 people incarcerated in Maine's state prison system who have landed internships and jobs with outside companies over the past two years -- some of whom work full time from their cells and earn more than the correctional officers who guard them. A handful of other states have also started allowing remote work in recent years, but none have gone as far as Maine, according to the Alliance for Higher Education in Prison, the nonprofit leading the effort.

Unlike incarcerated residents with jobs in the kitchen or woodshop who earn just a few hundred dollars a month, remote workers make fair-market wages, allowing them to pay victim restitution fees and legal costs, provide child support, and contribute to Social Security and other retirement funds. Like inmates in work-release programs who have jobs out in the community, 10 percent of remote workers' wages go to the state to offset the cost of room and board. All Maine DOC residents get re-entry support for housing and job searches before they're released, and remote workers leave with even more: up-to-date resumes, a nest egg -- and the hope that they're less likely to need food or housing assistance, or resort to crime to get by.

"More than a decade after the advent of the 3D-printed gun as an icon of libertarianism and a gun control nightmare, police say one of those homemade plastic weapons has now been found in the hands of perhaps the world's most high-profile alleged killer," Wired wrote this month: For the community of DIY gunsmiths who have spent years honing those printable firearm models, in fact, the handgun police claim Luigi Mangione used to fatally shoot UnitedHealthcare CEO Brian Thompson is as recognizable as the now-famous alleged shooter himself — and shows just how practical and lethal those weapons have become. In the 24 hours since police released a photo of what they say is Mangione's gun following the 26-year-old's arrest Monday, the online community devoted to 3D-printed firearms has been quick to identify the suspected murder weapon as a particular model of printable "ghost gun" — a homemade weapon with no serial number, created by assembling a mix of commercial and DIY parts. The gun appears to be a Chairmanwon V1, a tweak of a popular partially 3D-printed Glock-style design known as the FMDA 19.2 — an acronym that stands for the libertarian slogan "Free Men Don't Ask."

The FMDA 19.2, released in 2021, is a relatively old model by 3D-printed-gun standards, says one gunsmith who goes by the first name John and the online handle Mr. Snow Makes... Despite its simple description by law enforcement and others as a "3D-printed pistol," the FMDA 19.2 is only partially 3D printed. That makes it fundamentally different from fully 3D-printed guns like the "Liberator," the original one-shot, 3D-printed pistol Wilson debuted in 2013. Instead, firearms built from designs like the FMDA 19.2 are assembled from a combination of commercially produced parts like barrels, slides, and magazines — sometimes sold in kits — and a homemade frame. Because that frame, often referred to as a "lower receiver" or "lower," is the regulated body of the gun, 3D-printing that piece or otherwise creating it at home allows DIY gunmakers to skirt gun-control laws and build ghost guns with no serial number, obtained with no background check or waiting period.
Chairmanwon "instantly recognized the gun seized from the suspect..." reported USA Today. As a photo circulated online the fake New Jersey driver's license and 3D-printed gun police found on Luigi Mangione, he spotted the tell-tale stippling pattern on the firearm's grip. "It's mine lol," the man, known as "Chairmanwon" quipped on X Dec. 9. Then he quickly deleted the post...

No federal laws ban 3D-printed or privately made firearms. But as police agencies have increasingly recovered untraceable homemade guns at crime scenes, some state legislatures have passed stricter rules... If authorities can prove Mangione downloaded and printed his firearm in Pennsylvania or New York, he could face additional gun charges. Fifteen states now require serial numbers on homemade parts or ban 3D printing them. Some even ban the distribution of 3D printing instructions.

