Mysterious Twitter bug linked to ‘unusual activity’ from China and Saudi Arabia

A mysterious Twitter bug has been linked to suspicious activity from China and Saudi Arabia. “We have become aware of an issue related to one of our support forms, which is used by account holders to contact Twitter about issues with their account,” explained Twitter, in a statement released Monday. The bug could be used … Continue reading “Mysterious Twitter bug linked to ‘unusual activity’ from China and Saudi Arabia”

A mysterious Twitter bug has been linked to suspicious activity from China and Saudi Arabia.

“We have become aware of an issue related to one of our support forms, which is used by account holders to contact Twitter about issues with their account,” explained Twitter, in a statement released Monday.

The bug could be used to discover the country code of people’s phone numbers if they had one associated with their Twitter account, as well as whether or not their account had been locked by Twitter.

SHOCKING SCALE OF RUSSIA’S SINISTER SOCIAL MEDIA CAMPAIGN AGAINST US REVEALED

Twitter began working to deal with the bug on Nov. 15 and fixed it the following day. However, the company’s investigation into the mysterious issue has led to China and Saudi Arabia.

“We observed a large number of inquiries coming from individual IP addresses located in China and Saudi Arabia,” it said. “While we cannot confirm intent or attribution for certain, it is possible that some of these IP addresses may have ties to state-sponsored actors.”

The issue did not expose full phone numbers or users’ other personal data, according to the San Francisco-based firm.

TWITTER'S RELEASE OF 10 MILLION RUSSIAN, IRANIAN INFLUENCE CAMPAIGN TWEETS SHOWS US VULNERABILITY

The hack has prompted speculation that the bug may have been used to target dissidents.

Fox News has reached out to Chinese and Saudi authorities with a request for comment on the mysterious bug.

Twitter revealed the bug on the same day that two separate reports revealed the bewildering scale of Russia’s social media campaign to sow discord in the U.S.

In October Twitter also released an archive of more than 10 million tweets originating in Russia and Iran, which it says demonstrates efforts to spark friction in America.

Fox News’ Christopher Carbone contributed to this article.

Follow James Rogers on Twitter @jamesjrogers

Fox on Tech: Google Plus data breaches causing more headaches

Google is in the gutter again with users and privacy advocates, in the same week the tech giant's C.E.O is defending the company to skeptical lawmakers on Capitol Hill.

If you've never heard of Google Plus, you're not alone. The failed social media network had been scheduled to close down in August after failing to make a dent in Facebook's dominance. But now it's going to be shuttered even earlier than planned, due to a security bug leading to a massive leak of some 52 million users' private data. The information breach allowed outside developers to data mine private information about users, even if the account was set to private, including name, email and age, which is more than enough for an experienced thief to use for identity theft. The good news, according to Google: no financial information was released, and so far, the company hasn't seen any evidence that would indicate the information was used illegally. Of course they'll be keeping an eye on it as they wind down Google Plus operation.

This is actually Google Plus's second major data breach. Back in October, the company said some 500,000 users' data was compromised, which led to the announcement at that time that Google Plus would be going offline in August. However, because of this new breach, the termination date is now being moved up to April.

The revelation came on Monday, just a day before C.E.O. Sundar Pichai headed to Capitol Hill to face lawmakers for the first time. Most of the hearing focused on allegations of discrimination against conservatives online, but Pichai also spent a significant amount of time defending the company's record on privacy and data protection, telling members of the House Judiciary Committee that "protecting the privacy and security of our users has long been an essential part of our mission. We have invested an enormous amount of work over the years to bring choice, transparency and control to our users." It remains to be seen if Pichai's reassurances are enough to win over a skeptical public, wary of constant data breaches.

How to stop Apple and Google from tracking you

Apple and Google can track your every move. But there are ways to mitigate this or shut it down.

The tracking and snooping that Apple and Google do isn’t necessarily a nefarious plot to spy on you. It can make apps more useful. For example, data used by Google Maps can be helpful in getting directions.

That said, it’s not always clear how app providers harvest and use this data. There's no telling, for example, how a shopping or dating app may use your data.

The New York Times reported this week that a variety of companies use location data when users enable location services.

