Daily Cyber and Tech Digest

Share this post

Daily Cyber and Tech Digest
Daily Cyber and Tech Digest
Law enforcement agencies shut down 27 DDoS-for-hire platforms | 'EagleMsgSpy' Android spyware linked to Chinese police | Russia teams up with BRICS to create AI alliance
Copy link
Facebook
Email
Notes
More

Law enforcement agencies shut down 27 DDoS-for-hire platforms | 'EagleMsgSpy' Android spyware linked to Chinese police | Russia teams up with BRICS to create AI alliance

ASPI Cyber, Tech & Security
Dec 12, 2024
1

Share this post

Daily Cyber and Tech Digest
Daily Cyber and Tech Digest
Law enforcement agencies shut down 27 DDoS-for-hire platforms | 'EagleMsgSpy' Android spyware linked to Chinese police | Russia teams up with BRICS to create AI alliance
Copy link
Facebook
Email
Notes
More
Share

Good morning. It's Friday 13th of December.

The Daily Cyber & Tech Digest focuses on the topics we work on, including cybersecurity, critical technologies, foreign interference & disinformation.

Follow us on Twitter and on LinkedIn.

  • Law enforcement agencies from 15 countries have taken 27 DDoS-for-hire services offline, also known as "booters" or "stressers," arrested three administrators, and identified 300 customers of the platforms.

    The action is part of 'Operation PowerOFF,' an international initiative to combat cybercrime, specifically distributed denial-of-service attacks. Bleeping Computer

  • Think twice about handing over your phone to Chinese police. Law enforcement in the country appears to be installing mobile spyware on confiscated devices. Cybersecurity vendor Lookout discovered a new spyware strain, dubbed EagleMsgSpy, that targets Android phones and has avoided scrutiny until now. PC Mag

  • President Vladimir Putin said on Wednesday that Russia would develop artificial intelligence with BRICS partners and other countries, in a bid to challenge the dominance of the United States in one of the most promising and crucial technologies of the 21st century. Reuters

World

Operation PowerOFF shuts down 27 DDoS-for-hire platforms
Bleeping Computer
Bill Toulas
Law enforcement agencies from 15 countries have taken 27 DDoS-for-hire services offline, also known as "booters" or "stressers," arrested three administrators, and identified 300 customers of the platforms. The action is part of 'Operation PowerOFF,' an international initiative to combat cybercrime, specifically distributed denial-of-service attacks. DDoS-for-hire services are platforms that utilize botnets on compromised devices to launch attacks on behalf of paying customers against online targets of their choice.

Australia

Class action against Optus after 2022 data breach registers 160,000 members
The Australian
Angelica Snowden
About 160,000 people whose passport and Medicare numbers were leaked online after Optus was hacked in 2022 have registered to partake in a class action against the telco. Appearing for class action behemoth Slater & Gordon, barrister William Edwards, KC, told the Federal Court on Wednesday the estimated number of members to join the action, which alleges Optus failed to protect the personal information of 9.8 million of its current and former customers whose personal data was leaked online after a cyber attack.

‘It’s beyond human scale’: AFP defends use of artificial intelligence to search seized phones and emails
The Guardian
Josh Taylor
The Australian federal police says it had “no choice” but to lean into using artificial intelligence and is increasingly using the technology to search seized phones and other devices, given the vast amount of data examined in investigations. The AFP’s manager for technology strategy and data, Benjamin Lamont, said investigations conducted by the agency involve an average of 40 terabytes’ worth of data.

NAB reveals it will scrap passwords in major upcoming change to its online banking amid digital boom
7 News
Hayley Taylor
The future of NAB’s online banking is set to pivot from passwords to passkeys and biometric recognition technology. The major bank revealed it would move away from passwords, calling the notoriously weak cybersecurity measures that fail to consistently an onslaught of cyberattacks. The bank’s digital subsidiary ubank can already be unlocked with a passkey, and NAB said its online bank would operate similarly in this way within the next few years.

China

EagleMsgSpy' Android spyware linked to Chinese police
PC Mag
Michael Kan
Think twice about handing over your phone to Chinese police. Law enforcement in the country appears to be installing mobile spyware on confiscated devices. Cybersecurity vendor Lookout discovered a new spyware strain, dubbed EagleMsgSpy, that targets Android phones and has avoided scrutiny until now. The malicious program stands out because it’ll connect to IP addresses for public security bureaus in China, an indication that EagleMsgSpy operates as a state surveillance tool.

