Tag: hackers

Elon Musk says X was knocked offline by ‘massive cyberattack’ that originated in ‘Ukraine area’

Billionaire entrepreneur and DOGE chief Elon Musk claimed Monday that X went dark as the result of a “massive cyberattack” that originated in the “Ukraine area.”

“We’re not sure exactly what happened,” Musk told Fox Business Network host Larry Kudlow about the apparent operation targeting his social media platform.

“But there was a massive cyberattack to try to bring down the X system, with IP addresses originating in the Ukraine area,” the world’s richest man added.

Musk, 53, did not immediately provide additional evidence of who may have been responsible.

Cybercriminals have been known to create false IP addresses to impersonate computer systems from different parts of the world, a practice known as “spoofing.”

Keep reading

U.S. Indicts 12 Chinese Nationals in ‘Hackers-for-Hire’ Conspiracy

The U.S. Department of Justice (DOJ) on Wednesday announced 12 Chinese nationals have been indicted in a global “hackers-for-hire” scheme to “inflict digital harm on Americans who criticize the Chinese Communist Party.”

Court documents unsealed on Wednesday accused China’s Ministry of Public Security (MPS) and Ministry of State Security (MSS) of directing and financing the hackers to “conduct computer intrusions against high-value targets in the United States and elsewhere.”

“Victims include U.S.-based critics and dissidents of the People’s Republic of China (PRC), a large religious organization in the United States, the foreign ministries of multiple governments in Asia, and U.S. federal and state government agencies, including most recently in 2024,” DOJ said.

“By employing these hackers-for-hire, the PRC government further allowed these same hackers to profit by committing additional computer intrusions around the world with impunity, and then to sell stolen data through Chinese data brokers,” DOJ added.

The first two Chinese nationals indicted in the case, Yin “YKC” Kecheng and Zhou “Coldface” Shuai, were allegedly linked to a state-sponsored Chinese hacking group known as APT27, “LuckyMouse,” or “Emissary Panda.” 

The group has been active since 2010, with an early emphasis on cyber-espionage attacks against corporate and government systems in the Western world, the Middle East, and Taiwan. APT27’s later exploits included profitable cyber-crimes.

DOJ charged Yin and Zhou with “sophisticated computer hacking conspiracies that successfully targeted a wide variety of US.-based victims from 2011 to the present day,” inflicting “millions of dollars worth of damages.” Both Yin and Zhou have previously been named in multiple-count indictments for fraud, identity theft, and money laundering.

A second announcement from DOJ on Wednesday added indictments for two MPS officers and eight employees of an “ostensibly private” company called Anxun Information Technology Col. Ltd., also known as i-Soon.

Keep reading

Feds ID hacker who played AI video of Trump kissing Musk’s feet – and warn that ‘legal ramifications are being explored’

The feds have ID’d the cyberpunk who broadcast an AI-powered video of President Trump kissing the feet of Elon Musk on public TVs at HUD on Monday and are threatening to take legal action against them.

Officials at the Department of Housing and Urban Development said the individual has been identified, although they didn’t name them or reveal how the hacker managed to infiltrate the government television system in the cafeteria at the agency’s headquarters.

“Yesterday, an individual was escorted off the property,” a HUD rep told The Post on Tuesday. “Legal ramifications are being explored. Additionally, termination or suspension of certain services are being explored as it relates to the department.”

Workers at HUD were caught off guard when the disturbing rogue video was broadcast at department headquarters with the message: “LONG LIVE THE REAL KING.”

Keep reading

U.S. Sanctions Chinese Cybersecurity Firm Over Cyberattacks

US sanctions Beijing-based Integrity Technology Group for aiding “Flax Typhoon” hackers in cyberattacks on American infrastructure, freezing assets and banning US dealings.

The US Treasury Department has sanctioned Integrity Technology Group, a Beijing-based company, accusing it of involvement in cyberattacks against American infrastructure. The decision, announced on January 3, 2025, has escalated tensions between the US and China over cybersecurity issues.

What’s Behind the Sanctions?

Integrity Technology Group, also known as Yongxin Zhicheng Technology Group, is alleged to have worked closely with the Chinese state-sponsored hacking group “Flax Typhoon.” US officials claim the company played a key role in cyber activities targeting government systems, businesses, and critical infrastructure. Over 250,000 devices worldwide were reportedly compromised in these incidents.

The sanctions freeze the company’s assets in the US and prohibit American entities from doing business with it. By cutting off financial ties, the US aims to limit the group’s resources for continuing cyber operations.

