Hacker, Parler, Donk, Wave, Tillie Hottmann

Hacker, Parler

New wave of ‘hacktivism’ adds twist to cybersecurity woes

New wave of ‘hacktivism’ adds twist to cybersecurity woes

26/3/2021 1:59:00 AM

New wave of ‘hacktivism’ adds twist to cybersecurity woes

At a time when U.S. agencies and thousands of companies are fighting off major hacking campaigns originating in Russia and China, a different kind ...

BusinessAt a time when U.S. agencies and thousands of companies are fighting off major hacking campaigns originating in Russia and China, a different kind of cyber threat is re-emerging: activist hackers looking to make a political point.FILE PHOTO: A man holds a laptop computer as cyber code is projected on him in this illustration picture taken on May 13, 2017. REUTERS/Kacper Pempel/Illustration/File Photo

Tighter COVID-19 measures important as Singapore is on a 'knife’s edge': Lawrence Wong 13 new community COVID-19 cases, including 7 linked to Changi Airport cluster 13 new community COVID-19 cases, including operating theatre technician at Ng Teng Fong General Hospital

26 Mar 2021 06:30AMShare this contentBookmarkREUTERS: At a time when U.S. agencies and thousands of companies are fighting off major hacking campaigns originating in Russia and China, a different kind of cyber threat is re-emerging: activist hackers looking to make a political point.

Three major hacks show the power of this new wave of"hacktivism" - the exposure of AI-driven video surveillance being conducted by the startup Verkada, a collection of Jan. 6 riot videos from the right-wing social network Parler, and disclosure of the Myanmar military junta's high-tech surveillance apparatus. headtopics.com

AdvertisementAdvertisementAnd the U.S. government’s response shows that officials regard the return of hacktivism with alarm. An indictment last week accused 21-year-old Tillie Hottmann, a Swiss hacker who took credit for the Verkada breach, of a broad conspiracy.

"Wrapping oneself in an allegedly altruistic motive does not remove the criminal stench from such intrusion, theft and fraud," Seattle-based Acting U.S. Attorney Tessa Gorman said.According to a U.S. counter-intelligence strategy released a year ago,"ideologically motivated entities such as hacktivists, leaktivists, and public disclosure organizations," are now viewed as"significant threats," alongside five countries, three terrorist groups, and"transnational criminal organizations."

Earlier waves of hacktivism, notably by the amorphous collective known as Anonymous in the early 2010s, largely faded away under law enforcement pressure. But now a new generation of youthful hackers, many angry about how the cybersecurity world operates and upset about the role of tech companies in spreading propaganda, are joining the fray.

AdvertisementAdvertisementAnd some former Anonymous members are returning to the field, including Aubrey Cottle, who helped revive the group’s Twitter presence last year in support of the Black Lives Matter protests.Anonymous followers drew attention for disrupting an app that the Dallas police department was using to field complaints about protesters by flooding it with nonsense traffic. They also wrested control of Twitter hashtags promoted by police supporters. headtopics.com

Police arrest man who allegedly used racial slurs, kicked woman in Choa Chu Kang Singapore sees ‘several important lessons’ from Tan Tock Seng Hospital COVID-19 cluster VJC student who tested positive for COVID-19 is linked to Changi Airport cluster

"What’s interesting about the current wave of the Parler archive and Gab hack and leak is that the hacktivism is supporting antiracist politics or antifascism politics,” said Gabriella Coleman, an anthropologist at McGill University, Montreal, who wrote a book on Anonymous.

Gab, a social network favored by white nationalists and other right-wing extremists, has also been hurt by the hacktivist campaign and had to shut down for brief periods after breaches.AdvertisementDISRUPTING QANONMost recently, Cottle has been focused on QAnon and hate groups.

"QAnon trying to adopt Anonymous and merge itself into Anonymous proper, that was the straw that broke the camel’s back," said Cottle, who has held a number of web development and engineering jobs, including a stint at Ericsson.He found email data showing that people in charge of the 8kun image board, where the persona known as Q posted, were in steady contact with major promoters of QAnon conspiracies https://www.bellingcat.com/news/2021/01/07/exposed-email-logs-show-8kun-owner-in-contact-with-qanon-influencers-and-enthusiasts.

The new-wave hacktivists also have a preferred place for putting materials they want to make public - Distributed Denial of Secrets, a transparency site that took up the mantle of WikiLeaks with less geopolitical bias. The site’s collective is led by Emma Best, an American known for filing prolific freedom of information requests. headtopics.com

Best’s two-year-old site coordinating access by researchers and media to a hoard of posts taken from Gab by unidentified hackers. In an essay this week, Best praised Hottmann and said leaks would keep coming, not just from hacktivists but insiders and the ransomware operators who publish files when companies don’t pay them off.

"Indictments like Tillie's show just how scared the government is, and just how many corporations consider embarrassment a greater threat than insecurity," Best wrote https://ddosecrets.substack.com/p/hacktivism-leaktivism-and-the-future.

