![](\"https:\/\/media.wired.com\/photos\/628829eccd28289a2bae9d47\/master\/pass\/NKOREA_ru_sec_GettyImages-153340012.jpg\"\/)
<\/p>\n<\/p>\n
Credit to Author: Matt Burgess| Date: Sat, 21 May 2022 13:00:00 +0000<\/strong><\/p>\n Matt Burgess<\/a><\/span><\/span><\/p>\n To revist this article, visit My Profile, then View saved stories<\/a>.<\/p>\n To revist this article, visit My Profile, then View saved stories<\/a>.<\/p>\n As Russia\u2019s full-scale<\/span> war in Ukraine<\/a> heads towards its hundredth day, opposition from Ukrainian forces<\/a> is as strong as ever. At the same time, hacktivists all around the world continue to breach Russian institutions and publish their files and emails<\/a>. This week one hacktivist collective took a different\u2014and slightly peculiar\u2014approach: launching a service to prank-call Russian government officials. The new website<\/a> uses leaked details to put two random Russian officials on a call with each other. It obviously won't make any difference to the outcome of the war, but the group that created it hopes the tool will cause some confusion and annoy those in Moscow.<\/p>\n New research from Google\u2019s Threat Analysis Group has delved into the surveillance-for-hire industry and found that spyware vendors are targeting Android devices with zero-day exploits<\/a>. State-sponsored actors in Egypt, Armenia, Greece, Madagascar, C\u00f4te d\u2019Ivoire, Serbia, Spain, and Indonesia have all purchased hacking tools from the North Macedonian firm Cytrox, the Google team says. The malware has used five previously unknown Android exploits, alongside unpatched vulnerabilities. Overall, Google\u2019s researchers say they\u2019re tracking more than 30 surveillance-for-hire firms around the world.<\/p>\n In other malware news, academics at Germany\u2019s Technical University of Darmstadt have figured out a way to track an iPhone\u2019s location even when it is turned off<\/a>. When you switch your iPhone off it doesn\u2019t fully power down\u2014instead chips inside run in a low-power mode. The researchers were able to run malware that can track the phone in this low-power mode. They believe their work is the first of its kind, but the method is unlikely to be much of a threat in the real world, as it first requires jailbreaking the targeted iPhone, which has generally become harder to do in recent years.<\/p>\n But wait, there's more. We\u2019ve rounded up all the news that we didn\u2019t break or cover in depth this week. Click on the headlines to read the full stories. And stay safe out there.<\/p>\n International sanctions imposed against North Korea, for its continued development of nuclear weapons and ballistic missiles, mean the nation can\u2019t trade with other countries or bring outside money within its borders. To get around this, in recent years Pyongyang has allowed its state-affiliated hackers to raid cryptocurrency platforms<\/a> and rob banks<\/a>. Now the FBI, the US Department of State, and the US Treasury have warned<\/a> that thousands of North Korea\u2019s IT workers\u2014including app and software developers\u2014have been freelancing at businesses around the world and sending money home. Many of them are based in China or Russia, the officials say<\/a>. The risks of hiring North Korean workers range from \u201ctheft of intellectual property, data, and funds to reputational harm and legal consequences, including sanctions under both US and United Nations authorities.\u201d<\/p>\n In a significant public move, the US Department of Justice says it will stop prosecuting security researchers under the Computer Fraud and Abuse Act<\/a>. \u201cComputer security research is a key driver of improved cybersecurity,\u201d deputy attorney general Lisa Monaco said in a statement<\/a>. For years the anti-hacking CFFA law has been criticized for its broad scope and its potential to be abused by prosecutors. While the DOJ\u2019s explicit shift in policy will be welcomed by researchers, as Motherboard<\/em> reports<\/a>, the policy doesn\u2019t go far enough and still can put legitimate researchers at risk.<\/p>\n The mostly Russia-based Conti ransomware gang has had a dreadful few months. After backing Vladimir Putin\u2019s war in Ukraine, thousands of its internal messages and innermost secrets were published online<\/a>. While the gang has continued to target victims, including Costa Rica\u2019s government<\/a>, researchers now say Conti has officially shut down its operations. Conti\u2019s Tor admin panels have been taken offline, and the group\u2019s members are splintering off into other ransomware groups, according to security firm Advanced Intel<\/a>. The shutdown comes after the US government offered a $15 million reward<\/a> for information about Conti's members.<\/p>\n Canada has become the final country in the Five Eyes intelligence group\u2014which also includes the US, UK, Australia, and New Zealand\u2014to ban the use of Huawei\u2019s telecoms equipment<\/a> in its 5G networks. Fellow Chinese telecom firm ZTE is also included in the ban. The Canadian government, in an announcement, cited national security concerns and the fact that companies could be forced to comply with orders from \u201cforeign governments.\u201d Starting in September, Canadian firms will be banned from buying new 4G and 5G equipment from the Chinese companies. They must remove all existing 5G equipment by the summer of 2024, and 4G equipment must be removed by the end of 2027.<\/p>\n