IT NEWS

On September 16, 2024, Apple released iOS 18. Besides a lot of exciting new features, iOS 18 comes with some privacy and security enhancements.

One of the most promising new features is the new Passwords app. Built on the foundation of Apple’s password management system Keychain, Passwords makes it easier for users to access stored passwords and get an overview of their credentials.

One thing we often hear when we recommend the use of a password manager is that it’s too complicated. And, admittedly, many of them come with a learning curve. But Apple has made some steps in the right direction here.

Apple will also warn users if their credentials have been caught up in a data breach, so users can change their compromised password. In addition, users who have a weak password, or one that’s been used before, will be warned to pick a better one. Current users of the AutoFill function should notice how their passwords have automatically been added to the Passwords app.

iOS 18 also provides users with new tools to manage who can see their apps, how their contacts are shared, and how their iPhone connects to accessories. One of those tools allows users to adjust settings so that app notifications and content can’t inadvertently be seen by others. Another new feature is the ability to hide an app, which basically moves it to a locked, hidden apps folder that only the main user has access to. The basic functional apps can’t be hidden, but generally speaking if it’s on the App Store it can be hidden.

Hidden apps can be locked and unlocked with Face ID, Touch ID, or the device passcode, although there are a few exceptions. Account holders under age 13 can’t lock or hide an app so they can’t use it to dodge a parent’s watchful eye. Users between the ages of 13 and 18 can use these functions, but parents can still see what apps were downloaded and how much they are used.

Contact sharing is a lot more configurable, which makes life easier for those of us who use their device for work and private matters. Say, for example, a person uses an app solely for work, he might decide to share only work-related contacts with that app. Access can be updated as desired. Apple users can now see at a glance how many apps have access to data like location services, tracking, calendars, files and folders, contacts, and health information. When they tap on a particular category, users see a list of which apps have what level of access, such as limited or full.

iOS 18 also prepares your device for Apple Intelligence which is expected next month.  

“Apple Intelligence, the personal intelligence system that combines the power of generative models with personal context to deliver intelligence that is incredibly useful and relevant while protecting users’ privacy and security.”

Apple Intelligence is an artificial intelligence (AI) platform developed by Apple. Its features include on-device processing so it’s aware of your personal data, but doesn’t require Apple to collect or store it, and a new complex system designed to draw on larger server-based models to handle more complex requests, while still protecting user privacy.

I realize this sounds a lot like Microsoft’s Recall feature which was delayed after privacy and security concerns. We haven’t seen any pushback of that magnitude for Apple Intelligence. The main difference here are the regular “screenshots” that Microsoft wanted to deploy to help users later.

The privacy protections Apple promises can be important to users who want to have access to AI but are concerned about having their private data used to train models, which is something even AI enthusiasts are worried about to some extent.

To take those worries away, Apple created Private Cloud Compute (PCC), a cloud intelligence system designed specifically for private AI processing, which Apple says extends the privacy and security of Apple devices into the cloud.

A handy change for some users might be the new guest access for the Home app, which makes it easier for other members of your household to use your device to control any accessories connected to the Home app.

One safety feature I’m not that thrilled about is the Activation Lock. The Activation Lock feature is intended to block unauthorized repairs with parts from other iPhones and deter the resale of stolen components. It will link key parts like batteries, cameras, and displays to the original owner’s Apple account, making it harder to use or sell stolen parts. I fear this will only make it harder for users to go outside the channels under Apple’s control to get their devices repaired.

More new features of iOS 18 are discussed at length in this Apple newsroom article.

To check if you’re using the latest software version, go to Settings > General > Software Update. You want to be on iOS 18.0 or iPadOS 18.0, so update now if you’re not. It’s also worth turning on Automatic Updates if you haven’t already. You can do that on the same screen.

We don’t just report on phone security—we provide it

Cybersecurity risks should never spread beyond a headline. Keep threats off your mobile devices by downloading Malwarebytes for iOS, and Malwarebytes for Android today.

Genetic testing company 23andMe will pay $30 million to settle a class action lawsuit over a 2023 data breach which ended in some customers having information like names, birth years, and ancestry information exposed.

