Risky Bulletin: FBI extracted Signal chats from iPhone notifications logs

This newsletter is brought to you by application allow-listing software maker Airlock Digital. You can subscribe to an audio version of this newsletter as a podcast by searching for "Risky Business" in your podcatcher or subscribing via this RSS feed. You can also add the Risky Business newsletter as a Preferred Source to your Google search results by going here.

Risky Business Podcasts

The main Risky Business podcast is now on YouTube with video versions of our recent episodes. Below is our latest weekly show with Pat, Adam, and James at the helm!

Breaches, hacks, and security incidents

LA CAO hack: The Los Angeles city attorney’s office has been hacked and sensitive data has been published online. Stolen data included sensitive case details and the personal information of LA police officers. Witness names, medical records, and internal affairs investigation are also part of a trove of 7.7TB published online this week. [KTLA]

Ransomware hits key Dutch hospital provider: A ransomware attack has hit a major software provider for the Dutch healthcare sector. The incident impacted ChipSoft, the maker of an electronic patient record management platform named HiX. According to reports, the platform is used by roughly 70% of all Dutch hospitals but it's unclear if it was affected. The incident didn't impact the platform's availability. [NLTimes]

MN National Guard deployed for cyberattack: Minnesota Governor Tim Walz has deployed the National Guard's cyber units to Winona County. The county was hit by a cyberattack this week that disrupted IT networks and public services. The same county was hit by ransomware in late January. This is a separate incident, according to The Record.

NSCC hacked: A hacker has stolen and leaked petabytes of sensitive data from China's National Supercomputing Center (NSCC). The data was published online last month but took weeks before investigators could confirm its authenticity due to its sheer size. Some of the leaked files are marked as "secret" and appear to contain military and government data. A group named FlamingChina that first appeared in February took credit for the hack. [CNN]

Fleet management platform goes down: A cyberattack has taken down car fleet management platform FleetWave. The incident impacted several local governments in the US that use the platform to manage shared work cars. The software is used to assign vehicles between workers and shifts, schedule maintenance, and manage fuel allocations and repair logs. [DysruptionHub]

Bitcoin Depot hacked for $3.6m: Hackers have stolen $3.6 million from Bitcoin ATM operator Bitcoin Depot. The attack took place last month and targeted the company's crypto-wallets. The company operates more than 25,000 Bitcoin ATMs across the world.

Pinterest sees DDoS attack: A pro-Iranian hacktivist group has taken out Pinterest for a couple of hours using a DDoS attack. The group also took out the website of American fintech company Chime Financial. [Bloomberg]

Zephyr Energy BEC: UK energy company Zephyr Energy says hackers stole €700,000 from one of its US subsidiaries after tricking staff to redirect a contractor payment. [TechCrunch]

General tech and privacy

Chrome 147: Google has released version 147 of its Chrome browser. See here for security patches and webdev-related changes. The biggest change in this release is the formal launch of Device Bound Session Credentials (DBSC), a system to safeguard a Chrome user's authentication cookies from infostealers. There's also a feature to report scam sites to Google to be included in the Safe Browsing blocklist.

Oh… and there's Vertical Tabs now.

Little Snitch coming to Linux: Little Snitch, a macOS app famous for its ability to detect and block hidden networking connections on macOS, is preparing a Linux port.

Signal will get a plaintext export feature: Signal will let users export their chats in plaintext in an upcoming version (v8.7). This will be available at Settings > Chats > Export chat history.

Telegram's hack-and-leak problem: More than 25,000 Telegram users are members in channels that sell and trade hacked non-consensual images and videos. Most of the members are young men, while the victims are usually women, including underage girls. The groups also allow members to hire hackers to go after specific targets. While most of the hacked content is sold for profit, some is also used to harass victims. [AI Forensics // WIRED]

Meta removes some very specific ads: After it completely ignored malicious ads leading to malware and scams for half a decade, even making a profit from it, Meta is now removing ads for lawyers who are seeking customers harmed by social media. [Axios]

OpenAI is also cool: After Anthropic grabbed a bunch of news headlines this week for its Mythos AI agent and Project Glasswing, a source told Axios that OpenAI has been working on a similar cybersecurity-related agent that it plans to release to a small number of companies.

