![](\"https:\/\/media.wired.com\/photos\/5c9ea193ee20947f575edc60\/master\/pass\/maleware-1094817202.jpg\"\/)
<\/p>\n<\/p>\n
Credit to Author: Emily Dreyfuss| Date: Sat, 30 Mar 2019 13:00:00 +0000<\/strong><\/p>\n This week started <\/span>off with one of tech\u2019s biggest events of the year: an Apple product release<\/a>. One of the most inter\u00adesting launches to come out of Cupertino was rectangular, incredibly thin, and made of metal. But it isn't a gadget, it\u2019s a credit card\u2014the Apple Card<\/a>\u2014which the company says will have better security than any other. WIRED's own Lily Hay Newman dug into that claim and has some tips<\/a> on how to get those security benefits now, before the card is even released.<\/p>\n Newman had a busy week. On Monday she explained how to check<\/a> for a tainted software update that installed malicious backdoors on thousands of Asus computers, a sophisticated hack first reported by Motherboard<\/a>. She was first to reveal new details about Mastercard's plan for a digital identity<\/a>, a useful idea that has proved tricky to implement in practice. By Thursday, she found<\/a> that HTTPS encryption may not be, well, all that secure all the time. Finally, Newman closed out the week with a report on the British government's finding that Huawei, the Chinese telecom equipment maker, has major security flaws<\/a> in its product code.<\/p>\n Andy Greenberg wrote a guide to LockerGoga<\/a>, the ransomware that\u2019s been crippling industrial firms. Ideas contributor Zeynep Tufekci argued<\/a> that machine learning shouldn\u2019t have to spy on you in order to learn. I told you the story<\/a> of how walkie-talkie app Zello has become a lifeline to Venezuelans amid a humanitarian crisis. Garrett Graff explained why<\/a> attorney general William Barr\u2019s four-page letter summarizing the Mueller report raises more questions than it answers.<\/p>\n And we took you on the trail of the \u201crobocall king,\u201d with a fascinating story<\/a> written by Alex Palmer.<\/p>\n Of course, there was more! Each week we round up all the news we didn\u2019t cover in depth. Click on the headlines to read the full stories. And stay safe out there.<\/p>\n Working together with security researchers, a Motherboard investigation found that more than 20 Android apps in the Google Play Store were actually spyware that may have been developed for the Italian government. The apps were disguised as offering promotions from cell phone providers, but installed malware to steal data from devices and also left phones vulnerable to additional hacking. Legal experts and law enforcement sources told Motherboard that the apps appear to have flouted Italian laws permitting the use of spyware in certain circumstances. After being alerted by the researchers, Google took the apps off the Play Store. The company says it found 25 different versions of the spyware dating back to 2016, and that fewer than 1,000 Italians were affected. The specifics of the spyware are alarming, but there\u2019s a larger takeaway from the story, too. As Motherboard writes, \u201cThis new case once again highlights the limits of Google\u2019s filters<\/a> that are intended to prevent malware from slipping onto the Play Store.\u201d<\/p>\n Roskomnadzor, Russia\u2019s media and telecom regulator, has notified 10 popular VPNs that they must start blocking sites on the government blacklist. According to TorrentFreak<\/a>, the notice cites a 2017 law requiring services like VPNs to enforce the blacklist; the companies have 30 days to comply or risk getting blocked themselves. Since that law was passed, the VPNs have demurred, continuing to host the banned sites, but now experts are not sure what will happens if the companies refuse this time. One of the VPNs, TorGuard, told TorrentFreak it had already shut down its Russian operations and left the country in response to the notices, which also demanded the company hand over information on its business practices.<\/p>\n In what may mark the end of an era, the dark-web marketplace Dream Market announced this week that it\u2019s shutting down on April 30. Dream Market has been around since 2013. It emerged as a dark-web leader after Silk Road shut down, followed shortly by its three biggest competitors. But its time on top would be brief. The news of the shutdown broke on the same day that law enforcement announced major arrests for dark-web drug trafficking. As ZDNet reports, that has worried Dream Market users and observers, who fear the site may have been compromised , and that any activity that takes place on there in its final month may be part of a honeypot operation. If it were true, it wouldn\u2019t be the first sting in the dark-web world.<\/p>\n Iranian hacking group Phosphorus has 99 problems, and Microsoft is all of them. The company announced on Wednesday<\/a> that it had taken down over 99 domains operated by the nation-state hackers. Microsoft followed a playbook it has honed over 15 similar cases: It challenged Phosphorus in a US civil court, arguing that it was illegal for the group to mimic Microsoft websites in order to attack people. The court ruled in Microsoft\u2019s favor and gave the company the right to seize the domains. Microsoft\u2019s Digital Crimes Unit and its Intelligence Center have been tracking the group since 2013, according to its announcement. The company believes the group was using the sites to spear-phish for passwords, contact information, or even control of people\u2019s computers.<\/p>\n