In October 2023, we reported on how information belonging to as many as seven million 23andMe customers turned up for sale on criminal forums following a credential stuffing attack against 23andMe.

23andMe said that cybercriminals had stolen profile information that users had shared through its DNA Relatives feature, an optional service that lets customers find and connect with genetic relatives.

In December 2023, 23andMe admitted that some genetic and health data might have been accessed during that breach. To dodge responsibility, the company wrote a letter to legal representatives of those affected by the breach, laying the blame at the feet of victims themselves.

23andMe also neglected to tell customers with Chinese and Ashkenazi Jewish ancestry that the cybercriminal appeared to have specifically targeted them, posting their information for sale on the dark web.

In January 2024, customers filed a class action lawsuit against 23andMe in a San Francisco court, alleging the company failed to protect their privacy. The result of that lawsuit is the settlement.

What immediately jumped out in the settlement is the title of one of the chapters:

“THE SETTLEMENT IS THE RESULT OF ZEALOUS ADVOCACY AND SKILLFUL NEGOTIATION”

What does that mean? Well, the $30 million is apparently all that 23andMe can afford to pay. And that’s only because the expectation is that cyberinsurance will cover $25 million.

The market value of the company has plummeted, and revenue declined. This decline had already set in prior to the incident, but it definitely didn’t help to improve the situation.

The court has not yet approved the settlement, but it’s expected that 23andMe will pay $30 million into a fund for customers whose data was compromised, as well as provide them with identity and genetic monitoring.

Other countries, like Canada and the UK have announced they will undertake a joint investigation into the data breach.

According to Malwarebytes’ data, over 3 million people were affected by the data breach, so none of the victims should expect to get rich because of this settlement.

On the dark web, the data is offered for sale in three separate data sets. A general set that includes 2,763,569 records, one belonging to Ashkenazi-based users (835,708 records), and one allegedly belonging to China-based users of 23andMe (68,541 records).

Check your digital footprint

If you want to find out if your personal data was exposed through this breach, you can use our free Digital Footprint scan. Fill in the email address you’re curious about (it’s best to submit the one you used to register and 23andMe) and we’ll send you a free report.

We don’t just report on threats – we help safeguard your entire digital identity

Cybersecurity risks should never spread beyond a headline. Protect your—and your family’s—personal information by using identity protection.

Last week on Malwarebytes Labs:

• Ford seeks patent for conversation-based advertising
• Scammers advertise fake AppleCare+ service via GitHub repos
• Facebook scrapes photos of kids from Australian user profiles to train its AI
• PartnerLeak scam site promises victims full access to “cheating” partner’s stolen data
• Payment provider data breach exposes credit card information of 1.7 million customers
• Your partner “is cheating on you” scam asks you to pay to see proof
• What the arrest of Telegram’s CEO means, with Eva Galperin (Lock and Code S05E19)

Last week on ThreatDown:

• Ransomware review: September 2024
• ThreatDown wins every MRG Effitas award 3 years in a row
• Update now! Critical CVSS 10 vulnerability in Ivanti EPM
• Update now! Four zero-days fixed in September Patch Tuesday
• Ransomware gangs target SonicWall vulnerability
• New RansomHub attack uses TDSSKiller and LaZagne, disables EDR

Stay safe!

Our business solutions remove all remnants of ransomware and prevent you from getting reinfected. Want to learn more about how we can help protect your business? Get a free trial below.

Car manufacturer Ford Motor Company has filed a patent application for an in-vehicle advertisement presentation system based on information derived from several trip and driver characteristics. Among those characteristics—human conversations.

In the abstract of the patent application publication Ford writes:

“An example method includes determining vehicle information for a trip, the vehicle information including any one or more of a current vehicle location, a vehicle speed, a drive mode, and/or traffic information, the user information including any one or more of a route prediction, a speed prediction for the trip, and/or a destination, determining user preferences for advertisements from any one or more of audio signals within the vehicle and/or historical user data, selecting a number of the advertisements to present to the user during the trip, and providing the advertisements to the user during the trip through a human-machine interface (HMI) of the vehicle.”

