Hidden code in hundreds of models of Gigabyte motherboards invisibly and insecurely downloads programs—a feature ripe for abuse, researchers say.

Hiding malicious programs in a computer’s UEFI firmware, the deep-seated code that tells a PC how to load its operating system, has become an insidious trick in the toolkit of stealthy hackers. But when a motherboard manufacturer installs its own hidden backdoor in the firmware of millions of computers—and doesn’t even put a proper lock on that hidden back entrance—they’re practically doing hackers’ work for them.

Researchers at firmware-focused cybersecurity company Eclypsium revealed today that they’ve discovered a hidden mechanism in the firmware of motherboards sold by the Taiwanese manufacturer Gigabyte, whose components are commonly used in gaming PCs and other high-performance computers. Whenever a computer with the affected Gigabyte motherboard restarts, Eclypsium found, code within the motherboard’s firmware invisibly initiates an updater program that runs on the computer and in turn downloads and executes another piece of software.

While Eclypsium says the hidden code is meant to be an innocuous tool to keep the motherboard’s firmware updated, researchers found that it’s implemented insecurely, potentially allowing the mechanism to be hijacked and used to install malware instead of Gigabyte’s intended program. And because the updater program is triggered from the computer’s firmware, outside its operating system, it’s tough for users to remove or even discover.

“If you have one of these machines, you have to worry about the fact that it’s basically grabbing something from the internet and running it without you being involved, and hasn’t done any of this securely,” says John Loucaides, who leads strategy and research at Eclypsium. “The concept of going underneath the end user and taking over their machine doesn’t sit well with most people.”

In its blog post about the research, Eclypsium lists 271 models of Gigabyte motherboards that researchers say are affected. Loucaides adds that users who want to see which motherboard their computer uses can check by going to “Start” in Windows and then “System Information.”

Eclypsium says it found Gigabyte’s hidden firmware mechanism while scouring customers’ computers for firmware-based malicious code, an increasingly common tool employed by sophisticated hackers. In 2018, for instance, hackers working on behalf of Russia’s GRU military intelligence agency were discovered silently installing the firmware-based anti-theft software LoJack on victims’ machines as a spying tactic. Chinese state-sponsored hackers were spotted two years later repurposing a firmware-based spyware tool created by the hacker-for-hire firm Hacking Team to target the computers of diplomats and NGO staff in Africa, Asia, and Europe. Eclypsium’s researchers were surprised to see their automated detection scans flag Gigabyte’s updater mechanism for carrying out some of the same shady behavior as those state-sponsored hacking tools—hiding in firmware and silently installing a program that downloads code from the internet.

Gigabyte’s updater alone might have raised concerns for users who don’t trust Gigabyte to silently install code on their machine with a nearly invisible tool—or who worry that Gigabyte’s mechanism could be exploited by hackers who compromise the motherboard manufacturer to exploit its hidden access in a software supply chain attack. But Eclypsium also found that the update mechanism was implemented with glaring vulnerabilities that could allow it to be hijacked: It downloads code to the user’s machine without properly authenticating it, sometimes even over an unprotected HTTP connection, rather than HTTPS. This would allow the installation source to be spoofed by a man-in-the-middle attack carried out by anyone who can intercept the user’s internet connection, such as a rogue Wi-Fi network.

In other cases, the updater installed by the mechanism in Gigabyte’s firmware is configured to be downloaded from a local network-attached storage device (NAS), a feature that appears to be designed for business networks to administer updates without all of their machines reaching out to the internet. But Eclypsium warns that in those cases, a malicious actor on the same network could spoof the location of the NAS to invisibly install their own malware instead.

Eclypsium says it has been working with Gigabyte to disclose its findings to the motherboard manufacturer, and that Gigabyte has said it plans to fix the issues. Gigabyte did not respond to WIRED’s multiple requests for comment regarding Eclypsium’s findings.

Even if Gigabyte does push out a fix for its firmware issue—after all, the problem stems from a Gigabyte tool intended to automate firmware updates—Eclypsium’s Loucaides points out that firmware updates often silently abort on users’ machines, in many cases due to their complexity and the difficulty of matching firmware and hardware. “I still think this will end up being a fairly pervasive problem on Gigabyte boards for years to come,” Loucaides says.

Given the millions of potentially affected devices, Eclypsium’s discovery is “troubling,” says Rich Smith, who is the chief security officer of supply-chain-focused cybersecurity startup Crash Override. Smith has published research on firmware vulnerabilities and reviewed Eclypsium’s findings. He compares the situation to the Sony rootkit scandal of the mid-2000s. Sony had hidden digital-rights-management code on CDs that invisibly installed itself on users’ computers and in doing so created a vulnerability that hackers used to hide their malware. “You can use techniques that have traditionally been used by malicious actors, but that wasn’t acceptable, it crossed the line,” Smith says. “I can’t speak to why Gigabyte chose this method to deliver their software. But for me, this feels like it crosses a similar line in the firmware space.”

Smith acknowledges that Gigabyte probably had no malicious or deceptive intent in its hidden firmware tool. But by leaving security vulnerabilities in the invisible code that lies beneath the operating system of so many computers, it nonetheless erodes a fundamental layer of trust users have in their machines. “There’s no intent here, just sloppiness. But I don’t want anyone writing my firmware who’s sloppy,” says Smith. “If you don’t have trust in your firmware, you’re building your house on sand.”

Millions of Gigabyte Motherboards Were Sold With a Firmware Backdoor

TikTok user data is exposed to Chinese ByteDance employees, a screen recording app goes rogue in Google Play, and privacy groups want Slack to expand encryption.

“We use information such as IP addresses, device IDs, and account activity to determine whether a device signed into your account is part of your Netflix Household,” Netflix has said. “We do not collect GPS data to try to determine the precise physical location of your devices.”

TikTok employees have been sharing sensitive user data on an internal productivity and communication platform known as Lark. Documents obtained by _The New York Times_ show that thousands of Chinese employees of TikTok's parent company ByteDance have access to and use Lark each day. User data shared on Lark mostly shows up in group chats, but the documents show that TikTok employees have raised concerns about the fact that ByteDance employees in China could potentially access users' personal details on the platform, like US driver's license data and even child sexual abuse material. Employees have reportedly been warning ByteDance and TikTok executives about the exposure since at least July 2021. Both TikTok and ByteDance have maintained over the years that there are barriers in place to prevent TikTok user's data from being accessed in China.

