Half of young Norwegians find online piracy acceptable when streaming services are too expensive, according to a new government survey released this week. The Ipsos poll of 1,411 respondents found that 32% of all Norwegians justify using pirate sites to save money, with acceptance rising to 50% among those under 30.

The rates increase further when specifically asked about pirating due to high streaming costs. Despite concerns about piracy, 61% of Norwegians paid for streaming services in the past year, including 64% of those under 30. Among active pirates, 41% said they would stop if legal services were more affordable, while 35% wanted broader content per service. Only 47% of respondents believed piracy supports organized crime, with 24% expressing uncertainty about this connection.

jojowombl shares a report from The Guardian: Legal documents released in ongoing US litigation between NSO Group and WhatsApp have revealed for the first time that the Israeli cyberweapons maker -- and not its government customers -- is the party that "installs and extracts" information from mobile phones targeted by the company's hacking software. The new details were contained in sworn depositions from NSO Group employees, portions of which were published for the first time on Thursday.

It comes five years after WhatsApp, the popular messaging app owned by Facebook, first announced it was filing suit against NSO. The company, which was blacklisted by the Biden administration in 2021, makes what is widely considered the world's most sophisticated hacking software, which -- according to researchers -- has been used in the past in Saudi Arabia, Dubai, India, Mexico, Morocco and Rwanda. [...] At the heart of the legal fight was an allegation by WhatsApp that NSO had long denied: that it was the Israeli company itself, and not its government clients around the world, who were operating the spyware. NSO has always said that its product is meant to be used to prevent serious crime and terrorism, and that clients are obligated not to abuse the spyware. It has also insisted that it does not know who its clients are targeting. [...]

To make its case, WhatsApp was allowed by Judge Phyllis Hamilton to make its case, including citing depositions that have previously been redacted and out of public view. In one, an NSO employee said customers only needed to enter a phone number of the person whose information was being sought. Then, the employee said, "the rest is done automatically by the system." In other words, the process was not operated by customers. Rather NSO alone decided to access WhatsApp's servers when it designed (and continuously upgraded) Pegasus to target individuals' phones. A spokesperson for NSO, Gil Lainer, said in a statement: "NSO stands behind its previous statements in which we repeatedly detailed that the system is operated solely by our clients and that neither NSO nor its employees have access to the intelligence gathered by the system. We are confident that these claims, like many others in the past, will be proven wrong in court, and we look forward to the opportunity to do so."

quonset shares a report from CNN: Between August 2022 and January 2024, hundreds of swatting calls were made across the country targeting religious institutions, government offices, schools, and random people. Authorities were finally able to track down the criminal, Alan Fillon, who entered the plea to four counts of making interstate threats to injure the person of another, the US Attorney's Office for the Middle District of Florida said in a news release. He faces up to five years in prison on each count. A sentencing date has not yet been set.

The US Attorney's Office said Filion made more than 375 swatting and threat calls from August 2022 to January 2024. Those calls included ones in which he claimed to have planted bombs in targeted locations or threatened to detonate bombs and/or conduct mass shootings at those locations, prosecutors said. He targeted religious institutions, high schools, colleges and universities, government officials and people across the United States. Filion was 16 at the time he placed the majority of the calls.

The FBI raided Polymarket CEO Shayne Coplan's Manhattan apartment, seizing his phone and electronic devices. A source close to the matter told The New York Post it was politically motivated due to Polymarket's successful prediction of Trump's election win. It's "grand political theater at its worst," the source said. "They could have asked his lawyer for any of these things. Instead, they staged a so-called raid so they can leak it to the media and use it for obvious political reasons."

Although no charges were filed, the raid has sparked controversy, with speculation of political retribution and concerns over potential market manipulation, as Polymarket faces scrutiny both in the U.S. and from French regulators. The New York Post reports: Coplan was not arrested and has not been charged, a Polymarket spokesperson told The Post on Wednesday evening. "Polymarket is a fully transparent prediction market that helps everyday people better understand the events that matter most to them, including elections," the rep said. "We charge no fees, take no trading positions, and allow observers from around the world to analyze all market data as a public good."

