Security News This Week: Signal’s Founder Hacked a Notorious Phone-Cracking Device

WIRED

Photograph: Issei Kato/REUTERS/Alamy

This week, Apple’s spring product launch event was marred by a ransomware attack against one of its suppliers, Quanta Computer. The incident is notable because it involves Apple—and the release of confidential schematics—but also because it represents an intersection of multiple disturbing trends in digital extortion.

In other Apple-adjacent hacking news, Facebook researchers found that a Palestine-linked group had built custom malware to attack iOS, hidden inside a functional messaging app. Victims had to visit a third-party app store to install the malicious software, but the hackers used social engineering techniques to trick them into doing so. And speaking of Facebook, the social media giant has been implicated in yet another data exposure, this time the email addresses of millions of users who had set that information as “private” in their settings. This comes on the heels of a flaw that allowed the scraping of 500 million Facebook user phone numbers that came to light earlier this month.

We also took a look at a since-fixed bug in Clubhouse that would have allowed people to linger invisibly in rooms like ghosts and even to cause a racket, with the moderator unable to mute them or kick them out. 

And there’s more! Each week we round up all the news WIRED didn’t cover in depth. Click on the headlines to read the full stories. And stay safe out there.

Full article