North Korean hackers are probably working with Russian-speaking cybercriminals on ransomware and other malicious software, researchers said Wednesday.  
 
Security firm Intel 471 said in a report it found links between North Korean hacker group Lazarus, known for attacks on banks worldwide, and a Russian-operated malware operation called TrickBot.  
 
TrickBot is described in the report as a “malware-as-a-service offering, run by Russian-speaking cybercriminals, that is not openly advertised on any open or invite-only cybercriminal forum or marketplace.”   
It works with “top-tier cybercriminals with a proven reputation,” the report said.  
 
The Intel 471 report said other security researchers have pointed to possible links between the groups, but that its investigation found more evidence, including signs that malware developed in North Korea was offered for sale on Russian marketplaces.  
 
“Our conclusion is that we deem it likely that threat actors running or having access to TrickBot infections are in contact with DPRK (North Korean) threat actors,” the report said.  
 
“DPRK threat actors likely are active in the cybercriminal underground and maintain trusted relationships with top-tier Russian-speaking cybercriminals.”  
 
It added that “malware believed to be only used and probably written by DPRK threat actors was very likely delivered via network accesses held by Russian-speaking cybercriminals.”
…

Kim Kardashian West, Katy Perry and Leonardo DiCaprio are among celebrities taking part in a 24-hour Instagram “freeze” on Wednesday to protest against what they say is parent company Facebook’s failure to tackle violent and hateful content and election misinformation.
They were among the high profile names lending their backing to the “#StopHateforProfit” movement’s latest campaign. The movement asks people to put up a message highlighting what they called the damage Facebook does but otherwise refrain from posting on Instagram for a day.
“I can’t sit by and stay silent while these platforms continue to allow the spreading of hate, propaganda and misinformation – created by groups to sow division and split America apart – only to take steps after people are killed,” Kardashian West posted on her Instagram account on Tuesday.
Facebook declined to comment but pointed to recent announcements about what it’s doing to limit the reach on its platform of groups that support violence and its efforts to protect the U.S. election in November.  
With 188 million followers, Kardashian West is one of the most influential people on Instagram and support from her and other big names for the boycott saw Facebook shares slide in aftermarket trading late Tuesday. They were down 1.3% ahead of the market open on Wednesday.
The organizers behind “#StopHateforProfit,” including civil rights groups such as the Anti-Defamation League, the NAACP and Color Of Change, had previously led a campaign that got hundreds of companies and groups to join a Facebook advertising boycott in July.  
Ashton Kutcher, Mark Ruffalo, Kerry Washington, Rosario Dawson, Jamie Foxx and Sacha Baron Cohen were among at least two dozen other Hollywood stars supporting the campaign, the organizers said.  
DiCaprio said he was standing with the civil rights groups to call “on all users of Instagram and Facebook to protest the amplification of hate, racism, and the undermining of democracy on those platforms.”  
Social media companies, led by Facebook, are facing a reckoning over what critics call indefensible excuses for amplifying divisions, hate and misinformation on their platforms.
…