President Biden and the Bureau of Alcohol, Tobacco, Firearms and Explosives added regulations in 2022 that say the ghost gun parts kits themselves qualify as "firearms" that should be regulated by the Gun Control Act. ["Commercial manufacturers of the kits will have to be licensed and must add serial numbers on the kits' frame or receiver," USA Today reported earlier. ] Gunmakers challenged those rules at the Supreme Court. In October, the court heard oral arguments, but justices signaled they were leaning toward upholding the rules.
Rolling Stone tries to assess the results: In recent years, crimes involving ghost guns seem to have abated across much of the United States. Ghost gun recoveries by police in New York City, Los Angeles, Philadelphia, Baltimore, and other major cities dropped by as much as 25 percent between 2022 and 2023, and the most prolific maker of the kits used to build the untraceable weapons closed its doors this year. The likely cause is a federal rule change requiring the kits to be serialized — a stipulation that forces sellers to conduct background checks on their customers.
Monday Luigi Mangione will appear in court for arraignment on state murder charges, reports USA Today: Mangione had been expected to face arraignment on the state charges Thursday, but the proceedings were postponed after federal authorities announced they were also bringing charges, and he was whisked to a federal courthouse instead in a move that appeared to shock Mangione's defense team... Federal authorities unsealed a criminal complaint against Mangione that included four separate charges: murder using a firearm, two counts of interstate stalking and a firearms count. The death penalty was abolished in New York state, but the federal charges could bring a death sentence if Mangione is convicted. The charge of murder using a firearm carries a maximum possible sentence of death or life in prison. The other federal charges have maximum sentences of life in prison, and the firearms charge has a mandatory minimum sentence of 30 years.

The U.S. Department of Justice has charged Russian-Israeli national, Rostislav Panev, for his alleged role as a developer in the LockBit ransomware group, accused of designing malware and maintaining infrastructure for attacks that extorted over $500 million and caused billions in global damages. CyberScoop reports: The arrest is part of a broader campaign by international law enforcement agencies to dismantle LockBit. In February, a coordinated operation led by the U.K.'s National Crime Agency in cooperation with the FBI and the U.S. Justice Department disrupted LockBit's infrastructure, seizing websites and servers critical to its operations. These efforts significantly curtailed the group's ability to launch further attacks and extort victims.

Panev is one of several individuals charged in connection with LockBit. Alongside him, other key figures have been indicted, including Dmitry Khoroshev, alleged to be "LockBitSupp," the group's primary creator and administrator. Khoroshev, still at large, is accused of developing the ransomware and coordinating attacks on an international scale. The State Department has offered a reward of up to $10 million for his capture.

Meanwhile, numerous members linked to LockBit remain fugitives, such as Russian nationals Artur Sungatov and Ivan Kondratyev, each facing charges for deploying ransomware against multiple industries globally. Mikhail Matveev, another alleged LockBit affiliate, is also at large, with a $10 million reward for his capture. Matveev was recently charged with computer crimes in Russia. You can read the full criminal complaint against Panev here (PDF).

The Washington Post details a vision of home security "pitched by Sauron, a Silicon Valley start-up boasting a waiting list of tech CEOs and venture capitalists." In the future, your home will feel as safe from intruders as a state-of-the-art military base. Cameras and sensors surveil the perimeter, scanning bystanders' faces for potential threats. Drones from a "deterrence pod" scare off trespassers by projecting a searchlight over any suspicious movements. A virtual view of the home is rendered in 3D and updated in real time, just like a Tesla's digital display. And private security agents monitor alerts from a central hub.... By incorporating technology developed for autonomous vehicles, robotics and border security, Sauron has built a supercharged burglar alarm [argued Sauron co-founder Kevin Hartz, a tech entrepreneur and former partner at Peter Thiel's venture firm Founders Fund]...

For many tech elites, security is both a national priority and a growing concern in their personal lives... After the presidential election last month, the start-up incubator Y Combinator put out a request for "public safety technology" companies, such as those that produce tools that facilitate a neighborhood watch or technology that uses computer vision to identify "suspicious activities or people in distress from video feeds...." Sauron has raised $18 million in funding from executives behind Flock Safety and Palantir, the data analytics firm, [and] defense tech investors such as 8VC, a venture firm started by Palantir co-founder Joe Lonsdale... Sauron is targeting homeowners at the high end of the real estate market, beginning with a private event at Abraham's home on Thursday, during Art Basel Miami Beach, the annual art exhibition that attracts collectors from around the world. The company plans to launch in San Francisco early next year, before expanding to Los Angeles and Miami...

