The FBI said today that it removed Chinese malware from 4,258 US-based computers and networks by sending commands that forced the malware to use its "self-delete" function.

The People's Republic of China (PRC) government paid the Mustang Panda group to develop a version of PlugX malware used to infect, control, and steal information from victim computers, the FBI said. "Since at least 2014, Mustang Panda hackers then infiltrated thousands of computer systems in campaigns targeting US victims, as well as European and Asian governments and businesses, and Chinese dissident groups," the FBI said.

The malware has been known for years but many Windows computers were still infected while their owners were unaware. The FBI learned of a method to remotely remove the malware from a French law enforcement agency, which had gained access to a command-and-control server that could send commands to infected computers.

Read full article

Comments

© Getty Images | Yuichiro Chino

The Federal Trade Commission said yesterday it is sending over $1 million in refunds to 6,764 consumers who purchased Razer Zephyr masks that were deceptively marketed as providing N95 protection during the COVID-19 pandemic.

The FTC sued Razer in April 2024, and the gaming-hardware company agreed to a settlement, including a $100,000 fine and $1,071,254.33 toward a fund for consumer relief. The payments are being distributed to mask buyers imminently, the FTC announced yesterday.

"The FTC is sending checks and PayPal payments to 6,764 consumers who purchased the deceptively marketed products. Recipients will get a full refund," the agency said. "Consumers should cash their check within 90 days, as indicated on the check, or redeem their PayPal payment within 30 days."

Read full article

Comments

© Sam Machkovech

A UK judge ruled against James Howells, who has been trying to get a hard drive with private keys to a cryptocurrency fortune out of a landfill for over a decade.

The New York law requiring Internet providers to offer cheap plans to people with low incomes will take effect on Wednesday this week following a multi-year court battle in which the state defeated broadband industry lobby groups.

A US appeals court upheld the law in April 2024, reversing the ruling of a district judge who blocked it in 2021. The Supreme Court last month decided not to hear the broadband industry's challenge, leaving the appeals court ruling in place. The state law requires Internet providers to offer $15- or $20-per-month service to people with low incomes.

As we've written, the battle between New York and ISPs was an important test case for how states can regulate broadband providers when the Federal Communications Commission isn't doing so. The Biden-era FCC's attempt to reinstate net neutrality rules and regulate broadband providers as common carriers was blocked in court, but ISPs lost the fight against the New York affordability law and an earlier fight against California's net neutrality law.

Read full article

Comments

© Getty Images | Yuichiro Chino

A British judge ruled against a man who wants to excavate a landfill where he says a hard drive with access to thousands of bitcoins was mistakenly dumped over 11 years ago.

Since 2013, James Howells has been hoping to recover a laptop hard drive that he says contains the private key for cryptocurrency which he says he mined in 2009. We wrote about it at the time, noting that the value of a bitcoin had just passed $1,000, making 7,500 bitcoins worth $7.5 million.

The alleged number of bitcoins has changed a bit, with Howells now saying he lost 8,000 bitcoins. The bitcoin price exceeded $100,000 last month and was worth over $95,636 as of this writing, or $765 million for 8,000 bitcoins.

Read full article

Comments

© Getty Images | Matthew Horwood

A federal judge this week rejected Google's motion to throw out a class-action lawsuit alleging that it invaded the privacy of users who opted out of functionality that records a users' web and app activities. A jury trial is scheduled for August 2025 in US District Court in San Francisco.

The lawsuit concerns Google's Web & App Activity (WAA) settings, with the lead plaintiff representing two subclasses of people with Android and non-Android phones who opted out of tracking. "The WAA button is a Google account setting that purports to give users privacy control of Google's data logging of the user's web app and activity, such as a user's searches and activity from other Google services, information associated with the user's activity, and information about the user's location and device," wrote US District Judge Richard Seeborg, the chief judge in the Northern District Of California.

Google says that Web & App Activity "saves your activity on Google sites and apps, including associated info like location, to give you faster searches, better recommendations, and more personalized experiences in Maps, Search, and other Google services." Google also has a supplemental Web App and Activity setting that the judge's ruling refers to as "(s)WAA."

Read full article

Comments

© Getty Images | Josh Edelson

AT&T, following last year's embarrassing botched update that kicked every device off its wireless network and blocked over 92 million phone calls, is now promising full-day bill credits to mobile customers for future outages that last at least 60 minutes and meet certain other criteria. A similar promise is being made to fiber customers for unplanned outages lasting at least 20 minutes, but only if the customer uses an AT&T-provided gateway.

The "AT&T Guarantee" announced today has caveats that can make it possible for a disruption to not be covered. AT&T says the promised mobile bill credits are "for wireless downtime lasting 60 minutes or more caused by a single incident impacting 10 or more towers."

The full-day bill credits do not include a prorated amount for the taxes and fees imposed on a monthly bill. The "bill credit will be calculated using the daily rate customer is charged for wireless service only (excludes taxes, fees, device payments, and any add-on services," AT&T said. If an outage lasts more than 24 hours, a customer will receive another full-day bill credit for each additional day.

