Law and Order

WikiLeaks founder Julian Assange has agreed to plead guilty to a single criminal charge, ending a long extradition battle with the United States government. Assange will reportedly avoid further jail time and be allowed to return to his home country of Australia.

Assange won't have to travel to the continental United States. He is scheduled to plead guilty tomorrow in US District Court for the Northern Mariana Islands, a US territory in the western Pacific Ocean.

Since at least 2019, a shadowy figure hiding behind several pseudonyms has publicly gloated for extorting millions of dollars from thousands of victims he and his associates had hacked. Now, for the first time, “LockBitSupp” has been unmasked by an international law enforcement team, and a $10 million bounty has been placed for his arrest.

A US federal judge in the Southern District of New York has sentenced Sam Bankman-Fried, founder of bankrupt crypto exchange FTX, to 25 years in prison. In addition, Bankman-Fried has been ordered to forfeit $11 billion. Last November, at the end of a month-long trial, Bankman-Fried—known colloquially as SBF—was found guilty of seven counts of fraud and conspiracy in connection with the collapse of FTX.

Nearly ten years ago, the sprawling dark-web drug market known as the Silk Road was torn offline in a law enforcement operation coordinated by the FBI, whose agents arrested the black market's boss, Ross Ulbricht, in a San Francisco library. It would take two years for Ulbricht's second-in-command—an elusive figure known as Variety Jones—to be tracked down and arrested in Thailand. Today, a decade after the Silk Road's demise, Clark has been sentenced to join his former boss in federal prison.

For years, a group of Chinese hackers known variously as Barium, Winnti, or APT41 has carried out a unique mix of sophisticated hacking activities that has puzzled the cybersecurity researchers tracking them. At times they appear focused on the usual state-sponsored espionage, believed to be working in the service of the Chinese Ministry of State Security. At other times their attacks looked more like traditional cybercrime. Now a set of federal indictments has called out those intruders by name, and cast their activities in a new light.

Li Xiaoyu had a problem. At some point in his decade-long hacking spree with former college classmate Dong Jiazhi, as alleged in a recent Justice Department indictment, the Chinese national found himself unable to break into the mail server of a Burmese human rights group. The usual methods apparently hadn’t worked. For Li, the solution came from having a friend in high places: An officer with China’s Ministry of State Security handed him zero-day malware—unknown to security vendors, and so harder to defend against—to help finish off the job.

A lawsuit is taking aim at Clearview AI, a controversial facial recognition app being used by US law enforcement to identify suspects and other people. The app is under fire after a New York Times investigation into the software company earlier this week. The app identifies people by comparing photos to a database of images scraped from social media and other sites, and then sells the info to law enforcement agencies.

A federal jury on Thursday convicted two Romanian nationals of aggravated identity theft and wire fraud, among other charges, for using malware to steal credit card information and sell it on underground websites.

A 12-day trial found Bogdan Nicolescu and Radu Miclaus guilty on 21 counts. In addition to wire fraud and identity theft, they were convicted on money laundering and counterfeit charges.

A class-action lawsuit claiming Fiat-Chrysler knew about, but failed to fix, significant cybersecurity holes in its cars will go to trial in America later this year.

This week, the US Supreme Court refused to hear [PDF] the company's appeal to a lawsuit that was filed after security researchers revealed, back in 2015, they were able to take over a Jeep's operation because of clumsy coding in its entertainment software.

A British teenager has been jailed for three years for making hoax bomb threats that closed hundreds of schools up and down the UK.

In March 2018, George Duke-Cohan emailed more than 1700 schools, colleges, and nurseries from the bedroom of his home in Watford, warning that explosives had been planted. The emails said that unless US $5,000 was paid within three hours into the account of US-based Minecraft server VeltPvP, buildings would be blown up.