The Cyber Urban Legend of 3 Million ‘Hacked’ Toothbrushes

Andy Greenberg Dhruv Mehrotra

Documents exclusively obtained by WIRED reveal that AI surveillance software tracked thousands of people using the London Underground to detect crime or unsafe situations. The machine learning software scoured live CCTV footage to spot aggressive behavior, weapons being brandished, and people dodging fares. The documents also detail errors made during the trial—for instance, mistakenly identifying children walking with their parents as fare evaders.

Meanwhile, on Wednesday, cryptocurrency tracing firm Chainalysis published a report finding ransomware payments in 2023 reached over $1.1 billion, the highest annual total ever recorded. The record-breaking sum of extorted funds was due to two things: the high number of ransomware attacks and the amount of money that hackers were demanding from victims, many of whom were targeted specifically for their ability to pay and their inability to sustain a prolonged disruption of services.

A tech company, notorious for keeping websites with far-right and other extreme content online, was bought last year by a secretive company whose business is to help set up businesses, often in ways that keep details of those companies secret, WIRED reported on Thursday. Registered Agents Inc.’s acquisition of Epik may allow the shadowy company to provide its customers with another layer of anonymity.

For the past month, senior security reporter Matt Burgess has been transitioning away from using passwords to log in to his hundreds of online accounts. Instead, he’s using passkeys, a more secure form of authentication that uses generated codes stored on your device to log in to websites and apps using a biometric identifier like a fingerprint, face scan, or PIN. When it works, it’s seamless and secure. When it doesn’t, it’s a mess.

WhatsApp is developing a feature to allow its users to message across apps, all while maintaining its secure end-to-end encryption. In theory, the move would allow users to chat with people on WhatsApp using apps like Signal or Telegram. It’s unclear which companies, if any, will link their services with WhatsApp.

And there’s more. Each week, we highlight the news we didn’t cover in-depth ourselves. Click on the headlines below to read the full stories. And stay safe out there.

Hackers have, in the real world, caused blackouts, set fire to a steel mill, and released worms that took down medical record systems in hospitals across the US and the UK. So it hardly seems necessary to invent new nightmares about them taking over our toothbrushes.

Yet, when the Swiss newspaper Aargauer Zeitung published a story that cybercriminals had infected 3 million internet-connected toothbrushes with malware, then used them to launch a cyberattack that downed a website for four hours and caused millions of dollars in damage, the tale was somehow irresistible. This week, news outlets around the world picked up the story, which quoted the cybersecurity firm Fortinet as its source, spinning it out as the perfect illustration of how hackers can exploit the most mundane technology for epic malevolence. “This example, which seems like a Hollywood scenario, actually happened,” the Swiss newspaper wrote.

Charlie Metcalfe

Nena Farrell

Reece Rogers

Jaina Grey

Except, of course, it didn’t. Cybersecurity professionals quickly started to point out that the story was unsupported by any evidence—and was somewhat absurd on its face. (Even the Mirai botnet, which knocked out its targets with record-breaking tsunamis of junk traffic and eventually broke a large fraction of the internet, infected only 650,000 internet-connected devices at its peak.)

Fortinet belatedly sought to correct the record, writing in public statements that “it appears that due to translations the narrative on this topic has been stretched to the point where hypothetical and actual scenarios are blurred.” But the Aargauer Zeitung pointed the finger back at Fortinet, noting in a follow-up story that Fortinet provided exact details of the dental doomsday it described as real, and that the company even reviewed the text of the article prior to publication. Regardless of who’s to blame, at least this cyber urban legend has inspired some solid meme content.

Back to more factual cyber doomsday headlines: The US Federal Bureau of Investigation, National Security Agency, and Cybersecurity and Infrastructure Security Agency this week warned in a report that China’s hacker group known as Volt Typhoon had quietly maintained access to some US critical infrastructure networks for as long as half a decade. The report included detailed descriptions of the intrusion and persistence techniques used by the group, which has distinguished itself as perhaps China’s most aggressive state-sponsored hacking force. Volt Typhoon’s broad penetration of US electric grids, transportation networks, and other critical infrastructure has raised alarms among US federal agencies since as early as May of last year, when those agencies began to warn that the group appeared to be laying the groundwork for cyberwar-style attacks in the midst of any future conflict. Now it’s clear that those warnings came only years after the hackers’ sabotage preparations were well underway.

The Biden administration stated it would limit the visas of international commercial spyware sellers, potentially preventing these surveillance companies’ executives or partners from visiting the US. This new policy is part of the continuing efforts by the White House to control spyware-selling companies such as NSO Group, Cytrox, Intellexa, and Candiru. Previous actions have included their inclusion on a Commerce Department trade blocklist and a ban on US government agencies purchasing these hacking companies’ products. On the day this was announced, Google published its own detailed report on suspected commercial spyware vendors, naming twelve companies and providing policy suggestions for user protection.

This week, Citizen Lab revealed a large collection of Chinese websites that mimic local news sites worldwide to spread pro-Beijing disinformation and propaganda. The 123 sites, aimed at audiences in over 30 countries across Europe, Asia, and Latin America, combine harmless commercial content and copied material with anti-Western conspiracy theories. These theories include allegations of US-conducted human experimentation in Southeast Asia and targeted assaults on critics of the Chinese government. Although the visibility and impact of this influence operation are “negligible” according to Citizen Lab, it shows a further sign of China’s increasing use of disinformation as a soft power strategy.

Leave a Reply

Your email address will not be published. Required fields are marked *

Previous Article

Chapter 5 of 2054: A Journey from Tokyo with Love

Next Article

Martin Scorsese Urges You to Put Down Your Phone in Squarespace Super Bowl Ad

Related Posts