In yet another week that felt like a month, the world continues to feel the reverberations of the seditious assault on the US Capitol building on January 6. After platforms like Twitter and Facebook booted Donald Trump last week, Amazon pulled support from far-right “free speech” platform Parler, knocking it offline for the foreseeable future. Before it disappeared, though, hackers were able to archive every public post, image, and video on Parler, thanks to an incredibly basic bug.
We talked to former CISA director Chris Krebs about Trump’s disinformation blitz, and how the US can get out of this mess—starting with impeachment. We explained how law enforcement gets around your smartphone’s encryption. And we looked into the first public technical evidence that the SolarWinds hackers really are Russian state actors, as some of the code they use shares distinct characteristics with a notorious Kremlin-run group known as Turla.
It’s ambitious and potentially convenient, but think twice about using Amazon Sidewalk if you value privacy. Google researchers found a campaign that used multiple zero-day vulnerabilities to infect Android and Windows devices. And in a timely feature, Rachel Monroe immersed herself in America’s tactical training culture—some of which was on shameful display in Washington, DC last week.
And there’s more! Each week we round up all the news we didn’t cover in depth. Click on the headlines to read the full stories. And stay safe out there.
Investigations relating to the Capitol building riots—including into how officials were caught so off-guard by an incident that had been planned in the open online—will last for months, at least. But thanks in part to over 140,000 tips and a remarkable number of alleged participants filming and photographing themselves and others during the events of January 6, and then posting those videos and photos to social media, the Justice Department has already made over 100 arrests. FBI director Christopher Wray said this week that the agency had over 200 subject case files open, so expect this work to continue for some time.
DarkMarket had a brief run as the biggest illegal dark web marketplace, after predecessors like AlphaBay, Hansa, and Wall Street Market were all taken down. This week, though, authorities caught up with DarkMarket, seizing more than 20 servers in Moldova and Ukraine in the process. Before its demise, DarkMarket had 500,000 users, more than 2,400 vendors, and had hosted around $170 million in cryptocurrency transactions. Grabbing the servers could make it easier for officials to track down DarkMarket participants—or follow them to wherever they next set up shop.
The period and menstruation-tracking app Flo reached a proposed settlement with the FTC this week over its deceptive data-handling practices. While Flo told users it would keep sensitive health data private, it actually passed it along to Facebook and Google analytics, among others. Flo didn’t admit to any wrongdoing, but privacy advocates hope the case indicates the FTC is interested in cracking down on similar data use issues elsewhere in the health care software industry.
Death, taxes, and people using Elon Musk’s name to scam bitcoin from people on Twitter; at least life has its certainties. This time hackers have broken into verified accounts to promote an age-old scam that claims the Tesla billionaire is giving away cryptocurrency. The catch? You have to send some in first. The scammers had raked in nearly $600,000 as of Thursday. When in doubt, please remember that nothing is free, especially when it’s bitcoin on Twitter.
More Great WIRED Stories