Further one it details that “the controller may monitor user dialogue to detect when individuals are in a conversation.”

Based on this info, the controller can decrease or increase the number of advertisements. And “the conversations can be parsed for keywords or phrases that may indicate where the occupants are travelling to.”

Okay.

Essentially, the car you’re driving would not only spy on your driving behavior, your present and future locations, and your requested driving routes, but it would also eavesdrop on you. And let’s not forget the safety implications of displaying advertisements while you’re driving.

We have spoken about cars and privacy at length and came to the conclusion they’re not very good at it. Many politicians in the US agree with that point of view. US senators have asked the Federal Trade Commission (FTC) to investigate car makers’ privacy practices and Texas Attorney General Ken Paxton sued General Motors for selling customer driving data to third parties.

We explained why car location tracking needs an overhaul and we’ve implored that automakers work together to help users by providing them with the ability to turn tracking features off (a serious vulnerability for people fleeing from an abusive relationship).

Yet nowhere in the entire document exists one word about how Ford intends to keep the acquired information secure. We’d advise all car companies remediate existing security vulnerabilities before introducing potential new ones.

What’s next, Ford? Will you stop working if we drive past one of the establishments that sponsor your ads? Or was that “feature” to disable a functionality of a component of the vehicle or to place the vehicle in a lockout condition only for the repossession plans you attempted to patent earlier on?

Another controversial Ford patent filed in July described technology that would enable vehicles to monitor the speed of nearby cars, photograph them and send the information to police.

In a statement to Fortune, the company clarified that filing a patent is a standard practice to explore new ideas and doesn’t necessarily indicate immediate plans to release such a system.

We realize that advertisements make the internet go round. Many useful websites could not exist without them. But do these in-vehicle advertisements benefit the owner of the car? If it makes the cars cheaper, I’d be willing to pay some extra to not be bothered and eavesdropped on while driving. How about you? Let us know in the comments.

We don’t just report on threats – we help safeguard your entire digital identity

Cybersecurity risks should never spread beyond a headline. Protect your—and your family’s—personal information by using identity protection.

Facebook has admitted that it scrapes the public photos, posts and other data from the accounts of Australian adult users to train its AI models. Unlike citizens of the European Union (EU), Australians are not offered an opt-out option to refuse consent.

At an inquiry as to whether the social media giant was hoovering up the data of all Australians in order to build its generative artificial intelligence tools, senator Tony Sheldon asked whether Meta (Facebook’s owner) had used Australian posts from as far back as 2007 to feed its AI products.

At first Meta’s global privacy director Melinda Claybaugh denied this but senator David Shoebridge challenged her claim.

“The truth of the matter is that unless you have consciously set those posts to private since 2007, Meta has just decided that you will scrape all of the photos and all of the texts from every public post on Instagram or Facebook since 2007, unless there was a conscious decision to set them on private. That’s the reality, isn’t it?”

Claybaugh said yes, but she added that accounts of people under 18 were not scraped. However, when Senator Sheldon asked Claybaugh whether public photos of his children on his own account would be scraped, Claybaugh acknowledged they would.

When asked whether the company scraped data from previous years of users who were now adults, but were under 18 when they created their accounts, the question remained unanswered.

It is not new that Meta uses public Facebook and Instagram posts to train its AI, and Meta is not the only social media platform that does this. European privacy watchdogs accused X of unlawfully using personal data of 60 million+ users to train its AI Grok as well.

In June, the EU’s Data Protection Commission (DPC) reached an agreement with Meta to pause its plans to train its large language model using public content shared by adults on Facebook and Instagram across the EU. This decision followed intensive engagement between the DPC and Meta.

Australia recently revealed plans to set a minimum age limit for children to use social media, citing concerns around mental and physical health.

Prime Minister Anthony Albanese said his government would run an age verification trial before introducing age minimum laws for social media this year. The Prime Minister didn’t specify an age but said it would likely be between 14 and 16.

The reasoning behind the age limit had nothing to do with data scraping. He stated:

“I want to see kids off their devices and onto the footy fields and the swimming pools and the tennis courts. … We want them to have real experiences with real people because we know that social media is causing social harm.”

