Beware: X’s Calling Feature Exposes IP Addresses

TFD – Discover how X’s latest feature poses a threat to your online privacy by exposing user IP addresses. Take control of your security settings to prevent potential risks associated with this feature. Stay vigilant and protect your privacy online.

For years, Registered Agents Inc.—a secretive company whose business is setting up other businesses—has registered thousands of companies to people who appear to not exist. Multiple former employees tell WIRED that the company routinely incorporates businesses on behalf of its customers using what they claim are fake personas. An investigation found that incorporation paperwork for thousands of companies that listed these allegedly fake personas had links to Registered Agents.

A record number of state attorneys general from around the United States demanded in a letter to Meta on Wednesday that the corporation take “immediate action” in response to accounts on Facebook and Instagram that had been hacked. Letitia James, the attorney general of New York, led the initiative. According to statistics she supplied, her office received over 780 complaints in 2023, ten times as much as in 2019. Numerous complaints mentioned in the letter claim that Meta failed to assist customers in getting their stolen accounts back. The authorities’ letter stated, in part, “We refuse to act as your company’s customer service representatives.” “It is essential to invest appropriately in mitigation and response.”

This week, Meta experienced a significant outage that knocked off most of its platforms. Users were frequently required to re-log into their accounts when it returned. But the business modified Facebook’s and Instagram’s two-factor authentication last year. Any devices you’ve used recently for Meta services on a regular basis will now be trusted by default. Experts are concerned about the change, which might imply that your devices will no longer require a two-factor authentication code in order to log in. Our instructions on how to disable this setting have been updated.

Prescription medication deliveries across the US have been delayed due to a ransomware attack against the medical company Change Healthcare, which has disrupted pharmacies across the US. Change Healthcare most certainly paid the ransom because a Bitcoin address linked to AlphV, the gang responsible for the hack, received $22 million in cryptocurrencies last week. If the company was responsible for the payment, a representative for the company declined to comment.

There’s still more. Every week, we highlight the stories that we didn’t personally cover in-depth. To read the complete stories, click on the headlines below. And be careful when you’re out there.

Microsoft Source Code Was Stolen by Russian Hackers

The company’s senior leadership team’s email accounts were compromised by a renowned gang of Russian state-sponsored hackers called Nobelium, Microsoft disclosed in January. The corporation disclosed today that the attack is still going on. The company notes in a blog post that it has observed indications in the last few weeks that hackers are using data that was stolen from its email systems to obtain access to source code and other “internal systems.”

The specific internal systems that Microsoft refers to as Nobelium, or Midnight Blizzard, gained access to are unknown, but the corporation claims that the incident is still ongoing. According to the blog post, the hackers are currently breaking into the company’s systems by employing “secrets of different types.” “As we find them in our exfiltrated email, we have been reaching out to these customers to help them take mitigating measures. Some of these secrets were shared between customers and Microsoft in email.”

The sophisticated 2020 supply-chain attack known as SolarWinds, which affected thousands of companies including important US government departments like the Departments of Homeland Security, Defense, Justice, and Treasury, is the work of Nobelium.

Microsoft claims that it has not discovered any proof of a security vulnerability in its customer-facing systems.

A former employee of Google is accused of stealing trade secrets.

The US Department of Justice declared on Wednesday that it was bringing charges against a former Google developer for allegedly stealing artificial intelligence trade secrets for two Chinese businesses. In Newark, California, Linwei Ding was taken into custody on four charges of stealing federal trade secrets. He might spend ten years in prison if found guilty.

FBI director Christopher Wray told the Associated Press in a statement, “Today’s charges are the latest illustration of the lengths affiliates of companies based in the People’s Republic of China are willing to go to steal American innovation.”

The theft allegedly started two years ago when Ding, a Chinese national, started uploading hundreds of company files concerning its data centers into a personal Google Cloud account, according to the indictment, which was unsealed on Wednesday. Unbeknownst to Google, Ding apparently established his own startup shortly after that focused on training big AI models. He also reportedly joined a different Chinese AI company as its CTO. The indictment states that he left Google in December.

Leading US Cybersecurity Agency Hacked by Cybercriminals

According to Recorded Future, the US Cybersecurity and Infrastructure Security Agency reported this week that hackers gained access to the organization’s servers in February. CISA, which defends US critical infrastructure against cyberattacks and other threats, reports that following the hack, which was made possible by flaws in Ivanti IT management software, it pulled two of its systems offline. Recorded Future claims that, citing unidentified sources, one server “houses critical information about the interdependency of US infrastructure,” while the other “houses private sector chemical security plans.” CISA declined to comment on the specific sites it knocked offline. The identity of the hackers and whether they obtained or pilfered material from CISA networks are unknown. On February 29, the organization issued a warning to organizations using Ivanti.

X’s Calling Function Makes User IP Addresses Public

The IP address of anyone you call can be revealed via X’s recently announced audio and video calling capability, as if receiving a phone call over a social network wasn’t awful enough. Even worse: By default, the feature is enabled. IP addresses aren’t accurate enough to identify particular locations, but they can reveal a user’s approximate location. Nevertheless, human rights groups caution that IP address disclosure is extremely worrying for activists under authoritarian governments or other individuals who are at high risk. Toggle the Enable voice and video calling option to off in the X app’s Settings and privacy > Privacy and safety > Direct messaging to turn off the calling feature. Toggle the feature off if you’d rather not have your IP address revealed.