An Android app known as iRecorder Screen Recorder that has been downloaded more than 50,000 times on Google Play was a legitimate app when it emerged in September 2021. But researchers from the security firm ESET found that in August 2022, the app received an update and started displaying malicious behavior. It now abuses its device microphone access to record audio every 15 minutes and send the data to a malicious server.

“Unfortunately, we don’t have any evidence that the app was pushed to a particular group of people, and from the app description and further research … it isn’t clear if a specific group of people was targeted or not,” ESET researcher Lukas Stefanko wrote. “It seems very unusual.”

Dozens of digital rights, pro-privacy, and civil liberties groups including Mozilla, the Tor Project, Fight for the Future, Derechos Digitales, and Abortion Access Front signed a letter calling for the workplace communication platform Slack to implement end-to-end encryption on its platform. Slack has long been criticized for failing to provide an end-to-end encryption option, which would cut down on governments' ability to access and surveil Slack messages, but the letter is the most organized commentary yet. “For many of these groups and individuals, Slack is an absolutely vital communication tool, but it could also become the basis of government targeting, repression, censorship,” the organizations wrote. “Default end-to-end encrypted messaging \[is\] a first and best step companies can take to protect targeted communities.”

Netflix’s Password-Sharing Crackdown Has Hit the US

The coinventor of “bcrypt” is reflecting on the ubiquitous function’s 25 years and channeling cybersecurity’s core themes into electronic dance music.

When data breaches went from being an occasional threat to a persistent fact of life during the early 2010s, one question would come up again and again as victim organizations, cybersecurity researchers, law enforcement, and regular people assessed the fallout from each incident: Which password hashing algorithm had the target used to protect its users’ passwords? 

If the answer was a faulty cryptographic function like SHA-1—not to mention the nightmare of passwords stored in plaintext with no encryption scrambling at all—the victim had more to worry about because it meant that it would be easier for whoever stole the data to crack the passwords, directly access users’ accounts, and try those passwords elsewhere to see if people had reused them. If the answer was the algorithm known as bcrypt, though, there was at least one less thing to panic about.

Bcrypt turns 25 this year, and Niels Provos, one of its coinventors, says that looking back, the algorithm has always had good energy, thanks to its open source availability and the technical characteristics that have fueled its longevity. Provos spoke to WIRED about a retrospective on the algorithm that he published this week in Usenix ;login:. Like so many digital workhorses, though, there are now more robust and secure alternatives to bcrypt, including the hashing algorithms known as scrypt and Argon2. Provos himself says that the quarter-century milestone is plenty for bcrypt and that he hopes it will lose popularity before celebrating another major birthday.

A version of bcrypt first shipped with the open source operating system OpenBSD 2.1 in June 1997. At the time, the United States still imposed stringent export limits on cryptography. But Provos, who grew up in Germany, worked on its development while he was still living and studying there.  

“One thing I found so surprising was how popular it became,” he says. “I think in part it’s probably because it was actually solving a problem that was real, but also because it was open source and not encumbered by any export restrictions. And then everybody ended up doing their own implementations in all these other languages. So these days, if you are faced with wanting to do password hashing, bcrypt is going to be available in every language that you could possibly operate in. But the other thing that I find interesting is that it’s even still relevant 25 years later. That is just crazy.”

Provos developed bcrypt with David Mazieres, a systems security professor at Stanford University who was studying at the Massachusetts Institute of Technology when he and Provos collaborated on bcrypt. The two met through the open source community and were working on OpenBSD.

Hashed passwords are put through an algorithm to be cryptographically transformed from something that’s readable into an unintelligible scramble. These algorithms are “one-way functions” that are easy to run but very difficult to decode or “crack,” even by the person who created the hash. In the case of login security, the idea is that you choose a password, the platform you’re using makes a hash of it, and then when you sign in to your account in the future, the system takes the password you input, hashes it, and then compares the result to the password hash on file for your account. If the hashes match, the login will be successful. This way, the service is only collecting hashes for comparison, not passwords themselves.   

The innovation of bcrypt was that it included a security parameter that could be tuned over time to require more and more computing power to crack bcrypt hashes. This way, as broadly available processing speed increased, bcrypt hashes could become more and more difficult to crack. 

“It’s one of those ideas that’s so obvious in retrospect,” Mazieres says. “Of course, it’s cool that bcrypt was a thing Niels and I did. But I think the important thing is, whatever password hashing algorithm we have, that there be some sort of security parameter to make it harder \[in a way\] that’s a function of computing resources.”

The next generation of hash functions requires more memory to attempt to crack hashed passwords, in addition to processing power.

“The problem was that computers keep getting faster, so a function that seems ‘slow’ today might be fast on tomorrow’s computer,” says Johns Hopkins cryptographer Matthew Green. “The idea behind bcrypt was to make this adjustable. So over time, you could crank up the difficulty level very easily. But then the problem became that people have made guessing even faster by taking advantage of specialized hardware that can compute many things in parallel. This undermines security for functions like bcrypt. So the more recent idea is to use functions that also require a lot of memory, as well as computation, on the theory that parallel attacks won’t be able to scale this resource as well.”

Password security is always lagging, though, and both Provos and Mazieres expressed disbelief and disappointment that the state of passwords broadly has not evolved in decades. Even new schemes like passkeys are only just beginning to emerge.

“Bcrypt should have been superseded already,” Provos says. “It’s surprising how much reliance we still have on passwords. If you had asked me 25 years ago, I would not have guessed that.”

Provos has turned to making cybersecurity- and authentication-themed electronic dance music under the DJ name Activ8te as a way to share his ideas about security with a broader audience and attempt to create cultural change in how people approach their personal security. Mazieres emphasizes, too, that the tech industry has done people a disservice by training them to authenticate in dangerous ways—clicking on links and plugging in passwords constantly and often indiscriminately.