China vows to crack down on illicit spycam recordings after rise in hotel room voyeurism cases
CNA
China’s top court has vowed to crack down on illicit recordings and the illegal use and sale of hidden recording equipment after voyeurism cases were reported in hotel rooms and guesthouses across the country. In a statement released on Wednesday (Dec 11), the Supreme People’s Court shared details about four voyeurism cases, two of which had taken place in hotels and guesthouses.

USA

US hikes tariffs on imports of Chinese solar wafers, polysilicon and tungsten products
Associated Press
Elaine Kurtenback
The Biden administration plans to raise tariffs on solar wafers, polysilicon and some tungsten products from China to protect U.S. clean energy businesses. The notice from the U.S. Trade Representative’s office said tariffs on Chinese-made solar wafers and polysilicon will rise to 50% from 25% and duties on certain tungsten products will increase from zero to 25%, effective on Jan. 1, following a review of Chinese trade practices under Section 301 of the 1974 Trade Act.

US names Chinese national it alleges was behind 2020 attack on Sophos firewalls
The Register
Simon Sharwood
The US Departments of Treasury and Justice have named a Chinese business and one of its employees as the actors behind the 2020 exploit of a zero-day flaw in Sophos firewalls. The attack was made possible by a critical-rated SQL injection flaw known as CVE-2020-12271 that was exploited in the wild in April 2020. Sophos quickly published a hotfix to harden its XG firewalls and quash the zero-day attack.

The blame game over who foots the bill for cyber scams
Financial Times
Joshua Franklin, Stephen Gandel and Akila Quinio.
When California lawyer Christopher Pitet became a victim of payment fraud earlier this year, the email, as the classic horror movie trope goes, came from inside the house. A client of Pitet’s had recently settled a legal dispute and the lawyer received an email, seemingly from the opposing attorney, with instructions of where to send the $59,517.50 agreed in the settlement. He promptly wired the full amount over, as requested.

Dollars from doughnuts: Krispy Kreme online orders disrupted in cyber-attack
The Guardian
Ed Pilkington
Krispy Kreme is struggling to meet online orders of its doughnuts, after a cybersecurity attack that continues to disrupt the company’s operations almost two weeks after it was noticed. The doughnut maker said on Wednesday that it became aware of “unauthorized activity” on a portion of its computer systems on 29 November.

North Asia

Court indicts 14 North Korean IT workers tied to $88 million in illicit gains
CyberScoop
Tim Starks
A federal court has indicted 14 more North Korean IT workers as part of an ongoing U.S. government campaign to crack down on Pyongyang’s use of tech professionals to swindle American companies and nonprofits. The Justice Department said the 14 indicted workers generated at least $88 million throughout a conspiracy that stretched over approximately six years, ending in March 2023. North Korea-controlled companies in China and Russia — Yanbian Silverstar and Volasys Silverstar, respectively — used the so-called “IT Warriors” to obtain false U.S. identities, pose as employees doing remote IT work in the United States and transfer funds from their employers to eventually end up in the hands of the North Korean government, according to the indictment.

Southeast Asia

RealEye.ai secures strategic partnership with armed forces of the Philippines Cyber Division to intercept cyber ghhreats
Associated Press
JoAnn Geffen
RealEye.ai, a leading innovator in scalable, AI-driven intelligence solutions for homeland security and law enforcement, today announced a groundbreaking agreement with the Armed Forces of the Philippines Cyber Division. This partnership, secured for an undisclosed fee, marks a significant step forward in RealEye.ai’s mission to enhance global cybersecurity capabilities.

Ukraine - Russia

Russian government spies targeted Ukraine using tools developed by cybercriminals
TechCrunch
Lorenzo Franceschi-Bicchierai
A Russian-government backed hacking group targeted Ukraine’s military using tools and infrastructure developed by cybercriminals, according to new research. On Wednesday, Microsoft published a report detailing a hacking campaign carried out by a group it calls Secret Blizzard, which the U.S. Cybersecurity and Infrastructure Security Agency previously said “is a known unit within Center 16” of the Russian Federal Security Service, and which other security companies refer to as Turla.

Europe

Gamaredon deploys Android spyware "BoneSpy" and "PlainGnome" in former Soviet states
The Hacker News
Ravie Lakshmanan
The Russia-linked state-sponsored threat actor tracked as Gamaredon has been attributed to two new Android spyware tools called BoneSpy and PlainGnome, marking the first time the adversary has been discovered using mobile-only malware families in its attack campaigns. "BoneSpy and PlainGnome target former Soviet states and focus on Russian-speaking victims," Lookout said in an analysis. "Both BoneSpy and PlainGnome collect data such as SMS messages, call logs, phone call audio, photos from device cameras, device location, and contact lists."

