mandevil 4 days ago

Good to see this article is available. Would that count as a new publication date?

  • IG_Semmelweiss 4 days ago

    this is a well researched article. Shame these are rare vs the norm.

    Reading thru the narrative about Appin, there's not a lot of complicated technical stuff. Their "training" consisted of novel approaches to social engineering / phishing that are a step up from your standard pretend-errant SMS of "hey I'm in town want to meet, (wrong person)?" to trick you into eventually clicking a URL.

    Not a lot of science at all. Just clever & resourceful people, operating at scale.

lmz 4 days ago

Good for them. Here we hear a lot about Chinese, Israeli, or NK hackers but not often Indian ones.

  • alephnerd 4 days ago

    There are plenty of these organizations globally.

    I'd say most major non-European countries have a public-private partnership model for offensive security operations

    There's a reason why most countries didn't join the Budapest Treaty for Cybercrime.

  • userbinator 4 days ago

    That's because what you hear depends a lot on the political climate, and more specifically what the media want you to think.

    • boomboomsubban 4 days ago

      Which makes me wonder who Appin pissed off.

      • alephnerd 4 days ago

        No one. It was organically detected by the threat hunting team at a cybersecurity company called SentinelOne.

        Most cybersecurity vendors have a dedicated org to threat hunting and blue teaming for a mix of marketing and keeping parity with exploit developers.

        • Dah00n 4 days ago

          Do they aim their "organic detection" equally against every single country, including the US? Or are they inherently biased?

          • EdwardDiego 3 days ago

            That's rather bad faith.

            • kelipso 2 days ago

              Not really. It’s human beings who choose who to focus on and with how much scrutiny, who decide on what to follow up on when given a list of hits, etc. All humans act based on the political climate and it’s naive to think otherwise.

    • libertine 4 days ago

      > more specifically what the media want you to think

      What media are you referring to, and how are they coordinating?

      • esperent 4 days ago

        A recent example: as you might have heard, the CEO of an insurance company was shot.

        As I'm not from the US, the most interesting thing to me about this killing is that a significant amount of the population thinks that the killing was justified. I've seen numbers like 60% of young people support his actions. If you go on reddit, you'll see that he has a huge amount of support there.

        Now, I don't personally know what to think about all this,. although my gut reaction is that violence is rarely a good solution.

        But one thing I am sure of: the public reaction to this killing is incredibly newsworthy. Possibly will go down in history as the starting point of a revolution levels of newsworthy.

        How much reporting on this aspect of the killing have you seen in the media? Especially in the first couple of days. Barely a whisper.

        When people talk about manufacturing consent and controlling the narrative, this is the kind of thing they mean.

        In a healthy press, in a healthy society, there should be a ton of discussion happening about this, why so many people are so upset and angry with their situation that they're willing to support a killing in broad daylight, what can be done to fix these issues, how this should be a wake-up call that deep changes are needed, and so on.

        Do you see that happening anywhere in the established media? The coordination doesn't require some shadowy network of media moguls making phone calls. Although I'm sure that is happening a bit since there are hardly any independent newsrooms anymore.

        • libertine 3 days ago

          > a significant amount of the population thinks that the killing was justified. I've seen numbers like 60% of young people support his actions. If you go on reddit, you'll see that he has a huge amount of support there.

          Can you share where you've seen these numbers?

          > In a healthy press, in a healthy society, there should be a ton of discussion happening about this, why so many people are so upset and angry with their situation that they're willing to support a killing in broad daylight, what can be done to fix these issues, how this should be a wake-up call that deep changes are needed, and so on.

          Doesn't this go against the ethics of reporting such extreme events, which empower people with mental health issues to "copy cat" in order to seek attention and gain social status?[0]

          I don't see how empowering someone with a mental disorder who chose murder as a means to set the public agenda as a "healthy press in a healthy society". Isn't this simply devaluing those who choose to pursue justice through peaceful means? Like using the Justice System, Protesting, etc?

          > Do you see that happening anywhere in the established media?

          Yes, I've seen plenty of coverage, I'll even say too much coverage on this subject as a whole.

          [0]https://pmc.ncbi.nlm.nih.gov/articles/PMC5296697/

          • maeil 3 days ago

            > Doesn't this go against the ethics of reporting such extreme events, which empower people with mental health issues to "copy cat" in order to seek attention and gain social status?[0]

            These ethics are completely disregarded by the media when reporting on e.g. school shootings. They do not factor in whatsoever.

            • libertine 3 days ago

              Well, we don't know to what extent they factor it in. It would be interesting to see how it evolved throughout the years - but that's beyond the point:

              The ethics and the effects of it are there, and to have a murderer set the public agenda doesn't make much sense.

          • esperent 3 days ago

            > Doesn't this go against the ethics of reporting such extreme events, which empower people with mental health issues to "copy cat" in order to seek attention and gain social status?

            If we're talking about opinion pieces, sure. But when it comes to headlines, those are supposed to be a reasonably dispassionate reporting of facts. A fact is that a significant percentage of the population supported this killing. I don't remember where I saw that 60% number, but suppose it's only 10%, or 20%. That's still tens of millions of people, it should still be reported on, dispassionately and factually.

            If the newspaper decides it would be ethically wrong to have opinion pieces representing this section of the population, that's another matter. Personally, given that we've all been forced to listen to representatives from both sides for several decades on things like gay marriage, abortion, and so on, I think they should apply that rule in this case too and give opinions from both sides.

            • libertine 3 days ago

              > A fact is that a significant percentage of the population supported this killing. I don't remember where I saw that 60% number, but suppose it's only 10%, or 20%. That's still tens of millions of people, it should still be reported on, dispassionately and factually.