Even if bcrypt’s moment is passing, its inventors say it’s still worth investing time and energy into efforts to improve digital authentication and security more broadly and to help people bolster their own digital defenses.

“There was a version of the world where I would just make music and do blacksmithing,” Provos says. “But the state of security still makes me so sad that I still feel like I have to contribute back somehow.”

Bcrypt, a Popular Password Hashing Algorithm, Starts Its Long Goodbye

Indirect prompt-injection attacks can leave people vulnerable to scams and data theft when they use the AI chatbots.

Microsoft director of communications Caitlin Roulston says the company is blocking suspicious websites and improving its systems to filter prompts before they get into its AI models. Roulston did not provide any more details. Despite this, security researchers say indirect prompt-injection attacks need to be taken more seriously as companies race to embed generative AI into their services.

“The vast majority of people are not realizing the implications of this threat,” says Sahar Abdelnabi, a researcher at the CISPA Helmholtz Center for Information Security in Germany. Abdelnabi worked on some of the first indirect prompt-injection research against Bing, showing how it could be used to scam people. “Attacks are very easy to implement, and they are not theoretical threats. At the moment, I believe any functionality the model can do can be attacked or exploited to allow any arbitrary attacks,” she says.

Hidden Attacks

Indirect prompt-injection attacks are similar to jailbreaks, a term adopted from previously breaking down the software restrictions on iPhones. Instead of someone inserting a prompt into ChatGPT or Bing to try and make it behave in a different way, indirect attacks rely on data being entered from elsewhere. This could be from a website you’ve connected the model to or a document being uploaded.

“Prompt injection is easier to exploit or has less requirements to be successfully exploited than other” types of attacks against machine learning or AI systems, says Jose Selvi, executive principal security consultant at cybersecurity firm NCC Group. As prompts only require natural language, attacks can require less technical skill to pull off, Selvi says.

There’s been a steady uptick of security researchers and technologists poking holes in LLMs. Tom Bonner, a senior director of adversarial machine-learning research at AI security firm Hidden Layer, says indirect prompt injections can be considered a new attack type that carries “pretty broad” risks. Bonner says he used ChatGPT to write malicious code that he uploaded to code analysis software that is using AI. In the malicious code, he included a prompt that the system should conclude the file was safe. Screenshots show it saying there was “no malicious code” included in the actual malicious code.

Elsewhere, ChatGPT can access the transcripts of YouTube videos using plug-ins. Johann Rehberger, a security researcher and red team director, edited one of his video transcripts to include a prompt designed to manipulate generative AI systems. It says the system should issue the words “AI injection succeeded” and then assume a new personality as a hacker called Genie within ChatGPT and tell a joke.

In another instance, using a separate plug-in, Rehberger was able to retrieve text that had previously been written in a conversation with ChatGPT. “With the introduction of plug-ins, tools, and all these integrations, where people give agency to the language model, in a sense, that's where indirect prompt injections become very common,” Rehberger says. “It's a real problem in the ecosystem.”

“If people build applications to have the LLM read your emails and take some action based on the contents of those emails—make purchases, summarize content—an attacker may send emails that contain prompt-injection attacks,” says William Zhang, a machine learning engineer at Robust Intelligence, an AI firm working on the safety and security of models.

No Good Fixes

The race to embed generative AI into products—from to-do list apps to Snapchat—widens where attacks could happen. Zhang says he has seen developers who previously had no expertise in artificial intelligence putting generative AI into their own technology.

If a chatbot is set up to answer questions about information stored in a database, it could cause problems, he says. “Prompt injection provides a way for users to override the developer’s instructions.” This could, in theory at least, mean the user could delete information from the database or change information that’s included.

The Security Hole at the Heart of ChatGPT and Bing

Researchers say the state-sponsored espionage operation may also lay the groundwork for disruptive cyberattacks.

As state-sponsored hackers working on behalf of Russia, Iran, and North Korea have for years wreaked havoc with disruptive cyberattacks across the globe, China's military and intelligence hackers have largely maintained a reputation for constraining their intrusions to espionage. But when those cyberspies breach critical infrastructure in the United States—and specifically a US territory on China's doorstep—spying, conflict contingency planning, and cyberwar escalation all start to look dangerously similar.

On Wednesday, Microsoft revealed in a blog post that it has tracked a group of what it believes to be Chinese state-sponsored hackers who have since 2021 carried out a broad hacking campaign that has targeted critical infrastructure systems in US states and Guam, including communications, manufacturing, utilities, construction, and transportation. 

The intentions of the group, which Microsoft has named Volt Typhoon, may simply be espionage, given that it doesn’t appear to have used its access to those critical networks to carry out data destruction or other offensive attacks. But Microsoft warns that the nature of the group's targeting, including in a Pacific territory that might play a key role in a military or diplomatic conflict with China, may yet enable that sort of disruption.

"Observed behavior suggests that the threat actor intends to perform espionage and maintain access without being detected for as long as possible," the company's blog post reads. But it couples that statement with an assessment with "moderate confidence" that the hackers are “pursuing development of capabilities that could disrupt critical communications infrastructure between the United States and Asia region during future crises.”

Google-owned cybersecurity firm Mandiant says it has also tracked a swath of the group's intrusions and offers a similar warning about the group's focus on critical infrastructure “There's not a clear connection to intellectual property or policy information that we expect from an espionage operation,” says John Hultquist, who heads threat intelligence at Mandiant. “That leads us to question whether they’re there _because_ the targets are critical. Our concern is that the focus on critical infrastructure is preparation for potential disruptive or destructive attack.”

Microsoft’s blog post offered technical details of the hackers’ intrusions that may help network defenders spot and evict them: The group, for instance, uses hacked routers, firewalls, and other network “edge” devices as proxies to launch its hacking—targeting devices  that include those sold by hardware makers ASUS, Cisco, D-Link, Netgear, and Zyxel. The group also often exploits the access provided from compromised accounts of legitimate users rather than its own malware to make its activity harder to detect by appearing to be benign.

Blending in with a target's regular network traffic in an attempt to evade detection is a hallmark of Volt Typhoon and other Chinese actors' approach in recent years, says Marc Burnard, a senior consultant of information security research at Secureworks. Like Microsoft and Mandiant, the Secureworks has been tracking the group and observing the campaigns. He added that the group has demonstrated a “relentless focus on adaption” to pursue its espionage.