Big Tech companies haven't deployed tools such as facial recognition as aggressively as Hartz would like. "If somebody comes onto my property, I feel like I should know who that is," Hartz said... In recent years massive investments have driven down the cost of drones, high-resolution cameras and lidar sensors, which use light detection to create 3D maps. Sauron uses lower-cost hardware and tools like facial recognition, combined with custom-built software adapted for residential use. For facial recognition, it will use a third-party service called Paravision... Sauron is still figuring out how to incorporate drones, but it is already imagining more aggressive countermeasures, Hartz said. "Is it a machine that could take out a bad actor with a bullet or something?"

The Solana JavaScript SDK "was temporarily compromised yesterday in a supply chain attack," reports BleepingComputer, "with the library backdoored with malicious code to steal cryptocurrency private keys and drain wallets." Solana offers an SDK called "@solana/web3.js" used by decentralized applications (dApps) to connect and interact with the Solana blockchain. Supply chain security firm Socket reports that Solana's Web3.js library was hijacked to push out two malicious versions to steal private and secret cryptography keys to secure wallets and sign transactions... Solana confirmed the breach, stating that one of their publish-access accounts was compromised, allowing the attackers to publish two malicious versions of the library... Solana is warning developers who suspect they were compromised to immediately upgrade to the latest v1.95.8 release and to rotate any keys, including multisigs, program authorities, and server keypairs...

Once the threat actors gain access to these keys, they can load them into their own wallets and remotely drain all stored cryptocurrency and NFTs... Socket says the attack has been traced to the FnvLGtucz4E1ppJHRTev6Qv4X7g8Pw6WPStHCcbAKbfx Solana address, which currently contains 674.86 Solana and varying amounts of the Irish Pepe , Star Atlas, Jupiter, USD Coin, Santa Hat, Pepe on Fire, Bonk, catwifhat, and Genopets Ki tokens. Solscan shows that the estimated value of the stolen cryptocurrency is $184,000 at the time of this writing.

For anyone whose wallets were compromised in this supply chain attack, you should immediately transfer any remaining funds to a new wallet and discontinue the use of the old one as the private keys are now compromised.
Ars Technica adds that "In social media posts, one person claimed to have lost $20,000 in the hack."

The compromised library "receives more than ~350,000 weekly downloads on npm," Socket posted. (Although Solana's statement says the compromised versions "were caught within hours and have since been unpublished."

59-year-old Alex Mashinsky, the founder/former CEO of cryptocurrency lender Celsius Network, "pleaded guilty on Tuesday to two counts of fraud," reports Reuters.

He'd been indicted in July on seven counts of fraud, conspiracy and market manipulation charges, according to the article, and federal prosecutors in Manhattan "said he misled customers of Celsius to persuade them to invest, and artificially inflated the value of his company's proprietary crypto token." On Tuesday, during a hearing before U.S. District Judge John Koeltl, Mashinsky said he pleaded guilty to two out of the seven counts he was initially charged with: commodities fraud, and a fraudulent scheme to manipulate the price of CEL, Celsius' in-house token. In court, Mashinsky admitted to giving Celsius customers "false comfort" by giving an interview in 2021 in which he said Celsius had received approval from regulators for its "Earn" program, which it had not. That program offered to deploy customers' cryptocurrency assets to yield investment returns. He said he also failed to disclose that he had been selling his holdings of CEL, the platform's in-house token.

"I know what I did was wrong, and I want to try to do whatever I can to make it right," Mashinsky said. As part of his plea deal with prosecutors, Mashinsky agreed not to appeal any sentence of 30 years or less — the maximum he faces for the two counts. Koeltl is set to sentence him on April 8, 2025.