Coplan posted on X after his run-in with the feds: "New phone, who dis?" Polymarket does not allow trading in the US, though bettors can bypass the ban by accessing the site through VPN. The FBI's investigation comes a week after Coplan said Polymarket is planning to return to the US. [...] In 2022, the online gambling platform was forced to pause its trading in the US and pay a $1.4 million penalty to settle charges with the Commodity Futures Trading Commission that it had failed to register with the agency. [In France, regulators are investigating Polymarket's compliance with national gambling laws, with concerns about unauthorized gambling activities within the country.] A Fortune report published a week before the election found widespread evidence of wash-trading on Polymarket. "Polymarket's Terms of Use expressly prohibit market manipulation," a Polymarket spokesperson told Fortune in a statement.

An anonymous reader quotes a report from NBC News: Former Massachusetts Air National Guard member Jack Teixeira was sentenced Tuesday to 15 years for stealing classified information from the Pentagon and sharing it online, the U.S. Attorney for Massachusetts announced. Teixeira received the sentence before Judge Indira Talwani in U.S. District Court for the District of Massachusetts. In March, the national guardsman pleaded guilty to six counts of willful retention and transmission of national defense information under the Espionage Act. He was arrested by the FBI in North Dighton, Massachusetts, in April 2023 and has been in federal custody since mid-May 2023.

According to court documents, Teixeira transcribed classified documents that he then shared on Discord, a social media platform mostly used by online gamers. He began sharing the documents in or around 2022. A document he was accused of leaking included information about providing equipment to Ukraine, while another included discussions about a foreign adversary's plot to target American forces abroad, prosecutors said. [...] While the documents were discovered online in March 2023, Teixeira had been sharing them online since January of that year, according to prosecutors.

An anonymous reader quotes a report from 404 Media: Flock is one of the largest vendors of automated license plate readers (ALPRs) in the country. The company markets itself as having the goal to fully "eliminate crime" with the use of ALPRs and other connected surveillance cameras, a target experts say is impossible. [...] Flock and automated license plate reader cameras owned by other companies are now in thousands of neighborhoods around the country. Many of these systems talk to each other and plug into other surveillance systems, making it possible to track people all over the country.

"It went from me seeing 10 license plate readers to probably seeing 50 or 60 in a few days of driving around," [said Alabama resident and developer Will Freeman]. "I wanted to make a record of these things. I thought, 'Can I make a database of these license plate readers?'" And so he made a map, and called it DeFlock. DeFlock runs on Open Street Map, an open source, editable mapping software. He began posting signs for DeFlock (PDF) to the posts holding up Huntsville's ALPR cameras, and made a post about the project to the Huntsville subreddit, which got good attention from people who lived there. People have been plotting not just Flock ALPRs, but all sorts of ALPRs, all over the world. [...]

When I first talked to Freeman, DeFlock had a few dozen cameras mapped in Huntsville and a handful mapped in Southern California and in the Seattle suburbs. A week later, as I write this, DeFlock has crowdsourced the locations of thousands of cameras in dozens of cities across the United States and the world. He said so far more than 1,700 cameras have been reported in the United States and more than 5,600 have been reported around the world. He has also begun scraping parts of Flock's website to give people a better idea of where to look to map them. For example, Flock says that Colton, California, a city with just over 50,000 people outside of San Bernardino, has 677 cameras.

People who submit cameras to DeFlock have the ability to note the direction that they are pointing in, which can help people understand how these cameras are being positioned and the strategies that companies and police departments are using when deploying them. For example, all of the cameras in downtown Huntsville are pointing away from the downtown core, meaning they are primarily focused on detecting cars that are entering downtown Huntsville from other areas.

Major retailers are considering embedding radio-emitting threads into clothing as a novel anti-theft measure amid soaring retail crime rates, according to Bloomberg, citing industry sources. The technology, developed by Spanish firm Myruns, uses conductive ink derived from cellulose to create threads five times thinner than human hair that can trigger security alarms.

Zara owner Inditex has discussed implementing the system, though the company says it has no plans for in-store testing. Retail theft caused an estimated $73 billion in lost sales in the U.S. in 2022, according to the National Retail Federation, while UK losses doubled to $4.2 billion in 2023. The crisis has prompted retailers to increase security personnel and surveillance systems. The threadlike technology could provide an alternative to traditional metal-based security tags, potentially offering biodegradable and recyclable anti-theft protection.

