Americans were warned this week about a potential “urgent threat” to the United States, which was later linked to a Russian effort to develop the capability to launch nuclear weapons in space. While no one has disputed the authenticity of the threat, WIRED has learned that the leak was part of a behind-the-scenes campaign to block privacy-focused reforms of a major US surveillance program known as Section 702.
The leak, instigated by an email from top lawmakers on the House Intelligence Committee, followed a week of backroom negotiations that pitted White House national security advisers against reproductive rights advocates, who backed reforms to Section 702 that would have banned the sale of Americans' private data to the FBI and US intelligence agencies. Efforts to reform Section 702 are now stalled.
On X, Elon Musk’s beleaguered social media platform, the US-designated terrorist group Hezbollah and more than two dozen other US-sanctioned individuals and entities had “verified” X accounts thanks to its premium subscription offerings. Meanwhile, in the world of artificial intelligence, researchers at Mozilla found that “AI girlfriends” and other so-called romantic companion chatbots are a privacy nightmare. And finally, we detailed the ways in which cyberattacks disproportionately impact communities of color and other vulnerable people in ways that often fly under the radar.
But that’s not all. Each week, we round up the security news we didn’t cover in depth ourselves. Click the headlines to read the full stories. And stay safe out there.
Anyone can get scammed—anyone. Having the bravery to tell the world exactly how hard you got duped is far more rare. In a harrowing essay for The Cut, freelance finance writer Charlotte Cowles details how she was manipulated into putting $50,000 in a shoebox and handing it to a stranger in a white Mercedes on the instructions of someone who claimed to be a CIA agent.
The elaborate scam began with a call from a number that Cowles’ caller ID identified as “Amazon.” A “polite woman” proceeded to tell Cowles that she was a victim of identity theft. The (fake) Amazon employee forwarded her call to a (fake) Federal Trade Commission official, who in turn put her in touch with a (fake) CIA agent. The scammer, posing as a CIA agent named Michael, kept Cowles on the phone for hours, all the while scaring her into thinking she had arrest warrants for various serious crimes linked to the (fake) identity theft, and that the only way she could stop from having all her assets frozen was to withdraw the majority of her life savings and give it to the CIA, which would then (inexplicably) issue her a check for her own money.
Throughout the ordeal, nearly everyone involved in the scam convinced Cowles to isolate herself—tell no one, they said. Not your husband, not the police. Doing so could put your family in danger. Even in the moment, Cowles suspected she was being scammed. But little details, like the fact that they knew the last four digits of her Social Security number, made Cowles doubt her better judgement. Besides, she had a 2-year-old son to protect.
While the response to Cowles’ tale has been a mix of praise and mockery, experts in online threats say it’s foolish to think you’re too savvy to never fall for a professional scammer. “The reality is, criminals perpetuating fraud—whether via phone, email, or social media—are very good at social engineering,” says Selena Larson, a senior threat intelligence analyst at security firm Proofpoint, who describes Cowles as “extremely courageous.”
Manipulative tactics the scammers used against Cowles are common. They include, Larson says, “making someone afraid for themselves or their families, making them excited or enticed by the possibility of money or romance, or any number of heightened emotions to push them into making decisions they otherwise wouldn’t.” To protect yourself from scams like the one that hooked Cowles, Larson suggests being on high alert for anyone trying to isolate you from people in your life, and don’t trust someone posing as a government employee or celebrity. “Forcing a sense of urgency,” like asking for money immediately, is also a huge red flag. “If people are worried they are being targeted by fraudsters,” Larson says, “they should immediately break off contact and report the activity.”
Or you can adopt Cowles' new tactic: Never answer the phone.
Generative AI tools like ChatGPT are all the rage—including among hackers working on behalf of Russia, China, and North Korea, according to research published this week by Microsoft and OpenAI. While researchers note that they have “not identified significant attacks” that use large language models like those powering OpenAI’s ChatGPT, they did find widespread use of generative AI tools for research, reconnaissance, “basic scripting tasks,” and ways to improve code used to carry out cyberattacks. “Microsoft and OpenAI have not yet observed particularly novel or unique AI-enabled attack or abuse techniques resulting from threat actors’ usage of AI,” Microsoft wrote in a blog post outlining the research. “However, Microsoft and our partners continue to study this landscape closely.”
The US Department of Justice announced this week that it had disrupted a botnet controlled by APT28, a hacking group known as Fancy Bear that operates under Russia’s GRU military intelligence service. According to the DOJ, the hackers infected hundreds of routers used by homes and businesses with the “Moobot” malware, which the DOJ says is linked to a cybercriminal group. Fancy Bear hackers then used to Moobot to “install their own bespoke scripts and files that repurposed the botnet, turning it into a global cyber espionage platform,” according to the DOJ. To seize control of the botnet, the US government also used the Moobot malware to delete “stolen and malicious data” in the routers and then tweaked the routers’ firewalls to prevent the hackers from accessing them remotely. US attorney general Merrick Garland praised the operation in a statement as a successful effort to “dismantle the Russian government’s malicious cyber tools that endanger the security of the United States and our allies.”
Ransomware attacks frequently target hospitals, but few have had as widespread an impact as a strike against Romania’s health care system this week. Approximately 100 hospitals took their systems offline after attackers hit a popular hospital management system. Romanian officials say 25 hospitals had their data encrypted by the ransomware, which targeted the Hipocrate Information System (HIS) on the night of February 11. Another 75 hospitals voluntarily took their systems offline to avoid possible infection. The disruption has forced the hospitals to revert to paper records. The attackers, who have not yet been identified, demanded a ransom of 3.5 bitcoin, or around $180,000, to decrypt the files.