But nevertheless, the scraping could be a factor when the final decision about the age limit comes around.

What to do

Wherever you are in the world, we encourage you to think carefully about sharing photos of your kids online. Of course it’s lovely to post their photos for your friends and family to see, but once something is posted online you lose control about where that image is, and who has access to it.

If you really do want to share photos, lock your profile down as much as possible and keep your photos away from just anyone.

If you’re an adult and worried about image scraping, check the terms and conditions for accounts and see if you can opt-out. If there’s no option, carefully consider whether you want to post to that service at all.

We don’t just report on threats—we remove them

Cybersecurity risks should never spread beyond a headline. Keep threats off your devices by downloading Malwarebytes today.

We’ve uncovered a malicious campaign going after Mac users looking for support or extended warranty from Apple via the AppleCare+ support plans. The perpetrators are buying Google ads to lure in their victims and redirect them to bogus pages hosted on GitHub, the developer and code repository platform owned by Microsoft.

The goal of this scam is to get unsuspecting people on the phone with someone pretending to be working for Apple. From there, fraudulent call center agents will social engineer their victims in order to extract money from them.

In this blog post, we expose the techniques behind this scam and provide mitigation steps to stay away from them. We’d like to thank GitHub for their quick response in taking down the malicious accounts we reported to them.

Hey Siri, google “Apple phone support”

While Apple products are designed with simplicity in mind, we’ve all come across an issue at some point that we need assistance with. Google, who reportedly paid Apple $20 billion to be the default search engine, will display results in Safari, along with ads, hence the lucrative partnership.

Those “Sponsored” results can appear at the top or further down the search results page. In the image seen below, a malicious ad appears at the very top, right before Apple’s official phone number. In other cases we encountered, multiple malicious ads were displayed before any legitimate results.

Clicking on one of those will redirect to a fake AppleCare+ customer service page, inviting users to call a 1-800 phone number supposedly belonging to Apple. In reality, in just 2 simple clicks victims are connected with scammers located in call centers overseas.

GitHub repos

The fake Apple customer service pages are hosted on Microsoft’s GitHub source code repository as standalone HTML templates using Apple’s branding. Scammers are creating several accounts on GitHub with one or multiple repositories with the same fraudulent index.html template:

During an active campaign, they can easily swap phone numbers in case one got reported and blocked. In fact, we saw scammers do just that thanks to GitHub’s commit history:

There is also an interesting piece of code within the page (autoDial) that automatically pops up the phone dialog menu. This ensures that victims have one less thing to click on to get connected with a scammer impersonating Apple:

Risks and mitigations

This particular scheme is exceptionally easy to fall for due to the combination of malicious Google ads and lookalike pages. Scammers are preying on unsuspecting users to trust that they are real Apple service agents and that it’s okay to give them personal information.

The biggest risk to consumers is being defrauded for hundreds, and often thousands of dollars. Scammers typically instruct victims to withdraw money from their bank account and send it to them, in various ways.

In some cases we investigated this year, fraudsters will ask for the victim’s name, address, social security number and banking details. With that information, they can easily blackmail them directly or share their profile with other scammers who will pretend to help from the original incident.

We advise users to be extremely cautious when looking for phone or online support related to any of the most popular brands. Microsoft is usually highly targeted by scammers due to its dominance in the computer market share. Keep in mind that whenever you click on a sponsored result or ad, you are taking a chance of being redirected to a malicious site.

Check your digital footprint

If you want to find out what personal data of yours has been exposed online, you can use our free Digital Footprint scan. Fill in the email address you’re curious about (it’s best to submit the one you most frequently use) and we’ll send you a free report.

We don’t just report on threats – we help safeguard your entire digital identity

Cybersecurity risks should never spread beyond a headline. Protect your—and your family’s—personal information by using identity protection.

Earlier this week, we reported on a new type of scam that tells you your partner is cheating on you. However, we hit a dead end because we were unable to get hold of an original copy of the email.

That was until the scammers were “kind enough” to send one to one of our co-workers.

“Hi (target’s name],

[Partner’s name] is cheating on you. Here is proof.

As a company engaged in cyber security we’ve found information related to [partner’s name] that might interest you.

