A very large doxing campaign has exposed sensitive personal information belonging to hundreds of German political figures (BBC). The only recently noticed campaign, which began quietly before Christmas and took the form of a satirical Advent calendar, released private communications, emails, contacts, phone numbers, memoranda, and financial information belonging to “hundreds” of politicians, including Chancellor Merkel and President Steinmeier (Graham Cluley). The Bundesamt für Sicherheit in der Informationstechnik (BSI) is investigating. The only political party apparently unaffected is the Alternative for Germany, generally described as “far right.” Observers betting on form suspect Russia’s GRU, Fancy Bear, but that’s speculation on a priori probability (TechCrunch).
Speaking of Fancy Bear, ESET has released details on Lojax, the UEFI rootkit the GRU has used in cyber espionage operations (Register).
Trend Micro has discovered a MobSTSPY infestation in Google Play. The spyware was found lurking in otherwise innocent-appearing Android apps. More than a hundred-thousand users may have been infected.
ISIS has returned to the online world seeking to inspire mass murder (mostly by automobile) in spaces "crowded with unbelief." Some of the inspiration has been delivered through dormant Twitter accounts ISIS hijacked (Engadget).
Bail is being sought for Paul Whelan, charged with spying by Russia’s FSB. The FSB says the dual US-British citizen received a USB drive containing a roster of personnel at a secret Russian institution (Guardian). It’s an odd case, but most observers think Whelan’s arrest is a Russian move to bargain for a spy swap with the US (New York Times).