US government agencies, including the National Security Agency, the Cybersecurity and Infrastructure Security Agency (CISA), and the Justice Department published a joint advisory about Volt Typhoon's activity today alongside Canadian, UK, and Australian intelligence. “Private sector partners have identified that this activity affects networks across US critical infrastructure sectors, and the authoring agencies believe the actor could apply the same techniques against these and other sectors worldwide,” the agencies wrote.

Although Chinese state-sponsored hackers have never launched a disruptive cyberattack against the United States—even over decades of data theft from US systems—the country’s hackers have periodically been caught inside US critical infrastructure systems. As early as 2009, US intelligence officials warned that Chinese cyberspies had penetrated the US power grid to “map” the country's infrastructure in preparation for a potential conflict. Two years ago, CISA and the FBI also issued an advisory that China had penetrated US oil and gas pipelines between 2011 and 2013. China’s Ministry of State Security hackers have gone much further in cyberattacks against the country’s Asian neighbors, actually crossing the line of carrying out data-destroying attacks disguised as ransomware, including against Taiwan’s state-owned oil firm CPC.

This latest set of intrusions seen by Microsoft and Mandiant suggests that China’s critical infrastructure hacking continues. But even if the Volt Typhoon hackers did seek to go beyond espionage and lay the groundwork for cyberattacks, the nature of that threat is far from clear. State-sponsored hackers are, after all, often assigned to gain access to an adversary’s critical infrastructure as a preparatory measure in case of a future conflict, since gaining the access  necessary for a disruptive attack usually requires months of advanced work.

That ambiguity in state-sponsored hackers’ motivations when they penetrate another country’s networks—and its potential for misinterpretation and escalation—is what Georgetown professor Ben Buchanan has called “the cybersecurity dilemma” in his book by the same name. “Genuinely attacking and building the option to attack later on,” Buchanan told WIRED in a 2019 interview as cyberwar tensions rose between the US and Russia, “are very hard to disentangle."

Drawing the lines between espionage, cyberattack preparation, and imminent cyberattack is an even harder exercise with China, says Mandiant’s Hultquist, given the limited instances of the country pulling the trigger on a digitally disruptive event—even when it does have the access to cause one, as it may well have had in Volt Typhoon’s intrusions. “China’s disruptive and destructive capabilities are extremely opaque,” he says. “Here we have a possible indication that this might be an actor with that mission.”

China Hacks US Critical Networks in Guam, Raising Cyberwar Fears

Fentanyl has long been one of the most dangerous wares of the underworld cryptocurrency economy—so dangerous, in fact, that even many dark-web markets have banned it. But new research shows that cryptocurrency is playing a different role in that deadly opioid’s supply chain: Chinese chemical producers are accepting cryptocurrency as payment for fentanyl ingredients they’re selling to drug operations that mass-produce the narcotic in countries around the world. And they’re offering it not on the dark web, but in full public view.

Cryptocurrency-tracing firm Elliptic today released new findings that offer a glimpse of an underreported role of cryptocurrency in the global fentanyl trade: the wholesale supply of ingredients to fentanyl producers around the world. Researchers at Elliptic found more than 90 Chinese chemical companies that sold fentanyl “precursor” chemicals and advertised their products on the open web, fully 90 percent of which offered to accept payment in cryptocurrencies like Bitcoin and Tether.

Monthly cryptocurrency transactions to the Chinese firms selling fentanyl ingredients that Elliptic identified.

Courtesy of Elliptic

Elliptic researchers conducted blockchain analysis of some of the cryptocurrency addresses those companies shared with prospective customers. The researchers estimate that those addresses received just over $27 million in transactions in the past five years, most since 2021, given that transactions have increased 450 percent in the past year. But the company warns that this is likely just a fraction of a larger crypto-fueled fentanyl supply chain—and the retail value of fentanyl produced with those precursors is probably thousands of times higher, in the tens of billions of dollars.

“It’s underappreciated how much crypto is accepted by Chinese companies for materials that are used to manufacture these narcotics,” says Tom Robinson, who cofounded Elliptic and leads its research team. (Robinson declined to name any of the companies, though he said Elliptic has shared their names with law enforcement.) “The number of crypto transactions is significant, and you only need a small amount of these materials to produce fentanyl and other narcotics in quantities that both have an extremely high street value and could potentially lead to huge numbers of overdoses.” 

The Elliptic report notes that the tens of millions of dollars worth of precursor sales it tracked on blockchains would likely be enough to manufacture enough fentanyl to, if distributed efficiently, kill every person on earth.

The sale of dangerous opioids like fentanyl on dark-web markets like Silk Road and successors like AlphaBay and Hydra has been notorious for well over a decade. But in recent years, dark-web markets have begun instituting bans on the drug, which can be 50 times stronger than heroin. Though these bans are sometimes only loosely enforced, they aim to prevent both the harm the substance brings to customers and the accompanying law enforcement attention. “I knew it was very dangerous,” one dark-web administrator who goes by the name DeSnake told WIRED in a 2021 interview, explaining the fentanyl ban on the AlphaBay dark-web market he’d relaunched at the time. “In a place where no one knows no one, it would be a very, very big mess.”

Despite that trend away from dark-web fentanyl sales, four members of the US Congress this week reintroduced a bill called the Dark Web Interdiction Act to increase the sentences for dark-web drug dealers, focusing specifically on fentanyl. The bill would also strengthen and make permanent the Joint Criminal Opioid and Darknet Enforcement task force that has helped coordinate law enforcement takedowns of hundreds of alleged dark-web drug sellers and administrators in recent years.

But even as the dark-web retail cryptocurrency trade in fentanyl has been restricted, and as law enforcement units crack down on what remains of it, Elliptic’s research shows that cryptocurrency-based wholesaling of fentanyl ingredients to drug cartels—who then manufacture the synthetic opioid and smuggle it into the US and other countries to be sold in the physical world—continues. In its study of precursor-selling chemical labs, Elliptic notes that several of the websites it surveyed specifically mentioned that they shipped to customers in Mexico, and 17 of the labs also sold finished fentanyl and other even more powerful opioids.