We made a full backup of [his/her] disk. (We have all [his/her] address book, social media, history of viewing sites, dating apps, all files, phone numbers, and addresses of all [his/her] contacts) and are willing to give you a full access to this data. For more details visit our website.”

With this, we were able to investigate the scammers’ intentions.

All three of the links in the email (Here, website, and Check now) point to the same website. Through a landing page located at click[.]cardfoolops[.]com visitors are redirected to partnerleak[.]com.

The partnerleak[.]com domain was registered on August 1, 2024, with NameCheap anonymously. Anonymous registration doesn’t automatically mean the person registering is up to no good, but it did block us from researching this avenue any further.

The registration date, however, matches with the first complaints we started seeing about these emails.

During the redirection process, your email address is passed on, which means when you register at the site your email address is already filled out.

The PartnerLeak site itself says it offers anonymity, as well as “crucial insights” into the behaviour of the one you love.

“completely anonymous service leverages artificial intelligence and the vulnerabilities of popular smartphones to provide crucial insights into your partner’s behavior.”

“Are You Concerned About Your Partner’s Honesty?

If you’ve decided to take a leap into a relationship but find yourself questioning your partner’s honesty, or if you’ve been together for a while and something feels off, we have a solution for you.

Our Service

Our completely anonymous service leverages artificial intelligence and the vulnerabilities of popular smartphones to provide crucial insights into your partner’s behavior. Here’s how it works:

Data Backup Access: You can download a backup from iCloud or Google, which includes:

• Device location tracking
• Movement history with timestamps
• Correspondence from popular messaging apps like Telegram, WhatsApp, and iMessage
• Photo and video materials stored on the smartphone

Social Media Analysis: Utilizing AI and extensive data, our service can:

• Check user registration and analyze behavior on platforms like Facebook and Twitter
• Investigate activity on popular dating apps such as Tinder, AdultFriendFinder, Hinge, and OkCupid

This comprehensive analysis helps you verify the reliability of your potential partner based on criteria that matter most to you.

Commitment to Anonymity and Privacy

• Anonymous Transactions: We prioritize your anonymity by processing payments through cryptocurrencies, ensuring that your partner will remain unaware of your inquiries.
• Data Privacy: Your privacy is of utmost importance. We offer the option to permanently delete any data related to you from our system.

Take control of your relationship concerns today with our discreet and effective service!”

Nowhere on the site does it specify how much such an investigation would cost, but after registration you can start a search at which point it will tell you to top up your balance.

To top up your balance there are three payment options:

• Credit card
• Bitcoin
• Ethereum

We checked the balances on the cryptocurrency accounts they provided and we are happy to report that those are both dead in the water. We can only hope that the PartnerLeak revenue from credit cards looks the same, although that is probably wishful thinking on our part.

Our investigation into where the scammers were getting the necessary information always pointed in the same direction: The Knot, a wedding services company.

However, we couldn’t find any breaches of its site or any tangible evidence that it was anything more than just a source of information. Like many other similar sites, it is easy to find a partner name on the site if you already have the name and email of the other partner.

But since many victims, including our co-worker, used The Knot’s services, we contacted them and received this statement from a spokesperson:

“We were notified of user concerns, and after investigation by our cybersecurity team, determined there is no evidence of unauthorized access to our systems.”

Regardless of where the scammers are getting their data, let’s keep their balance at zero and spread the word.

How to react to your partner “is cheating on you” emails

First and foremost, never reply to emails of this kind. That tells the sender that someone is reading the emails sent to that address, and will lead to them trying other ways to defraud you.

• If the email includes a password, make sure you are not using it any more on any account. If you are, change it as soon as possible.
• If you are having trouble remembering all your passwords, have a look at a password manager.
• Don’t let yourself get rushed into doing something. Scammers rely on time pressure that leads to people making quick decisions.
• Do not open unsolicited attachments. Especially when the sender address is suspicious, or even appears to be your own.

Check your digital footprint

If you want to find out what personal data of yours has been exposed online, you can use our free Digital Footprint scan. Fill in the email address you’re curious about (it’s best to submit the one you most frequently use) and we’ll send you a free report.