Official Statements and Responses

The US government has stated that these actions are part of ongoing efforts to protect national security and hold cyber offenders accountable. Treasury Secretary Janet Yellen commented, “This sends a clear message to entities enabling malicious cyber activity: we will not tolerate these actions.”

China, however, has rejected the accusations. A spokesperson for the Chinese Foreign Ministry called the sanctions “baseless” and accused the US of deflecting blame for its own cybersecurity issues. Integrity Technology Group has denied the allegations, claiming it operates within legal bounds and condemning the sanctions as damaging to its reputation.

Keep reading

Massive healthcare breaches prompt US cybersecurity rules overhaul

The U.S. Department of Health and Human Services (HHS) has proposed updates to the Health Insurance Portability and Accountability Act of 1996 (HIPAA) to secure patients’ health data following a surge in massive healthcare data leaks.

These stricter cybersecurity rules, proposed by the HHS’ Office for Civil Rights (OCR) and expected to be published as a final rule within 60 days, would require healthcare organizations to encrypt protected health information (PHI), implement multifactor authentication, and segment their networks to make it harder for attackers to move laterally through them.

“In recent years, there has been an alarming growth in the number of breaches affecting 500 or more individuals reported to the Department, the overall number of individuals affected by such breaches, and the rampant escalation of cyberattacks using hacking and ransomware,” the HHS’ proposal says.

“The Department is concerned by the increasing numbers of breaches and other cybersecurity incidents experienced by regulated entities. We are also increasingly concerned by the upward trend in the numbers of individuals affected by such incidents and the magnitude of the potential harms from such incidents.”

Reuters reports that Anne Neuberger, the White House’s deputy national security adviser for cyber and emerging technologies, also told reporters that the HIPAA cybersecurity rule updates were prompted by the ransomware attacks and massive breaches that have affected hospitals and Americans in recent years.

Neuberger added that implementing these rules would cost roughly $9 billion in the first year and over $6 billion during the following four years.

Keep reading

U.S. Army Soldier Arrested for Allegedly Hacking Trump and Kamala Harris’s Phones, Selling “Confidential Phone Records” Online

U.S. Army soldier Cameron John Wagenius, 20, has been arrested and charged with unlawfully transferring confidential phone records.

Federal authorities accuse the young soldier of participating in a cybercriminal ring that sold sensitive data, including alleged phone records of President-elect Donald Trump and Kamala Harris, on the black market.

The indictment, unsealed this week, reveals two counts of unlawful transfer of confidential phone records filed against Wagenius, according to KrebsonSecurity.

The charges follow a December 20 arrest near Fort Hood, Texas, a base associated with Fort Cavazos where Wagenius was stationed.

Wagenius, described by his mother as a tech-savvy soldier, worked on network communications at an Army base in South Korea before returning stateside.

His mother, Alicia Roen, told cybersecurity journalist Brian Krebs, “I never was aware he was into hacking. It was definitely a shock to me when we found this stuff out.”

In a comment to Krebs website, Mrs. Roen wrote, “I am his mother and I am not an open book, I was asked general questions about my sons age and if he was a solider! That is all I said and Krebs already had this information. I never knew my son was involved in any of this or involved with others until I read Krebs 1st article following my sons arrest, which was all new news to me! Do you really think a child would ever tell his parents he was involved in criminal activity?”

Operating under the online alias “Kiberphant0m,” Wagenius is accused of participating in multiple high-profile data breaches. He allegedly sold confidential phone records on online forums in November, claiming to have hacked 15 telecommunications firms, including AT&T and Verizon.

In November, “Kiberphant0m” posted what were purported to be AT&T call logs for President-elect Trump and Vice President Harris, though the authenticity of these records has not been confirmed.

The arrest follows an investigation into a series of data breaches affecting numerous organizations. Wagenius’s alleged accomplices include Canadian national Connor Riley Moucka, known online as “Judische,” who was arrested in late October, and John Binns, currently detained in Turkey.

These individuals are suspected of involvement in the theft and extortion of data from customers of the cloud service Snowflake, among other targets.

Keep reading

Concerns over the Security of Electronic Personal Health Information Intensifies

On Friday, an attorney for Ascension Health, a major U.S. hospital operator, wrote to Maine’s attorney general to tell him the electronic personal health information (e-PHI) of Ascension patients and employees were compromised during the ransomware attack that occurred in May that affected nearly 5.6 million people.

The attack significantly disrupted Ascension’s operations across its extensive network, encompassing 134,000 associates, 35,000 affiliated providers, and 140 hospitals in 19 states and the District of Columbia. Immediate consequences included the diversion of ambulances, closure of pharmacies, and a reversion to manual record-keeping methods as critical IT systems had to be taken offline.