Set against this backdrop, users need to think about privacy. “Companies use IP addresses, advertising IDs, and cookies to track users and store details about their online behaviors, browsing history, searches, purchases, viewing habits, and more,” Paul Bischoff, privacy advocate at Comparitech.com, told Fox News.

PUTTING CHILDREN’S DATA ONLINE HAS CONSEQUENCES, REPORT SAYS

“The resulting ‘profiles’ sold to third parties might not have names attached, but they can be so specific as to only belong to a single person or small group of people,” he added.

Generally, disable your phone's location services when not in use, Bischoff said.

iPhone / iOS: turn off tracking

In iOS go to “Settings” then select “Privacy” and turn off the “Location Services.” You can also turn off tracking for individual apps on the list that appears below Location Services. Apple, however, warns on its support page that these actions will "limit the performance of various Apple and third-party apps."

Even if you don't turn off Location features, Apple will give you reminders about apps using location data in the background. For example, a screen may pop up and say, “’Weather’ has been using your location in the background. Do you want to continue allowing this?”

'FORTNITE’S' POPULARITY HAS ALSO MADE IT A POPULAR TARGET FOR CRIMINALS

And if you want to do something less drastic such as curb ad tracking, on the Privacy page under “Advertising” you can turn on “Limit Ad Tracking.”

Google/Android: turn off tracking

With Google, it can be a little more involved because Google is not only in charge of Android but its reach extends to the popular Chrome browser and to Google Search.

On Android, go to the Settings icon on your phone and then tap “Security & location.” Then under “Privacy” tap "Location" then tap “Use Location” and turn that off.  Or below Use Location on “App-level permissions” you can turn off the location permissions for individual apps.

But you may want to go a step further. Go to your Google My Account page and turn off “Location History.” Then, if you have more serious privacy concerns, you can opt to turn off “Web & App Activity.”

FACEBOOK PATENT HINTS AT CREEPY NEW FEATURE

“Remember that Google is a bit sneaky in this regard, as some apps collect location data even if your location history is disabled. You'll have to turn off all tracking of web and app activity, which may impact how other Google apps function,” Compareitech’s Bischoff said.

And some more tips about app tracking from Marco DeMello, CEO of app security specialist PSafe.

“When the product is free you are the product,” DeMello said, citing a widely-used axiom of the Internet. “Consider going for a premium or, at a minimum, an ads-free version of an app/game you're using or interested in. When you pay for services there's no incentive to sell your data,” DeMello said.

“Keep your phone like you keep your house – clean. Don’t keep around apps and/or games you no longer need or use. [It will] reduce the chance of these apps and/or games capturing and profiting from your data,” DeMello added.

Apple did not respond to a request for comment for comment on this story. Google provided pages (linked to above) that explain how to manage your location data on Android devices and in apps.

Huawei Technologies CFO arrested in Canada, accused of violating Iran sanctions

TORONTO – Canadian authorities in Vancouver have arrested Huawei Technologies Co.’s chief financial officer at the request of the U.S. government for alleged violations of Iranian sanctions, the latest move by Washington to crack down on the Chinese cellular-technology giant.

A spokesman for Canada’s justice department said Meng Wanzhou was arrested in Vancouver on Dec. 1 and is sought for extradition by the U.S. A bail hearing has been tentatively scheduled for Friday, according to the spokesman. Ms. Meng, the daughter of Huawei’s founder, Ren Zhengfei, serves as the company’s CFO and deputy chairwoman.

Ms. Meng’s arrest comes amid a year-long U.S. government campaign against a company it views as a national-security threat. In the past year, Washington has taken a series of steps to restrict Huawei’s business on American soil and, more recently, launched an extraordinary international outreach campaign to persuade allied countries to enact similar curbs.

The U.S. is seeking Ms. Meng’s extradition so as to have her appear in federal court in the Eastern District of New York, according to people familiar with the matter.

A Huawei spokesman said Wednesday that Ms. Meng was arrested while transferring flights in Canada. “The company has been provided very little information regarding the charges and is not aware of any wrongdoing by Ms. Meng,” he said. “The company believes the Canadian and U.S. legal systems will ultimately reach a just conclusion.”

The spokesman added that Huawei complies with laws and regulations everywhere it operates.