Two Boeing 737 MAX crashes that killed all 346 passengers and crew aboard were the “horrific culmination” of failures by the planemaker and Federal Aviation Administration (FAA), a U.S. House panel concluded after an 18-month investigation.
The crashes “were not the result of a singular failure, technical mistake, or mismanaged event,” the House Transportation and Infrastructure Committee’s Democratic majority said in its highly critical report released on Wednesday.
“They were the horrific culmination of a series of faulty technical assumptions by Boeing’s engineers, a lack of transparency on the part of Boeing’s management, and grossly insufficient oversight by the FAA.”
The 737 MAX was grounded in March 2019 after the crash of Ethiopian Airlines Flight 302 near Addis Ababa which killed all 157 aboard.
In October 2018, a Lion Air 737 MAX had crashed in Indonesia killing all 189 on board.
“Boeing failed in its design and development of the MAX, and the FAA failed in its oversight of Boeing and its certification of the aircraft,” the report said, detailing a series of problems in the plane’s design and the FAA’s approval of it.
Boeing said it “learned many hard lessons as a company from the accidents … and from the mistakes we have made.”
It said it had cooperated fully with the House committee and that revised design work on the 737 MAX had received intensive internal and external review involving more than 375,000 engineering and testing hours and 1,300 test flights.
The FAA said in a statement it would work with lawmakers “to implement improvements identified in its report.”
It added it was “focused on advancing overall aviation safety by improving our organization, processes, and culture.”
The report said Boeing made “faulty design and performance assumptions” especially regarding a key safety system, called MCAS, which was linked to both the Lion Air and Ethiopian Airlines crashes.
MCAS, which was designed to help counter a tendency of the MAX to pitch up, could be activated after data from only a single sensor.
The FAA is requiring new safeguards to MCAS, including requiring it receive data from two sensors, before it allows the 737 MAX to return to service.
The report criticized Boeing for withholding “crucial information from the FAA, its customers, and 737 MAX pilots” including “concealing the very existence of MCAS from 737 MAX pilots.”
The FAA “failed to ensure the safety of the traveling public,” the report said.
Lawmakers have proposed numerous reforms to restructure how the FAA oversees aircraft certification. A Senate committee will take up a reform bill Wednesday.
Lawmakers suggested Boeing was motivated to cut costs and move quickly to get the 737 MAX to market.
“This is a tragedy that never should have happened,” House Transportation Committee Chairman Peter DeFazio told reporters.
“We’re going to take steps in our legislation to see that it never happens again as we reform the system.”
…

U.S. Secretary of State Mike Pompeo said on Tuesday he is confident there will be effective 5G competitors to China’s Huawei from Western vendors at comparable costs, adding that he believes Western technologies will come to dominate telecommunications.
“I am confident that there will be a cost-effective deliverables from Western trusted vendors that can deliver the same services, or better services, at comparative cost,” Pompeo said during an Atlantic Council event.
In what some observers have compared to the Cold War arms race, the United States is worried 5G dominance would give China an advantage Washington is not ready to accept.
With U.S.-China relations at their worst in decades, Washington has been pushing governments around to world to squeeze out Huawei Technologies Co, arguing that the firm would hand over data to the Chinese government for spying.
Huawei, founded in 1987 by a former engineer in China’s People’s Liberation Army, denies it spies for Beijing and says the United States is trying to smear it because Western firms are falling behind in 5G technology.
Pompeo said countries had come to recognize the costs of putting “untrusted” vendors in their systems.
“Over time, I think the world will come to recognize that’s not the right path and you will see Western technologies that are verifiable, trustworthy and transparent come to dominate the telecommunications markets,” he said.
5G, which will offer much faster data speeds and become the foundation of many industries and networks, is seen as one of the biggest innovations since the birth of the internet itself a generation ago.
…