Read full article

Comments

© Getty Images | Bloomberg

The US Justice Department today announced it filed an antitrust lawsuit against "six of the nation's largest landlords for participating in algorithmic pricing schemes that harmed renters."

One of the landlords, Cortland Management, agreed to a settlement "that requires it to cooperate with the government, stop using its competitors' sensitive data to set rents and stop using the same algorithm as its competitors without a corporate monitor," the DOJ said. The pending settlement requires Cortland to "cooperate fully and truthfully... in any civil investigation or civil litigation the United States brings or has brought" on this subject matter.

The US previously sued RealPage, a software maker accused of helping landlords collectively set prices by giving them access to competitors' nonpublic pricing and occupancy information. The original version of the lawsuit described actions by landlords but did not name any as defendants.

Read full article

Comments

© Getty Images | Bloomberg

Meta announced today that it's ending the third-party fact-checking program it introduced in 2016, and will rely instead on a Community Notes approach similar to what's used on Elon Musk's X platform.

The end of third-party fact-checking and related changes to Meta policies could help the company make friends in the Trump administration and in governments of conservative-leaning states that have tried to impose legal limits on content moderation. The operator of Facebook and Instagram announced the changes in a blog post and a video message recorded by CEO Mark Zuckerberg.

"Governments and legacy media have pushed to censor more and more. A lot of this is clearly political," Zuckerberg said. He said the recent elections "feel like a cultural tipping point toward once again prioritizing speech."

Read full article

Comments

© Getty Images | Bloomberg

The Waymo self-driving company says it has fixed a problem that caused a car to repeatedly circle a parking lot for about five minutes while its rider was trying to get to an airport.

Last month, Mike Johns posted a video on LinkedIn showing what happened after he was picked up by a Waymo self-driving car in Scottsdale, Arizona. Johns' post said the car made eight circles. After a Waymo support agent helped get the car moving in the right direction, he was driven to the airport in time to make his flight.

"Why is this happening to me on a Monday? I'm in a Waymo car and this car is just going in circles... I got a flight to catch, why is this thing going in a circle? I'm getting dizzy," he said in the video.

Read full article

Comments

© Getty Images | Smith Collection/Gado

Craig Wright, the man who claims he invented bitcoin and has been filing lawsuits asserting intellectual property rights, was sentenced to a year in prison yesterday for committing contempt of court.

The sentence is suspended and can be enforced if Wright continues violating court rulings—but he may be able to avoid imprisonment by staying away from countries that have extradition agreements with the UK. Wright defied an order to attend a court hearing in person this week and said he is in Asia.

Wright "was sentenced for contempt of court on Thursday" for bringing a 911 billion pound ($1.1 trillion) lawsuit "against Twitter founder Jack Dorsey's payments company Block in Britain," Reuters wrote.

Read full article

Comments

© Dan Kitwood / Staff | Getty Images News

The Federal Aviation Administration temporarily banned drones over parts of New Jersey yesterday and said "the United States government may use deadly force against" airborne aircraft "if it is determined that the aircraft poses an imminent security threat."

The FAA issued 22 orders imposing "temporary flight restrictions for special security reasons" until January 17, 2025. "At the request of federal security partners, the FAA published 22 Temporary Flight Restrictions (TFRs) prohibiting drone flights over critical New Jersey infrastructure," an FAA statement said.

Each NOTAM (Notice to Air Missions) affects a specific area. "No UAS [Unmanned Aircraft System] operations are authorized in the areas covered by this NOTAM" unless they have clearance for specific operations, the FAA said. Allowed operations include support for national defense, law enforcement, firefighting, and commercial operations "with a valid statement of work."

Read full article

Comments

© Getty Images | Richard Newstead

An AT&T customer who switched to the company's FirstNet service for first responders got quite the shock when his bill came in at $6,223.60, instead of the roughly $260 that his four-line plan previously cost each month.

The Texas man described his experience in a now-deleted Reddit post three days ago, saying he hadn't been able to get the obviously incorrect bill reversed despite calling AT&T and going to an AT&T store in Dallas. The case drew plenty of attention and the bill was finally wiped out several days after the customer contacted the AT&T president's office.

The customer said he received the billing email on December 11. An automatic payment was scheduled for December 15, but he canceled the autopay before the money was charged. The whole mess took a week to straighten out.

Read full article

Comments

© Getty Images | Bloomberg

US government authorities are reportedly investigating whether to ban TP-Link wireless routers, which have been targeted in some high-profile attacks linked to the Chinese government. TP-Link, which was founded in China in 1996 and said it relocated its headquarters to the US in October this year, has racked up significant market share in US homes and businesses.

US authorities are investigating whether TP-Link "poses a national-security risk and are considering banning the devices," The Wall Street Journal reported today. The WSJ notes that TP-Link is "the top choice on Amazon.com, and powers Internet communications for the Defense Department and other federal government agencies."

The WSJ wrote:

Read full article

Comments

© TP-Link

The Supreme Court yesterday rejected the broadband industry's challenge to a New York law that requires Internet providers to offer $15- or $20-per-month service to people with low incomes.