ANS protocol: Akamai and Cloudflare have thrown their support behind the Agent Name Service, an open registry for tracking AI agents. The standard assigns unique identities to AI crawlers that can be used to authorize them to access certain resources. The system is modeled after DNS and every identity is cryptographically signed.

Microsoft suspends VeraCrypt, WireGuard, and Windscribe dev accounts: Microsoft has suspended the developer accounts of three major software makers. VeraCrypt, WireGuard, and Windscribe have not been able to sign drivers and ship updates for at least a week. Microsoft started a mandatory account verification process for all developers in the Windows Hardware Program last year. The verification process ended last month, when developers received their suspensions. After the issue gained attention in the tech press this week, the VeraCrypt and Windscribe developers said someone at Microsoft reached out and this was being handled. [TechCrunch]

Government, politics, and policy

Greece introduces kids social media ban: The Greek government will ban children under the age of 15 from social media starting next year. While similar initiatives are being discussed in the EU, Greece will become the first country to implement such a ban. France, Spain, Denmark, and several more are also exploring similar bans. [Sky News]

Hungary, US, others deployed ad-based tracking tool: Hungary, the US, El Salvador, and other countries have deployed a new geo-tracking tool that works using advertising data. The Webloc tool was developed by Israeli surveillance vendor Cobwebs and is now sold by its successor, a company named Penlink. The platform can allegedly build profiles and track a country's entire population. Its customers include law enforcement and intelligence agencies. Most EU countries refused to answer freedom of information requests about their use of the tool. [VSquare // CitizenLab]

Russia's digital sovereignty is expensive: After Russia pushed local companies to switch to domestic software, those products have seen constant price hikes and are now more expensive than the products they replaced. [Kommersant]

France creates new electronic warfare unit: France military intelligence is merging its electromagnetic emissions and cyberspace analysis units into a new electronic warfare division. [Intelligence Online]

China's cybersecurity strategy: The Natto Thoughts team has published an analysis of China's cybersecurity strategy included in the country's latest five-year plan released earlier this year.

"Accelerating the construction of a “cyber superpower” (网络强国, transliterated wǎngluò qiángguó) is one of five superpower-building areas highlighted in Part II of the 15th FYP. The other four areas mentioned are: manufacturing superpower, quality superpower, aerospace superpower, and transportation superpower."

Treasury sets up crypto info-sharing group: The US Treasury Department has set up a threat intel sharing group for the cryptocurrency and digital assets industry. Market participants will receive alerts about ongoing cybersecurity threats. The initiative is designed to stem the ongoing wave of cryptocurrency platform hacks and the losses they cause to American investors. US banks and securities traders have been receiving similar cybersecurity alerts for years.

CCI CIA gets a boost: The CIA has raised the status of its Center for Cyber Intelligence from a division to a full-fledged mission center as a sign of the times and the importance of cyber operations. [The Record]

" 'It is a big deal,' according to a former Trump administration official, who like others interviewed, spoke on the condition of anonymity. 'It allows them to get some more money, allows them to be more of a player at the table.' "

Sponsor section

In this Risky Business sponsor interview, James Wilson chats with Airlock Digital co-founders, David Cottingham and Daniel Schell, about how they’re moving up the stack from file-based allowlisting to application-based allowlisting. David and Daniel explain how they’re making a seamless and quite logical move into application allowlisting, but with a new take on the technique.

Arrests, cybercrime, and threat intel

Trenchant exec admits money trouble: The Trenchant executive who sold the company's iOS exploits to a Russian broker admitted to having financial difficulties and suffering from stress and burnout at the time of his crime. Peter Williams explained the reasons and circumstances of his crime in a letter sent to a DC court judge before his sentencing. He described his actions as "an unfortunate period of extraordinarily poor judgment." Williams was sentenced to 87 months in prison at the end of February. [Zero Day]

FBI extracted Signal chats from phone's noti log: The FBI has extracted past Signal messages from a suspect's device after they deleted the app. The data was extracted from an iPhone's database of past notifications. The new data extraction technique was used in a case related to anti-ICE protests in Texas. [404 Media]

Former Meta under investigation in the UK: UK police are investigating a former Meta employee for downloading the private photos of Facebook users. The suspect allegedly created a script that bypassed Facebook defenses and downloaded more than 30,000 private photos. He was fired last year after Meta found the hack and reported the case to authorities. He is out on bail while the investigation continues. [The Guardian]

Crypto-thieves arrested in Ukraine: Ukraine's Cyber Police has detained a group of suspects who lurked Telegram channels for crypto users and tricked them into connecting their wallets to a crypto-drainer that siphoned their funds.