Starting Sept. 15, China’s telecom giant Huawei — once a symbol of Chinese technology prowess — will be cut off from essential supplies of semiconductors. Without those chips, Huawei cannot make the smartphones or 5G equipment on which its business depends, business analysts say.The sanctions against one of China’s most successful technology companies were announced in August, when the United States introduced a new set of rules that prohibit foreign chipmakers that rely on U.S. technology from selling any chips to Huawei without first obtaining a special license.In recent weeks, suppliers from South Korea and Taiwan have all indicated they will comply with the sanctions and cease their supply of semiconductors to Huawei on Tuesday, the day the new moves against the Chinese company comes into force.“Unfortunately, in the second round of U.S. sanctions, our chip producers only accepted orders until May 15. Production of the chip will stop on Sept. 15,” Richard Yu, chief executive of Huawei’s consumer business, said last month. “Because there is no Chinese chip manufacturing industry to support, Huawei is faced with the problem of no chips.”Richard Yu, CEO of Huawei Technologies Consumer Business Group, holds a Huawei Mate Xs foldable smartphone, as he talks to the audience during Huawei stream product launch event in Barcelona, Spain, Feb. 24, 2020.MicrochipsFor all of China’s efforts to become a global leader in high-technology, the factory of the world is yet not able to manufacture top-level contenders in one crucial area — the microchip, the nervous system that runs just about every electronic device.An important mark of a microchip’s level of sophistication is how many transistors can be placed on its surface. The smaller the size, measured in nanometers, the more advanced the microchip.China’s best manufacturing process is believed to be able to make 14-nanometer microchips, which are several generations behind Samsung and Taiwan Semiconductor Manufacturing Company (TSMC). Samsung reached this standard in 2014. TSMC, the world’s largest contract chipmaker, is already making 5-nanometer chips.Kunpeng 920 chipset is on display at Huawei’s booth during the 2020 China International Fair for Trade in Services (CIFTIS) in Beijing, Sept. 4, 2020.While some of the most advanced semiconductor manufacturers are based outside the U.S., the industry is heavily dependent upon U.S. suppliers to provide everything from design software to manufacturing equipment.Washington first placed Huawei on a trade blacklist in May 2019, citing national security concerns. However, this ban did not include most foreign-produced chips. In May, the U.S. extended the ban to cut off Huawei from its non-American suppliers, which affects China’s own semiconductor companies whose market is in China.Early last month, China’s leading chipmaker, Semiconductor Manufacturing International Corporation (SMIC), indicated it will abide by the U.S. rules and stop selling chips to Huawei. Like all of the semiconductor foundries, SMIC relies on U.S.-based companies to obtain key production equipment.”The dominance of U.S.-origin technology in upstream sectors of the global semiconductor supply chain means that Chinese ICT (Information and Communication Technologies) firms across the board are exposed to U.S. export controls, regardless of what happens to SMIC or Huawei as individual companies,” John Lee, a senior analyst at the Mercator Institute for China Studies (MERICS), told VOA.China’s failed attemptsBeijing has a long history of angst about the country’s dependence on foreign semiconductors. Its strategic planning related to this key industry dates back to the 1950s, when the State Council convened a group of scientists to develop an “Outline for Science and Technology Development, 1956–1967,” which identified semiconductor technology as a “key priority.”In recent decades, from the “531 Development Plan” launched in 1986 to the multibillion-dollar National Integrated Circuit Industry Investment Fund that was explicitly established for the chip sector in 2014, the country has poured considerable state resources into its semiconductor aspirations.A report released in July 2019 by U.S. International Trade Commission said the fund, along with provincial and municipal Integrated Circuit-related funds, are well on their way to reaching the goal of $150 billion.James Andrew Lewis, senior vice president and director of the Technology Policy Program at CSIS, told CNBC last week that China might outspend the U.S. “1,000 to 1″ when it comes to investing in semiconductors.In 2016, China’s President Xi Jinping noted, “The fact that core technology is controlled by others is our greatest hidden danger.”Xi emphasized the point again last Friday when chairing a symposium of scientists on the development of science and technology during the 14th Five-Year Plan (2021-2025) period.“Some key core technologies are subject to others,” he said.Last week, in response to the new U.S. restrictions on Huawei, China announced a sweeping new set of government policies to expand its domestic semiconductor industry by providing extensive support for the next generation of semiconductors in the 14th Five-Year Plan.In hopes that key technologies from the foreign firms will get transferred to Chinese companies, Beijing has also encouraged U.S. chipmakers to form joint ventures with domestic firms. According to MERICS, the think tank based in Germany, China’s quest for foreign technology at times even targets entire industries.A visitor is seen at a Huawei P40 Pro+ stand at the IFA consumer technology fair in Berlin, Germany, Sept. 3, 2020.“Almost all of the large semiconductor enterprises in the United States have received investment offers from Chinese state actors,” a research report by MERICS said.On the other hand, Douglas Fuller, a professor at City University of Hong Kong who studies the technology industry, said China should not be viewed as a failure.”There are only four firms ahead of SMIC in foundry services — two from Taiwan (TSMC and UMC), Korea’s Samsung, and U.S./UAE’s GloFo,” Fuller told VOA in an email.As for mass manufacturing, there are only two places with the leading technology —- TSMC in Taiwan and Samsung in Korea, he said.”Intel is even playing catch-up. Thus, other than Taiwan and Korea, the whole rest of the world is behind the cutting edge of manufacturing tech in this industry, including the U.S., Japan, Israel and all of Europe,” said Fuller.Will Huawei survive?It remains unclear where Huawei will be able to buy its chips. Taiwanese chipmaker MediaTek said last month it had applied to the U.S. government for permission to continue supplying Huawei after new U.S. rules take effect. In the meantime, Huawei has reportedly stockpiled up to two years’ worth of silicon to keep its business running.”In the short term, it is difficult to see any effective options available to Chinese firms targeted by U.S. export controls on semiconductors,” said Lee, whose research focuses on the rise of Chinese digital technology.As for the future, analysts say the U.S. will unlikely be able to stop China from making basic semiconductors. Given enough time, the country’s vast consumer market for electronics and decades of investment will eventually make it a chip producer.”In the medium to long term, China will probably be able to substitute U.S. technology and develop a complete domestic semiconductor supply chain (though whether it can catch up to foreign firms at the technological cutting edge is another issue).” Lee said in an email.James Lewis, director of the Technology Policy Program at the Center for Strategic and International Studies (CSIS), wrote in May that Huawei has been harmed by the U.S. effort, “but the Chinese government will not allow it to collapse — Huawei is too important.” 
…

