Sinaloa cartel hacker turned Mexico City cameras against FBI, leading to killings, DOJ says
A hacker working for the Sinaloa Cartel in Mexico was able to obtain an FBI official's phone record information in 2018 and used Mexico City's surveillance camera system to track and kill informants and witnesses, the Justice Department said in a report.
The 2018 incident was disclosed in the Justice Department Inspector General's audit of the FBI's efforts to "Mitigate the Effects of Ubiquitous Technical Surveillance."
The report said the FBI was working on the case of Joaquin "El Chapo" Guzman, the former leader of the infamous cartel who was extradited to the United States in 2017, when someone tipped the FBI that the drug-trafficking organization hired a hacker "who offered a menu of services related to exploiting mobile phones and other electronic devices."
The hacker was able to identify an FBI assistant legal attaché (ALAT) at the U.S. Embassy in Mexico City and was able to use the attaché's phone number "to obtain calls made and received, as well as geolocation data."
"According to the FBI, in addition to compromising the ALAT's phone, the hacker also accessed Mexico City's camera system, used the cameras to follow the ALAT through the city, and identified people the ALAT met with," the report states. "According to the case agent, the cartel used that information to intimidate and/or kill potential sources or cooperating witnesses."
The hacker and victims were not identified in the report. Fox News Digital has reached out to the U.S. Embassy in Mexico City, the State Department, the FBI and Justice Department.
The report noted that advances in technology have "made it easier than ever for less-sophisticated nations and criminal enterprises to identify and exploit vulnerabilities" created by UTS, a term used to describe the widespread collection and storage od data and analysis often from everyday technologies like smartphones, computers and even vehicles.
Hashtags
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
Yahoo
2 hours ago
- Yahoo
A notorious hacker group is now targeting the aviation industry, the FBI says
Scattered Spider, a cybercriminal group, is targeting the aviation industry in the US and Canada. The FBI said the hackers are deceiving IT help desks into granting them access to data. Anyone part of the "airline ecosystem" could be at risk, the FBI said. Even IT pros are susceptible to hackers these days. According to an FBI warning, a notorious cybercriminal group known as Scattered Spider is deceiving IT help desks into targeting the US airline industry. Scattered Spider gained attention in 2023 for hacking both MGM Resorts and Caesars Entertainment within a week of each other. "These actors rely on social engineering techniques, often impersonating employees or contractors to deceive IT help desks into granting access," the FBI said on X. "These techniques frequently involve methods to bypass multi-factor authentication (MFA), such as convincing help desk services to add unauthorized MFA devices to compromised accounts." The FBI said the group is focused on large corporations and their third-party IT providers, so "anyone in the airline ecosystem, including trusted vendors and contractors, could be at risk." "Once inside, Scattered Spider actors steal sensitive data for extortion and often deploy ransomware," the agency said. The FBI did not indicate that the actions affect airline safety. Charles Carmakal, the chief technology officer at Google's Mandiant, a cybersecurity firm and subsidiary of Google Cloud, said on LinkedIn that the firm was "aware of multiple incidents in the airline and transportation sector which resemble the operations of UNC3944 or Scattered Spider." "We recommend that the industry immediately take steps to tighten up their help desk identity verification processes prior to adding new phone numbers to employee/contractor accounts (which can be used by the threat actor to perform self-service password resets), reset passwords, add devices to MFA solutions, or provide employee information (e.g. employee IDs) that could be used for a subsequent social engineering attacks," he said. Unit 42, a cybersecurity threat research team that is part of the larger Palo Alto Networks cybersecurity corporation, said it also observed Scattered Spider targeting the aviation industry. "Organizations should be on high alert for sophisticated and targeted social engineering attacks and suspicious MFA reset requests," Sam Rubin, senior vice president of consulting and threat intelligence for Unit 42, said on LinkedIn on Friday. Canada's WestJet announced earlier this month that it had uncovered a "cybersecurity incident involving internal systems and the WestJet app, which has restricted access for several users." A spokesperson told Business Insider the company has made "significant progress" regarding the matter, and investigations were ongoing. Hawaiian Airlines also said on Thursday that it experienced a "cybersecurity event" that affected some of its IT systems. "We continue to safely operate our full flight schedule, and guest travel is not impacted," the company said in a press release. Neither airline provided details about who or what caused the cybersecurity incidents. A Southwest Airlines spokesperson said that its systems had not been compromised. Read the original article on Business Insider