The Wall Street Journal reported in April that the Justice Department had launched a criminal probe into Huawei’s dealings in Iran, following administrative subpoenas on sanctions-related issues from both the Commerce Department and the Treasury Department’s Office of Foreign Assets Control.

In 2007, Ms. Meng served as a board secretary for a Huawei holding company that owned Skycom Tech, a Hong Kong-based company with business in Iran and employees who said they worked for “Huawei-Skycom,” according to a person familiar with the matter.

U.S. authorities have suspected Huawei’s alleged involvement in Iranian sanctions violations since at least 2016, when the U.S. investigated ZTE Corp., Huawei’s smaller Chinese rival, over similar violations. The Commerce Department released internal ZTE documents that showed the company studied how a rival identified only as “F7” had conducted similar business.

Click for more from The Wall Street Journal.

As Delta unveils nation’s 1st biometric terminal, some love its convenience, others raise privacy concerns

ATLANTA – Are you traveling through the world’s busiest airport this holiday season? Say, “cheese!”

Security at Hartsfield-Jackson Atlanta International Airport is getting a facelift, as Delta rolls out the first fully biometric terminal in the country.

In Terminal F, which is used for international flights, passengers have the option to use facial recognition to carry them from curb to gate – almost entirely eliminating the need to show a passport or boarding pass.

“Today, as you travel and check a bag internationally, you’re going to show your passport four times,” said Gil West, chief operating officer at Delta. But with facial recognition officially being launched on Dec. 1, Delta is eliminating the need for passengers to rummage through their bags for a passport or crumpled boarding pass up to four times.

“Now, it’ll be frictionless,” West said.

Passengers have the opportunity to use the technology at four points before taking off. (Fox News)

How does it work?

In order to use the technology, the passenger must be flying direct to an international destination, taking off from Terminal F on Delta, Aeromexico, Air France, KLM or Virgin Atlantic Airways.

Step 1.  Enter passport information during check-in (this can be done online ahead of time or at a kiosk at the airport).

Step 2.  Click “Look” on the screen at the kiosk in the lobby.

Step 3.  Simply approach and look into the camera at the baggage counter, TSA checkpoint or gate desk. It is important to note that passengers must specifically state they do not want to use the facial recognition technology at these three points.

Passengers may still have to show boarding passes at TSA through January 2019, according to a TSA spokesperson, and while travelers do not have to hand over their passport at the gate, they are still asked to have it readily available.

Facial recognition stations are also available for returning international travelers. U.S. Customs and Border Protection requires foreign nationals to have their picture taken, but not Americans.

The technology was heralded earlier this year at Dulles International Airport – where it is operating on a smaller scale – after nabbing a man who attempted to enter the U.S. using false identification.

On only the third day using the facial comparison biometric system, officials at Washington Dulles International Airport intercepted an imposter posing as a French Citizen. (U.S. Customs and Border Protection)

John Wagner with CBP said the snapshot at each checkpoint is compared with the individual’s passport photo stored in a CBP database. He called it a quicker and easier process for passengers and agents.

John Selden, who was recently appointed general manager of Hartsfield-Jackson, echoed those praises.

“It will provide 100 percent identification, even of the most similar-looking people, like twins,” Selden said. “It is a proven security improvement,” he added, referencing several imposters caught in John F. Kennedy International Airport, where he previously supervised.

Officials said Americans’ photos will be deleted within 12 hours, and non-U.S. citizens’ photos will be saved in a Department of Homeland Security database for up to 75 years.

A growing ‘Big Brother’

Selden told Fox News he not only thinks facial recognition will spread to other airports and domestic flights but that it will also become mandatory – a source of growing fear among privacy advocates.

“When biometrics are an option, that's one thing,” said Alex Hamerstone of TrustedSec, an information security consulting team. In those cases, people can weigh the privacy risks and make an informed decision.

“When it becomes mandatory,” he said, “that is when it gets a bit scary.”

Hamerstone also pointed out that in his experience, “it isn’t uncommon to see organizations not follow their own retention requirements – whether intentionally or due to badly implemented processes.”

Jay Stanley, a senior policy analyst with the ACLU, expressed similar concerns in an article on the non-profit’s website.

