Bitcoin mining computers worth $2m stolen in massive Icelandic heist

6 Mar 2018

Jokulsarlon glacier lagoon, Iceland. Image: Adellyne/Shutterstock

Thieves in Iceland make off with hundreds of bitcoin mining computers as YouTube clamps down on far-right content.

The very last day of February saw GitHub hit with the largest DDoS attack in history. Attackers used a method known as ‘memcaching’ to amplify traffic volumes to the site, causing it to crash.

Facebook announced it would be testing some new features ahead of GDPR including a facial recognition feature being made available in Europe for the very first time. The 25 May deadline is approaching fast, with companies now tying up loose ends ahead of time.

A lot can happen in a week, so read on to stay informed.

Who is behind Iceland’s ‘Big Bitcoin Heist?’

The cryptocurrency frenzy shows no signs of abating, with crimes related to the arena on the increase. Thieves in Iceland stole some 600 computers used to mine digital currency, worth close to $2m. Three out the four burglaries took place in December 2017 and a fourth in January, in what Icelandic authorities are calling “grand theft on a scale unseen before”.

According to AP, the computers have not yet been found and 11 people were arrested, including a security guard. The news was kept under wraps in order for police to have a better chance of catching the culprits.

Plot twist: MoviePass tracks user locations before and after films

US cinema subscription service MoviePass is cheap to avail of, but that might be because the user of the app is actually the product. CEO of MoviePass, Mitch Lowe, revealed some worrying information at a data monetisation conference last week. TechCrunch reported that the app tracks users’ location before they leave their house and also follows them once the film has ended, whether it’s to the pub or back to bed.

The company privacy policy only mentions location tracking as a ‘single request’ when a cinema is selected, which will “only be used as a means to develop, improve and personalise the service”. Lowe said, somewhat ominously: “We watch how you drive from home to the movies. We watch where you go afterwards.” A spokesperson said MoviePass was “exploring utilising location-based marketing” but did not reveal specifics.

YouTube is clamping down on far-right extremism

Following the recent mass shooting in Florida, YouTube was flooded with right-wing conspiracy theorists trying to convince viewers that recently bereaved teenagers advocating for gun control are ‘crisis actors’. YouTube has been consistently criticised of late for its content moderation policy, but many right-wing content creators are reporting to have received strikes against their channels, including Mike Cernovich and Infowars head Alex Jones.

While some people have praised the penalisations, others say YouTube is simply acting fast to punish people giving the platform a bad reputation. Jonathan Albright, the research director of the Tow Center for Digital Journalism, said: “YouTube isn’t in a ‘too big to fail’ situation. But they’re potentially too big to moderate.”

SAML security flaw could trick numerous single sign-on systems

Researchers at Michigan-based security firm Duo last week uncovered a bug that could trick numerous single sign-on systems into allowing bad actors to log in as strangers without their password due to a programming flaw.

Information submitted in the Security Assertion Markup Language (SAML) is mishandled by the authentication suites, which potentially opens up exploitation opportunities for hackers to log into systems by impersonating other users and gaining account access.  Many enterprises use single sign-on to allow users and clients to log into a number of services with one password and username. Duo told Siliconrepublic.com that the flaw “may have been around since the affected software had been created”, but patches are on the way.

Equifax says millions more were affected by last year’s data breach

Beleaguered credit broker Equifax is still reeling from the effects of its 2017 data breach and now comes even more bad news. On top of the original 145.5m Americans, 15.2 UK citizens and around 100,000 Canadians, another 2.4m people have been affected. On 1 March, the company said only partial drivers’ licence information and names were stolen from the latest batch, making it less severe than the tens of millions whose personal details were spilled all over the internet last year.

The company will be offering free identity theft protection and credit file monitoring services to those affected.

Ellen Tannam was a journalist with Silicon Republic, covering all manner of business and tech subjects

editorial@siliconrepublic.com