An anonymous reader quotes a report from CBC News: The head of a company specializing in cryptocurrency was kidnapped and held for ransom in downtown Toronto during rush hour Wednesday. Police were called about a kidnapping in the area of University Avenue and Richmond Street W. just before 6 p.m., says a spokesperson with the Toronto Police Service. The suspects forced the victim into a vehicle and made a demand for money, the spokesperson said. The man was later located in Centennial Park in Etobicoke uninjured.

CBC Toronto has learned the victim is Dean Skurka, the president and CEO of Toronto-based financial firm WonderFi. He was released after a ransom of $1 million was paid electronically, a source close to the investigation said. Police say the investigation is ongoing and have not released any further details. [...] The alleged kidnapping happened the same day WonderFi released its third quarter earnings results, showing a 153 per cent increase compared to its third quarter in 2023.

During an operation across 95 countries from April to August 2024, Interpol arrested 41 individuals and dismantled over 1,000 servers and infrastructure running on 22,000 IP addresses facilitating cybercrime. BleepingComputer reports: Interpol said its enforcement action was backed by intelligence provided by private cybersecurity firms like Group-IB, Kaspersky, Trend Micro, and Team Cymru, leading to the identification of over 30,000 suspicious IP addresses. Eventually, roughly 76% of those were taken down, 59 servers were seized, and 43 electronic devices were confiscated, which will be examined to retrieve additional evidence. In addition to the 41 individuals who were arrested, the authorities are also investigating another 65 persons suspected of associating with illicit activities.

Cybercriminals have breached dozens of major companies including AT&T, Ticketmaster and Hot Topic by exploiting "infostealer" malware that harvests login credentials from infected computers, an investigation has found. The malware, spread through pirated software and social media, has infected 250,000 new devices daily, according to cybersecurity firm Recorded Future. Russian developers create the malware while contractors distribute it globally, deliberately avoiding former Soviet states. Hot Topic suffered potentially the largest retail hack ever in October when attackers accessed 350 million customer records using stolen developer credentials. Google and Microsoft are racing to patch vulnerabilities, but malware makers quickly adapt to new security measures.

Former FTX executive Nishad Singh was ordered to forfeit $11 billion, reports CNBC — and is subject to three years of supervised release, making him "the fourth ex-employee of the collapsed crypto exchange to be punished."

But while he'd faced a maximum sentence of 75 years, he'll serve no time, according to this report from the Associated Press: Singh, the company's former engineering director, was sentenced in Manhattan by Judge Lewis A. Kaplan, who said his cooperation was "remarkable." The judge noted that Singh did not learn of the billions of dollars that were misappropriated from FTX customer accounts and investors until two months before the fraud unraveled... Singh, 29, testified a year ago at Bankman-Fried's trial, saying he was "blindsided and horrified" when he saw the extent of the fraud behind the once-celebrated and seemingly pioneering firm. At sentencing, Singh said he was "overwhelmed with remorse" for his role in the fraud. "I strayed so far from my values, and words can't express how sorry I am," he said....

The sentencing came a month after Caroline Ellison, another key witness at Bankman-Fried's trial and a former top executive in his cryptocurrency empire, was sentenced to two years in prison. At the time, Kaplan praised her cooperation but said it wasn't a get-out-of-jail-free card. On Wednesday, Kaplan drew a distinction between the cooperation by Ellison and Singh's work with prosecutors, saying Ellison had participated in the fraud "from the beginning" and had been aware of all the wrongdoing for years... [Defense attorney Andrew Goldstein] said leniency would encourage future cooperators in other criminal cases to come forward.

Assistant U.S. Attorney Nicolas Roos credited Singh with providing information within weeks of the fraud being publicly revealed, saying he helped prosecutors learn about crimes they might otherwise have never discovered, including his own. Roos said, for instance, that Singh told prosecutors about campaign finance violations that occurred as FTX executives made tens of millions of dollars in donations to political candidates. The prosecutor also said Singh revealed private conversations with Bankman-Fried that strengthened the government's case and enabled it to bring charges more quickly against multiple people. Singh gave prosecutors "documentary evidence the government did not have and likely never would have had," Roos said.
Bankman-Fried, of course, began a 25-year sentence last November. And three weeks ago FTX executive Ryan Salame made an update on his LinkedIn profile. "I'm happy to share that I'm starting a new position as Inmate at FCI Cumberland!"