Federal prosecutors in Manhattan have said Mashinsky also personally reaped approximately $42 million in proceeds from selling his holdings of the Cel token. "Mashinsky made tens of millions of dollars selling his own CEL at artificially high prices, while his customers were left holding the bag when the company went bankrupt," Damian Williams, the U.S. Attorney in Manhattan, said in a statement on Tuesday... Founded in 2017, Celsius filed for Chapter 11 bankruptcy protection in July 2022 after customers rushed to withdraw deposits as crypto prices fell. Many were initially unable to access their funds... Celsius' former chief revenue officer, Roni Cohen-Pavon, pleaded guilty in September 2023 and agreed to cooperate with prosecutors' investigation.
"The company exited bankruptcy on Jan. 31, and has pivoted to Bitcoin mining..."

schwit1 writes: Recruiters approach students with tempting offers, often after observing them for weeks. Promising salaries of over $800 per month -- double the average pay for chemists in Mexican companies, along with potential bonuses like cars or housing -- recruiters capitalize on the financial struggles of young professionals.

These "cooks" are tasked with improving fentanyl's addictive quality and finding alternative synthesis methods to mitigate supply chain disruptions caused by stricter chemical export controls from China and pandemic-induced bottlenecks. The Times interviewed seven drug "cooks," three university chemistry students recruited by the Sinaloa cartel, two agents, a recruiter, and a university professor -- all anonymously to avoid cartel retaliation. According to the recruiter, candidates must be passionate, discreet, and indifferent to the ethical consequences of their work.

The university professor highlighted a disturbing trend: students openly expressed interest in synthesizing illicit drugs during lectures.

America's FBI "has been investigating a longtime Exxon Mobil consultant," reports Reuters, "over the contractor's alleged role in a hack-and-leak operation that targeted hundreds of the oil company's biggest critics, according to three people familiar with the matter." The operation involved mercenary hackers who successfully breached the email accounts of environmental activists and others, the sources told Reuters. The scheme allegedly began in late 2015, when U.S. authorities contend that the names of the hacking targets were compiled by the DCI Group, a public affairs and lobbying company working for Exxon at the time, one of the sources said. DCI provided the names to an Israeli private detective, who then outsourced the hacking, according to the source.

In an effort to push a narrative that Exxon was the target of a political vendetta aimed at destroying its business, some of the stolen material was subsequently leaked to the media by DCI, Reuters determined. The Federal Bureau of Investigation found that DCI shared the information with Exxon before leaking it, the source said. Some environmental activists interviewed by Reuters say the hacking operation disrupted preparations for lawsuits by cities and state attorneys general against Exxon and other energy companies... The stolen material continues to be used today to counter litigation claiming the oil giant misled the public and its investors about the risks of climate change...

The investigation into the hack-and-leak operation comes amid growing concern among law enforcement agencies worldwide about how such cyberespionage schemes threaten to taint judicial proceedings. The FBI has been investigating the broader use of mercenary hackers to tamper with lawsuits since early 2018, Reuters has previously reported. The Israeli private detective hired by DCI, Amit Forlit, was arrested this year at London's Heathrow Airport and is fighting extradition to the United States on charges of hacking and wire fraud... Federal prosecutors have secured a related conviction: that of Forlit's former business associate, private investigator Aviram Azari. Azari pleaded guilty in 2022 to wire fraud, conspiracy to commit hacking and aggravated identity theft, which included targeting the environmental activists.

A piracy ring that gave 22 million subscribers in Europe cheap access to content stolen from international streaming services has been shut down by Italian authorities after a two-year investigation. From a report: The criminal enterprise used a complex international IT system to "capture and resell" live programming and other on-demand content from companies including sports broadcaster DAZN, Netflix, Amazon Prime, Paramount, Sky and Disney+, prosecutors said in a statement on Wednesday.

