Latest news with #Stern
WIRED
a day ago
- Politics
- WIRED
A Hacker May Have Deepfaked Trump's Chief of Staff in a Phishing Campaign
Andy Greenberg Matt Burgess Lily Hay Newman May 30, 2025 2:42 PM Plus: An Iranian man pleads guilty to a Baltimore ransomware attack, Russia's nuclear blueprints get leaked, a Texas sheriff uses license plate readers to track a woman who got an abortion, and more. Photo-Illustration: Wired Staff;For years, a mysterious figure who goes by the handle Stern led the Trickbot ransomware gang and evaded identification—even as other members of the group were outed in leaks and unmasked. This week German authorities revealed, without much fanfare, who they believe that enigmatic hacker kingpin to be: Vitaly Nikolaevich Kovalev, a 36-year-old Russian man who remains at large in his home country. Closer to home, WIRED revealed that Customs and Border Protection has mouth-swabbed 133,000 migrant children and teenagers to collect their DNA and uploaded their genetic data into a national criminal database used by local, state, and federal law enforcement. As the Trump administration's migrant crackdown continues, often justified through invocations of crime and terrorism, WIRED also uncovered evidence that ties a Swedish far-right mixed-martial-arts tournament to an American neo-Nazi 'fight club' based in California. For those seeking to evade the US government surveillance, we offered tips about more private alternatives to US-based web browsing, email, and search tools. And we assembled a more general guide to protecting yourself from surveillance and hacking, based on questions our senior writer Matt Burgess received in a Reddit Ask Me Anything. But that's not all. Each week, we round up the security and privacy news we didn't cover in depth ourselves. Click the headlines to read the full stories. And stay safe out there. The FBI is investigating who impersonated Susie Wiles, the Trump White House's chief of staff and one of the president's closest advisors, in a series of fraudulent messages and calls to high-profile Republican political figures and business executives, the Wall Street Journal reported. Government officials and authorities involved in the probe say the spear phishing messages and calls appear to have targeted individuals on Wiles' contact list, and Wiles has reportedly told colleagues that her personal phone was hacked to gain access to those contacts. Despite Wiles' reported claim of having her device hacked, it remains unconfirmed whether this was actually how attackers identified Wiles' associates. It would also be possible to assemble such a target list from a combination of publicly available information and data sold by gray market brokers. 'It's an embarrassing level of security awareness. You cannot convince me they actually did their security trainings,' says Jake Williams, a former NSA hacker and vice president of research and development at Hunter Strategy. 'This is the type of garden variety social engineering that everyone can end up dealing with these days and certainly top government officials should be expecting it.' In some cases, the targets received not just text messages but phone calls that impersonated Wiles' voice, and some government officials believe the calls may have used artificial intelligence tools to fake Wiles' voice. If so, that would make the incident one of the most significant cases yet of so-called 'deepfake' software being used in a phishing attempt. It's not yet clear how Wiles' phone might have been hacked, but the FBI has ruled out that a foreign nation is involved in the impersonation campaign, the Bureau reportedly told White House officials. In fact, while some of the impersonation attempts appeared to have political goals—a member of Congress, for instance, was asked to assemble a list of people Trump might pardon—in at least one other case the impersonator tried to trick a target into setting up a cash transfer. That attempt at a money grab suggests that the spoofing campaign may be less of an espionage operation than a run-of-the-mill cybercriminal fraud scheme, albeit one with a very high-level target. 