Shane Ngakuru sentenced to years in United States prison after pleading guilty to distributing encrypted ANOM phones in FBI sting
Millions of private conversations that
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
RNZ News
7 hours ago
- RNZ News
What we know about Scattered Spider, the hacker group targeting airlines
By Annika Burgess , ABC Photo: AFP Alarm bells were being sounded that Scattered Spider, a notoriously aggressive and prolific hacking group, had a new favourite target - the airline sector. The FBI and tech companies Google and Palo Alto Networks put out alerts over the weekend. They warned of multiple incidents in the airline and travel industry that resembled the group's operations. Now, it is believed Australia might have fallen victim to the cybercriminals. Qantas has announced that 6 million customer accounts had been exposed in a "significant" cyber attack. The airline would not confirm if it was the target of Scattered Spider, but experts said the attack appeared to have its signature moves. Scattered Spider, or UNC3944, is a loose-knit but aggressive hacking group. The "scattered" gang of affiliates goes by various names and aliases, such as Octo Tempest, Star Fraud, Scatter Swine and Muddled Libra. The members are believed to be mainly young native English speakers from the US and the UK. Some have reportedly been as young as 16 years old. Since emerging in 2022, together the gangs have been accused of breaking into and stealing data from some of the world's largest companies. They are alleged to be behind more than 100 targeted attacks across industries including telecommunications, finance, retail and gaming. Photo: 123RF The group goes from sector to sector, often targeting sectors that face significant customer pressure. And they aim for the big fish. In 2023, hackers tied to Scattered Spider broke into gaming companies , MGM Resorts and Caesars Entertainment, partially paralysing casinos and knocking slot machines out of commission. The $US14 billion gaming giant MGM Resorts operates over 30 hotels and casinos around the world, including in Macau and Las Vegas. The group has also caused mayhem across the UK , hitting some of the largest retail brands, including Harrods, Co-Op and Marks & Spencer (M&S). A recent cyber attack on M&S disrupted the company's online business for weeks. It has resulted in about £300 million in lost operating profit. Scattered Spider is known to use tactics such as social engineering, where hackers trick people into letting them into systems. They essentially target human vulnerabilities. The chief executive of M&S confirmed that "threat actors" had gained access to the retailer's systems via one of its contractors using social engineering techniques. The group typically exploits an organisation's IT helpdesk, using publicly available information to pose as a staff member. David Tuffley, a cybersecurity expert from Griffith University, said the tactics could be "pretty aggressive". "They would know just how to talk in the right way, to get people to do what it is they want them to do," he said. The impersonations could take place through phishing attacks, often fake emails or text messages, or the hackers may even make phone calls directly to the help desk. Daswin De Silva, a professor of AI and analytics and director of AI strategy at La Trobe University, said the tactics were "really manipulative". "Help desks want to resolve issues as quickly as possible," Professor De Silva told the ABC. "With a large organisation that has outsourced some of their business functions, they tend to be removed from the day-to-day operations of the main business. "When there is a disconnect like this … the security can be compromised." Another tactic the group is known to use is called multi-factor authentication (MFA) bombing or MFA fatigue. It involves attackers repeatedly sending MFA requests, such as notifications to a user's device, in an attempt to overwhelm them and trick them into approving a login. This could enable them to gain access to the data warehousing platform or manipulate password resets. Qantas has released a statement saying that it detected unusual activity on Monday on a third-party platform used by a contact centre. The airline said 6 million customers had service records in the platform, and it believed the proportion of stolen data would be "significant". An initial review confirmed the data included some customers' names, email addresses, phone numbers, birth dates and frequent flyer numbers, the airline said. "Importantly, credit card details, personal financial information and passport details are not held in this system," the statement read. "No frequent flyer accounts were compromised, nor have passwords, PIN numbers, or login details been accessed." The breach comes as the FBI has sent out a notification saying it has recently observed Scattered Spider "expanding its targeting to include the airline sector". "They target large corporations and their third-party IT providers, which means anyone in the airline ecosystem, including trusted vendors and contractors, could be at risk," the FBI said in a statement posted on X. "The FBI is actively working with aviation and industry partners to address this activity and assist victims." Alaska Air Group-owned Hawaiian Airlines and Canada's WestJet have both recently reported being struck by unspecified cyber incidents. Qantas said it had notified the Australian Cyber Security Centre and the Office of the Australian Information Commissioner. A spokesperson for CyberCX told ABC News the incident had all the hallmarks of an attack from the Scattered Spider hacker group. Tuffley said he "wouldn't be too surprised" if the group was behind the attack. "Qantas are actually pretty good as far as cybersecurity goes, but obviously their call centre in the Philippines or wherever it was wasn't quite so good," he said. Previous breaches on major Australian companies, including Medibank and Optus, have highlighted how cyber attacks can see people's data used as a bargaining threat to make companies pay a