Authorities estimate the operation generated revenues of roughly $264.3 million a month [non-paywalled link], or $3.2 billion a year, and caused combined damages of more than $10.6 billion to the affected broadcast companies. "The rate of profit you get from these illegal activities with lower risk is equivalent to that of cocaine trafficking," Francesco Curcio, the criminal prosecutor who led the investigation, told reporters.

An anonymous reader quotes a report from the New York Times: The founder of an artificial intelligence start-up focused on education was arrested and charged with defrauding her investors, lying about the company's profits and falsely claiming that some of the largest school districts in the country, including New York City's, were her customers. The founder, Joanna Smith-Griffin, started the company, AllHere Education, in 2016, with the goal of using artificial intelligence to increase student and parent engagement and curb absenteeism. In the years that followed, Ms. Smith-Griffin, 33, misrepresented AllHere's revenue and customer base to fraudulently raise almost $10 million in funds, according to the indictment. Once the company's valuation had climbed, she sold some of her stake in it and spent hundreds of thousands of dollars on a down payment for a new home and on her wedding.

Ms. Smith-Griffin was arrested Tuesday in North Carolina, where she lives, and charged with wire fraud, securities fraud and aggravated identity theft. She faces more than 40 years in prison. AllHere is now in bankruptcy proceedings, prosectors said, and all of its employees have been laid off. "Her alleged actions impacted the potential for improved learning environments across major school districts by selfishly prioritizing personal expenses," said James E. Dennehy, the F.B.I. assistant director in New York leading the investigation into Ms. Smith-Griffin. "The F.B.I. will ensure that any individual exploiting the promise of educational opportunities for our city's children will be taught a lesson." Smith-Griffin is the latest Forbes 30 Under 30 honoree to be indicted on fraud. "The Forbes-to-Fraud pipeline includes FTX founder Sam Bankman-Fried and Caroline Ellison, co-CEO of Alameda Research; fintech Frank founder Charlie Javice; and 'Pharma bro' Martin Shkreli," notes TechCrunch.

Interpol arrested 1,006 suspects in Africa during a massive two-month operation, clamping down on cybercrime that left tens of thousands of victims, including some who were trafficked, and produced millions in financial damages, the global police organization said Tuesday. From a report: Operation Serengeti, a joint operation with Afripol, the African Union's police agency, ran from Sept. 2 to Oct. 31 in 19 African countries and targeted criminals behind ransomware, business email compromise, digital extortion and online scams, the agency said in a statement.

On November 24th, 1971 — 53 years ago today — a mysterious man jumped out of an airplane clutching $200,000 in ransom money. (He'd extorted it from the airline by claiming he had a bomb, and it's still "the only unsolved case of air piracy in the history of commercial aviation," according to Wikipedia.) Will modern technology finally let us solve the case — or just turn it into a miniseries on Netflix? And have online researchers finally discovered the definitive clue?

The FBI vetted more than 800 suspects, according to the Wyoming news site Cowboy State Daily, but in 2016 announced they were suspending their active investigation.

So it's newsworthy that the FBI now appears to be investigating new evidence, according to an amateur D.B. Cooper researcher on YouTube: the discovery of what's believed to be D.B. Cooper's uniquely-modified parachute: Retired pilot, skydiver and YouTuber, Dan Gryder told Cowboy State Daily that he may have found the missing link after uncovering the modified military surplus bailout rig he believes was used by D.B. Cooper in the heist. It belonged to Richard Floyd McCoy II, and was carefully stored in his deceased mother's storage stash until very recently... McCoy's children, Chanté and Richard III, or "Rick," agree with Gryder that they believe their father was D.B. Cooper, a secret that shrouded the family but wasn't overtly discussed. For years, they said, the family stayed mum out of fear of implicating their mother, Karen, whom they believe was complicit in both hijackings. Upon her death in 2020, they broke their silence to Gryder after being contacted by him off and on for years.

