The United States and Israel launched a war in Iran last week that has already killed more than 1,200 Iranians and spilled out across the Middle East. There are many unknowns about US president Donald Trump’s goals as the conflict enters its second week and the situation seems poised to trigger an energy crisis with reverberations around the world.
Iran is in a nationwide internet shutdown with only the country’s regime-built intranet available, plunging Iranians into digital darkness and making it difficult for humanitarian aid workers, journalists, and others to disseminate information both inside and outside the country. As strikes on Tehran began last weekend, an apparently hacked prayer app sent messages saying “surrender” and “help is on the way” to Iranians around the country.
Meanwhile, GPS attacks like jamming—not to mention physical threats—are on the rise in the Strait of Hormuz, threatening shipping vessels. Security camera hacking has emerged as part of the playbook of war. And missile-intercept systems across the Middle East are under strain—and in some cases being destroyed in strikes.
Trump ousted Department of Homeland Security secretary Kristi Noem this week. Her tenure was marked by aggressive anti-immigration tactics and ICE and CBP’s killing of two US protesters. A highly sophisticated iPhone hacking tool kit that was likely originally built for the US government is in the hands of multiple other nations as well as scammers who have likely used the tools to infect tens of thousands of phones or more. Some US lawmakers are calling for an investigation into the threat of the decades-old side-channel hacking technique. And WIRED went inside how music streaming CEO Elie Habib built the open-source global threat map World Monitor in his spare time.
And there’s more. Each week, we round up the security and privacy news we didn’t cover in depth ourselves. Click the headlines to read the full stories. And stay safe out there.
CBP Used Online Ad Data to Track Phone Locations
United States Customs and Border Protection has, for the first time, admitted it purchased phone location data from the sprawling, surveillance-heavy online advertising industry. The agency’s acknowledgement was included in a document, called a Privacy Threshold Analysis, obtained by 404 Media through a Freedom of Information Act request. The document relates to a trial that CBP ran between 2019 and 2021.
The publication reports that CBP purchased data linked to real-time bidding processes. When you see ads online or in apps, they have often been shown to you after automated, instantaneous, auctions take place where advertisers bid to show you that specific ad. The murkiest parts of the advertising industry can collect data from your device, including your phone’s identifying details and location data; this is then repackaged and sold to companies and entities. The data has been called a “gold mine” for tracking people’s daily activities.
CBP did not respond to 404 Media’s request for comment on whether it is still buying the data; however, ICE has reportedly planned to purchase access to another system, called Webloc, that allows whole neighborhoods to be monitored for mobile phone movements.
Encrypted Email Provider Proton Helped FBI Identify Protester
The FBI was able to identify a protester in Atlanta after ultimately obtaining information from Swiss encrypted email service Proton Mail, court documents have revealed this week. A court document reviewed by 404 Media shows that payment information linked to a Proton email address was provided to US law enforcement by Swiss authorities after a request was made under an Mutual Legal Assistance Treaty (MLAT), which allows agencies to share data internationally.
Swiss officials made a request for the data under Swiss laws to Proton for payment information linked to the email address [email protected], which was associated with protests in Atlanta. This information was then provided to US law enforcement officials under the international agreements, and they were able to identify an individual linked to the account.
The incident reinforces the differences between privacy and anonymity. Encrypted services can’t provide message data which they can’t access but may still provide information they hold about customers in other forms. A spokesperson for Proton Mail said, “We want to first clarify that Proton did not provide any information to the FBI, the information was obtained from the Swiss justice department via MLAT. Proton only provides the limited information that we have when issued with a legally binding order from Swiss authorities, which can only happen after all Swiss legal checks are passed.”
FBI Is Responding to “Suspicious” Activity on a Part of Its Network That Handles Wiretaps
With a headline that triggered feelings of déjà vu for the cybersecurity community, CNN reported this week that the FBI is investigating a suspected cybersecurity incident involving the portion of its network that handles wiretaps and surveillance warrants. The FBI confirmed that it was responding to that “suspicious activity,” but neither the Bureau nor CNN offered more details, with the news network adding only that the incident had prompted a response from senior officials at the FBI and the Justice Department focused on national security and civil liberties. But any mention of a potential breach of wiretap data calls to mind 2024’s disastrous intrusions by China’s Salt Typhoon hacker group, which broke into practically every US telecom, in some cases by exploiting their systems for enabling wiretaps on behalf of law enforcement.
Leakbase Cybercrime Forum Busted in Sweeping Multinational Operation
The FBI, Europol, and numerous European law enforcement agencies tore down Leakbase, a subscription cybercrime-focused forum that had grown to 142,000 paying members since its launch in 2021. The bust included 13 arrests, seizures of the dark-web site’s infrastructure from the Netherlands to Malaysia, and interviews with dozens of suspects, according to cybersecurity news site The Record’s interview with Brett Leatherman, the assistant director of the FBI’s cyber division. Leakbase had been a well-known source of stolen data and user credentials.
Workers Reviewing Meta Smart Glasses Footage Say They’ve Seen Users in Bathrooms and Having Sex
Contractors working for Meta say they’ve routinely reviewed sensitive footage captured by the company’s AI-powered smart glasses, including videos showing users in bathrooms, undressing, or exposing financial information. Workers employed by the data-labeling firm Sama in Nairobi told reporters that the footage is being used to train Meta’s AI systems and that employees who raise concerns may be fired. The glasses record video and audio during the “live AI” feature, which allows users to ask questions about what they’re seeing. Meta’s policies permit the company to retain and review these recordings, but contractors said many users appear unaware that humans—not just autonomous systems—can see the content.
The news was first reported by Swedish newspapers Svenska Dagbladet and Goteborgs-Posten, which interviewed more than 30 workers and former employees involved in annotating video and audio for Meta’s AI systems.
The post CBP Used Online Ad Data to Track Phone Locations appeared first on Wired.