“Having ‘your face as your passport’ might be very convenient when you’re at a government checkpoint,” Stanley wrote. “But we don’t want to have to ‘present our passport’ at every turn in American society, including walking down the sidewalk.”

Stanley warned of the government’s insatiable appetite for individuals’ personal information, arguing that security systems should be improved through physical enhancements (like explosive detection or enhanced scanners) instead of increased identification of people.

“There is a logic of identity-based security, and it inevitably leads toward a regime of expanding information collection, surveillance, and tracking of individuals,” Stanley added, noting China’s wider spread use of face surveillance.

Stanley and Hamerstone both pointed out the value of one’s biometrics – and the danger in those details being compromised.

“If your password is compromised, you can change it,” Hamerstone told Fox News in a video chat. “You can’t really change your face. There’s not much you can do. It’s hard to change what you are.”

But Hamerstone admitted, right now, facial recognition is “pretty secure” and, if implemented correctly, using the technology “makes sense.”

‘If it’s faster, I’m glad’

Of the several hundred passengers boarding a Delta flight to Shanghai, Fox did not witness one passenger opt not to use the facial recognition feature.

Brett Askea was surprised to see the new technology but pleased with the speed of the process.

“If it’s faster, I’m glad,” he said.

Another first-time user, Alicia Graham, said the biggest benefit of facial recognition is its simplicity.

“I spend so many hours in the air, I want to be able to get through the airport as fast as possible,” Graham told Fox News.

It’s something West can appreciate.

“As customers, we don’t like to stand in line, so anytime you stand in line a minute feels like an hour,” West said. He added that facial recognition can save customers 9 minutes when traveling from curb to gate.

Delta started piloting the technology in Atlanta in mid-October. Since then, Delta said less than 2 percent of passengers opted out.

Plans to expand

“If we can get this technology across the whole airport, we would be able to handle the growth of the Atlanta airport without actually building things,” Selden said, hopeful to spread the technology to domestic flights.

Delta announced this week it is rolling out another biometric terminal in Detroit in a few weeks. The airline will add facial recognition technology to its domestic hubs that fly internationally over the next year.

“If we can do it here, we can do it anywhere,” West said. “And the scalability is unlimited, not just to aviation but to other industries.”

Emilie Ikeda is a multimedia reporter based in Atlanta. 

China is using ‘economic espionage’ and ‘theft’ to grab US technology

A new report issued by several prominent experts on Chinese and American foreign policy claims that China is using a range of methods to misappropriate U.S. technology.

The 200-page report, entitled “Chinese Influence & American Interests: Promoting Constructive Vigilance,” warns that American intellectual property is at risk.

"In the technology sector, China is engaged in a multifaceted effort to misappropriate technologies it deems critical to its economic and military success," experts explain, in a statement accompanying the report. "Beyond economic espionage, theft, and the forced technology transfers that are required of many joint venture partnerships, China also captures much valuable new technology through its investments in U.S. high-tech companies and through its exploitation of the openness of American university labs."

"This goes well beyond influence-seeking to a deeper and more disabling form of penetration," they added. "The economic and strategic losses for the United States are increasingly unsustainable, threatening not only to help China gain global dominance of a number of the leading technologies of the future, but also to undermine America’s commercial and military advantages."

“Nontraditional collectors” of data

The report identifies what it calls "nontraditional collectors" of data on U.S. technology. "China’s most systematic channel for identifying foreign-based nontraditional collectors is its Recruitment Program of Global Experts, commonly known as the Thousand Talents Plan or the Thousand Talents Program (TTP)," it said. "The TTP is a massive and sustained talent recruitment campaign designed to recruit leading experts from overseas to assist in the country’s modernization drive."

Official Chinese TTP websites list more than 300 U.S. government researchers and more than 600 U.S. corporate personnel who have accepted TTP money, according to the report. "In many cases, these individuals do not disclose receiving the TTP money to their employer, which for U.S. government employees is illegal and for corporate personnel likely represents a conflict of interest that violates their employee agreement."

The timing of the report is noteworthy, as President Trump is scheduled to meet with President Jinping at this weekend's G-20 summit, where the two will discuss the current trade war between both countries and whether the situation can be resolved or escalated.