Gryder, who has been researching the case for more than 20 years, documented his investigation in a lengthy two-part series on his YouTube channel, "Probable Cause," in 2021 and 2022, where he connects the dots and shows actual footage of him finding the parachute in an outbuilding on the McCoy family property in North Carolina in July 2022. On Monday, Gryder released a third video, "D.B. Cooper: Deep FBI Update," where he announced the FBI's new and very recent efforts in his discoveries. After watching his first two videos, Gryder said FBI agents contacted Rick and Gryder to see the parachute. It was the first investigative move by the agency since issuing the 2016 public statement, declaring the case closed pending new evidence. Gryder and Rick McCoy traveled to Richmond, Virginia, in September 2023, where they met with FBI agents, who took the harness and parachute into evidence along with a skydiving logbook found by Chanté that aligned with the timeline for both hijackings, providing another vital piece in the puzzle, Gryder said....

During the meeting, Gryder said the agents called it a first step. If the evidence proved fruitless, they would have promptly returned the skydiving rig, he said, but that didn't happen. Instead, an FBI agent called Rick a month later to ask to search the family property in Cove City, North Carolina, which McCoy's mother owned and where Gryder had found the parachute and canopy... [Gryder says he watched] at least seven vehicles descend on the property with more than a dozen agents who scoured the property for about four hours... Rick said he has provided a DNA sample and was told by the FBI agents that the next step might be exhuming his father's body, but no formal terms and conditions for that process have been established thus far, he said.
A retired commercial airline pilot who was present in the Virginia FBI meeting said "It was clear they were taking it seriously" — noting it was the FBI who'd requested that meeting. The article cites two FBI agents who'd earlier already believed D.B. Cooper was McCoy. And the article points out that the FBI "has never ruled McCoy out, stating in a 2006 statement that he was 'still a favorite suspect among many.'"

A second article notes that Gryder supports the FBI's recent request to exhume McCoy's body. As he sees it, "The existing DNA marker comparisons studied so far only validate the need for this final extreme step and should close the mystery once and for all."

And the article adds that McCoy's children are "eager for closure and hope that the FBI finds the evidence agents need to close the D.B. Cooper case once and for all."

America's Justice Department "has ordered all consensual searches by drug enforcement agents conducted at the nation's airports stopped," reports Georgia's local TV station Atlanta News First — after their series of investigations "uncovered how the agents often search innocent passengers at airport gates, looking for cash." On Thursday, the department made public a November 12, 2024, directive from the deputy attorney general to the U.S. Drug Enforcement Administration (DEA) that it suspend "all consensual encounters at mass transportation facilities unless they are either connected to an ongoing, predicated investigation involving one or more identified targets or criminal networks or approved by the DEA Administrator based on exigent circumstances." The management advisory memorandum was issued by DOJ Inspector General Michael Horowitz.

The memo specifically mentioned the case of an airline passenger interviewed by Atlanta News First Chief Investigator Brendan Keefe, author of the Atlanta News First investigation, In Plane Sight. The award-winning series uncovered how drug agents have been seizing anything over $5,000 if airline passengers can't prove — on the spot — that their own money didn't come from drug trafficking. The government seizes the cash when no drugs are found, without arresting the traveler or charging them with a crime, and the DEA gets to keep the money it seizes.

After witnessing the Atlanta News First series, the passenger in question — who was departing from Cincinnati and heading to New York, where he lives — refused consent to have his bags searched at the gate... "The DOJ Office of the Inspector General (OIG) further learned that the DEA Task Force Group selected this traveler for the encounter based on information provided by a DEA confidential source, who was an employee of a commercial airline, about travelers who had purchased tickets within 48 hours of the travel," the memo said. "The OIG learned that the DEA had been paying this employee a percentage of forfeited cash seized by the DEA office from passengers at the local airport when the seizure resulted from information the employee had provided to the DEA. The employee had received tens of thousands of dollars from the DEA over the past several years."
The news station's investigation "also revealed passengers selected for what the government calls 'random, consensual encounters' are actually profiled by the drug agents who search Black men far more often than any other group of passengers," according to the article.

"The reports analyzed data showing that, for drug agents to find just one passenger with money, they have to publicly search 10 departing passengers."