Russian propaganda campaign in Bulgaria and Romania uncovered: 69 Million euros funneled for disinformation
No Invite
A group of Bulgarian cybersecurity experts, known as BG Elves, has revealed that the Russian Federation has spent 69 million euros to fund a large-scale propaganda and interference campaign targeting Bulgaria and Romania. According to BG Elves, the funds were channeled through small, difficult-to-detect transactions, with amounts as low as 5,000 euros each. The aim was to spread Russian influence and promote far-right narratives within the two countries. BG Elves claims to have obtained documents linking these cash flows to companies and individuals operating both in Bulgaria and Romania, with a clear goal of manipulating public opinion.

Romania gives Europe’s digital police their first big test
POLITICO
Pieter Haeck
The European Union's new social media rules are being tested to the limit by allegations of an orchestrated TikTok campaign to rig Romania's presidential election. Ultranationalist Călin Georgescu's shock win in the first round of the Romanian election put pressure on the European Commission to show that it can use its new powers to clamp down on online content to look at how Georgescu's social media account got a vital last-minute boost.

UK

Staff at Britain’s AI institute in open revolt
POLITICO
Laurie Clarke
Staff at the U.K.’s prestigious artificial intelligence institute are up in arms about the way it is being run — and have urged its board to step in and save it from itself. A letter signed by 93 employees of the Alan Turing Institute — which is largely funded by the U.K. government and serves as Britain’s national institute for AI and data science — expresses no confidence in the body's executive leadership team and calls on the institute’s board to “urgently intervene.”

Africa

Notorious Nigerian cybercriminal tied to BEC scams extradited to U.S.
CyberScoop
Abiola Kayode, a 37-year-old Nigerian national, has been extradited from Ghana to the United States to face charges of conspiracy to commit wire fraud. Kayode, who was on the FBI’s Most Wanted cybercriminal list, is charged with participating in a business email compromise scheme and romance fraud from January 2015 to September 2016, defrauding businesses of over $6 million. The scheme involved Kayode’s co-conspirators impersonating high-level executives and directing company employees to make fraudulent wire transfers. The funds were then diverted to accounts controlled by Kayode and others, many of which belonged to victims of romance scams.

NZ & Pacific Islands

Microsoft opens first hyperscale data centre in New Zealand
RNZ
Nona Pelletier
Global tech giant Microsoft opens its first hyperscale data centre in New Zealand on Thursday, which is expected to give businesses and organisations access to tools designed to super-charge productivity. Microsoft country manager Vanessa Sorenson said the New Zealand centre was the most sustainable hyperscale centre in its portfolio, with data centres in more than 60 locations around the world. Microsoft paid Contact Energy $300 million in 2022 to support the development of the Te Huka Unit 3 geothermal facility, alongside a contract to buy renewable energy over the next 10 years.

Deliberate disinformation campaigns are a public health risk – but NZ has no effective strategy to deal with it
The Conversation
Helen Petousis-Harris
The recently released Royal Commission of Inquiry report about New Zealand’s COVID response highlights the harmful impact of misinformation and disinformation on public health. While the report offers no solutions, it notes that disinformation campaigns fuelled division and loss of trust in government. It’s an age-old problem that has proved extremely difficult to counter.

Big Tech

Microsoft fixes zero-day security flaw in latest Windows update
PCWorld
Frank Ziemann and Joel Lee
Yesterday was the last Patch Tuesday of 2024, and with it Microsoft has provided a number of security updates, eliminating 71 security vulnerabilities across various Microsoft apps and services. Microsoft categorizes 16 of these vulnerabilities as “critical” and classifies all but one of the remaining issues as “high risk.” According to the company, one of those Windows security flaws is already being exploited in the wild, so it’s crucial to patch ASAP.

Android is making it easier to find unknown trackers to prevent stalking
The Verge
Sheena Vasani
Google is rolling out two new updates to its unknown tracker alerts feature that should make it easier for Android device owners to detect unfamiliar trackers, the company announced on Wednesday. Introduced in July 2023, the safety feature automatically sends notifications if an unwanted Bluetooth tracker is traveling with you. The first update lets Android phone owners temporarily stop sending location updates to the Find My Device network if an unknown compatible tracker is detected.