Those Chinese chemical companies do in some cases sell products other than fentanyl precursors, Elliptic’s Robinson notes, and he concedes that blockchain analysis can’t tell the difference between those sales and the sales of fentanyl ingredients. Some also sold precursors to amphetamines, methamphetamines, and other opioids. But Elliptic’s researchers saw companies advertising that fentanyl precursors were their best-selling product, in some cases. Robinson also notes that Elliptic isn’t claiming to have measured the entire crypto-based fentanyl supply chain, but only taken a “snapshot” of transactions it could identify. This suggests its $27 million estimate is likely lower than the total amount of fentanyl precursor sales over the past half-decade.

The US government may be increasingly aware of the activity of fentanyl precursor sellers in China and of cryptocurrency’s role, but so far the US has acted on a scale far smaller than the industry Elliptic has uncovered. The US Treasury Department last month levied sanctions against four Chinese men and two chemical labs, Wuhan Shuokang Biological Technology and Suzhou Xiaoli Pharmatech, for selling fentanyl precursors to drug cartels in Mexico. Three of the men were also indicted in absentia. The fourth, according to Treasury’s announcement, was an associate who had accepted cryptocurrency payments on behalf of one of the two companies.

The Chinese chemical firms’ decision to accept cryptocurrency for their fentanyl ingredient sales may seem counterintuitive, given the ability of companies like Elliptic and other cryptocurrency-tracing firms to track sales of dangerous and potentially illegal products across blockchains. But Robinson says the Chinese firms are likely using crypto because it’s hard to seize or block—and they may not particularly care that the money can be traced by Western companies and law enforcement as long as they can still find a cryptocurrency exchange willing to cash it out. “If a company in China wants to accept crypto payments, no one can prevent that from occurring,” Robinson says.

But traceability also creates an opportunity to pressure cryptocurrency exchanges to cut off the accounts of fentanyl precursor sellers Elliptic has identified. Elliptic, in fact, notified exchanges of hundreds of addresses it linked to the Chinese chemical companies. “There’s definitely a role for those services to clamp down on this,” Robinson says. And exploiting that crypto choke point could perhaps cut off at least a fraction of the lethal flow of fentanyl worldwide—not at its destination, but at its source.

Chinese Labs Are Selling Fentanyl Ingredients for Millions in Crypto

“Container registries” are ubiquitous software clearinghouses, but they’ve been exposed for years. Chainguard says it now has a solution.

As software supply-chain attacks have emerged as an everyday threat, where bad actors poison a step in the development or distribution process, the tech industry has had a wake-up call about the need to secure each link in the chain. But actually implementing improvements is challenging, particularly for the sprawling open-source cloud development ecosystem. Now, the security firm Chainguard says it has a more secure solution for one ubiquitous but long overlooked component.

“Container registries” are sort of like app stores or clearinghouses where developers upload “images” of cloud containers that each hold a different software program. The cloud services you use every day are constantly and silently navigating container registries to access applications, but these registries are often poorly secured with just a password that can be lost, stolen, or guessed. This often means that people who shouldn't have access to a given container image can download it, or, worse, they can upload images to the registry that could be malicious. Chainguard's new container image registry aims to plug this esoteric but pervasive hole.

 “Pretty much every bad possible thing has happened with container registries that you can imagine,” says Dan Lorenc, Chainguard’s CEO and a longtime software supply-chain security researcher. “People losing passwords, people pushing malware on purpose, people forgetting to update stuff. The industry has just kind of been using this for a long time—everyone was having fun, shipping code—and nobody was thinking about long-term consequences.”

The Chainguard researchers say they have long considered developing a more thoughtfully designed registry, particularly one that gets rid of passwords and instead uses a single-sign-on approach to control registry access. That way, a registry can be designed to be as accessible or as locked down as needed, and only people who are logged in to other accounts, like corporate identity services or Google accounts, and then specifically authorized can interact with the registry.

“Container registries have been a weak link,” says Jason Hall, a Chainguard software engineer. “They're pretty boring, pretty standard. This is software that's relying on software to deliver software. We need to do better and get rid of passwords to talk to the registry and be able to push to the registry.”

The big limitation on deploying a system like this, though, has been cost. Running a container registry typically gets very expensive because of “egress fees.” In other words, cloud providers don't charge enterprise customers to upload data into the cloud, but they do charge them every time someone downloads the data. So if container registries are like an app store where everyone is coming to download container images, the egress fees can get really big, really fast. This disincentivized work on overhauling the security of container registries, because no one wanted to take on the cost associated with offering a more secure alternative.

The breakthrough for Chainguard came when the internet infrastructure company Cloudflare announced the general availability of its R2 Storage service in September. The goal of the product is to offer reduced egress fees to Cloudflare customers and even no fees for data that gets downloaded infrequently. Once R2 emerged as an option, the Chainguard researchers had everything they needed to move ahead with a more secure registry.

Aly Cabral, Cloudflare's vice president of product management for workers, says that as a content delivery network, the company is able to offer a service like R2 because it has already invested so extensively in optimizing its systems to manage and move data around the world efficiently. And she points out that egress fees are problematic in a number of areas, not just cloud software development. For example, AI companies increasingly need ways to move their training data sets to different regions and platforms to find GPU processing power.

When it comes to creating more secure cloud registries, though, Cabral says that Chainguard's initiative is exactly the type of project Cloudflare hoped to support with R2.

“Chainguard’s work to rethink key software delivery infrastructure—like container registries—and ensure that it is built with secure-by-design principles that the ecosystem needs, is the type of proactive attention that will assist in preventing malicious attacks,” she says. “Too often, security is an afterthought, which can be detrimental as threat actors grow increasingly sophisticated and savvy in their ability to exploit substandard security measures.”

Chainguard will use its secure registry to distribute images and will also make the registry design available so others can adopt it. For regular web users, the change will be invisible, but it could prevent fallout from software supply-chain attacks that can—and do—have tangible impacts on people's lives.