An anonymous reader shared this report from CNET: Meta says it's taken down more than 2 million accounts this year linked to overseas criminal gangs behind scam operations that human rights activists say forced hundreds of thousands of people to work as scammers and cost victims worldwide billions of dollars.

In a Thursday blog post, the parent of Facebook, Instagram and WhatsApp says the pig butchering scam operations — based in Myanmar, Laos, Cambodia, the United Arab Emirates and the Philippines — use platforms like Facebook and Instagram; dating, messaging, crypto and other kinds of apps; and texts and emails, to globally target people... [T]he scammers strike up an online relationship with their victims and gain their trust. Then they move their conversations to crypto apps or scam websites and dupe victims into making bogus investments or otherwise handing over their money, Meta said. They'll ask the victims to deposit money, often in the form of cryptocurrency, into accounts, sometimes even letting the victims make small withdrawals, in order to add a veneer of legitimacy. But once the victim starts asking for their investment back, or it becomes clear they don't have any more money to deposit, the scammer disappears and takes the money with them.

And the people doing the scamming are often victims themselves. During the COVID-19 pandemic, criminal gangs began building scam centers in Southeast Asia, luring in often unsuspecting job seekers with what looked like amazing postings on local job boards and other platforms, then forcing them to work as scammers, often under the threat of physical harm. The scope of what's become a global problem is staggering. In a report issued in May, the US Institute of Peace estimates that at least 300,000 people are being forced to work, or are otherwise suffering human rights violations, inside these scam centers. The report also estimates global financial losses stemming from the scams at $64 billion in 2023, with the number of financial victims in the millions.

Meta says it has focused on investigating and disrupting the scam operations for more than two years, working with nongovernmental organizations and other tech companies, like OpenAI, Coinbase and dating-app operator Match Group, along with law enforcement in both the US and the countries where the centers are located.
Meta titled its blog post "Cracking Down On Organized Crime Behind Scam Centers," writing "We hope that sharing our insights will help inform our industry's defenses so we can collectively help protect people from criminal scammers."

Half of young Norwegians find online piracy acceptable when streaming services are too expensive, according to a new government survey released this week. The Ipsos poll of 1,411 respondents found that 32% of all Norwegians justify using pirate sites to save money, with acceptance rising to 50% among those under 30.

The rates increase further when specifically asked about pirating due to high streaming costs. Despite concerns about piracy, 61% of Norwegians paid for streaming services in the past year, including 64% of those under 30. Among active pirates, 41% said they would stop if legal services were more affordable, while 35% wanted broader content per service. Only 47% of respondents believed piracy supports organized crime, with 24% expressing uncertainty about this connection.

jojowombl shares a report from The Guardian: Legal documents released in ongoing US litigation between NSO Group and WhatsApp have revealed for the first time that the Israeli cyberweapons maker -- and not its government customers -- is the party that "installs and extracts" information from mobile phones targeted by the company's hacking software. The new details were contained in sworn depositions from NSO Group employees, portions of which were published for the first time on Thursday.

It comes five years after WhatsApp, the popular messaging app owned by Facebook, first announced it was filing suit against NSO. The company, which was blacklisted by the Biden administration in 2021, makes what is widely considered the world's most sophisticated hacking software, which -- according to researchers -- has been used in the past in Saudi Arabia, Dubai, India, Mexico, Morocco and Rwanda. [...] At the heart of the legal fight was an allegation by WhatsApp that NSO had long denied: that it was the Israeli company itself, and not its government clients around the world, who were operating the spyware. NSO has always said that its product is meant to be used to prevent serious crime and terrorism, and that clients are obligated not to abuse the spyware. It has also insisted that it does not know who its clients are targeting. [...]