"His post quickly went viral," notes CNN, "prompting Salame to joke on X: "Today I learned people still use LinkedIn."

Jay Newman, who made billions for Elliott Management pursuing Argentina's defaulted debt, wrote a 2022 thriller about corrupt spies and hedge funds. Now federal prosecutors are examining parallels between his novel "Undermoney" and real-world events.

The investigation centers on Amit Forlit, an Israeli private investigator facing U.S. extradition charges for alleged email theft from Argentine officials during Elliott's sovereign debt battle. Prosecutors are probing whether Forlit's alleged $20 million hacking operation aided Elliott's eventual $2.2 billion settlement with Argentina. "There's not that much fiction in 'Undermoney,'" Newman told interviewers while promoting the book, which features Israeli operatives and hedge fund intrigue. Newman and Elliott deny any wrongdoing, with Newman calling suggestions of illegal activity "categorically false."

The probe is examining $20 million paid to a Forlit-controlled company via a consulting firm that worked for Elliott, according to court statements and people familiar with the matter. Forlit denied involvement in hacking during a 2022 deposition. Prosecutors are also investigating Forlit's work for ExxonMobil regarding climate change critics. Neither Elliott nor ExxonMobil has been accused of wrongdoing. Newman, who left Elliott in 2016 with a $70 million bonus after the Argentina settlement, met regularly with Forlit to discuss the Argentine case, WSJ has reported. His novel follows dark money trails through Washington power corridors and Wall Street trading floors, featuring Israeli operatives described as "expensive, but consistent."

The feds have indicted Aleksei Andriunin, a 26-year-old Russian national and founder of Gotbit, on charges of wire fraud and conspiracy to commit market manipulation. Crypto News reports: According to the U.S. Attorney's Office, the indictment alleges that Andriunin and his firm participated in a long-running scheme to artificially boost trading volumes for various cryptocurrency companies, including some based in the United States, to make them appear more popular and increase their trading value. Andriunin allegedly led these activities between 2018 and 2024 as Gotbit's CEO. He could face up to 20 years in prison, additional fines, and asset forfeiture if convicted, according to the U.S. Attorney's Office. Prosecutors say the scheme involved "wash trading," where the firm used its software to make fake trades that inflated a cryptocurrency's trading volume. This practice, called market manipulation, can mislead investors by giving the impression that demand for a particular cryptocurrency is higher than it actually is. Wash trades are illegal in traditional finance and are considered fraudulent because they deceive investors and manipulate market behavior.

Court documents also identify Gotbit's two directors, Fedor Kedrov and Qawi Jalili, as co-conspirators. The indictment claims Gotbit documented these activities in detailed records, tracking differences between genuine and artificial trading volumes. The firm allegedly pitched these services to prospective clients, explaining how Gotbit's tactics would bypass detection on public blockchains, where transactions are recorded transparently. The U.S. Department of Justice has announced that it seized over $25 million worth of cryptocurrency assets connected to these schemes and made four arrests across multiple firms. If you've been following the crypto industry, you're probably familiar with "pump-and-dump" schemes that have popped up throughout the years. Although it's a form of market manipulation, it's not quite the same as "wash trading."

In a pump-and-dump scheme, the perpetrator artificially inflates the price of a security (often a low-priced or thinly traded stock) by spreading misleading or exaggerated information to attract other buyers, who then drive up the price. Once the price has risen due to increased demand, the manipulators "dump" their shares at the inflated price, selling to the new buyers and pocketing the profits. The price typically crashes after the dump, leaving unsuspecting investors with overvalued shares and significant losses.

Wash trading, on the other hand, involves simultaneously buying and selling of the same asset to create the illusion of higher trading volume and activity. The purpose is to mislead other investors about the asset's liquidity and demand, often giving the impression that it is more popular or actively traded than it actually is. Wash trades usually occur without real changes in ownership or price movement, as the buyer and seller may even be the same person or entity. This tactic can manipulate prices indirectly by creating a perception of interest, but it does not involve a direct inflation followed by a sell-off, like a pump-and-dump scheme.