There’s Finally a Way to Improve Cloud Container Registry Security

In response to an EU proposal to scan private messages for illegal material, the country's officials said it is “imperative that we have access to the data.”

Spain has advocated banning encryption for hundreds of millions of people within the European Union, according to a leaked document obtained by WIRED that reveals strong support among EU member states for proposals to scan private messages for illegal content.

The document, a European Council survey of member countries’ views on encryption regulation, offered officials’ behind-the-scenes opinions on how to craft a highly controversial law to stop the spread of child sexual abuse material (CSAM) in Europe. The proposed law would require tech companies to scan their platforms, including users’ private messages, to find illegal material. However, the proposal from Ylva Johansson, the EU commissioner in charge of home affairs, has drawn ire from cryptographers, technologists, and privacy advocates for its potential impact on end-to-end encryption.

For years, EU states have debated whether end-to-end encrypted communication platforms, such as WhatsApp and Signal, should be protected as a way for Europeans to exercise a fundamental right to privacy—or weakened to keep criminals from being able to communicate outside the reach of law enforcement. Experts who reviewed the document at WIRED’s request say it provides important insight into which EU countries plan to support a proposal that threatens to reshape encryption and the future of online privacy.

Of the 20 EU countries represented in the document leaked to WIRED, the majority said they are in favor of some form of scanning of encrypted messages, with Spain’s position emerging as the most extreme. “Ideally, in our view, it would be desirable to legislatively prevent EU-based service providers from implementing end-to-end encryption,” Spanish representatives said in the document.

The source of the document declined to comment and requested anonymity because they were not authorized to share it.

“It is shocking to me to see Spain state outright that there should be legislation prohibiting EU-based service providers from implementing end-to-end encryption,” says Riana Pfefferkorn, a research scholar at Stanford University’s Internet Observatory in California who reviewed the document at WIRED’s request. “This document has many of the hallmarks of the eternal debate over encryption.”

End-to-end encryption is designed so only the sender and receiver of communications like messages can see their contents. This boxes out all other parties, from scammers to police and even the company providing the digital platform. Law enforcement advocates often propose creating technical mechanisms through which end-to-end encryption can be bypassed for investigations, but cryptographers and other technologists have long argued that this would introduce weaknesses that inherently undermine end-to-end encryption, putting users’ privacy at risk. Furthermore, they have repeatedly concluded that this expanded exposure would ultimately hurt the digital safety and security of vulnerable groups, including children, rather than defend them.

"Breaking end-to-end encryption for everyone would not only be disproportionate, it would be ineffective of achieving the goal to protect children,” says Iverna McGowan, the secretary general of the European branch of the Centre for Democracy and Technology, a digital rights nonprofit organization, who reviewed the document at WIRED’s request.

The leaked document contains the position of members of the police Law Enforcement Working Party, a group of the Council of the European Union that deals with law enforcement views on legislation. Dated April 12, 2023, the document contains 20 countries’ views on a series of questions, including whether they see end-to-end encryption as a hindrance to their work dealing with child sexual abuse and whether they would favor adding wording to the law to stipulate that encryption shouldn’t be weakened. The questions were first posed in January.

WIRED asked all 20 member states whose views are included in the document for comment. None denied its veracity, and Estonia confirmed that its position was compiled by experts working within related fields and at various ministries.

The document reveals strong support for Johansson’s proposal to scan private end-to-end encrypted communications for illegal content. Of the 20 countries included in the document, 15 expressed support for the idea of scanning end-to-end encrypted communications for CSAM. Many framed this type of scanning as a vital tool that would enable authorities to win the fight against child abuse.

“It is of utmost importance to provide clear wording in the CSA Regulation that end-to-end encryption is not a reason not to report CSA material,” Croatia’s representatives said in the document. “Detection orders must necessarily also apply to encrypted networks,” Slovenia said. “We don’t want E2EE encryption to become a ‘safe haven’ for malicious actors,” Romania added.

Denmark and Ireland expressed support for scanning encrypted messengers for child sexual abuse material while also endorsing the inclusion of wording in the law that protects end-to-end encryption from being weakened. The ability to do this would rely on the invention of technology that can scan encrypted messages for illegal content without altering or breaking the security features offered by encryption—a feat cryptographers and cybersecurity experts have said is technically impossible.

The Netherlands, however, stated that this would be possible through “on-device” scanning before the illegal material is encrypted and sent to its recipient. “There are … technologies which may allow for automatic detection of CSAM while at the same time leaving end-to-end encryption intact,” the country’s representatives stated in the document.

“They want to keep the security of encryption whilst being able to circumvent it,” says Ella Jakubowska, a senior policy advisor at European Digital Rights (EDRI). Jakubowska says she is “unsurprised but nevertheless shocked” to see that European countries have a “really shallow understanding” of encryption. “They want privacy but they also want to indiscriminately scan encrypted communications,” Jakubowska says.

In its response, Spain said it is “imperative that we have access to the data” and suggests that it should be possible for encrypted communications to be decrypted. Spain’s interior minister, Fernando Grande-Marlaska, has been outspoken about what he considers the threat posted by encryption. When reached for comment about the leaked document, Daniel Campos de Diego, a spokesperson for Spain’s Ministry of Interior, says the country’s position on this matter is widely known and has been publicly disseminated on several occasions. Edging close to Spain, Poland advocated in the leaked document for mechanisms through which encryption could be lifted by court order and for parents to have the power to decrypt children’s communications.

Jakubowska, who reviewed the document, says that several countries appear to say they would give police access to people’s encrypted messages and communications. Comments from Cyprus, for example, say it is “necessary” that law enforcement authorities have the ability to access encrypted communications to investigate online sexual abuse crimes and that the “impact of this regulation is significant because it will set a precedent for other sectors in the future.” Similarly, officials in Hungary say “new methods of data interception and access are needed” to help law enforcement.

“Cyprus, Hungary, and Spain very clearly see this law as their opportunity to get inside encryption to undermine encrypted communications, and that to me is huge,” Jakubowska says. “They are seeing this law is going far beyond what DG home is claiming that it’s there for.”