              This is a big claim to say a significant percentage of the population supported this murder, so we need to know how that source got those figures.

              I want to know about the extent of the study, and how they even phrased the question, after all, it could be the result of a poorly done study, if it's real at all.

              I think it's essential to find out where you saw this because you seem to believe in it, yet you don't recall a source or where you learned about it. These are usually signs of being the target of misinformation — it's the typical "I saw on social media that..."

              So before we continue this engagement, let us ground ourselves in reality, and I'll ask you to find the source of that study and share it here.

        • mewpmewp2 3 days ago

          > Do you see that happening anywhere in the established media? The coordination doesn't require some shadowy network of media moguls making phone calls. Although I'm sure that is happening a bit since there are hardly any independent newsrooms anymore.

          This works naturally in a top down hierarchy where people who do what you want get promoted and who do not will not. There doesn't have to be a conspiracy. It is the little things influencing who exactly has decision power and everything can just go unspoken. A powerful and rich person who owns part of a business would exert influence on the hierarchy by funding only what they like and hierarchy promotes only what gets funding.

          Nobody has to utter a word, it is a bit like evolutionary algorithm of incentives.

      • theWreckluse 4 days ago

        The coordination emerges for second order reasons, sometimes as simple as what the people want to hear even.

        • libertine 3 days ago

          So after all there's no coordination, it's about what different media outlets perceive as newsworthy and of value to people.

          Is this what you mean?

          Because "coordination" means that there's an effort to make different parts of a system work effectively as a whole.

      • Dah00n 4 days ago

        Simple. Ask some Americans to write an article about spies or hackers. Then ask someone from North Korea. Do you not think where they are from and who they work for having an influence on what country the spy/hacker is from and who they work against?

        There's no such thing as unbiased journalists. When the Red Scare was on its highest, they would likely write about Communist spies. When Muslims were the most evil people ever, they would likely write about state sponsored groups from Iran. These days, Russia, China, Iran, and North Korea are the de facto go-to for Americans writing about these kinds of things even though most hacks in the US are done by Americans against Americans. There's no need for a conspiracy for OPs comment to be correct. People want you to believe their world-view.

        • libertine 3 days ago

          > Ask some Americans to write an article about spies or hackers.

          So The Guardian and Washington Post reporting on Edward Snowden leaks literally about USA Hacking and Spying... don't count? It's probably the biggest report ever published on this matter and happened in the USA. Not to mention that others followed through...

          That's why this is quite a confusing statement... heavily conspiracy-driven and misinformed... was any journalist murdered? Because you know, other regimes murder their journalists for far less.

          Anyway, I don't think this answers the question.

          The user generalized, and I'm looking for a concrete case of "what the media" wants us to hear where coordination took place. This is conspiracy theory by the way, and it's now generalized - so I think it's important to go into the facts of it.

          For example, if he said specifically "X is optimized to push MAGA content", it would be a concrete example of a multi-billionaire pushing a certain narrative and there's data that shows the shift[0]

          But stating that "the media" as a whole, is such a broad statement and such an extraordinary claim, that it requires that we look into it no?

          Of course, there are different sets of values and controls depending on the country. There's no free press in North Korea. This is a very different statement, because there's free press in most Western Countries, even with individual biases.

          > These days, Russia, China, Iran, and North Korea are the de facto go-to for Americans writing about these kinds of things even though most hacks in the US are done by Americans against Americans.

          Can you provide more information about these claims? Who are these Americans, and to whom are they writing?

          > People want you to believe their world-view.

          Who are these people you're talking about?

          [0]https://cybernews.com/news/x-algorithm-changed-musk-boost-ri...

saagarjha 4 days ago

> The article has now been reposted here, with an update in paragraph 14 to note that there’s no suggestion that bona fide students of the training centers were involved in hacking.

Quite unfortunate :/

  • Thorrez 4 days ago

    What is unfortunate? That the article was reposted? That a note was added to the article?

    • saagarjha 4 days ago

      The latter.

      • shadow28 4 days ago

        Could you please elaborate for those of us without context?

        • saagarjha 4 days ago

          Reuters was forced by a lawsuit to take down the post. They eventually got it posted again but not without a disclaimer on it.

          • Thorrez 4 days ago

            I don't see what's wrong about the note. I don't see anything suggesting the note is inaccurate. I don't see anything that says the court forced Reuters to add the note. It appears Reuters added the note of their own free will.

            • saagarjha 15 hours ago

              It seems like they added it after they were harassed by the lawsuit.

dyauspitr 4 days ago

There are a huge number of “mom and pop” hack shops all over India where people go to spy on their spouse’s/kid’s/friend’s electronics.

1024core 4 days ago

How did these people get the tech to do all this?

  • aprilthird2021 4 days ago

    Did you read the article? Their specialty appears to be email phishing, which doesn't require much in the way of bleeding edge technology

    • alephnerd 4 days ago

      > which doesn't require much in the way of bleeding edge technology

      They did runtime level attacks and (then) novel exploits which SentinelOne co-published with Reuters, but they took the article down due to the same lawsuit Reuters faced.

      Here's the web archive of the original article - https://web.archive.org/web/20231117061038/https://www.senti...

      Also do NOT underestimate spear phishing - the social engineering aspect is just a Trojan for the actual payload which is almost always malicious. Being able to transmit a malicious payload without being flagged by an email provider or an EDR takes a lot of technical effort.

      • aprilthird2021 3 days ago

        Ah interesting. I don't know enough about those to know what hardware is required. But the bulk of the cases the article talks about are phishing.

        Not saying they're not smart. The comment implied they have advanced tech or hardware that may have been embargoed, but the vector of attack is one which can be done without those.