NORTH KOREA LYING? SATELLITE DATA SUGGEST CHINA, RUSSIA, NORTH KOREA FALSIFYING GDP NUMBERS

The Trump administration has long argued that China does not offer a level playing field for foreign businesses and they steal intellectual property from U.S. companies, a claim the report backs up. "In business, China often uses its companies to advance strategic objectives abroad, gaining political influence and access to critical infrastructure and technology," the statement says.

In October, Vice President Mike Pence said U.S. companies should "think twice before diving into the Chinese market if it means turning over their intellectual property or abetting Beijing’s oppression," Pence said in prepared remarks made at the Hudson Institute. Pence specifically called out Google, which he said should "immediately end development of the 'Dragonfly' app that will strengthen Communist Party censorship and compromise the privacy of Chinese customers…"

Google has come under fire from politicians on both sides of the aisle, its employees and several other interested parties, including human rights groups, to abandon the project, which would see the tech giant potentially launch a censored search engine in China. Last month, Google CEO Sundar Pichai said the company is exploring a potential search engine, but nothing is definite.

Speaking with The Wall Street Journal earlier this week, Trump said he expected to boost tariff levels on a further $200 billion worth of Chinese goods to a level of 25 percent, up from 10 percent.

“If we don’t make a deal, then I’m going to put the $267 billion additional on,” at a tariff rate of either 10 [percent] or 25 [percent], Trump said.

WORLD'S FIRST GENETICALLY EDITED BABIES? INTERNATIONAL OUTRAGE ENSUES AS CHINESE SCIENTIST MAKES BOLD CLAIM

On Thursday, Trump tweeted that the tariffs have resulted in "billions of dollars pouring into the coffers of the U.S.A.," but did not provide any concrete details for this claim.

Chinese influence goes further than tech grab

The report details how Chinese policy began to take a very different path when President Xi Jinping came to power in 2013. Since then, the world's largest country "has significantly expanded the more assertive set of policies initiated by his predecessor Hu Jintao." The report also notes that China not only wants to redefine its position as a world leader but "put forward the notion of a 'China option' that is claimed to be a more efficient developmental model than liberal democracy.

China is using several ways to influence the American way of life, including using legitimate tactics and some "improper interference," including methods that have been previously summed up as “covert, coercive or corrupting.”

The report found that Chinese influence extends into a number of areas, including universities, federal and state government institutions, media and think-thanks, which the report notes are "very resilient" in resisting the influence. China is trying to promote views that are "sympathetic to the Chinese Government, policies, society, and culture," the statement reads. It adds that China is also trying to "suppress alternative views; and co-opt key American players to support China’s foreign policy goals and economic interests."

Several of the contributors of the report have been prominent in engaging with China, including Winston Lord, the former U.S. ambassador to China in the 1980s, Larry Diamond, a senior fellow at the Hoover Institution and Orville Schell, the Arthur Ross Director at the Center on U.S.-China Relations Asia Society.

Speaking with The Washington Post, Lord said the group who worked on the paper are not "a bunch of hostile, anti-Chinese people," making the findings all the more stunning. “Yet all of us have become more pessimistic about the trends and feel that we’re at a crossroads in the relationship,” Lord said of the about-face.

The report notes that China is second only to Russia when it comes to "efforts to influence American politics and society," adding that it is both "extensive and well-funded."

"The ambition of Chinese activity in terms of the breadth, depth of investment of financial resources, and intensity requires far greater scrutiny than it has been getting, because China is intervening more resourcefully and forcefully across a wider range of sectors than Russia," the report reads. "By undertaking activities that have become more organically embedded in the pluralistic fabric of American life, it has gained a far wider and potentially longer-term impact."

Fox News has reached out to the Chinese government for a request for comment.

However, the report was cautious to note that it did not want to "exaggerate the threat of these new Chinese initiatives." Aside from the report stating that China did not interfere with U.S. elections the way the Russians did (a claim the Trump administration says took place), there are plenty of examples of the two countries working together.

"For all the tensions in the relationship, there are deep historical bonds of friendship, cultural exchange, and mutual inspiration between the two societies, which we celebrate and wish to nurture," a statement on the report reads. "And it is imperative that Chinese Americans—who feel the same pride in American citizenship as do other American ethnic communities—not be subjected to the kind of generalized suspicion or stigmatization that could lead to racial profiling or a new era of McCarthyism."

