The Wiretap: The Worrying Rise Of ‘Violence-As-A-Service'

Forbes

29-04-2025

The Wiretap is your weekly digest of cybersecurity, internet privacy and surveillance news. To get it in your inbox, subscribe here.
getty
As if there wasn't enough to worry about concerning children and teenagers being targeted online, this week Europol warned that youngsters are being recruited by organized criminal groups to carry out 'violence-as-a-service' According to the agency, this involves ' outsourcing of violent acts to criminal service providers' by 'vulnerable young people being groomed or coerced into doing so.'
Cybersecurity company Trend Micro also put out research on this front. It found that there are detailed online forums in Russia where criminals were offering to carry out physical attacks for the highest bidder. In one post, a user offered to commit 'grievous bodily harm' for $5,000. 'Torture with extortion of information' was on offer for $6,000 a day. Arson of a target's apartment was offered at $10,000.
The problem has become bad enough that on Tuesday, Europol announced a taskforce to deal with the crime and published advice for parents on how to keep an eye out for signs a child is being targeted by a criminal network. Among the signs to look out for? The use of encrypted messaging apps and a surprisingly healthy cash flow. There may be benign explanations for these but if you don't know how your teen is making money, it's probably a good idea to talk to them about it.
Got a tip on surveillance or cybercrime? Get me on Signal at +1 929-512-7964.
getty
Researchers at Israeli cybersecurity startup Oligo revealed vulnerabilities in Apple's AirPlay could be used to install malware on connected devices, Wired reports. Dubbing their attacks AirBorne, the researchers showed how they could target the software development kit (SDK) used by third-party devices to work with AirPlay so they could hijack devices like speakers or smart TVs.
Apple has patched weaknesses that would've allowed attacks on its own AirPlay-enabled devices, though the company told Wired those bugs could have only been exploited if users had changed default settings. Hacks of connected devices could still be possible, however, meaning tens of millions of products may remain vulnerable.
Worried about your own phone? You can disable Airplay by going to settings on your iPhone and searching for it, then turn Automatically AirPlay to 'Never.'
Researchers at the University of Toronto's Citizen Lab found malware masquerading as an open source word processing and spell check app for the Uyghur language. Senior members of the World Uyghur Congress living in exile were among the targets.
British retail giant Marks & Spencer has been hit by a cyberattack that's downed its online payments for five days, with a ransomware group known as Scattered Spider reportedly linked to the hack.
Google put out a report on Tuesday showing how zero-day attacks (which hit previously-unknown and unpatched vulnerabilities) targeting mobile devices had gone down. Zero-day exploitation of mobile devices fell by about 50% compared to this time last year, though Google did warn that it expected to see overall zero-day attacks rise steadily over the next 12 months. That's because 'the average trendline indicates that the rate of zero-day exploitation continues to grow at a slow but steady pace,' Google's researchers wrote.
TechCrunch reports on two breaches in the healthcare industry this week. One was at the largest healthcare system Yale New Haven Health, which appeared to have been hit by ransomware, potentially affecting more than 5.5 million people. The other was at insurance giant Blue Health said it had been sharing patients' private health information with Google for years because of a misconfiguration.