'There's an argument here for using something like Signal—yes, the irony—or another messaging platform that offers an independent form of authentication if users want to validate who they're talking to,' Hunter Strategy's Williams says. "The key thing as always is for government officials to be using vetted tools and following all federally mandated protocols rather than just winging it on their own devices." Iranian Man Behind Baltimore Ransomware Attack Pleads Guilty The 2019 ransomware attack against the city government of Baltimore represents one of the worst municipal cybersecurity disasters on record, paralyzing city services for months and costing taxpayers tens of millions of dollars. Now the Department of Justice has unexpectedly revealed that it arrested one of the hackers behind that attack, 37-year-old Sina Gholinejad, in North Carolina last January, and that he's pleaded guilty in court. Gholinejad has admitted to being involved in the larger Robbinhood ransomware campaign that hit other targets including the cities of Greenville, North Carolina and Yonkers, New York. It's still far from clear how Gholinejad was identified or why he traveled from Iran to the US, given that most ransomware criminals are careful to remain in countries that don't have extradition agreements with the US government and are thus beyond US law enforcement's reach. Indeed, the indictment against him names several unnamed co-conspirators who may be still at large in Iran. Russia's Nuclear Blueprints Exposed in Huge Document Leak More than two million documents left exposed in a public database have revealed Russia's nuclear weapons facilities in unprecedented levels of detail, according to reporting this week by Danish media outlet Danwatch and Germany's Der Spiegel. Reporters examined the huge trove of documents relating to Russian military procurement—as Russian authorities slowly restricted access—and found blueprints for nuclear facilities across the country. Experts called the leak an unparalleled breach of Russia's nuclear security, with the data potentially being incredibly useful for foreign governments and intelligence services. The documents show how Russia's nuclear facilities have been rebuilt in recent years, where new facilities have been created, detailed site plans including the locations of barracks and watchtowers, and the locations of underground tunnels connecting buildings together. There are descriptions of IT systems and security systems, including information on surveillance cameras, electric fences being used, and the alarm systems in place. 'It's written explicitly where the control rooms are located, and which buildings are connected to each other via underground tunnels,' Danwatch reports. Cops Used License Plate Recognition Cameras in Search for Woman Who Got an Abortion License plate recognition cameras are creating huge databases of people's movements across America—capturing where and when cars are traveling. For years there have been concerns that the cameras could be weaponized by law enforcement officials or private investigators and turned against those seeking abortions or providing abortion related care. Officials from Johnson County Sheriff's Office in Texas—where nearly all abortions are illegal—searched 83,000 Flock license plate reader cameras at the start of this month while looking for a woman they claim had a self-administered abortion, 404 Media reported this week. Sheriff Adam King said that the officials weren't trying to 'block her from leaving the state' and were searching for the woman as her family were concerned about her safety. However, experts say that conducting a search across the entire United States shows the sprawling dragnet of license plate reader cameras and highlights how those seeking abortions can be tracked. 'The idea that the police are actively tracking the location of women they believe have had self administered abortions under the guise of 'safety' does not make me feel any better about this kind of surveillance,' Eva Galperin, director of cybersecurity at the Electronic Frontier Foundation told 404 Media. Investment Scam Company Linked to $200 Million in Losses Sanctioned by US Government Philippines-based company Funnull Technology Inc and its boss Liu Lizhi have been sanctioned by the Department of the Treasury's Office of Foreign Assets Control (OFAC) for their links to investment and romance scams, which are often referred to as 'pig butchering' scams. 'Funnull has directly facilitated several of these schemes, resulting in over $200 million in U.S. victim-reported losses,' OFAC said in a statement announcing the sanctions. The company purchases IP addresses from major cloud service providers and then sells them to cybercriminals who could use them to host scam websites—OFAC says Fullnull is 'linked to the majority' of investment scam websites reported to the FBI. In January independent cybersecurity journalist Brian Krebs detailed how Fullnull was abusing Amazon and Microsoft's cloud services.