We don’t just report on threats – we help safeguard your entire digital identity

Cybersecurity risks should never spread beyond a headline. Protect your—and your family’s—personal information by using identity protection.

Payment provider Slim CD has disclosed a security incident that may have exposed the full credit card information of anyone paying at a merchant that uses Slim CD’s services.

The Florida-based gateway system, which allows merchants to take any kind of electronic payment, said on June 15 it noticed “suspicious activity” within its environment.

A subsequent investigation by a third-party specialist revealed that cybercriminals had access to Slim CD’s systems for 10 months, between August 17, 2023, and June 15, 2024. However, the company said the criminals only had access to credit card and other information between June 14 and June 15, 2024.

Slim CD said that the compromised information included full names, physical addresses, and credit card numbers including expiration dates.

The company said it is not aware of anyone yet using the exposed information:

“Although Slim CD presently has no evidence that any such information has been used to commit identity theft or fraud, Slim CD is providing information about the event, Slim CD’s response, and resources available to individuals to help protect their information from possible misuse.”

Even though there is no mention of credit card verification numbers being included in the breached data, Slim CD is still warning about the possible risks:

“We encourage you to remain vigilant against incidents of identity theft and fraud by reviewing your account statements and monitoring your free credit reports for suspicious activity and to detect errors.”

Customers are often unaware which payment provider is used by their online shops, so a data breach notice may come as a surprise to many of the 1,693,000 affected people.

Protecting yourself after a data breach

There are some actions you can take if you are, or suspect you may have been, the victim of a data breach.

• Check the vendor’s advice. Every breach is different, so check with the vendor to find out what’s happened, and follow any specific advice they offer.
• Change your password. You can make a stolen password useless to thieves by changing it. Choose a strong password that you don’t use for anything else. Better yet, let a password manager choose one for you.
• Enable two-factor authentication (2FA). If you can, use a FIDO2-compliant hardware key, laptop or phone as your second factor. Some forms of two-factor authentication (2FA) can be phished just as easily as a password. 2FA that relies on a FIDO2 device can’t be phished.
• Watch out for fake vendors. The thieves may contact you posing as the vendor. Check the vendor website to see if they are contacting victims, and verify the identity of anyone who contacts you using a different communication channel.
• Take your time. Phishing attacks often impersonate people or brands you know, and use themes that require urgent attention, such as missed deliveries, account suspensions, and security alerts.
• Consider not storing your card details. It’s definitely more convenient to get sites to remember your card details for you, but we highly recommend not storing that information on websites.
• Set up identity monitoring. Identity monitoring alerts you if your personal information is found being traded illegally online, and helps you recover after.

Check your digital footprint

If you want to find out what personal data of yours has been exposed online, you can use our free Digital Footprint scan. Fill in the email address you’re curious about (it’s best to submit the one you most frequently use) and we’ll send you a free report.

We don’t just report on threats – we help safeguard your entire digital identity

Cybersecurity risks should never spread beyond a headline. Protect your—and your family’s—personal information by using identity protection.

As if they weren’t annoying enough already, scammers have recently introduced new pressure tactics to their sextortion and scam emails.

Last week we reported how cybercriminals are using photographs of targets’ homes in order to scare them into paying money. Now they’re throwing in the name of targets’ partners, telling the receiver that their partner is cheating on them.

The general outline of the scammy email looks like this:

“Hi (target’s name],

[Partner’s name] is cheating on you. Here is proof.

As a company engaged in cyber security we’ve found information related to [partner’s name] that might interest you.

We made a full backup of [his/her] disk. (We have all [his/her] address book, social media, history of viewing sites, dating apps, all files, phone numbers, and addresses of all [his/her] contacts) and are willing to give you a full access to this data. For more details visit our website.”

For some people, the links in the mail lead to a site where you can “buy the data” for around $2500 in Bitcoin. Others report they were sent to a site that presented them with a login screen.

But where did the scammers get the partner’s name from?

Based on speculation among Reddit users, BleepingComputer contacted a wedding planning site called The Knot, which was listed as a possible source, but received no reply. Looking at our data, we can confirm that 3,677 users of The Knot have had their login credentials compromised at some point in time, but not all at once, so The Knot is not necessarily the source of the data.