Follow Chris Ciaccia on Twitter @Chris_Ciaccia

Vlad the imposter: Twitter suspends fake Putin account that had almost 1 million followers

Twitter has suspended a fake English language Vladimir Putin account that had racked up almost 1 million followers.

“We suspended @putinRF_eng for impersonation based on a valid report we received from Russian officials,” Twitter tweeted Wednesday.

The BBC reports that the account surfaced in 2012 and mostly posted links to the Russian President’s public appearances. It had nearly 1 million followers when it was suspended, according to the BBC.

TWITTER'S RELEASE OF 10 MILLION RUSSIAN, IRANIAN INFLUENCE CAMPAIGN TWEETS SHOWS US VULNERABILITY

The bogus account had been cited in a number of media reports.

It is not clear who set the account up. Twitter declined to provide additional details when contacted by Fox News.

The official English language Twitter account for the Russian President is @KremlinRussia_E, which is verified by the social media platform.

Last month Twitter released an archive of more than 10 million tweets originating in Russia and Iran that aimed to sow division in the U.S.

Fox News’ Christopher Carbone contributed to this article.

Follow James Rogers on Twitter @jamesjrogers

Scary ransomware attacks famous North Carolina county

A major ransomware attack has forced the shutdown of a host of IT systems at Mecklenburg County, North Carolina.

Officials confirmed late Wednesday that they will not pay the ransom to unlock many of the county's applications that have been frozen since Monday.

“I am confident that our backup data is secure and we have the resources to fix this situation ourselves,” said County Manager Dena Diorio, in a statement. “It will take time, but with patience and hard work, all of our systems will be back up and running as soon as possible.”

Attackers gave a deadline of 1 p.m. ET Wednesday for payment of the ransom, according to news reports.

SHIPPING GIANT HIT BY CYBERATTACK, REFUSES TO PAY HACKERS' RANSOM

The hackers have demanded for the payment in bitcoin. One bitcoin is worth approximately $13,000.

Fox 46 reports that hackers froze a number of servers in the attack, preventing county official from accessing the information stored on them.

Systems affected by the shutdown span human resources, finance, parks and recreation, social services, deeds registration, assessor’s office, tax office and Land Use and Environmental Services Agency (LUESA).

In a statement released on Wednesday, the county explained that departments have implemented paper processes and other solutions to continue serving customers.

HACKER TARGETS SACRAMENTO REGIONAL TRANSIT, DELETES 30 MILLION FILES IN RANSOMWARE ATTACK

“There is no evidence at this time that personal, customer or employee information or data has been compromised,” it said. “The County is consulting with Federal, state and private stakeholders, including the FBI and Secret Service, while the County works to restore services,” it added.

Fox 46 reports that the county backs up all of its files, so information frozen by the attack will eventually be retrieved. “At this point in time, backups seem to be highly effective,” explained a Mecklenburg County official during Wednesday’s press conference.

The attack reportedly unfolded after a worker at Mecklenburg County clicked on an infected email.

HUGE 'PETYA' RANSOMWARE ATTACK HITS EUROPE, SPARKS MASS DISRUPTION

A growing number of organizations and municipalities are being targeted in ransomware attacks. U.K. shipping giant Clarkson, for example, recently fell victim to a cyberattack, but vowed not to pay a ransom to the hackers.

A hacker recently deleted 30 million files in a ransomware attack on Sacramento Regional Transit. The hacker demanded $7,000 in bitcoins via SacRT’s Facebook page, which the agency did not pay, opting instead to back up the data.

Last year, a Los Angeles hospital paid a ransom of nearly $17,000 in bitcoins to hackers who infiltrated and disabled its computer network.

Uber recently came under fire for its reported payment of $100,000 to hackers.

Follow James Rogers on Twitter @jamesjrogers

35 million voter records up for sale on the dark web, report says

Dark web peddlers are busy this election season.

A massive unauthorized disclosure of voter records is estimated to exceed 35 million across 19 states, according to Anomali Labs and Intel 471, firms that provide cyber threat services and intelligence.

The voter records, which include personal information and voting histories, are being peddled on the dark web in hacker forums, according to a blog post from Anomali this week.