WIRED
a day ago
- Politics
- WIRED
Cops in Germany Claim They've ID'd the Mysterious Trickbot Ransomware Kingpin
Matt Burgess Lily Hay Newman May 30, 2025 9:22 AM The elusive boss of the Trickbot and Conti cybercriminal groups has been known only as 'Stern.' Now, German law enforcement has published his alleged identity—and it's a familiar face. Photograph:For years, members of the Russian cybercrime cartel Trickbot unleashed a relentless hacking spree on the world. The group attacked thousands of victims, including businesses, schools, and hospitals. 'Fuck clinics in the usa this week,' one member wrote in internal Trickbot messages in 2020 about a list of 428 hospitals to target. Orchestrated by an enigmatic leader using the online moniker 'Stern,' the group of around 100 cybercriminals stole hundreds of millions of dollars over the course of roughly six years. Despite a wave of law enforcement disruptions and a damaging leak of more than 60,000 internal chat messages from Trickbot and the closely associated counterpart group Conti, the identity of Stern has remained a mystery. Last week, though, Germany's federal police agency, the Bundeskriminalamt or BKA, and local prosecutors alleged that Stern's real-world name is Vitaly Nikolaevich Kovalev, a 36-year-old, 5'11' Russian man who cops believe is in his home country and thus shielded from potential extradition. A recently issued Interpol red notice says that Kovalev is wanted by Germany for allegedly being the 'ringleader' of a 'criminal organisation.' 'Stern's naming is a significant event that bridges gaps in our understanding of Trickbot—one of the most notorious transnational cybercriminal groups to ever exist,' says Alexander Leslie, a threat intelligence analyst at the security firm Recorded Future. 'As Trickbot's 'big boss' and one of the most noteworthy figures in the Russian cybercriminal underground, Stern remained an elusive character, and his real name was taboo for years.' Stern has notably seemed to be absent from multiple rounds of Western sanctions and indictments in recent years calling out alleged Trickbot and Conti members. Leslie and other researchers have long speculated to WIRED that global law enforcement may have strategically withheld Stern's alleged identity as part of ongoing investigations. Kovalev is suspected of being the 'founder' of Trickbot and allegedly used the Stern moniker, the BKA said in an online announcement. 'It has long been assumed, based on numerous indications, that 'stern' is in fact 'Kovalev',' a BKA spokesperson says in written responses to questions from WIRED. They add that, 'The investigating authorities involved in Operation Endgame were only able to identify the actor stern as 'Kovalev' during their investigation this year,' referring to a multi-year international effort to identify and disrupt cybercriminal infrastructure, known as Operation Endgame. The BKA spokesperson also notes in written statements to WIRED that information obtained through a 2023 investigation into the Qakbot malware as well as analysis of the leaked Trickbot and Conti chats from 2022 were 'helpful' in making the attribution. They added, too, that the 'assessment is also shared by international partners.' The German announcement is the first time that officials from any government have publicly alleged an identity for a suspect behind the Stern moniker. As part of Operation Endgame, BKA's Stern attribution inherently comes in the context of a multinational law enforcement collaboration. But unlike in other Trickbot and Conti-related attributions, other countries have not publicly concurred with BKA's Stern identification thus far. Europol, the US Department of Justice, the US Treasury, and the UK's Foreign, Commonwealth & Development Office did not immediately respond to WIRED's requests for comment. Several cybersecurity researchers who have tracked Trickbot extensively tell WIRED they were unaware of the announcement. An anonymous account on the social media platform X recently claimed that Kovalev used the Stern handle and published alleged details about him. WIRED messaged multiple accounts that supposedly belong to Kovalev, according to the X account and a database of hacked and leaked records compiled by District 4 Labs but received no response. Meanwhile, Kovalev's name and face may already be surprisingly familiar to those who have been following recent Trickbot revelations. This is because Kovalev was jointly sanctioned by the United States and United Kingdom in early 2023 for his alleged involvement as a senior member in Trickbot. He was also charged in the US at the time with hacking linked to bank fraud allegedly committed in 2010. The US added him to its most wanted list. In all of this activity, though, the US and UK linked Kovalev to the online handles 'ben' and 'Bentley.' The 2023 sanctions did not mention a connection to the Stern handle. And, in fact, Kovalev's 2023 indictment was mainly noteworthy because his use of 'Bentley' as a handle was determined