JPMorgan Chase is suing customers who exploited an ATM glitch that allowed them to withdraw funds before a check bounced. CNBC reports: The bank on Monday filed lawsuits in at least three federal courts, taking aim at some of the people who withdrew the highest amounts in the so-called infinite money glitch that went viral on TikTok and other social media platforms in late August. [...] JPMorgan, the biggest U.S. bank by assets, is investigating thousands of possible cases related to the "infinite money glitch," though it hasn't disclosed the scope of associated losses. Despite the waning use of paper checks as digital forms of payment gain popularity, they're still a major avenue for fraud, resulting in $26.6 billion in losses globally last year, according to Nasdaq's Global Financial Crime Report.

The infinite money glitch episode highlights the risk that social media can amplify vulnerabilities discovered at a financial institution. Videos began circulating in late August showing people celebrating the withdrawal of wads of cash from Chase ATMs shortly after bad checks were deposited. Normally, banks only make available a fraction of the value of a check until it clears, which takes several days. JPMorgan says it closed the loophole a few days after it was discovered.

The lawsuits are likely to be just the start of a wave of litigation meant to force customers to repay their debts and signal broadly that the bank won't tolerate fraud, according to the people familiar. JPMorgan prioritized cases with large dollar amounts and indications of possible ties to criminal groups, they said. The civil cases are separate from potential criminal investigations; JPMorgan says it has also referred cases to law enforcement officials across the country. "Fraud is a crime that impacts everyone and undermines trust in the banking system," JPMorgan spokesman Drew Pusateri said in a statement to CNBC. "We're pursuing these cases and actively cooperating with law enforcement to make sure if someone is committing fraud against Chase and its customers, they're held accountable."

"In the early hours of Thursday, March 23, 2023, residents in the German town of Kronberg were woken from their sleep by several explosions," reports CNN .

"Criminals had blown up an ATM located below a block of flats in the town center..." According to local media reports, witnesses saw people dressed in dark clothing fleeing in a black car towards a nearby highway. During the heist, thieves stole 130,000 euros in cash. They also caused an estimated half a million euros worth of collateral damage, according to a report by Germany's Federal Criminal Police Office, BKA.

Rather than staging dramatic and risky bank robberies, criminal groups in Europe have been targeting ATMs as an easier and more low-key target. In Germany — Europe's largest economy — thieves have been blowing up ATMs at a rate of more than one per day in recent years. In a country where cash is still a prevalent payment method, the thefts can prove incredibly lucrative, with criminals pocketing hundreds of thousands of euros in one attack.

Europol has been cracking down on the robberies, carrying out large cross-border operations aimed at taking down the highly-organized criminal gangs behind them. Earlier this month, authorities from Germany, France and the Netherlands arrested three members of a criminal network who have been carrying out attacks on cash machines using explosives, Europol said in a statement. Since 2022, the detainees are believed to have looted millions of euros and run up a similar amount in property damage, from 2022 to 2024, Europol said...

Unlike its European neighbors, who largely transitioned away from cash payments due to the Covid-19 pandemic, cash still plays a significant role in Germany. One half of all transactions in 2023 were made using banknotes and coins, according to Bundesbank. Germans have a cultural attachment to cash, traditionally viewing it as a safe method of payment. Some say it allows a greater level of privacy, and gives them more control over their expenses.

A government-controlled wallet that had been drained of $20 million on Thursday received most of its funds back Friday, adding another layer of mystery to transactions flagged by blockchain analysts as likely being connected to a high-profile theft. From a report: The pseudonymous blockchain sleuth ZachXBT had said in a tweet Thursday that the transfers resembled the playbook of a bad actor. Engaging with several decentralized finance protocols, the wallet had also tapped so-called instant exchanges after funds were moved across a series of transfers that "looked nefarious." About $19.3 million worth of funds had been returned to the wallet early Friday, per on-chain data collected by Arkham Intelligence, including Ethereum and the stablecoin USDC. Still, ZachXBT said in his Telegram community that funds transferred to exchanges had not yet been returned.