Artificial Intelligence

Russia teams up with BRICS to create AI alliance, Putin says
Reuters
Gleb Bryanski
President Vladimir Putin said on Wednesday that Russia would develop artificial intelligence with BRICS partners and other countries, in a bid to challenge the dominance of the United States in one of the most promising and crucial technologies of the 21st century. Speaking at Russia's flagship AI conference, Putin said the new AI Alliance Network would include national associations and development institutions in the field of AI from BRICS countries and other interested states.

Europe jumps into ‘incredibly costly’ AI supercomputing race
POLITICO
Pieter Haeck
The European Union has committed hundreds of millions of euros to help startups catch up in the global artificial intelligence race. But critics wonder whether the bloc knows what it's getting into. The European Commission has pledged €750 million for seven sites across Europe to establish and maintain AI-optimized supercomputers accessible to startups to train their AI models, it announced Tuesday.

It sure looks like OpenAI trained Sora on game content — and legal experts say that could be a problem
TechCrunch
Kyle Wiggers
OpenAI has never revealed exactly which data it used to train Sora, its video-generating AI. But from the looks of it, at least some of the data might’ve come from Twitch streams and walkthroughs of games. From a text prompt or image, Sora can generate up to 20-second-long videos in a range of aspect ratios and resolutions. When OpenAI first revealed Sora in February, it alluded to the fact that it trained the model on Minecraft videos.

Misc

He was suicidal and needed help. Online predators pushed him to take his life on camera.
The Washington Post
Shawn Boburg and Chris Dehghanpoor
Samuel Hervey, a 25-year-old in the throes of a severe mental health crisis, positioned his phone so its camera would capture the gruesome spectacle that was about to unfold. The Minnesota native stepped into the frame of the video live stream, his long hair spilling from the hood of a white sweatshirt. He sat down cross-legged and emptied a plastic bottle filled with gasoline onto his head and his clothing. Then he lit a flame.

Jobs

ASPI Director – Defence Strategy Program
ASPI
ASPI is recruiting for one of its key leadership positions - the Director of its Defence Strategy Program. This is an exceptional opportunity for a talented senior leader to contribute to the work of one of the Indo-Pacific’s top think-tanks with a focus on military strategy and capability, emerging security issues and our region. The incoming Director of Defence Strategy is expected to have strong knowledge in at least some of the issues covered by the team, in addition to superior management (including project and stakeholder management) skills, a proven ability to build senior and global relationships and the capacity to fundraise to support the team’s work.

ASPI Deputy Director – Cyber, Technology & Security Program
ASPI
ASPI is seeking a talented leader for the Deputy Director of Cyber, Technology & Security (CTS) Operations. This is an exceptional opportunity to contribute to one of the Indo-Pacific’s leading think tanks, focused on advancing policy and research at the intersection of cyber, technology, and national security. The CTS Program is ASPI’s largest program, and includes ASPI’s China Investigations and Analysis team. CTS spans cyber and critical infrastructure security, critical and emerging technologies, national resilience and social cohesion, and hybrid threats.

ASPI Analyst – Hybrid Threats – Cyber, Technology & Security Program
ASPI

ASPI is seeking a motivated and detail-oriented individual to join the Cyber, Technology & Security (CTS) program as an Analyst – Hybrid Threats. This is an exciting opportunity to contribute to one of the Indo-Pacific’s leading think tanks, focused on advancing policy and research on hybrid threats, disinformation, and emerging security challenges. The Analyst will work closely with the Senior Analyst – Hybrid Threats and the broader CTS team, supporting policy-oriented research, stakeholder engagement, and capacity-building initiatives. This role involves contributing to the analysis of hybrid threats and information manipulation, including election integrity, resilience of critical technologies, and cybersecurity.

Share

The Daily Cyber & Tech Digest is brought to you by the Cyber, Technology & Security team at ASPI.

1

Share this post

Daily Cyber and Tech Digest
Daily Cyber and Tech Digest
Law enforcement agencies shut down 27 DDoS-for-hire platforms | 'EagleMsgSpy' Android spyware linked to Chinese police | Russia teams up with BRICS to create AI alliance
Copy link
Facebook
Email
Notes
More
Share

Discussion about this post

No posts

Ready for more?

© 2025 ASPI Cyber Policy
Privacy ∙ Terms ∙ Collection notice
Start WritingGet the app
Substack is the home for great culture

Share

Copy link
Facebook
Email
Notes
More