to be 'historic' and distinct from that of another key Trickbot member who also went by 'Bentley.' The Trickbot ransomware group first emerged around 2016, after its members moved from the Dyre malware that was disrupted by Russian authorities. Over the course of its lifespan, the Trickbot group—which used its namesake malware, alongside other ransomware variants such as Ryuk, IcedID, and Diavol—increasingly overlapped in operations and personnel with the Conti gang. In early 2022, Conti published a statement backing Russia's full-scale invasion of Ukraine, and a cybersecurity researcher who had infiltrated the groups leaked more than 60,000 messages from Trickbot and Conti members, revealing a huge trove of information about their day-to-day operations and structure. Stern acted like a 'CEO' of the Trickbot and Conti groups and ran them like a legitimate company, leaked chat messages analyzed by WIRED and security researchers show. 'Trickbot set the mold for the modern 'as-a-service' cybercriminal business model that was adopted by countless groups that followed,' Recorded Future's Leslie says. 'While there were certainly organized groups that preceded Trickbot, Stern oversaw a period of Russian cybercrime that was characterized by a high level of professionalization. This trend continues today, is reproduced worldwide, and is visible in most active groups on the dark web.' Stern's eminence within Russian cybercrime has been widely documented. The cryptocurrency tracing firm Chainalysis does not publicly name cybercriminal actors and declined to comment on BKA's identification, but the company emphasized that the Stern persona alone is one of the all-time most profitable ransomware actors it tracks. 'The investigation revealed that stern generated significant revenues from illegal activities, in particular in connection with ransomware,' the BKA spokesperson tells WIRED. Stern 'surrounds himself with very technical people, many of which he claims to have sometimes decades of experience, and he's willing to delegate substantial tasks to these experienced people whom he trusts,' says Keith Jarvis, a senior security researcher at cybersecurity firm Sophos' Counter Threat Unit. 'I think he's always probably lived in that organizational role.' Increasing evidence in recent years has indicated that Stern has at least some loose connections to Russia's intelligence apparatus, including its main security agency, the Federal Security Service (FSB). The Stern handle mentioned setting up an office for 'government topics' in July 2020, while researchers have seen other members of the Trickbot group say that Stern is likely the 'the link between us and the ranks/head of department type at FSB.' Stern's consistent presence was a significant contributor to Trickbot and Conti's effectiveness—as was the entity's ability to maintain strong operational security and remain hidden. As Sophos' Jarvis put it, 'I have no thoughts on the attribution as I've never heard a compelling story about Stern's identity from anyone prior to this announcement.'
Time of India
24-05-2025
- Politics
- Time of India
'US Army Will Begin...': Trump Makes Bombshell Announcement During West Point Address
India's Stern Message To Pak Ally Erdogan Amid 'Boycott Turkey' Chorus: Expect | Watch India on Thursday called out Turkey over its continued support to Pakistan. Ministry of External Affairs (MEA) spokesperson Randhir Jaiswal said India expects Turkey to "urge Pakistan to end its support to cross-border terrorism and take credible and verifiable actions against the terror ecosystem it has harboured for decades". India's message to Ankara comes amid widespread 'Boycott Turkey' campaign across the country. People from all walks of life, including fruit vendors, marble traders and even institutions have broken ties with Turkey over its continued support to Pakistan. Watch 6.7K views | 2 days ago
Elle
22-05-2025
- Entertainment
- Elle
Lisa Kudrow Met Her Future Husband, Michel Stern, When He Was Dating Her Roommate
Friends star Lisa Kudrow has been with her husband Michel Stern for 30 years, but they are very careful about what they share in public. The French advertising executive has mostly hung back and allowed his wife to take the spotlight, though he has been at her side during some key red carpet moments. They were photographed in 2005, at the premiere of her hit HBO's series The Comeback, at the 10th Annual Screen Actors Guild Awards, the 58th Emmy Awards, and other big events. Here's everything there is to know about Lisa Kudrow's husband, Michel Stern. Michel Stern is French and was born and raised there, per an interview Kudrow did with The New York Times in 1995. He worked in advertising and then expanded his career in the United States. Very little is known about him publicly, but he is apparently a fan of Friends, too. When the show had their reunion special in 2021, Kudrow said of seeing her old episodes with her husband: 'Michel and I started watching some of season 4, which I thought I had watched, it's as if I didn't. He enjoys them more than I do. Because I'm mortified with myself.' They first connected years before they started dating, as he was her roommate's boyfriend. 