CrowdStrike has confirmed claims by Intrusion Truth that APT 10 (also known as Stone Panda) is operated by the Tianjin Bureau of China's Ministry of State Security. Intrusion Truth, described as "shadowy," represents itself as a hacktivist group dedicated to exposing Chinese intelligence.
Zscaler researchers are tracking a spam campaign that directs users to .tk sites (the national top-level domain for Tokelau) in the service of, for the most part, an ad-fraud campaign. Zscaler estimates the ad fraud brings in more than $20 thousand a month, and other associated scams pull in additional revenue. Tokelau, which allows anyone to register a domain, has a population shy of fifteen hundred but the largest presence on the Internet.
Two implausible scams are circulating. One, a celebrity advance-fee come-on, tells the gullible that Pope Francis wants to give away a small fortune in Bitcoin. The other, crude ransomware, displays the face of former President Obama and represents him as declaring that he's encrypted your files, but that he'll recover them for you in exchange for "a tip." It should be, but isn't, needless to say that neither the current Pope nor the former President are involved in any of this.
Check Point researchers have found, and made available, a decryptor for RansomWarrior ransomware.
On Wednesday the US Congress will hold hearings on the tech industry. They're interested in political influence, privacy, and monopolistic practices. The Senate Intelligence Committee will interrogate Facebook, Twitter, and Google. The House Commerce Committee will confine itself to Twitter.