Ascension attorney Sunil Shenoi said in his December 19 letter to the Maine Attorney General’s Consumer Protection Division that the company “will begin notifying applicable Maine residents of the security incident” through the U.S. Postal Service.

Despite the growing scale of cyber threats against the healthcare industry, a Congressional Research Service (CRS) report earlier this month emphasized that “there is no comprehensive digital data protection law in the United States.” Variable state data privacy and security laws compound this problem. Furthermore, while many data protection guidance documents are available, they are voluntary.

The attack on Ascension is the latest cyber-attack targeting the healthcare sector, which is particularly vulnerable due to the sensitive nature of patient data and the critical importance of uninterrupted medical services. Earlier this year there was a similar ransomware attack on Change Healthcare, a subsidiary of UnitedHealth Group that affected the personal health information of 100 million people, underscoring once again the escalating cybersecurity challenges healthcare providers face.

The February ransomware attack on Change Healthcare – attributed to the BlackCat cybercrime group – disrupted electronic payments and medical claims processing affecting healthcare providers and patients nationwide.

Keep reading

Pentagon Sparks Social Media Uproar After Posting a Bewildering Message on its Website as Suspicious Drones Invade America

The Pentagon on Friday once again illustrated we do not have the best and brightest leading us, as suspicious drones invade sensitive areas across America and on military bases.

As Jim Hoft previously reported, several mysterious drones were spotted flying over New Jersey last week. The drones were spotted over at least 12 counties, prompting mayors to contact the governor and demand answers.

This has raised alarm bells across America, with suspicion a foreign adversary is responsible. Rep. Jeff Van Drew (R-NJ) claimed on Wednesday that he had sources that Iran is responsible.

“I learned from very high sources, from very qualified sources, Iran launched a mothership a month ago that contains these drones, Van Drew said. “It’s off the east coast of the United States.”

It’s not just New Jersey either. Former Maryland Governor Larry Hogan revealed on Friday that he had personally witnessed several drones over his residence in recent days.

There have also been drone sightings over U.S. Military bases.

The Department of Defense’s dismissive response to these alarming sightings has only inspired anger, mockery, and confusion. Then, on Friday, the agency sent out a so-called “test” message on its website that only raised eyebrows further.

The best way to describe the text is complete utter gibberish.

Keep reading

Chinese Hack Means Beijing Reading and Hearing All US Military and Intelligence Classified Phone Communications

There has been some limited press coverage about recent Salt Typhoon — a Chinese cyber / hacking operation — but most Americans are oblivious about what has transpired. The story is simple. Following Edward Snowden’s escape to Russia and the release of damning evidence that the US Government was spying on Americans, the US Department of Justice pressured the telecommunications giants — i.e., Verizon, ATT and T-Mobile — to create a backdoor in their network software that allows Federal law enforcement to read texts and listen to calls on classified apps. If you are using WhatsApp and think you are safe from the government’s spying eyes, think again.

Sometime before the November 5 Presidential election, the US intelligence community discovered (or learned?) that the Chinese had hacked the “backdoor” and have had full access to all US Government-issued cell phones that use a classified app for text and voice communications. A knowledgeable source told me that the compromise started in 2022 and was only recently discovered.

What does this mean? All conversations / communications over the commercial networks are (or were) being read / recorded by China. My source described the Chinese hack as something akin to the Brits, with help from Polish and American cryptologists, breaking the Enigma machine and reading classified German military traffic.

Keep reading

Chinese Hackers Breach US Telecoms Network

Chinese hackers have breached the US telecoms network and appear to have targeted Donald Trump and his running-mate JD Vance.

In a joint statement issued on Friday, the FBI and the Cybersecurity and Infrastructure Security Agency (CISA) said they are “aggressively” investigating and attempting to mitigate a breach linked to the Chinese Communist Party.

“Agencies across the U.S. Government are collaborating to aggressively mitigate this threat and are coordinating with our industry partners to strengthen cyber defenses across the commercial communications sector,” CISA and the FBI stated.

The two agencies said that affected companies have been notified and provided with technical assistance.

No group has yet come forward to claim responsibility for the attack, and specific details of its nature have not been made public.

In response to reports that Donald Trump and JD Vance may have been targets of this latest hack, Trump campaign spokesman Steven Cheung issued a statement.

“This is the continuation of election interference by Kamala Harris and Democrats who will stop at nothing, including emboldening China and Iran attacking critical American infrastructure, to prevent President Trump from returning to the White House,“ Cheung told The Epoch Times.

”Their dangerous and violent rhetoric has given permission to those who wish to harm President Trump.”

Keep reading