Some people stuck inside during coronavirus lockdown are playing video games. In the Democratic Republic of Congo, entrepreneurs are catering to young people who want to share the gaming experience. From Kinshasa, Anasthasie Tudieshe has the story.
…

ByteDance, the Chinese company behind the wildly popular video sharing app TikTok, has rejected Microsoft’s bid to buy the app and appears to be leaning toward a deal with investors led by Oracle.  The Trump administration has given ByteDance until September 20 to make a deal or stop operating inside the U.S.  On Sunday, the Microsoft’s corporate headquarters in Redmond, Washington. (Photo: Diaa Bekheet)In a statement, Microsoft said its proposal “would have been good for TikTok’s users, while protecting national security interests. To do this, we would have made significant changes to ensure the service met the highest standards for security, privacy, online safety, and combatting disinformation.”The fate of TikTok in the U.S. hangs in the balance as it approaches the Trump administration deadline. In recent months, the video app has become a focus of U.S.-China tensions with the administration accusing the company of being answerable to the Chinese government, a claim that TikTok has denied. In August, President Donald Trump issued an executive order banning TikTok and WeChat, the Chinese messaging app. But even with security concerns about TikTok, Americans have continued to download the app. By end of first quarter 2020, TikTok saw more than 300 million downloads in the U.S., according to Go.Verizon’s data.  Microsoft together with Walmart pursued a deal with ByteDance. A second group of investors led by Oracle emerged as a possible bidder. Oracle is one of the few Silicon Valley firms with top executives who have held fundraisers for President Trump. As the negotiations progressed, the Chinese government changed its export rules stopping TikTok from selling its valuable recommendation algorithm, dubbed “For You,” which queued up the next video for a user to watch. It’s unclear if any deal with Oracle would involve the algorithm. 
…