South Korea bans 41k scam numbers: The South Korean government has banned more than 41,000 phone numbers linked to scam operations since its new counter-scam bureau. The National Counter-Scam Bureau began operations last November. It launched to great fanfare, promising to operate and respond at any time of day and block phone numbers within 10 minutes of being reported. [CommsRisk]

Rockwell PLC exposure: After CISA and the FBI warned that Iranian threat actors are hacking Rockwell and Allen-Bradley PLCs across the US, Censys looked at the exposure and found more than 5,200 PLCs exposed online, with almost 3,900 of those in the US.

Many ransoms went unpaid last year: Cyberinsurance provider Coalition says that 86% of companies that filed a cyber claim last year did not pay their attackers. A similar trend of less 

Velora npm compromise: Hackers have breached and published a malicious npm package for the Velora (formerly ParaSwap) cryptocurrency project. The malware was available via the 9.4.1 releases, which, for some reason remains available on npm. [OpenSourceMalware // Step Security]

Hacker-for-hire group targets activists in MENA: A hacker-for-hire group has been linked to phishing campaigns targeting journalists, activists, and political figures across the MENA region. The attackers targeted iCloud backups and Signal and Telegram chats. Investigators linked the attacks to Bitter, an advanced hacking group operating from India. [Access Now // Lookout // SMEX]

Storm-2755 comes to Canada: A BEC group focused on payroll redirection attacks, tracked as Storm-2755, is targeting Canadian companies, per a new Microsoft report.

New ClickFix variant: Jamf has found a new variant of the ClickFix attack that targets macOS users via applescript:// URLs and the Script Editor instead of the Apple Terminal.

GitHub and Jira spam abuse: Cisco Talos has published a report that looks at the waves of spam originating from GitHub and Jira servers, as threat actors appear to have understood they don't need to run their own email servers since big platforms can serve as an intermediary.

Smart Slider supply chain abuse: Hackers compromised the servers of a major plugin developer and shipped malware to WordPress and Joomla sites. Malicious updates containing a remote access toolkit were delivered to sites running the Smart Slider plugin. The incident took place on Tuesday and the malicious update was live for only six hours. Nextend, the plugin's developer, traced the incident to a hack of its update servers. [Patchstack // Nextend advisory, Joomla plugin // Nextend advisory, WP plugin]

Emoji as a coded language: Threat intel company Flashpoint has published a report on how threat actors are using emojis as a coded language in underground hacking forums and Telegram channels.

Malware technical reports

notnullOSX: Moonlock has discovered a new macOS infostealer named notnullOSX, written in Go and distributed via ClickFix campaigns. The stealer was allegedly written by a threat actor with a long history of malware dev and conflicts in cybercrime forums.

STX RAT: A new RAT named STX has been spotted in the wild in campaigns in February.

TMoscow Bot: Security firm Breakglass has identified TMoscow Bot, a phishing platform managed from a Telegram bot. The service appears to be very popular with Chinese threat actors.

ClipBanker: Kaspersky has spotted a clipboard hijacker named ClipBanker hidden inside malicious proxifier apps marketed to Russian audiences in the midst of the Russian government's crackdown on VPN and tunneling apps.

Glassworm's Zig reincarnation: The Glassworm malware now has a Zig port of its original JS version. This Zig variant is used to backdoor all local IDEs.

Canis C2: Researchers at Hunt Intelligence have discovered Canis C2, a command-and-control framework used to control implants for Android, iOS, Windows, Linux, and macOS. Hunt says the toolkit was being used for operations targeting Japan.

ArchangelC2: Breakglass looks at ArchangelC2, a new C2 framework used to connect and manage networks compromised with malicious ScreenConnect RMMs.

Masjesu botnet avoids US govt and military networks: A newly discovered IoT botnet uses IP blocklists to avoid infecting US government and military networks. Security firm Trellix believes the blocklist is a defensive system meant to avoid triggering a US law enforcement response. The botnet has flown under the radar for almost three years and is primarily used for a DDoS-for-hire service. Trellix tracks it as Masjesu.

Sponsor section

In this product demo of the Airlock Digital application control and allowlisting solution, Patrick Gray speaks with Airlock Digital co-founders David Cottingham and Daniel Schell.