ransom. Another concern for Qantas customers is that their personal data could be onsold and then used to conduct fraud. Tuffley said that often, data from large-scale breaches would be combined to assemble enough information to impersonate someone. Criminals could then carry out scams such as SIM swapping or financial fraud. "They could contact a telco and say 'Hi, this is Dave, I lost my phone and I want to get a new SIM installed,'" he said. "The telco will go through all sorts of security vetting, but if they've got enough information about you, then they can succeed at that." De Silva said that often after a major breach, there would be a secondary round of attacks based on the data that was stolen. That could involve using the data to ask for password resets or security check-ups. "The attack was first detected on Monday, but customers and the public were informed on Wednesday. This delay translates to more than 48 hours for subsequent targeted/personalised attacks towards individual customers," De Silva said. "The Australian government and relevant authorities must do better in managing the communications, impact and loss following cyber attacks." Qantas customers are being advised to stay vigilant and check accounts and transactions regularly, including frequent flyer accounts. As a general piece of advice, experts say individuals should never reuse passwords on any system or service. - ABC
NZ Herald
a day ago
- NZ Herald
Police warn of rising online threats to Kiwi children on social media
New Zealand Police are becoming increasingly concerned about online groups targeting Kiwi children through social media. Investigations by the Herald have highlighted a rise in predators using social media to target their victims. Among the figures that are startling officials, in 2024, there were 1549 referrals by Snapchat to
1News
a day ago
- 1News
Man who shot Idaho firefighters, killing 2, was asked to move vehicle
A man who set a wildfire and then fatally shot two firefighters and wounded another in northern Idaho was a 20-year-old transient who attacked the first responders after they asked him to move his vehicle, a sheriff said. Kootenai County Sheriff Bob Norris offered new details about the Monday ambush at Canfield Mountain just north of Coeur d'Alene, a popular recreation area. He said Wess Roley was living out of his vehicle, had once aspired to be a firefighter and had only a handful of minor contacts with area police. 'We have not been able to find a manifesto,' the sheriff said, adding a motive was still unknown. Norris said families of the victims were 'in shock — absolutely. They're in shock and they're still processing it'. Law enforcement and emergency responders at Cherry Hill Park off 15th Street on Sunday afternoon, June 29, 2025. (Source: Associated Press) ADVERTISEMENT Roley had set a fire using flint, and the firefighters who rushed to the scene instead found themselves in an unexpected shootout. They took cover behind fire trucks, but two died and a third was wounded during a barrage of gunfire over several hours. Roley later killed himself, Norris said. 'We know that he was a transient here,' the sheriff said. 'We know he lived here for the better part of 2024. But as far as when he got here, why he was here, why he chose this place — I don't know.' Two helicopters converged on the area, armed with snipers ready to take out the suspect if needed, while the FBI used his cellphone data to track him, and the sheriff ordered residents to shelter in place. They eventually found Roley dead in the mountains, his firearm beside him. A procession from Kootenai Health heads to the medical examiner's office in Spokane after firefighters were killed when they were ambushed by sniper fire while responding to a blaze near Coeur d'Alene, Idaho. (Source: Associated Press) Roley's grandfather, Dale Roley, told KXLY-TV that his grandson was an avid hiker who worked for a tree company and was interested in forestry. Outpouring of support for the victims was swift in Coeur d'Alene, a city of 55,000 residents near the border with Washington. ADVERTISEMENT Hours after the ambush, people gathered along Interstate 90 holding American flags to pay their respects as the two fallen firefighters' bodies were taken to the medical examiner's office in Spokane, Washington, about 56km from Coeur d'Alene. Governor Brad Little ordered US and Idaho state flags to be lowered to half-staff to honour the firefighters until the day after their memorial service. A firefighter with the United States Forest Service prepares gear at a staging area near the scene the day after a shooter ambushed and killed multiple firefighters responding to a wildfire at Canfield Mountain (Source: Associated Press) 'All our public safety officers, especially our firefighters, bravely confront danger on a daily basis, but we have never seen a heinous act of violence like this on our firefighters before,' he said in a statement. 'This is not Idaho. This indescribable loss is felt deeply by all those in the firefighting community and beyond.' The Idaho House Republican Leadership said in a statement: 'We are horrified by the murder of two firefighters in Coeur d'Alene, and shocked by such a vicious attack on our first responders. We are praying for them, the injured, their families and their colleagues.' Although the shelter-in-place order was lifted, the sheriff's office cautioned residents to be prepared because the fire was still burning. Firefighters were still battling the blaze Tuesday, a task made difficult because it was burning in steep terrain, which limited the use of heavy equipment, the Idaho Department of Lands said in a news release. It had burned about 10.5 hectares. Fire was always a concern for the region, said Bruce Deming, whose property abutted the trail system. When he noticed smoke on the ridge on Monday, he wondered why no firefighting helicopters were responding. ADVERTISEMENT When a friend texted to tell him about the shooting, he realised why he wasn't seeing aircraft: 'Because they're concerned about being shot at,' he said.