An anonymous reader quotes a report from Hackread: The United States Department of Justice (DoJ) has indicted two Sudanese nationals for their alleged role in operating the hacktivist group Anonymous Sudan. The group claimed fame for conducting "tens of thousands" of large-scale and crippling Distributed Denial of Service attacks (DDoS attacks) targeting critical infrastructure, corporate networks, and government agencies globally. Ahmed Salah Yousif Omer, 22, and Alaa Salah Yusuuf Omer, 27, stand accused of conspiracy to damage protected computers. Ahmed Salah faces additional charges for damaging protected computers. The duo is believed to have controlled Anonymous Sudan, which, since early 2023, launched attacks on high-profile entities such as ChatGPT, UAE's Flydubai Airline, London Internet Exchange, Microsoft, and the Israeli BAZAN Group.

The group and its clients also utilized the Distributed Cloud Attack Tool (DCAT) to conduct over 35,000 DDoS attacks. These attacks targeted sensitive government and critical infrastructure in the U.S. and globally, including the Department of Justice, Department of Defense, FBI, State Department, and Cedars-Sinai Medical Center in Los Angeles. The attacks, which sometimes lasted days, reportedly caused major damage, often crippling websites and networks. For instance, the attack on Cedars-Sinai Medical Center forced the redirection of incoming patients for eight hours, causing over $10 million in damages to U.S. victims.

An anonymous reader quotes a report from CBC News: The murder trial of a tech consultant in the stabbing death of Cash App founder Bob Lee begins Monday, a year and a half after the widely admired entrepreneur was found staggering on a deserted downtown San Francisco street seeking help. Lee's death at age 43 stunned the tech community, and fellow executives and engineers penned tributes to his generosity and brilliance. Lee was chief product officer of cryptocurrency platform MobileCoin when he died. He was a father to two children.

Prosecutors say Nima Momeni, 40, planned the April 4 attack after a dispute over his younger sister, Khazar, with whom Lee was friends. They say Momeni took a knife from his sister's condo, drove Lee to a secluded area and stabbed him three times, then fled. Defence lawyers disagree, and they say that Lee, high on drugs, attacked Momeni. "Our theory is that Bob had the knife, and that Nima acted in self defence," attorney Saam Zangeneh said.

He said his client is eager to tell his side of the story, but they haven't decided whether Momeni will testify in his defence. Momeni, who lives in nearby Emeryville, Calif., has been in custody since his arrest days after Lee died at a San Francisco hospital. Momeni's mother has been a steadfast presence at court hearings, and he is close to his sister. [...] Momeni, who has pleaded not guilty, faces 26 years to life if convicted. San Francisco Superior Court Judge Alexandra Gordon has told jurors the trial could last until mid-December.

The Wall Street Journal delves into the origin story of that teenaged Grand Theft Auto VI leaker. Arion Kurtaj, now 19 years old, is the most notorious name that has emerged from a sprawling set of online communities called the Com... Their youthful inventiveness and tenacity, as well as their status as minors that make prosecution more complicated, have made the Com especially dangerous, according to law-enforcement officials and cybersecurity investigators. Some kids, they say, are recruited from popular online spaces like Minecraft or Roblox.... [William McKeen, a supervisory special agent with the FBI's Cyber Division] said the average age of anyone arrested for a crime in the U.S. is 37, while the average age of someone arrested for cybercrime is 19. Cybersecurity investigators have found posts they say suggest Kurtaj has been involved in online attacks since he was 11.
"He had limited social skills and trouble developing relationships, records say — and ultimately looked for approval in the booming world of cybercrime..." [When Kurtaj was 14] he landed in a residential school serving children with severe emotional and behavioral needs. Kurtaj was physically assaulted by a staff member at his school who was later convicted as a result, according to a person familiar with the case. In early 2021, his mother brought him home and removed him from government care, court records say. He never returned to school. He was 16.

