Apple Exec Calls Mac Malware Levels Unacceptable Under Oath 1
Ireland’s ransomware crisis continues, a Russian scammer gets sentenced, and more of the week’s top security news.

The ransomware problem isn’t getting any better. In fact, it’s poised to get even worse, as cybercriminals have begin experimenting with double-encryption ransomware attacks. That works pretty much exactly how it sounds; victims pay a ransom to decrypt their files, only to find that they’ve been encrypted by another strain of malware simultaneously. It’s a dirty trick, but if recent weeks have shown anything, it’s that there’s no low to which these groups won’t stoop.

In more upbeat news, Google held its annual IO developer’s conference this week. Amid the holograms and Wear OS overhauls the company detailed some important changes to how Android treats your privacy. The upcoming Android 12 release will include a host of security and privacy features, including a dashboard that lets you track which apps are checking your camera, microphone, and location data and when they did. Google’s still an advertising company at heart, but progress is progress.

Microsoft this week finally announced an end-of-life plan for Internet Explorer, which, yes, is still kicking. We took a look at the security problems the once-ubiquitous browser has caused through the years and why it will continue to for some time.

And have Captchas got you down? We took a look at why they’ve gotten harder in recent years and how you can better navigate those dastardly blurry blocks. Likewise, we’ve got you covered on getting rid of those annoying cookie pop-ups that hound you across the web.

Lastly, make sure you set aside some time to read our in-depth feature on the 2011 RSA hack, a seminal moment in cybersecurity. The central participants—well, other than the Chinese spies behind the attack—are finally free of their nondisclosure agreements, and told their stories in full for the first time.

And there’s more! Each week we round up all the news WIRED didn’t cover in depth. Click on the headlines to read the full stories, and stay safe out there. 

The Apple-Epic lawsuit has seen no shortage of fireworks this week, especially during Tim Cook’s testimony Friday. But Apple senior vice president of software engineering Craig Federighi—he’s the one with the great hair—also caused a stir when asked why the iOS App Store couldn’t simply embrace the more open distribution model found on macOS. “Today, we have a level of malware on the Mac that we don’t find acceptable,” Federighi said, adding that 130 types of malware had been found targeting Macs in the past year, some of them quite successful.

The question of security has been central to Apple’s argument that it can’t open up iOS to third-party app stores. But the answer is more complicated than it might seem. Apple does have an App Store review process, but outside security experts have said it alone is insufficient to comprehensively thwart both sophisticated malware and entry-level scams. Court documents showed that one Apple executive said App Store security was like “bringing a plastic butter knife to a gunfight.” Apple’s best protections come from the iPhone itself, which is architected to minimize the damage malware can do if it manages to sneak in.

But it’s also true that Mac’s malware problem is worse than it might seem in popular imagination and that, while the App Store review process isn’t perfect, switching to a macOS model would potentially expose users to more risk. (Not unlimited risk, though; Apple has plenty of ways to police bad applications on desktops that would work equally well on your phone or tablet.) As is often the case, the story is one of trade-offs, many of which have far more nuance than the Sturm und Drang that Apple’s and Epic’s PR machines have drummed up since this whole mess began.

Remember those new lows in ransomware we were just talking about? Here’s one. A little over a week ago, the Conti ransomware gang hit Ireland’s national health service, known as the HSE. The result has been chaos, with hospitals disrupted across the country and patient data dangled as extortion bait. This week, Conti said it would hand over the decryption key so that health care providers could get back to business—but still demanded a nearly $20 million ransom, threatening to sell or release that patient data if HSE didn’t pay up. (Antivirus firm Emsisoft has provided a more reliable decryption tool as well.)

As ransomware groups hit increasingly big targets, they’ve also found themselves sparking geopolitical maelstroms, as in the recent Colonial Pipeline mess. Conti releasing a decryption key may be an attempt to take some of the legal pressure off, but it doesn’t change the fact that they wantonly put human lives at risk and continue to threaten their privacy and well-being.

While the US has been increasingly willing to indict foreign hackers, it’s had less success actually bringing them to justice. This week it capped off a successful pursuit, though, of a Russian scammer named Anton Bogdanov, who hacked into accounting software to steal tax refunds. Bogdanov and his associates pilfered $1.5 million as part of the scheme. He was arrested in Taiwan in 2018, extradited in 2019, pleaded guilty in 2020, and was sentenced to five years in prison on Wednesday.

A software update gone wrong exposed the streams of more than 700 Eufy security camera owners to other users last week. The company says it fixed the problem within a couple of hours, but that was enough time for at least some illicit viewing to take place. Not only could peepers see live feeds, but they could also access saved videos. The incident was narrow in scope, but it’s a healthy reminder to be careful about what you connect to the internet.


More Great WIRED Stories