Business Insider
4 hours ago
- Business Insider
A notorious hacker group is now targeting the aviation industry, the FBI says
Even IT pros are susceptible to hackers these days. According to an FBI warning, a notorious cybercriminal group known as Scattered Spider is deceiving IT help desks into targeting the US airline industry. Scattered Spider gained attention in 2023 for hacking both MGM Resorts and Caesars Entertainment within a week of each other. "These actors rely on social engineering techniques, often impersonating employees or contractors to deceive IT help desks into granting access," the FBI said on X. "These techniques frequently involve methods to bypass multi-factor authentication (MFA), such as convincing help desk services to add unauthorized MFA devices to compromised accounts." The FBI said the group is focused on large corporations and their third-party IT providers, so "anyone in the airline ecosystem, including trusted vendors and contractors, could be at risk." "Once inside, Scattered Spider actors steal sensitive data for extortion and often deploy ransomware," the agency said. The FBI did not indicate that the actions affect airline safety. Charles Carmakal, the chief technology officer at Google's Mandiant, a cybersecurity firm and subsidiary of Google Cloud, said on LinkedIn that the firm was "aware of multiple incidents in the airline and transportation sector which resemble the operations of UNC3944 or Scattered Spider." "We recommend that the industry immediately take steps to tighten up their help desk identity verification processes prior to adding new phone numbers to employee/contractor accounts (which can be used by the threat actor to perform self-service password resets), reset passwords, add devices to MFA solutions, or provide employee information (e.g. employee IDs) that could be used for a subsequent social engineering attacks," he said. Unit 42, a cybersecurity threat research team that is part of the larger Palo Alto Networks cybersecurity corporation, said it also observed Scattered Spider targeting the aviation industry. "Organizations should be on high alert for sophisticated and targeted social engineering attacks and suspicious MFA reset requests," Sam Rubin, senior vice president of consulting and threat intelligence for Unit 42, said on LinkedIn on Friday. Canada's WestJet announced earlier this month that it had uncovered a "cybersecurity incident involving internal systems and the WestJet app, which has restricted access for several users." A spokesperson told Business Insider the company has made "significant progress" regarding the matter, and investigations were ongoing. Hawaiian Airlines also said on Thursday that it experienced a "cybersecurity event" that affected some of its IT systems. "We continue to safely operate our full flight schedule, and guest travel is not impacted," the company said in a press release. Neither airline provided details about who or what caused the cybersecurity incidents. A Southwest Airlines spokesperson said that its systems had not been compromised.
Yahoo
7 hours ago
- Yahoo
Laser pointing at US Air Force fighter jets lands Arizona man in prison
An Arizona man has been sentenced to prison after being accused of pointing a laser at two U.S. Air Force aircraft. Glenwood Arthur Bringle, 56, of Bagdad, Arizona, was sentenced June 25 to nine days in prison and three years of supervised release for the felony offense of aiming a laser pointer at an aircraft, according to the U.S. Department of Justice. The sentence, issued by U.S. District Judge Susan Brnovich, follows Bringle's guilty plea February 26, the department said. On Oct. 5, 2021, Bringle pointed a laser at two U.S. Air Force F-16 fighter jets as the pilots conducted training exercises in the desert near his home, according to the Department of Justice. The laser illuminated the cockpits, disrupting the pilots' vision, flight control and their ability to complete the exercise, the Department of Justice said. As part of his plea agreement, Bringle forfeited several firearms and laser devices that were seized during a warrant search Nov. 8, 2021, the department added. The case was investigated by the FBI's Phoenix Field Office, the U.S. Air Force Office of Special Investigations and the Yavapai County Sheriff's Office, according to the Department of Justice. It was prosecuted by the U.S. Attorney's Office for the District of Arizona, the department added. This article originally appeared on Arizona Republic: Arizona man sentenced after pointing laser at US Air Force jets