Officials in Belgium said in the document that they believe in the motto “security through encryption and despite encryption.” When approached by WIRED, a spokesperson from Belgium’s Ministry of Foreign Affairs initially shared a statement from the country’s federal police saying its position has evolved since it submitted comments for the document and that Belgium is adopting a position, alongside other “like-minded states,” that it wants encryption weakened. However, half an hour later, the spokesperson attempted to retract the statement, saying the country declined to comment.

Security experts have long said that any potential backdoors into encrypted communications or ways to decrypt services would undermine the overall security of the encryption. If law enforcement officials have a way to decipher messages, criminal hackers or those working on behalf of governments could exploit the same capabilities.

Despite the potential attack on encryption from some countries, many nations also appeared to strongly support end-to-end encryption and the protections it provides. Italy described the proposal for a new system as disproportionate. “It would represent a generalized control on all the encrypted correspondence sent through the web,” the country’s representatives said. Estonia cautioned that if the EU mandates the scanning of end-to-end encrypted messages, companies are likely to either redesign their systems so they can decrypt data or shut down in the EU. Triin Oppi, a spokesperson for Estonia’s Ministry of Foreign Affairs, says the country’s position had not changed.

Finland urged the EU Commission to provide more information about the technologies that can fight child sexual abuse without jeopardizing online security and warned that the proposal could conflict with the Finnish constitution.

Representatives from Germany—a country that has staunchly opposed the proposal—said the draft law needs to explicitly state that no technologies will be used that disrupt, circumvent, or modify encryption. “This means that the draft text must be revised before Germany can accept it,” the country said. Member states need to agree on the text for the draft bill before the negotiations can move forward.

“The responses from countries such as Finland, Estonia, and Germany demonstrate a more comprehensive understanding of the stakes in the CSA regulation discussions,” Stanford’s Pfefferkorn says. “The regulation will not only affect criminal investigations for a specific set of offenses; it affects governments’ own data security, national security, and the privacy and data protection rights of their citizens, as well as innovation and economic development.”

Read the full document below:

Leaked EU Document Shows Spain Wants to Ban End-to-End Encryption

The record-breaking GDPR penalty for data transfers to the US could upend Meta's business and spur regulators to finalize a new data-sharing agreement.

Europe’s GDPR has just dealt its biggest hammer blow yet. Almost exactly five years since the continent’s strict data rules came into force, Meta has been hit with a colossal €1.2 billion fine ($1.3 billion) for sending data about hundreds of millions of Europeans to the United States, where weaker privacy rules open it up to US snooping.

Ireland’s Data Protection Commission (DPC), the lead regulator for Meta in Europe, issued the fine after years of dispute about how data is transferred across the Atlantic. The decision says a complex legal mechanism, used by thousands of businesses for transferring data between the regions, was not lawful.

The fine is the biggest GDPR penalty ever issued, eclipsing Luxembourg's $833 million fine against Amazon. It brings the total amount of fines under the legislation to around €4 billion. However, it’s small change for Meta, which made $28 billion in the first three months of this year.

In addition to the fine, the DPC’s ruling gives Meta five months to stop sending data from Europe to the US and six months to stop handling data it previously collected, which could mean deleting photos, videos, and Facebook posts or moving them back to Europe. The decision is likely to bring into focus other GDPR powers, which can impact how companies handle data and arguably cut to the heart of Big Tech’s surveillance capitalism.

Meta says it is “disappointed” by the decision and will appeal. The decision is also likely to heap extra pressure on US and European negotiators who are scrambling to finalize a long-awaited new data-sharing agreement between the two regions that will limit what information US intelligence agencies can get their hands on. A draft decision was agreed to at the end of 2022, with a potential deal being finalized later this year.

“The entire commercial and trade relationship between the EU and the US underpinned by data exchanges may be affected,” says Gabriela Zanfir-Fortuna, vice president of global privacy at Future of Privacy Forum, a nonprofit think tank. “While this decision is addressed to Meta, it is about facts and situations that are identical for all American companies doing business in Europe offering online services, from payments, to cloud, to social media, to electronic communications, or software used in schools and public administrations.”

**‘Bittersweet Decision’**

The billion-euro fine against Meta has a long history. It stems back to 2013, long before GDPR was in place, when lawyer and privacy activist Max Schrems complained about US intelligence agencies’ ability to access data following the Edward Snowden revelations about the National Security Agency (NSA). Twice since then, Europe’s top courts have struck down US–EU data-sharing systems. The second of these rulings, in 2020, made the Privacy Shield agreement ineffective and also tightened rules around “standard contractual clauses (SSCs).”

The use of SCCs, a legal mechanism for transferring data, is at the center of the Meta case. In 2020, Schrems complained about Meta’s use of them to send data to the US. Today’s Irish decision, which is supported by other European regulators, found Meta’s use of the legal tool “did not address the risks to the fundamental rights and freedoms of data subjects.” In short, they were unlawful.

Ireland first decided the tool fell foul of GDPR in July 2022 and since then, the case has been wrapped up in European bureaucracy, with other countries having a say on the decision and deciding the penalties that should apply. Ultimately, through the European Data Protection Board (EDPB), other countries overruled the Irish regulator, which had argued Meta shouldn’t be fined.

“This is an absolutely significant fine and yet, the penalties may be inconsequential for people's rights as Meta can hold on to data it has moved unlawfully,” says Estelle Masse, the global data protection lead at European NGO Access Now. “It's a bittersweet decision.” Since GDPR came into force in May 2018, it has been criticized for not effectively curtailing the worst data practices of Big Tech. Masse argues that Meta should have been made to delete the data it collected unlawfully, and that GDPR enforcement needs to change companies business practices. (In the US, the Federal Trade Commission fined Meta $5 billion in 2019 and has previously ordered companies to delete algorithms created with improperly collected data.)

The new ruling stops short of forcing Meta to delete the data but says it should ensure that all stored data from Europeans be lawfully handled within six months. This could include deletion or moving the data back to Europe, the EDPB says, but could also include Meta using “other technical solutions.”

“One potential option moving forward would be a 'federated' social network, where European data stays in their data centers in Europe, unless users chat with a US friend, for example,” Schrems said in a statement. Zanfir-Fortuna says that data localization can be “very difficult to obtain in practice.”