Review on whether cyclists must ride in single file on roads, limits on cycling group sizes: Chee Hong Tat Israeli PM vows to step up Gaza strikes as death toll hits 30 1.8 million people have received at least one dose of COVID-19 vaccine: Health minister

The events covered by the Hottmann indictment https://www.justice.gov/usao-wdwa/press-release/file/1377536/download?utm_medium=email&utm_source=govdelivery took place from November 2019 through January 2021. The core allegation is that the Lucerne software developer and associates broke into a number of companies, removed computer code and published it. The indictment also said Hottmann spoke to the media about poor security practices by the victims and stood to profit, if only by selling shirts saying things like “venture anticapitalist” and “catgirl hacker.”

But it was only after Hottmann publicly took credit for breaching Verkada and posted alarming videos from inside big companies, medical facilities and a jail that Swiss authorities raided their home at the behest of the U.S. government. Hottmann uses non-binary pronouns.

"This move by the U.S. government is clearly not only an attempt to disrupt the freedom of information, but also primarily to intimidate and silence this newly emerging wave of hacktivists and leaktivists," Hottmann said in an interview with Reuters.

Hottmann and their lawyer declined to discuss the U.S. charges of wire fraud for some of Hottmann's online statements, aggravated identity theft for using employee credentials, and conspiracy, which together are enough for a lengthy prison sentence.

The FBI declined an interview request. If it seeks extradition, the Swiss would determine whether Hottmann’s purported actions would have violated that country’s laws.DISDAINHottmann was open about their disdain for the law and corporate powers-that-be. “Like many people, I’ve always been opposed to intellectual property as a concept and specifically how it’s used to limit our understanding of the systems that run our daily lives,” Hottmann said.

A European friend of Hottmann’s known as"donk_enby," a reference to being non-binary in gender, is another major figure in the hacktivism revival. Donk grew angry about conspiracy theories spread by QAnon followers on the social media app Parler that drove protests against COVID-19 health measures.

Following a Cottle post about a leak from Parler in November, Donk dissected the iOS version of Parler’s app and found a poor design choice. Each post bore an assigned number, and she could use a program to keep adding 1 to that number and download every single post in sequence.

After the Jan. 6 U.S. Capitol riots, Donk shared links to the web addresses of a million Parler video posts and asked her Twitter followers to download them before rioters who recorded themselves inside the building deleted the evidence. The trove included not just footage but exact locations and timestamps, allowing members of Congress to catalogue the violence and the FBI to identify more suspects.

Popular with far-right figures, Parler has struggled to stay online after being dropped by Google and Amazon. Donk's actions alarmed users who thought some videos would remain private, hindering the its attempt at a comeback.In the meantime, protesters in Myanmar asked Donk for help, leading to file dumps that prompted Google to pull its blogging platform and email accounts https://www.reuters.com/article/idUSKBN2B20WD from leaders of the Feb. 1 coup. Donk's identification of numerous other military contractors helped fuel sanctions that continue to pile up.

One big change from the earlier era of hacktivisim is that hackers can now make money legally by reporting the security weaknesses they find to the companies involved, or taking jobs with cybersecurity firms.But some view so-called bug bounty programs, and the hiring of hackers to break into systems to find weaknesses, as mechanisms for protecting companies who should be exposed.

"We're not going to hack and help secure anyone we think is doing something extremely unethical," said John Jackson, an American researcher who works with Cottle on above-ground projects."We're not going to hack surveillance companies and help them secure their infrastructure."

(Reporting by Joseph Menn in San Franciso; Editing by Jonathan Weber and Grant McCool) Read more: CNA »

Singapore returns to tighter COVID-19 measures: What's allowed under the new rules?

SINGAPORE: With the recent rise in COVID-19 cases in the community, Singapore has announced tighter measures for about three weeks from Saturday ...

Russia to produce new electric car this year - industry ministerRussian small private carmaker Zetta is designing an electric car and plans to launch production this year, Russia's Industry and Trade minister, ...

Russia reports 8,780 new COVID-19 cases, 332 deathsRussia reported 8,780 new coronavirus cases on Sunday, including 2,526 in Moscow, taking the national tally to 4,762,569 since the start of the pandemic. The coronavirus crisis centre said 332 more deaths of coronavirus patients had been confirmed in the past 24 hours, taking the national death toll to 108,232.

Border workers must take COVID-19 vaccine after new cases emerge: New Zealand PM ArdernWELLINGTON: New Zealand's Prime Minister Jacinda Ardern said on Monday (Apr 12) that people working at the borders must be vaccinated by the end ...

UK reports 51 new COVID deaths, 4,479 new casesThe United Kingdom reported 51 new COVID-19 deaths on Thursday, taking the seven-day total to 320, a drop of 38.5per cent compared with the ...

The New Yorker Makes Subtle But Powerful Point About Anti-Asian Violence On New Cover“I imagined my own mom in that situation. I thought about my grandma and my aunt, who have been among my greatest sources of support. The mother in the drawing is made up of all these women.”