The same Russian military intelligence outfit that hacked the Democrats in 2016 has renewed vigorous U.S. election-related targeting, trying to breach computers at more than 200 organizations including political campaigns and their consultants, Microsoft said Thursday.The intrusion attempts reflect a stepped-up effort to infiltrate the U.S. political establishment, the company said.”What we’ve seen is consistent with previous attack patterns that not only target candidates and campaign staffers but also those who they consult on key issues,” Tom Burt, a Microsoft vice president, said in a blog post. U.K. and European political groups were also probed, he added.Most of the hacking attempts by Russian, Chinese and Iranian agents were halted by Microsoft security software and the targets notified, he said. The company would not comment on who may have been successfully hacked or the impact.Although U.S. intelligence officials said last month that the Russians favor President Donald Trump and the Chinese prefer his Democratic challenger, former Vice President Joe Biden, Microsoft noted Thursday that Chinese state-backed hackers have targeted “high profile individuals associated with the election,” including people associated with the Biden campaign.China’s hackers largely gather intelligence for economic and political advantage, while Russia tends to weaponize stolen data to destabilize other governments.Microsoft did not assess which foreign adversary poses the greater threat to the integrity of the November presidential election. The consensus among cybersecurity experts is that Russian interference is the gravest. Senior Trump administration officials have disputed that, although without offering any evidence.”This is the actor from 2016, potentially conducting business as usual,” said John Hultquist, director of intelligence analysis at the cybersecurity firm FireEye. “We believe that Russian military intelligence continues to pose the greatest threat to the democratic process.”Fancy BearThe Microsoft post shows that Russian military intelligence continues to pursue election-related targets undeterred by U.S indictments, sanctions and other countermeasures, Hultquist said. It interfered in the 2016 campaign seeking to benefit the Trump campaign by hacking the Democratic National Committee and emails of John Podesta, the campaign manager for Hillary Clinton, and dumping embarrassing material online, congressional and FBI investigators have found.The same GRU military intelligence unit, known as Fancy Bear, that Microsoft identifies as being behind the current election-related activity also broke into voter registration databases in at least three states in 2016, though there is no evidence it tried to interfere with voting.Microsoft, which has visibility into these efforts because its software is both ubiquitous and highly rated for security, did not address whether U.S. officials who manage elections or operate voting systems have been targeted by state-backed hackers this year. U.S. intelligence officials say they have so far seen no evidence of infiltrations.Thomas Rid, a Johns Hopkins University geopolitics expert, said he was disappointed by Microsoft’s refusal to differentiate threat level by state actor.”They’re lumping in actors that operate in a very different fashion, probably to make this sound more bipartisan,” he said. “I just don’t understand why.”Microsoft said in the past year it has observed attempts by Fancy Bear to break into the accounts of people directly and indirectly affiliated with the U.S. election, including consultants serving Republican and Democratic campaigns and national and state party organizations — more than 200 groups in all.Also targeted was the center-right European People’s Party, the largest grouping in the European Parliament. A party spokesperson said the hacking attempts were unsuccessful. The German Marshall Fund of the United States, a think tank, was another target. A spokesperson said there was no evidence of intrusion.Hurricane PandaMicrosoft did not say whether Russian hackers had attempted to break into the Biden campaign but did say that Chinese hackers from the state-backed group known as Hurricane Panda “appears to have indirectly and unsuccessfully” targeted the Biden campaign through non-campaign email accounts belonging to people affiliated with it.The Biden campaign did not confirm the attempt, although it said in a statement that it was aware of the Microsoft report.Iranian state-backed hackers unsuccessfully tried to log into accounts of Trump campaign and administration officials between May and June of this year, the blog said.”We are a large target, so it is not surprising to see malicious activity directed at the campaign or our staff,” Trump campaign deputy press secretary Thea McDonald said. She declined further comment.Tim Murtaugh, the campaign’s communications director, said: “President Trump will beat Joe Biden fair and square and we don’t need or want any foreign interference.”In June, Google disclosed that Hurricane Panda had targeted Trump campaign staffers while Iranian hackers tried to breach accounts of Biden campaign workers. Such phishing attempts typically involve forged emails with links designed to harvest passwords or infect devices with malware.Although both Attorney General William Barr and National Security Adviser Robert O’Brien have said China represents the greatest threat to U.S. elections, Microsoft’s only mention of a Trump administration official targeted by Chinese hackers is “at least one prominent individual formerly associated” with the administration.Disinformation campaignsGraham Brookie, director of digital forensic research at The Atlantic Council, disputes the claim made by Barr and O’Brien that China poses the greater threat to this year’s election. Brookie’s lab is at the forefront of unearthing and publicizing Russian disinformation campaigns.Brookie confirmed that his employer was among targets of Hurricane Panda but said there was no evidence the hacking attempts, which he said were unsuccessful, had anything to do with the 2020 election.”We have every indication that this was an instance of cyber-espionage, information gathering, as opposed to electoral interference,” he said.By contrast, Brookie said, “it’s pretty evident that the Russian attempts (Microsoft disclosed) were focused on electoral processes and groups working on that.”Microsoft noted a shift toward greater automation in Fancy Bear methods for trying to steal people’s log-in credentials, which previously largely relied on phishing. In recent months, the group has employed so-called brute-force attacks that barrage an account login with short rapid bursts of potential passwords. It has also used a different method that makes only intermittent login attempts to avoid detection.Fancy Bear has also stepped up its use of the Tor anonymizing service to hide its hacking, Microsoft said.  
…