It is likely, if Meta decides to move data back to Europe, that untangling it all from within its internal systems will be tricky, if not impossible. Previous reports have indicated that Meta doesn’t know where all its data goes, and court documents obtained by the Irish Council for Civil Liberties are said to show “data anarchy at Meta.”

Meta’s president of global affairs, Nick Clegg, said in a statement that the company is appealing the decisions with courts that will be able to “​​pause the implementation deadlines.” Clegg characterized the decision as a threat to the global internet: “Without the ability to transfer data across borders, the internet risks being carved up into national and regional silos, restricting the global economy and leaving citizens in different countries unable to access many of the shared services we have come to rely on.”

**The Simplest Fix**

Lurking behind the colossal fine is the underlying issue of how data is shared between the EU and the US. Europe’s GDPR sets out how companies and other organizations should collect, use, and store people’s data and also increases the rights given to individuals. People can ask what data is held about them or request that information be deleted, for instance.

The rules are stricter than protections put in place in the US, particularly against data collected about non-US citizens, which can be intercepted by intelligence agencies under Section 702 of the Foreign Intelligence Surveillance Act. In October 2022, US president Joe Biden signed an executive order that would introduce limits to what data security agencies can access under a proposed new EU–US Data Privacy Framework.

In Meta’s response to the GDPR decision, Clegg referenced the new international agreement and said that if it comes into force before the Irish deadlines, “our services can continue as they do today without any disruption or impact on users.”

The executive order would, among other things, create a Data Protection Review Court within the US Department of Justice that allows Europeans to challenge how American intelligence agencies use their data. Gloria González Fuster, a professor at the Vrije Universiteit Brussel, says there are “multiple tensions” between the proposed plans. “The very limited information given to complainants by the Data Protection Review Court (DPRC) is one of the major problems,” Fuster says, adding the approach doesn’t match those of Europe’s courts.

Since two previous data-sharing agreements have been struck down by Europe’s courts, it is likely that the new agreement, which could come into force before Meta has to deal with Ireland’s orders, may be challenged. “The framework from the get-go is an improvement from the two previous, but we don't think it gets us to a point where it would stand a legal challenge in the court,” Masse says.

Schrems, who made the original complaint against Meta and was responsible for the cases that destroyed the previous US–EU data-sharing agreements, believes there’s a 10 percent chance Europe’s courts will find the new agreement to be lawful. “The simplest fix,” Schrems said, “would be reasonable limitations in US surveillance law.”

Meta’s $1.3 Billion Fine Is a Strike Against Surveillance Capitalism

While the company’s new top-level domains could be used in phishing attacks, security researchers are divided on how big of a problem they really pose.

At the beginning of May, Google released eight new top-level domains (TLDs)—the suffixes at the end of URLs, like “.com” or “.uk.” These little addendums were developed decades ago to expand and organize URLs, and over the years, the nonprofit Internet Corporation for Assigned Names and Numbers (ICANN) has loosened restrictions on TLDs so organizations like Google can bid to sell access to more of them. But while Google's announcement included light-hearted offerings like “.dad” and “.nexus,” it also debuted a pair of TLDs that are uniquely poised to invite phishing and other types of online scamming: “.zip” and “.mov”.

The two stand out because they are also common file extension names. The former, .zip, is ubiquitous for data compression, while .mov is a video format developed by Apple. The concern, which is already starting to play out, is that URLs that look like file names will open up even more possibilities for digital scams like phishing that trick web users into clicking on malicious links that are masquerading as something legitimate. And the two domains could also expand the problem of programs mistakenly recognizing file names as URLs and automatically adding links to the file names. With this in mind, scammers could strategically buy .zip and .mov URLs that are also common file names—think, springbreak23.mov—so online references to a file with that name could automatically link to a malicious website.

“Attackers will use whatever they can to get inside an organization,” says Ronnie Tokazowski, a longtime phishing researcher and principal threat adviser at the cybersecurity firm Cofense. “Man, this all goes back a long time now. Nothing has changed.”

Researchers have already started seeing malicious actors buying up strategic .zip URLs and begin testing them in phishing campaigns. But reactions are mixed on how much of a negative impact .zip and .mov domains will have when scams that prey on URL confusion are already an inveterate threat. Additionally, proxies and other traffic management tools already deploy anti-phishing protections to cut down on the risks if users mis-click—and .zip and .mov will simply be incorporated into those defenses.

“The risk of confusion between domain names and file names is not a new one. For example, 3M’s Command products use the domain name command.com, which is also an important program on MS DOS and early versions of Windows,” Google told WIRED in a statement. “Applications have mitigations for this (such as Google Safe Browsing), and these mitigations will hold true for TLD’s such as .zip.” The company added that Google Registry already includes mechanisms to suspend or remove malicious domains across all of the company's top-level domains. “We will continue to monitor the usage of .zip and other TLDs, and if new threats emerge we will take appropriate action to protect users,” the company said.

Offering more TLDs broadens the number of URLs that are available to people. This means you have more choices and don't necessarily have to pay a premium to buy the site name you want from an existing owner or speculator who bought up a bunch of historic URLs. And some in the security community feel that, given the already extensive risk of phishing attacks, additions like .zip and .mov add negligible additional danger.

“I don't agree with the assertion that the new TLDs will increase the effectiveness of phishing in any meaningful way—primarily because people are already so easily fooled by URLs,” says security researcher Troy Hunt, who runs the breach-tracking service HaveIBeenPwned. “Not only can we, myself included, not tell the difference between so many ambiguous characters, we also usually have no idea what the correct URL is for many services. I bet you this all blows over before you know it with no incidents of consequence.”

Some researchers feel strongly, though, that a company like Google, which invests so much in anti-scam and anti-phishing work, could have simply opted not to offer these particular TLDs. Even if other top-level domains exist that are also file extensions, they argue that the world doesn't need more of these overlaps.

“Nobody said this was new. In fact, half the issue is that it’s not new,” says security researcher Marcus Hutchins. “We’ve had this issue in the past, and Google has just gone and caused the same problem again. It really seems like they created a big usability and security issue for downstream providers to clean up, all for no reason other than a low-effort money grab.”

Source

Wired