In August, six trade groups representing the cable, telecom, mobile, and satellite industries filed a petition asking the Supreme Court to overturn an appeals court ruling that upheld the state law. But the Supreme Court won't take up the case. The high court denied the telecom groups' petition without comment in a list of orders released yesterday.

Although a US District Court judge blocked the law in 2021, that judge's ruling was reversed by the US Court of Appeals for the 2nd Circuit in April 2024. The Supreme Court's denial of the industry petition leaves the 2nd Circuit ruling in place.

Read full article

Comments

© Getty Images | Creativeye99

President-elect Donald Trump's pick to lead the Federal Communications Commission, Brendan Carr, wants the FCC to crack down on news broadcasters that he perceives as being unfair to Trump or Republicans in general.

Carr's stated goals would appear to mark a major shift in the FCC's approach to broadcasters. Carr's predecessors, including outgoing Chairwoman Jessica Rosenworcel and Republican Ajit Pai, who served in the first Trump administration, both rejected Trump's calls to punish news networks for alleged bias.

Carr has instead embraced Trump's view that broadcasters should be punished for supposed anti-conservative bias. Carr has threatened to revoke licenses by wielding the FCC's authority to ensure that broadcast stations using public airwaves operate in the public interest, despite previous chairs saying the First Amendment prevents the FCC from revoking licenses based on content.

Read full article

Comments

© Getty Images | Brandon Bell

Hackers trying to extort the Rhode Island government infiltrated the state's public benefits system, causing state officials to shut down online services that let residents apply for Medicaid and other assistance programs.

"As part of this investigation today, we discovered that within the Rhode Island Bridges system, a cybercriminal had installed dangerous malware that constituted an urgent threat," Governor Dan McKee said at a Friday night press conference, according to The Providence Journal. "That is why tonight we have shut down the system. That means customers will temporarily not be able to access any customer portal related to the services on Rhode Island Bridges."

The vendor "Deloitte confirmed that there is a high probability that a cybercriminal has obtained files with personally identifiable information from RIBridges," McKee's office said in a press release. Rhode Island has "proactively taken the system offline so that the State and Deloitte can work to address the threat and restore the system as quickly as possible."

Read full article

Comments

© Getty Images | Bloomberg

T-Mobile today said it opened registration for the "T-Mobile Starlink" beta service that will enable text messaging via satellites in dead zones not covered by cell towers.

T-Mobile's announcement said the service using Starlink's low-Earth orbit satellites will "provid[e] coverage for the 500,000 square miles of land in the United States not covered by earth-bound cell towers." Starlink parent SpaceX has so far launched over 300 satellites with direct-to-cell capabilities, T-Mobile noted.

A registration page says, "We expect the beta to begin in early 2025, starting with texting and expanding to data and voice over time. The beta is open to all T-Mobile postpaid customers for free, but capacity is limited."

Read full article

Comments

© T-Mobile

Elon Musk has at least one more battle to wage against Securities and Exchange Commission Chair Gary Gensler, who will be leaving the agency when President-elect Trump takes over in January.

Musk yesterday posted a copy of a letter sent to Gensler by Musk's attorney, Alex Spiro. The letter dated December 12 says the SEC issued a settlement demand in its investigation into whether Musk violated federal securities laws in connection with 2022 purchases of Twitter stock, and that the SEC is investigating Neuralink. The Spiro letter said:

Yesterday the Commission Staff issued a settlement demand that required Mr. Musk agree within 48 hours to either accept a monetary payment or face charges on numerous counts. They indicated that this demand was the result of a directive from their superiors and that charges would be brought imminently unless Mr. Musk acquiesced. This demand follows a multi-year investigation and more than six years of harassment of Mr. Musk by the Commission and its Staff. More recently, the Staff subpoenaed me, Mr. Musk's attorney, for testimony and threatened to send a process server if I did not immediately cooperate. I categorically refused. This week, the Commission has also reopened an investigation into Neuralink.

Spiro accused the SEC of "an improperly motivated campaign" against Musk, his companies, and people associated with him. "We demand to know who directed these actions—whether it was you or the White House," Spiro wrote. "These tactics and misguided scheme will not intimidate us. We reserve all rights."

Read full article

Comments

© Getty Images | Bloomberg

AT&T and Verizon reportedly are not notifying most customers whose call records were stolen in the ongoing attack attributed to Chinese hacking group Salt Typhoon. NBC News reported today that "the vast majority of people whose call records have been stolen by Chinese hackers have not been notified, according to industry sources, and there is no indication that most affected people will be notified in the near future."

US government officials said last week that major telecom companies have been unable to fully evict the Chinese state-sponsored hackers from their networks. There have been direct notifications to specific targets, such as government officials, whose calls were listened to and whose text messages were accessed. "President-elect Donald Trump, Vice President-elect JD Vance, senior congressional staffers and an array of US security officials were among scores of individuals to have their calls and texts directly targeted," The Wall Street Journal wrote.

For most other victims, the data accessed apparently didn't include the contents of communications. It instead consisted of metadata like the numbers that phones called and when. These people are not receiving notifications from carriers, NBC News wrote today:

Read full article

Comments

© Getty Images | Tim Robberts