APTs, cyber-espionage, and info-ops

DPRK is now on five dev ecosystems: Socket Security has tracked North Korean-linked malware and malicious packages on five distinct package portals, on npm, PyPI, Rust Crates, Go Packages, and PHP's Packagist.

CapFix targets Russia's aircraft industry: A cyber-espionage group named CapFix has targeted Russia's aircraft industry since last fall. CapFix used a former RoundCube zero-day to breach legitimate companies and then send phishing emails to their targets. The group's preferred malware was the CapDoor backdoor.

Rare Werewolf: Positive Technologies has spotted new campaigns from an APT tracked as  Rare Werewolf (Rezet, Librarian Ghouls), with a long history of targeting Russia.

Shedding Zmiy used former employees' accounts for spying: A suspected Ukrainian hacking group has leveraged the accounts of fired or former employees to spy on their targets in Russia. Targets included Russian healthcare organizations. The Shedding Zmiy group has links to the old Cobalt cybercrime operation. Rostelecom says the group switched from financial crimes to espionage in late 2022. 

MuddyWater adopts Russian MaaS: Iranian group MuddyWater is apparently a customer of the CastleRAT Russian MaaS, which it used in attacks against Israeli orgs. They're also using a new PowerShell dropper named ChainShell.

APT-C-49 (OilRig): Qihoo's security team looks at another of the many phishing campaigns coming out of Iran at the moment. This one, from OilRig.

UAT-10362's LucidRook: A suspected APT tracked as UAT-10362 is targeting organizations in Taiwan with a new malware. This included the LucidRook stager, the LucidPawn dropper, and LucidKnight recon tool.

TikTok info-ops summary: TikTok has published its monthly report on covert influence operations the company has spotted on its platform in February this year. The company took down influence networks targeting political discourse in Hungary, Myanmar, Mexico, Ecuador, Azerbaijan, Russia,  and Europe. It's been a busy month for TikTok's moderators.

Vulnerabilities, security research, and bug bounty

Adobe Reader zero-day: An Adobe Reader zero-day has been exploited in the wild since at least November. The attacks used lures related to Russia's oil and gas sector. No formal attribution, CVE, or patch are available. [SecurityWeek]

Major WP plugin vulnerability: Threat actors are exploiting a critical vulnerability in a popular plugin to take over WordPress sites. Attacks have been reported against the Ninja Forms - File Upload plugin, installed on hundreds of thousands of sites. Tracked as CVE-2026-0740, the vulnerability allows unauthenticated remote attackers to upload malicious files on WordPress sites using the plugin.

Claude.md file can be abused for malicious use: Security researchers have bypassed Claude Code's safety guardrails by placing malicious prompts inside the AI agent's Claude.md configuration file. Claude reads this file at the start of every session. The file is typically used for storing coding practices, architecture decisions, or preferred libraries and tools. [LayerX]

"In Claude Code, system prompts are handled via the CLAUDE.md file, which sits in the code repository and is included every time a project is cloned. Anyone with write permissions can edit the file for an entire project."

Apple Intelligence prompt injection attack: RSAC says Apple Intelligence is susceptible to prompt injection attacks where attackers wrap malicious instructions in Unicode LTR override characters. This was fixed in iOS 26.4 and macOS 26.4 after the researchers' report.

Infosec industry

Threat/trend reports: Access Now, Akamai, Brandefense, CERT-PL, Check Point, Coalition, CyFirma, Kaspersky, and LevelBlue have recently published reports and summaries covering various threats and infosec industry trends.

New tool—wolfIP: The WolfSSL project has released wolfIP, a TCP/IP stack designed for embedded and safety-critical systems.

New tool—DNSight: A team of researchers has released DNSight, a tool for auditing DNS, email authentication (SPF, DKIM, DMARC), and related signals.

Risky Business podcasts

In this edition of Seriously Risky Business, Tom Uren and Amberleigh Jack talk about the State Department taking to X to counter foreign propaganda. US Secretary of State Marco Rubio dismantled the State Department's counter-propaganda office when he took charge, but it turns out that giving adversary states free reign online is a bad idea.

In this special documentary episode, Patrick Gray and Amberleigh Jack take a look back at hacking throughout the 1990s, from the feel-good vibes of the early hacking communities to the antics of young hackers who wound up on the run from the FBI.