To make its case, WhatsApp was allowed by Judge Phyllis Hamilton to make its case, including citing depositions that have previously been redacted and out of public view. In one, an NSO employee said customers only needed to enter a phone number of the person whose information was being sought. Then, the employee said, "the rest is done automatically by the system." In other words, the process was not operated by customers. Rather NSO alone decided to access WhatsApp's servers when it designed (and continuously upgraded) Pegasus to target individuals' phones. A spokesperson for NSO, Gil Lainer, said in a statement: "NSO stands behind its previous statements in which we repeatedly detailed that the system is operated solely by our clients and that neither NSO nor its employees have access to the intelligence gathered by the system. We are confident that these claims, like many others in the past, will be proven wrong in court, and we look forward to the opportunity to do so."

quonset shares a report from CNN: Between August 2022 and January 2024, hundreds of swatting calls were made across the country targeting religious institutions, government offices, schools, and random people. Authorities were finally able to track down the criminal, Alan Fillon, who entered the plea to four counts of making interstate threats to injure the person of another, the US Attorney's Office for the Middle District of Florida said in a news release. He faces up to five years in prison on each count. A sentencing date has not yet been set.

The US Attorney's Office said Filion made more than 375 swatting and threat calls from August 2022 to January 2024. Those calls included ones in which he claimed to have planted bombs in targeted locations or threatened to detonate bombs and/or conduct mass shootings at those locations, prosecutors said. He targeted religious institutions, high schools, colleges and universities, government officials and people across the United States. Filion was 16 at the time he placed the majority of the calls.

The FBI raided Polymarket CEO Shayne Coplan's Manhattan apartment, seizing his phone and electronic devices. A source close to the matter told The New York Post it was politically motivated due to Polymarket's successful prediction of Trump's election win. It's "grand political theater at its worst," the source said. "They could have asked his lawyer for any of these things. Instead, they staged a so-called raid so they can leak it to the media and use it for obvious political reasons."

Although no charges were filed, the raid has sparked controversy, with speculation of political retribution and concerns over potential market manipulation, as Polymarket faces scrutiny both in the U.S. and from French regulators. The New York Post reports: Coplan was not arrested and has not been charged, a Polymarket spokesperson told The Post on Wednesday evening. "Polymarket is a fully transparent prediction market that helps everyday people better understand the events that matter most to them, including elections," the rep said. "We charge no fees, take no trading positions, and allow observers from around the world to analyze all market data as a public good."

Coplan posted on X after his run-in with the feds: "New phone, who dis?" Polymarket does not allow trading in the US, though bettors can bypass the ban by accessing the site through VPN. The FBI's investigation comes a week after Coplan said Polymarket is planning to return to the US. [...] In 2022, the online gambling platform was forced to pause its trading in the US and pay a $1.4 million penalty to settle charges with the Commodity Futures Trading Commission that it had failed to register with the agency. [In France, regulators are investigating Polymarket's compliance with national gambling laws, with concerns about unauthorized gambling activities within the country.] A Fortune report published a week before the election found widespread evidence of wash-trading on Polymarket. "Polymarket's Terms of Use expressly prohibit market manipulation," a Polymarket spokesperson told Fortune in a statement.

An anonymous reader quotes a report from NBC News: Former Massachusetts Air National Guard member Jack Teixeira was sentenced Tuesday to 15 years for stealing classified information from the Pentagon and sharing it online, the U.S. Attorney for Massachusetts announced. Teixeira received the sentence before Judge Indira Talwani in U.S. District Court for the District of Massachusetts. In March, the national guardsman pleaded guilty to six counts of willful retention and transmission of national defense information under the Espionage Act. He was arrested by the FBI in North Dighton, Massachusetts, in April 2023 and has been in federal custody since mid-May 2023.

According to court documents, Teixeira transcribed classified documents that he then shared on Discord, a social media platform mostly used by online gamers. He began sharing the documents in or around 2022. A document he was accused of leaking included information about providing equipment to Ukraine, while another included discussions about a foreign adversary's plot to target American forces abroad, prosecutors said. [...] While the documents were discovered online in March 2023, Teixeira had been sharing them online since January of that year, according to prosecutors.