'I was living with [a] French girl, and he had just moved here, and they were dating when we first met. But I'm freakishly polite, so I saw him and went, 'Well, he's the perfect man, and it's all ruined because now they're together and I can't [make a play for him],'' said Kudrow, according to a 2015 report from The Daily Mail. 'I thought that that's not nice, to flirt. But the minute I saw him I went, 'Well, that's it, there he is.'' Stern and Kudrow's roommate broke up six months later, but she and Stern didn't reconnect for years. 'Six years later, I met him again at her birthday party, and we just never stopped [talking],' she explained. The couple got married in 1995. In May 2020, in an interview with Jimmy Kimmel Live, she explained they were celebrating their 25-year anniversary apart because of complications with lockdown. 'We were all together in the desert because we have a house there. And then there was the lock-in, so we just stayed put,' she shared. 'But that house needed then what happened was, it got to be hotter, as it does in the Palm Springs area, right? So, it was too hot for me.' She continued, 'We are so used to not actually being able to be together on our anniversary that we were like, 'Oh, well. Does it matter? I love you. You still love me? Yeah. Great. We're good.'' Stern and Kudrow have a son, Julian Murray, whom they welcomed in 1998. He graduated from the University of Southern California in 2021, which Kudrow celebrated online. She shared some adorable family snapshots on his most recent birthday, in which Stern can be seen holding him as a baby. Kudrow's pregnancy was famously written into the show, with her character Phoebe offering to be a surrogate for her brother Frank. In 2018, she told People that the cast was super supportive of her pregnancy. 'The six of us would do a huddle backstage and just say, 'All right, have a good show, love you love you love you love you,'' she said. 'And when I was pregnant, then they would say, 'Have a great show, love you love you love you, little Julian!' 'Cause we knew it was a boy, and that was his name.' Kudrow shared relationship advice with Glamour in a 2014 interview. 'When [Michel and I] decided to get married, we understood: We're not promising to love each other forever, because you can't do that, but we are promising to work on whatever problems come up,' she began. 'We're committed to our marriage working. It turns out, after you have a history, there's such a bond, and love takes another shape. But, oh, I don't want to jinx it—I'm superstitious!' She added, '[Michel and I] respect each other's independence, and I don't mean that as a euphemism. I don't mean relationship-wise outside the marriage. Clear? But I don't like to travel. So if he wants to go on a golf trip, he goes. I think people get in trouble [when they assume they're] supposed to be one unit, in sync about everything. [Marriage] is like being on a team. Each teammate is different, but you have the same goal.'
Los Angeles Times
21-05-2025
- Entertainment
- Los Angeles Times
After 25 years, Punk Rock Bowling still strikes hard with the spirit of rebellion
Brothers Shawn and Mark Stern were already veteran punk rockers when they first started Punk Rock Bowling 25 years ago. But they had no idea they were in the midst of a seminal moment by launching what would soon become one of the biggest, longest-running and most important annual events the genre has ever seen. While they might be best known for forming multiple L.A. punk bands (the biggest of which being Youth Brigade) starting in the late '70s, the Stern brothers were also responsible for BYO Records, 1984's 'Another State of Mind' tour documentary with Social Distortion, a short-lived but influential Hollywood punk house called Skinhead Manor and a host of other DIY punk rock undertakings. So when Andre Duguay, a BYO employee at the time, suggested the duo start a bowling league for SoCal punk rockers in the late '90s, it made too much sense for them to pass up. What started as a bowling night (at Santa Monica's now-defunct Bay Shore Lanes) for local bands, labels and zines eventually grew to a weekend of partying in Las Vegas for the Sterns' punk rock friends all over the region. Throughout the 2000s, the event remained primarily focused on bowling and debauchery over President's Day weekend, but 2010 brought it to a new location that contained a huge outdoor space, opening up the possibility for a full music festival and rapidly turning it into a Memorial Day staple for punk fans around the world. But no matter how big Punk Rock Bowling has gotten, Shawn Stern has always made sure it's kept its community-first ethos. 