This week WIRED broke the news that a lone US hacker had spent the last two weeks intermittently taking down North Korea’s internet. Yes, the entire country’s. The hacker, who goes by the handle P4x, says that he launched the campaign as retaliation for the Hermit Kingdom’s hacks of Western security researchers last year. Frustrated by the lack of US response, he took it upon himself to send a message.
In another exclusive, we published internal messages from Trickbot, the notorious Russian cybercrime gang, that sheds new light on the group’s organizational structure. The exchanges, several of which took place amid a sustained ransomware assault against hundreds of US hospitals, also bring Trickbot’s ruthlessness, ambition, and sense of impunity into sharp focus.
Over in China, the Winter Olympics start this week, meaning you can indulge in your quadrennial biathlon obsession. Multiple countries have warned their athletes to bring burner phones to the games in light of the host country’s record of aggressive surveillance; participants have also been informed that speaking out against China’s human rights abuses against the Uyghur population could spark retaliation.
We also took a look at how concerned you should really be about the kernel-level anti-cheat systems that game developers have increasingly turned to. And in 2022, expect more cyberattacks to have real-world consequences, a troubling inevitability as criminal groups become ever more aggressive.
And there’s more! Each week, we round up all the security news WIRED didn’t cover in depth. Click on the headlines to read the full stories.
Decentralized finance systems promise to do away with the intermediaries that slow down or complicate transactions. A major hack of a major DeFi protocol this week, though, underscores that the future of money comes with its own set of risks. Attackers targeting Wormhole, which offers a bridge between the Solana and Ethereum blockchains for cross-chain transactions, made off with $320 million in various cryptocurrencies. It’s the second-biggest known DeFi theft of all time, after a hacker stole $610 million from Poly Network, only to return the bulk of it eventually. There’s no sign that Wormhole will be quite so lucky.
The Wall Street Journal reported Friday that its parent company, News Corp, had been the victim of a hack that exposed journalist emails and more. The WSJ itself was affected, along with the New York Post, Dow Jones, and News Corp’s UK news organization. The company enlisted cybersecurity firm Mandiant to assist with the aftermath of the attack. Mandiant says the hackers were “likely involved in espionage activities to collect intelligence to benefit China’s interests.”
Will no one think of the crisps? The Conti ransomware group hit KP Snacks this week, potentially disrupting the availability of Hula Hoops, Skips, Wheat Crunchies, Nik Naks, Butterkist, McCoy’s, and more delightfully named UK treats. It’s not clear if KP Snacks plans to pay the ransom or has engaged with Conti at all, but shortages could last deep into March.
Elsewhere in European ransomware attacks, multiple oil suppliers and ports throughout Belgium, the Netherlands, and Germany were stymied by malware likely from the BlackCat and Conti criminal groups. Shell had to reroute supplies, and terminals in Germany were left unable to meet obligations. While the attacks all focused on the same sector, government officials this week said that they don’t believe they’re related.
More Great WIRED Stories
