Pavel Durov, founder and CEO of communications app Telegram, was arrested in France on Saturday as part of an investigation into allegations that he and Telegram failed to moderate illegal content on the platform. After four days in custody, he was indicted on Wednesday night and barred from leaving France, but released on condition he pays 5 million euros ($5.5 million) bail and reports to a French police station twice a week. Paris prosecutors said Wednesday that Durov faces charges of conspiracy to deal with child sexual abuse material and drug trafficking, as well as importing cryptocurrency without prior notice and “almost complete lack of cooperation” with French authorities.
A WIRED investigation found that Nudify, a deepfakes site that generates nude images of people without their consent, has integrated mainstream single sign-on authentication systems into its site, and Discord and Apple have suspended some developer accounts for their use.
Microsoft on Wednesday published findings about a new multi-stage backdoor being used by the notorious Iranian hacking group APT 33, or Peach Sandstorm, to target victims in sectors such as satellites, telecommunications equipment, and oil and gas. Google researchers also found that suspected Russian hackers breached Mongolian government websites between November 2023 and July 2024, infecting vulnerable users who visited the sites with malware. Crucially, the attackers compromised their targets using exploits that were identical or very similar to hacking tools created by commercial spyware vendors NSO Group and Intellexa.
Plus, each week we round up the security and privacy news we didn’t cover in depth. Click the headline to read the full story. Stay safe.
The U.S. Central Intelligence Agency provided Austrian law enforcement with critical information that led to the arrest of a suspect plotting to attack a Taylor Swift concert in Austria earlier this month. All three of the singer’s scheduled concerts at Vienna’s Ernst Happel Stadium were canceled as a result of the threat. “There were some people within my agency and others who thought it was a really good day for Langley, and it’s not just my subordinate Swift fans,” CIA Deputy Director David Cohen said at an INSA intelligence conference on Wednesday.
The main suspect, a 19-year-old Austrian of North Macedonian descent, has reportedly confessed. Austrian law enforcement has also arrested an 18-year-old and a 17-year-old in connection with the plot. Police have also reportedly questioned a 15-year-old. The plot, which was said to be inspired by the Islamic State, included plans to attack fans outside the venue with knives and explosives. Austrian Interior Minister Gerhard Kerner said earlier this month that foreign intelligence services had assisted in the investigation because Austrian law prohibits the monitoring of text messages.
“They were planning to kill a huge number of people at this concert, tens of thousands of people, likely many Americans, and they were well advanced in their planning,” the CIA’s Cohen said at the conference. “The Austrians were able to be arrested because the CIA and our intelligence partners provided information about what this ISIS-linked group was planning.”
Hackers believed to be backed by the Chinese government are exploiting vulnerabilities in recently patched network management virtualization software called Versa Director to infiltrate at least four U.S.-based internet service providers and steal customer credentials. Researchers from Lumen’s Black Lotus Labs said Thursday that the attacks began as early as June 12 and are likely still ongoing. The hackers are exploiting the Versa Director vulnerability to install remote access malware that Lumen is calling “VersaMem.”
“Given the severity of the vulnerability, the impact of the compromise of Versa Director systems, and the time that has elapsed for Versa customers to remediate the vulnerability, Black Lotus Labs has determined that it is appropriate to make this information public at this time,” the researchers wrote in a blog post. “Lumen Technologies has shared the threat information to alert the appropriate U.S. government agencies about the emerging risk that could affect our nation’s strategic assets.”
The Alliance for Creativity and Entertainment, a coalition of film studios, said on Thursday that Hanoi police had investigated and shut down Vietnam-based pirate streaming service Fmovies and its affiliates. The working group said it cooperated with law enforcement and provided them with information about Fmovies, which the group called “the world’s largest pirate streaming operation.” The group added that Fmovies and its affiliated sites, including bflixz, flixtorz, movies7, myflixer and aniwave, were visited more than 6.7 billion times between January 2023 and June 2024. The law enforcement operation also led to the shutdown of video hosting provider Vidsrc.to and its affiliates, as the services were “operated by the same suspect.” Hanoi police arrested two men in connection with the case.
Following a digital attack on dozens of French museums during the Olympics earlier this month, a ransomware gang known as Brain Cipher has claimed responsibility for the hack and is threatening to leak 300GB of data stolen from the museums. Le Grand Palais and dozens of other French national museums and cultural organizations are managed by the Grand Palais National Museums Federation, and all reportedly targeted by the attackers use some sort of shared digital infrastructure.