'We arrange [Punk Rock Bowling] as musicians first, so we look at this as, 'If I go see bands, I want to have a good time,'' Stern says from the dining table of his Venice Beach home. The Sterns set out to create something that was the antithesis of the big corporate festival, where everything's overpriced and it's super packed. 'They're not trying to make this a communal experience of having a good time and enjoying the music and the message,' he said. 'It goes back to pagan times when we'd get together for the harvest and feasting. Humans don't really need much reason to get together and party, and this is our alternative to religion.' Despite leaving Los Angeles for Sin City decades ago, Punk Rock Bowling maintains its SoCal roots year after year. Not only is Mark Stern back as the festival's official booker this year alongside his brother, but both the lineup and audience always contains a heavy California presence. From legends like Social Distortion and FLAG to modern stars like FIDLAR and the Interrupters (all of whom are performing this year), the Stern brothers always make sure that multiple generations of their local scene is represented at the festival — and not just because it's the community they grew up in. Stern and his crew were surfers who got into punk rock because it was that sort of revolutionary music that the '70s no longer had. 'As much as I love Jimi Hendrix and saw a bunch of big concerts like Led Zeppelin, that music didn't really speak to what I was feeling. As soon as the [Vietnam War] was over, that music became co-opted by big corporate labels.' Instead, Stern and his friends would hang out in the very small punk scene in Hollywood while all the bands were coming out of New York and the UK. The scene was very close-knit, and they didn't have any pretension of getting signed to a major label or anything. Though it was totally grassroots, they knew that when the surfers really started getting into it, it was going to explode. 'In those days, there were certain rebellious things with surfing that would work well with punk rock,' he said. 'That's what happened in the early '80s, and it's changed a lot since then, but it's just kept growing.' Perhaps more than any other genre, the evolution of punk rock (both in Los Angeles and around the world) is never more apparent than in the age range of bands at music festivals. This year at Punk Rock Bowling, not only will the Stern brothers be performing in their mid-60s with Youth Brigade, but some of the British artists that preceded them like the Damned and Cock Sparrer will be gracing the stage alongside great modern artists who could be their grandchildren (like the Bay Area's Spiritual Cramp). And yet the fans — from teenagers to senior citizens — will flood the Downtown Las Vegas Events Center for them regardless of generation. That cross-generational appeal isn't found in a lot of other genres, but it's a distinction that Shawn Stern believes punk rock shares with one of its ancestors. 'It's all just folk music — protest music,' he says. 'A lot of people try to rewrite history as though somehow punk rock's not political, and I call bullshit. Punk rock for me has always been political and it always will be. That's really what makes this music last, and it's also what makes the blues last.' The music still reaches out to people, regardless of age, Stern said. 'The words that I was singing in 1980 are just as relevant now, if not more so. ... Sure, some bands that are considered punk rock just write poppy love songs — which is fine if that's what you're into — but that's probably why I don't really like some of that pop-punk and emo stuff.' As long as Stern is involved, Punk Rock Bowling will always keep that lineage of resistance. Particularly with today's political climate, the lifelong punk sees his platform as an artist and a festival host as a crucial way to remind everyone to stand up against authoritarianism and fascism even if it's not directly affecting you and your surroundings just yet. 'We were writing about Reagan [in the '80s], and now we've got someone who's much worse than Reagan ever could have been,' he said. Stern has already seen international bands have newfound trouble flying in and out of the U.S. this year, and as a Jewish immigrant from Canada, he's taking the current situation quite seriously. 'I think it's important for everybody that listens to punk rock and comes to Punk Rock Bowling to remember that every day you have to question everything and fight against the authoritarian bent that this country is on,' Stern said. 'They're disappearing people in the streets, and that may not be you right now, but if you don't stand up for those people, it could be you or someone you love in the future. A lot of my mother's family died in concentration camps, so you don't think it could happen to you or you always wonder what you would have done — I'm not saying we're facing that yet, but I think we're pretty close. But if enough people stand together, we can stop this — and I think the community of punk rock is just carrying on that tradition of protest from the beatniks and the hippies.'