“I want to make clear that the information posted is publicly available information. We are not suggesting any states have been hacked,” Dan Barahona, Chief Marketing Officer at Anomali, told Fox News.

SAN DIEGO PORT TARGETED IN RANSOMWARE ATTACK

“Considering the information is fairly easily obtained, there's no reason to believe a malicious actor would bother with trying to hack into an election database,” he said.

Rather, this is a targeted campaign by bad actors who are redistributing legitimately obtained voter data on a cybercrime forum, Anomali said in the post.

“To our knowledge, this represents the first reference on the criminal underground of actors selling or distributing lists of 2018 voter registration data, including US voters’ personally identifiable information and voting history,” according to Anomali.

Voter records include full name, phone numbers, physical addresses, voting history, and other unspecified voting data. Voter list prices range from $150 to $12,500 depending on the state and depending on the number of voter records per database listing and/or other factors, Anomali said.

 BEWARE VIRTUAL 'KIDNAPPING' SCAMS, FBI WARNS

“Once purchased, the vendor claims to provide customers with regular updates at the start of each week,” the blog post added.

Motivation

What’s not clear is the motivation for the illicit activity.

“For the seller it may simply be an easy way to try to profit from aggregating voter registration rolls,” Anomali’s Barahona said.

Or the voter data could be combined with other breached data, such as social security numbers, as part of an identity theft scheme, Barahona said.

AI-GENERATED FAKE VIDEOS MAY BE A SECURITY THREAT, LAWMAKERS WARN   

And it could also be theoretically used to alter election outcomes. “Someone attempting to impact elections could use this information to register on behalf of other voters, request mail-in ballots, and vote early as those voters, for example,” he said.

Barahona pointed to a recent case where four women were indicted in Texas. The four are members of an organized voter fraud ring and were paid to target elderly voters in a scheme to generate large numbers of mail ballots, and then harvest those ballots for specific candidates in 2016, according to a statement from the Texas Attorney General’s office.

“The voting data itself presents a more interesting and concerning possibility,” Tim Erlin, VP, product management and strategy at Tripwire, a cybersecurity firm, told Fox News.

“We know that a variety of disinformation campaigns have been used to influence elections,” he said. “Having accurate voting records, along with personal data, could allow for more targeted and effective influence operations.”

iOS 12 stops police unlocking your iPhone

Apple is constantly working to improve the security on its devices and protect our data. This has led to improved encryption and a shift from simple passcodes to fingerprint and most recently facial recognition on its smartphones. The security measures are so good, police seizing an iPhone have to be careful not to look directly at it.

There is one thorn in Apple's side when it comes to security, though, and that's the company Grayshift. Founded in 2016, it offers law enforcement agencies around the world an iPhone unlocking device called GrayKey. It works, or at least it did until now, and has won Grayshift many customers. However, that all changed with iOS 12.

As Forbes reports, with the release of iOS 12, Apple finally managed to stop GrayKey from working. It has been confirmed that any iPhone running iOS 12 can no longer be unlocked using a GrayKey device. The details of how Apple managed to block the device are unknown, but the last we heard about Apple's efforts to better secure its devices was a plan to close a Lightning port security hole back in June. Clearly that happened, but it's unlikely the only measure required to lock out Grayshift's system.

For consumers, it's a clear reminder that they should keep their mobile devices up-to-date. Upgrading to iOS 12 will better protect your device, and that protection now covers any attempts by law enforcement to unlock you phone. But for how long?

More From PCmag

  • Uber Offering $10 Discount on Rides to the Polls, But With Caveats
  • <g class="gr_ gr_42 gr-alert gr_spell gr_inline_cards gr_run_anim ContextualSpelling ins-del multiReplace" data-gr-id="42" id="42">Walabot</g> Is a Smart Home Device That Can Detect Falls
  • Tim Cook: Our Data Is Being ‘Weaponized Against Us’
  • Report: Facebook Wants to Acquire a Cybersecurity Firm
  • Hardware security has always been a cat and mouse game. When one security hole closes another is eventually found and exploited. It could be months before GrayKey starts working again, or it could be days. iPhones are very secure devices, but they aren't perfectly secure, no hardware is.

    This article originally appeared on PCMag.com.