Breaking News: Four Arrested in Connection to Nationwide ‘Spider’ Cybercrime Spree
The publication this week reported on a directive from the United States Department of Homeland Security, urging local law enforcement agencies nationwide to categorize common protest activities and associated logistics as “violent tactics.” This guidance may encourage police to utilize everyday behavior as a pretext for intervention.
A security breach at the AI hiring bot utilized on the McDonald’s McHire platform exposed the personal data of tens of millions of job applicants. The vulnerability stemmed from the use of a commonly guessable password, “123456,” on an administrator account. The site’s chatbot, known as Olivia, was developed by artificial intelligence software firm Paradox.ai.
In the aftermath of the devastating floods in Texas that claimed at least 120 lives last week, conspiracy theories regarding the extreme weather event have gained traction among various groups, including anti-government extremists, GOP influencers, and individuals with large platforms. These theories have led to real-world consequences such as death threats.
Additionally, a WIRED analysis and digital video forensics experts found that the “full raw” surveillance footage captured near Jeffrey Epstein’s cell the night before his suicide was not authentic. Instead, the full video appears to be composed of two clips, likely edited using powerful software.
Elsewhere, three major retailers in the UK – Harrods, the Co-Op, and M&S – were disrupted by widespread cyberattacks earlier this year. The attacks resulted in empty shelves for weeks, and M&S executives anticipate a total cost of around £300 million ($407 million) as a result. This week, law enforcement officials at the National Crime Agency (NCA), the UK’s equivalent of the FBI, announced the arrest of four individuals in connection to these attacks.
The suspects, including a 20-year-old female and three males aged 19 and 17, were arrested at their homes in the West Midlands and London. One of the 19-year-old males is from Latvia, while the others are from the UK, according to the NCA. They are suspected of potential Computer Misuse Act offenses, blackmail, money laundering, and participating in the activities of an organized crime group. The arrests mark a significant step in the NCA’s investigations, though the identities of those arrested and their precise locations have not been disclosed.
The cyberattacks against the three British retailers have been partially linked to the loosely organized hacking group Scattered Spider. The group, which first emerged in 2022, consists mainly of young, English-speaking individuals and has recently targeted retailers, airlines, and the insurance industry across the UK and the US.
Criminals have begun using generative AI to create ultra-realistic child sexual abuse images. Analysts at the Internet Watch Foundation, a UK-based organization that removes child sexual abuse material (CSAM) from the web, identified 1,286 AI-generated videos showing abuse in the first half of this year, with over 1,000 depicting the most serious type of abuse.
“There is an incredible risk of AI-generated CSAM leading to an absolute explosion that overwhelms the clear web,” said Derek Ray-Hill, the interim chief executive of the Internet Watch Foundation. Separate figures from the US-based National Center for Missing & Exploited Children (NCMEC) indicate they received 485,000 reports of AI CSAM in the first half of this year – up from 67,000 for all of last year. Approximately 35 tech companies have reported finding AI-generated CSAM on their platforms, NCMEC said.
In a rare instance, Italian police arrested Xu Zewei, a 33-year-old from Shanghai, at an airport in Milan on July 3rd. The arrest was made pursuant to a warrant issued by the US Department of Justice seeking Xu’s arrest on hacking charges. Authorities allege he is a member of the espionage group known as Silk Typhoon or Hafnium, which has carried out widespread data theft from Western governments and private sector companies for years. US prosecutors are specifically accusing Xu of participating in Silk Typhoon’s hacking that targeted researchers working on a Covid-19 vaccine in 2020 and 2021. He is also alleged to have participated in a broader hacking campaign in which the same group broke into tens of thousands of Microsoft Exchange servers worldwide, leaving behind backdoors for later reconnaissance. Xu’s lawyer has denied the charges, claiming it is a case of mistaken identity, and his wife has reportedly stated that Xu is an IT technician at the company GTA Semi Conductor.
In another noteworthy arrest, French police this week detained Russian professional basketball player Daniil Kasatkin at Charles de Gaulle airport in Paris, accusing him of being part of a ransomware group. Authorities have yet to name the ransomware crew they claim Kasatkin was affiliated with, but say that from 2020 to 2022 it targeted close to 900 organizations, including two American government agencies. Kasatkin’s lawyer, Frédéric Bélot, has denied the accusations, stating his client is “useless with computers and can’t even install an application.” Kasatkin, who played for the pro basketball team MBA Moscow, had traveled to France with his fiancée to propose to her.
Lastly, a reminder to athletes with public Strava accounts: set your account settings to private to prevent revealing sensitive locations during exercise activities. This week, Sweden’s Dagens Nyheter newspaper revealed that seven bodyguards for Swedish government officials left their Strava accounts public, disclosing their locations as they carried out 1,400 exercise activities – and in many cases, the locations of the people they were protecting, including the Swedish prime minister, Ulf Kristersson. The leaked locations of the prime minister included hotels where he stayed, private addresses, a family vacation, trips abroad, and his private home, which was intended to be secret.