Bingo is back, this time among millennials and Gen Zers. To stave off boredom caused by the coronavirus quarantine and connect with others, millions of global millennials and Gen Zers are issuing challenges to each other on social media.  Challenges have gotten so popular that social media giant Instagram added a “challenge” story sticker to make it easier for users to create their own or nominate others.  Challenges and tags flooding social media range from drawing random oranges and tagging friends, to perfecting 15-second dances on TikTok to keep people busy, connected and entertained.  Here are some of the biggest social media trends and challenges that have gone viral.Bingo  People are making bingos about everything, whether it’s a university, zodiac sign or ethnicity. Bingo questions usually follow a “never have I ever” format that users cross off until they eliminate all the spaces on a card to make bingo. Users tag friends and post to their social media. (Courtesy of @eggtaurus via Instagram)Workout challenges The rules are simple: Film yourself doing 10 or more pushups and tag as many people as you want to challenge them to do the same. The first was the #see10do10 pushup challenge. Workout challenges include the plank challenge, the (Courtesy of Madeline Joung)Drawing challenge  Users draw digital paintings of random objects on Instagram and tag their friends to continue the chain.  Toilet paper challenge  This challenge is popular among pet owners, seeing how many stacks of toilet paper a pet can jump over, leaping over several stacks or sometimes crashing through a wall of toilet paper. 
…

A teacher in Nigeria is offering free mathematics classes via Twitter, WhatsApp and Instagram to help struggling students affected by the coronavirus lockdown. After almost six months, more than 1,000 students are taking her online classes, across Nigeria and even internationally. VOA’s Mariama Diallo reports.
…

China’s foreign minister announced Tuesday the start of a global data security initiative, outlining principles that should be followed in areas ranging from personal information to espionage.Wang Yi announced the initiative in a video as part of conference on international cooperation. The initiative comes as the U.S. continues to put pressure on China’s largest technology companies and tries to convince countries around the world to block them.  China’s initiative has eight key points including not using technology to impair other countries’ critical infrastructure or steal data and making sure service providers don’t install backdoors in their products and illegally obtain user data.Wang, speaking in Beijing, also said the initiative seeks an end to activities that “infringe upon personal information” and opposes using technology to conduct mass surveillance against other states.The initiative says companies should also respect the laws of host countries and stop coercing domestic firms to store data generated overseas in their own territory.  U.S. Secretary of State Mike Pompeo last month unveiled the “Clean Network” program, saying it is aimed at protecting citizen privacy and sensitive information from “malign actors, such as the Chinese Communist Party.”  Many points of the initiative appear to address some of those accusations.  In an apparent reference to Pompeo’s comments, Zhao said,” China has always been broad and level, open and cooperative. If all countries, especially those intentionally smearing and slandering China with wild allegations, could make such a promise like China, it will be beneficial to the mutual trust and cooperation on digital security issues among all countries.”The U.S. has accused China’s technology companies of posing national security threats by collecting user data and sending it back to Beijing. Companies, including Huawei and ByteDance, have denied those allegations.It is unclear if any other countries have signed on to China’s initiative and how it will be implemented and policed. 
…

Facebook announced Saturday that it had obeyed a Brazilian judge’s order for a worldwide block on the accounts of 12 of President Jair Bolsonaro’s supporters who are under investigation for allegedly running a fake news network.Supreme Court Justice Alexandre de Moraes said Friday night that the company had failed to fully comply with a previous ruling ordering the accounts to be shut down, saying they were still online and publishing by changing their registration to locations outside Brazil.Facebook issued a statement saying it had complied because of the threat of criminal liability for an employee in Brazil.But it called the new order “extreme,” saying it posed a “threat to freedom of expression outside of Brazil’s jurisdiction and conflicting with laws and jurisdictions worldwide.” The company said it would appeal to the full court.Facebook also argued it had complied with the previous order by “restricting the ability for the target Pages and Profiles to be seen from IP locations in Brazil.””People from IP locations in Brazil were not capable of seeing these Pages and Profiles even if the targets had changed their IP location,” the company said.Moraes said that Facebook ought to pay $ 367,000 in penalties for not complying with his previous decision during the last eight days.He also had ruled Twitter should block the accounts. While Twitter said then that the decision was disproportionate under Brazil’s freedom of speech rules and that it would appeal, the targeted profiles were disabled.Moraes is overseeing a controversial investigation to determine whether some of Bolsonaro’s most ardent allies are running a social media network aimed at spreading threats and fake news against Supreme Court justices.The probe is one of the main points of confrontation between Bolsonaro and the Supreme Court.The president himself filed a lawsuit last week demanding the accounts to be unblocked.
…