There are many other ways that scammers can dig through or combine breached data to find out who your partner is and compose such a personalized email, or they could spend a small amount of time on social media to find out relatively quickly.

Regardless of where the scammers got the information, please don’t let this type of email ruin your relationship or even one minute of your day. Send the emails straight to the trash.

How to react to your partner “is cheating on you” emails

First and foremost, never reply to emails of this kind. That tells the sender that someone is reading the emails sent to that address, and will lead to them trying other ways to defraud you.

• If the email includes a password, make sure you are not using it any more on any account. If you are, change it as soon as possible.
• If you are having trouble remembering all your passwords, have a look at a password manager.
• Don’t let yourself get rushed into doing something. Scammers rely on time pressure that leads to people making quick decisions.
• Do not open unsolicited attachments. Especially when the sender address is suspicious, or even appears to be your own.

Check your digital footprint

If you want to find out what personal data of yours has been exposed online, you can use our free Digital Footprint scan. Fill in the email address you’re curious about (it’s best to submit the one you most frequently use) and we’ll send you a free report.

We don’t just report on threats – we help safeguard your entire digital identity

Cybersecurity risks should never spread beyond a headline. Protect your—and your family’s—personal information by using identity protection.

This week on the Lock and Code podcast…

On August 24, at an airport just outside of Paris, a man named Pavel Durov was detained for questioning by French investigators. Just days later, the same man was charged in crimes related to the distribution of child pornography and illicit transactions, such as drug trafficking and fraud.

Durov is the CEO and founder of the messaging and communications app Telegram. Though Durov holds citizenship in France and the United Arab Emirates—where Telegram is based—he was born and lived for many years in Russia, where he started his first social media company, Vkontakte. The Facebook-esque platform gained popularity in Russia, not just amongst users, but also the watchful eye of the government.

Following a prolonged battle regarding the control of Vkontake—which included government demands to deliver user information and to shut down accounts that helped organize protests against Vladimir Putin in 2012—Durov eventually left the company and the country all together.

But more than 10 years later, Durov is once again finding himself a person of interest for government affairs, facing several charges now in France where, while he is not in jail, he has been ordered to stay.

After Durov’s arrest, the X account for Telegram responded, saying:

“Telegram abides by EU laws, including the Digital Services Act—its moderation is within industry standards and constantly improving. Telegram’s CEO Pavel Durov has nothing to hide and travels frequently in Europe. It is absurd to claim that a platform or its owner are responsible for abuse of the platform.”

But how true is that?

In the United States, companies themselves, such as YouTube, X (formerly Twitter), and Facebook often respond to violations of “copyright”—the protection that gets violated when a random user posts clips or full versions of movies, television shows, and music. And the same companies get involved when certain types of harassment, hate speech, and violent threats are posted on public channels for users to see.

This work, called “content moderation,” is standard practice for many technology and social media platforms today, but there’s a chance that Durov’s arrest isn’t related to content moderation at all. Instead, it may be related to the things that Telegram users say in private to one another over end-to-end encrypted chats.

Today, on the Lock and Code podcast with host David Ruiz, we speak with Electronic Frontier Foundation Director of Cybersecurity Eva Galperin about Telegram, its features, and whether Durov’s arrest is an escalation of content moderation gone wrong or the latest skirmish in government efforts to break end-to-end encryption.

“Chances are that these are requests around content that Telegram can see, but if [the requests] touch end-to-end encrypted content, then I have to flip tables.”

Tune in today to listen to the full conversation.

Show notes and credits:

Intro Music: “Spellbound” by Kevin MacLeod (incompetech.com)
Licensed under Creative Commons: By Attribution 4.0 License
http://creativecommons.org/licenses/by/4.0/
Outro Music: “Good God” by Wowa (unminus.com)

Listen up—Malwarebytes doesn’t just talk cybersecurity, we provide it.

Protect yourself from online attacks that threaten your identity, your files, your system, and your financial well-being with our exclusive offer for Malwarebytes Premium for Lock and Code listeners.