A month after his mother pulled him out of school, investigators say that Kurtaj was part of a hacking group called Recursion Team that broke into the videogame firm Electronic Arts and stole 780 gigabytes of data. When Electronic Arts refused to engage, they dumped the stolen data online. Within a week of that hack, investigators had identified Kurtaj and provided his name to the FBI. Later in that summer of 2021, according to court records, Kurtaj partnered with another teenager, known as ASyntax, and several Brazilian hackers, and started calling themselves Lapsus$. The group hacked into the British telecommunications giant BT in an effort to steal money using a technique called SIM swapping... The hacks weren't always for money. In late 2021, Lapsus$ hacked into a website operated by Brazil's Ministry of Health and deleted the country's database of Covid vaccinations, according to law enforcement...

If the Com has a social center, it's a website called Doxbin, where users publish personal details, such as home addresses and phone numbers, of their online rivals in an attempt to intimidate each other. Kurtaj bought Doxbin in November 2021 for $75,000, according to Chainalysis. But after a few months, the previous owners accused Kurtaj of mismanaging the site and pressured him to sell it back. He relented. Then in January 2022, cybersecurity investigators say, he doxxed the entire site, publishing a database that included usernames, passwords and email addresses that he'd downloaded when he was the owner. For cybersecurity experts, it was a gold mine. "It helped investigators piece together which crimes were done by who," said Allison Nixon, chief research officer at Unit 221B, an online investigations firm.

Doxbin's owners responded with a dox of Kurtaj and his family, including his home address and photos of him, investigators say — setting up the chain of events that would put Kurtaj in the Travelodge.
After two weeks of "protective custody" there — during which time he was supposed to be computer-free — Kurtaj "was arrested a third time and charged with hacking, fraud and blackmail. Authorities said that while at the Travelodge, he broke into Uber and taunted the company by posting a link to a photo of an erect penis on the company's internal Slack messaging system, then stole software and videos from Rockstar Games. Stolen clips had popped up in a Grand Theft Auto discussion forum from a user named teapotuberhacker and stirred a frenzy.

"As officers collected evidence, the teen stood by, emotionless, police say...."

"Kurtaj's lawyers and some experts on autism have said a potential lifetime of incarceration isn't appropriate for a teenager like Kurtaj..."

Thanks to long-time Slashdot reader SpzToid for sharing the article.

Formed in 2021 by cybersecurity professionals (and backed by high-powered VCs including Dell Technologies Capital), Halcyon sells an enterprise-grade anti-ransomware platform.

And this month they announced they're offering protection against ransomware attacks targeting Linux systems, according to Linux magazine: According to Cynet, Linux ransomware attacks increased by 75 percent in 2023 and are expected to continue to climb as more bad actors target Linux deployments... "While Windows is the favorite for desktops, Linux dominates the market for supercomputers and servers."
Here's how Halcyon's announcement made their pitch: "When it comes to ransomware protection, organizations typically prioritize securing Windows environments because that's where the ransomware operators were focusing most of their attacks. However, Linux-based systems are at the core of most any organization's infrastructure, and protecting these systems is often an afterthought," said Jon Miller, CEO & Co-founder, Halcyon. "The fact that Linux systems usually are always on and available means they provide the perfect beachhead for establishing persistence and moving laterally in a targeted network, and they can be leveraged for data theft where the exfiltration is easily masked by normal network traffic. As more ransomware operators are developing the capability to target Linux systems alongside Windows, it is imperative that organizations have the ability to keep pace with the expanded threat."

Halcyon Linux, powered through the Halcyon Anti-Ransomware Platform, uniquely secures Linux-based systems offering comprehensive protection and rapid response capabilities... Halcyon Linux monitors and detects ransomware-specific behaviors such as unauthorized access, lateral movement, or modification of critical files in real-time, providing instant alerts with critical context... When ransomware is suspected or detected, the Halcyon Ransomware Response Engine allows for rapid response and action.... Halcyon Data Exfiltration Protection (DXP) identifies and blocks unauthorized data transfers to protect sensitive information, safeguarding the sensitive data stored in Linux-based systems and endpoints...

Halcyon Linux runs with minimal resource impact, ensuring critical environments such as database servers or virtualized workloads, maintain the same performance.
And in addition, Halcyon offers "an around the clock Threat Response team, reviewing and responding to alerts," so your own corporate security teams "can attend to other pressing priorities..."