Russia’s War of choice against Ukraine drew global attention this week with Russian President Vladimir Putin continuing to escalate the conflict as the United States and Europe moved to drastically isolate the Kremlin. Though the front lines of battle have not been digital, Ukraine emphasized this week that Russia is pummeling the embattled country’s computer networks with hacking attempts. After years of such activity, Ukrainian internet infrastructure is resilient, and the Ukrainian government is also experimenting with the formation of a volunteer “IT Army” to organize recruits from all over the world for its cause.
Ukrainians have been relying on the messaging platform Telegram to get much of their news and official government updates about the situation, and hacktivists have been attempting to make their mark in the conflict as well, though their actions are often dwarfed by the reality of kinetic war.
We’ve got the story of an online troll who used tactics such as misleading press releases and tricky domain names in an effort to sabotage competitors in the nonalcoholic spirit industry. And the startup Kytch, which sold a device for fixing McDonald’s ice cream machines before the fast food giant crushed its business, is suing the Golden aAches for $900 million in damages.
But wait, there’s more. We’ve rounded up all the news here that we didn’t break or cover in depth this week. Click on the headlines to read the full stories. And stay safe out there.
US internet infrastructure company Cogent Communications said on Friday that it is ending relationships with its Russian customers, including the state-owned Russian telecoms Rostelecom and TransTelekom. The global internet is interdependent, and Russia has other backbone providers besides Cogent to stay connected to the world, but the company is one of the biggest. Cogent said it weighed the risks that some people in Russia will lose global connectivity against the possibility that the Russian government will benefit from Cogent’s service in mounting disinformation campaigns and hacks against Ukrainian targets. “Our goal is not to hurt anyone. It’s just to not empower the Russian government to have another tool in their war chest,” Cogent CEO Dave Schaeffer told The Washington Post.
The infamous Conti ransomware gang has long been thought to be based in Russia, and last week the group announced its support for the Kremlin’s invasion of Ukraine. Since then, Conti has suffered a series of damaging leaks. A Twitter user with the handle @ContiLeaks dropped about 60,000 messages from Conti’s internal chats on Sunday, revealing details about the inner workings of the organization, including how the group recruits and trains members. Then @ContiLeaks published a second trove that included more than 100,000 more internal messages and files related to accessing the group’s application programming interfaces and source code. By Wednesday, researchers began noticing that Conti was dismantling its infrastructure. It’s not uncommon for ransomware groups to go underground and rebuild under a new name, but the saga shows the severity of the blowback Conti received from pro-Ukraine hacktivists.
After a ransomware attack last week, chipmaker Nvidia has been scrambling to deal with attackers who apparently stole 1 terabyte of data from the company and have been slowly leaking increasingly sensitive data from the trove. The hacking group, known as Lapsus$,which is thought to be based in South America, also claimed that Nvidia attempted to “hack back” or attack them in retaliation. Earlier this week the attackers leaked information about unreleased, upcoming Nvidia GPUs and source code for an Nvidia AI rendering system called DLSS. After the company refused to pay the attackers a ransom, they released the usernames and passwords of more than 71,000 Nvidia employees on Friday along with two code-signing certificates that could be abused by other attackers worldwide to make their malware appear authentic and trustworthy.
More Great WIRED Stories