2024 Yearly Wrap-Up, CCC38, And What's Up For 2025
Audio format will be available on both the Steady and Spotify/general publication RSS feed within a week or two of this email. The audio version may be attached at the bottom of this when itâs ready (opens in a new window):
Decemberâs Note
Before we get started: I wanted to draw attention to two awesome organizations that have recently worked in both Gaza and Ukraine, and continue to put themselves in danger:
CADUS, who specialize in medical aid and infrastructure (S'ouvre dans une nouvelle fenĂȘtre).
World Central Kitchen, who specialize in feeding the displaced (S'ouvre dans une nouvelle fenĂȘtre).
đŠChaos Communication Congress
This year, I'm once again attending the Chaos Communication Congress, where I'll be writing/recording this newsletter!
This is a chaotic event with just a lot going on. It also has some pretty strict photo policies, so I canât really share a whole lot of what goes on in the congress via images.
I wrote about my attendance last year (S'ouvre dans une nouvelle fenĂȘtre) and how transformative I found the experience, and this year feels like Iâm picking up right where I left off.
Over the four days, between 10 and 20 thousand nerds of all stripes descend upon Hamburg. There are hundreds of formal talks, improvised assemblies, and âoff stageâ events. Pretty much every topic involving the use of communications technology, hacking and cybersecurity, cryptography and computer science at large, etc. etc. gets explored if you know where to look.
Thankfully, a number of events are available for stream after they take place.
Here are some of the events (attended or otherwise) that you may find interesting that have happened by the time I wrote this (middle of day 3):
đPolice 2.0: Peaceful activism is terrorism and fakenews are facts (S'ouvre dans une nouvelle fenĂȘtre)
On 23 October 2019 peaceful activist Frank van der Linde found out the Dutch Police was associating him with terrorism to other countries' law enforcement. This talk goes over the bizarre, worrying and, frankly, quite funny journey that Frank van der Linde has embarked on, hoping on a litigation frenzy to seek justice and fight back against the institutional intimidation of activists.
đTransparency? Not from the European Commission (S'ouvre dans une nouvelle fenĂȘtre)
The European Commission is the executive branch of the European Union with the duty to uphold the law. The transparency of the CommissionÂŽs actions and decisions range from questionable to abysmal. Attempts by the public to access information are often thwarted. This talk will cover the CommissionÂŽs lack of transparency, challenges faced by the public in accessing information, CommissionÂŽs tactics and examples of the European OmbudsmanÂŽs interventions to improve the situation. Whether you are interested in ChatControl, AI or public procurement, this talk will have you covered.
đFrom Pegasus to Predator - The evolution of Commercial Spyware on iOS (S'ouvre dans une nouvelle fenĂȘtre)
âŠThe trajectory of iOS spyware from the initial discovery of Pegasus in 2016 to the latest cases in 2024. The talk will start with an analysis how exploits, infection vectors and methods of commercial spyware on iOS have changed over time. The second section of the talk is all about advances in detection methods and the forensic sources which are available to discover commercial spyware. This talk will also include a Case Study about the discovery and analysis of BlastPass (one of the latest NSO Exploits). The third part will discuss technical challenges and limitations of the detections methods and data sources. Finally, I will conclude the talk with open research topics and suggestions what Apple or we could technically do to make the detection of commercial spyware better.
đState of Surveillance: A year of digital threats to civil society (S'ouvre dans une nouvelle fenĂȘtre)
The digital arms race between activists and government spies continues to shift and evolve. Through a series of cases studies, researchers from Amnesty International's Security Lab will share surveillance wins, the ongoing challenges, and the new threats on the digital horizon.
đAutomated Malfare - discriminatory effects of welfare automation (S'ouvre dans une nouvelle fenĂȘtre)
An increasing number of countries is implementing algorithmic decision-making and fraud detection systems within their social benefits system. Instead of improving decision fairness and ensuring effective procedures, these systems often reinforce preexisting discriminations and injustices. The talk presents case studies of automation in the welfare systems of the Netherlands, India, Serbia and Denmark, based on research by Amnesty International.
đHacking yourself a satellite - recovering BEESAT-1 (S'ouvre dans une nouvelle fenĂȘtre)
In 2013, the satellite BEESAT-1 started returning invalid telemetry, rendering it effectively unusable. Because it is projected to remain in orbit for at least another 20 years, recovering the satellite and updating the flight software would enable new experiments on the existing hardware. However, in addition to no access to telemetry, the satellite also has no functional software update feature. This talk will tell the story of how by combining space and computer security mindsets, the fault was correctly diagnosed without telemetry, software update features were implemented without having them to begin with, and the satellite was recovered in September of 2024.
Introducing >Trace
I recently experimented with cultivating another stream of content, and found it to be a lot of fun in the week leading up to the holidays. >Trace (S'ouvre dans une nouvelle fenĂȘtre) is meant to supplement the main project of The Moloch through shorter posts highlighting cyber-crime incidents and incomplete or ongoing investigations. Itâs derived from my quick âpop-offsâ about cybercrime, and posted to Mastodon (S'ouvre dans une nouvelle fenĂȘtre) and Substack (S'ouvre dans une nouvelle fenĂȘtre). This is not signaling a move-back to Substack or any attempt to monetize there, but there is an audience that Iâm hoping to grab.
I guess, at the end of the day, I didnât want smaller-level pieces about cybercrime, or half-baked âinvestigationsâ to flood the website.
Whatâs Been Published Lately?
This is probably some of the most writing Iâve put out between newsletters. When I settle into next yearâs workflow, the format will likely change, again.
Virtual Verity Podcast
đŠ Chivo Wallet Is Finally Done! (S'ouvre dans une nouvelle fenĂȘtre)
If you didnât already see it in your RSS feed, the complete series on Chivo Wallet is finally done and released!
Iâll put out another article on here and the blog about the whole experience of putting this one out. Up front: Iâm really proud of it, despite already having a number of things that I know Iâd like to improve on. In the future, Iâll refrain from picking up topics I know that Iâve underestimated without a better plan.
The seriesâ fourth episode, if you still havenât heard it, it a timeline about the activities of CiberinteligenciaSV and their campaign throughout 2024 to challenge and embarrass the government of El Salvador by exposing gross incompetence and corruption.
The Blog
đŠ The Existent Automated Armies: An Accelerating Arms Race for Viable Robot Soldiers (S'ouvre dans une nouvelle fenĂȘtre) - automation in warfare
...these developments are indicative of an understated trend in militaries around the world: a growing acceptance of mass-casualty-causing weapons in automated hands. As several states that are innovators in this space find themselves engaged around the world, it may only be a matter of time before this technological rubicon is crossed in ground-based warfare, as it has in the air.
đŠ Signaling To Ghost And Telegram: A Good Time To Talk About E2EE (S'ouvre dans une nouvelle fenĂȘtre) - encryption, cybercrime, and civil liberties
âŠa debate over the place of End-to-End Encryption and its relationship to numerous messaging platforms has found itself reignited. Is this part of a pattern creating real reason for concern, or is it all tech-libertarian virtue signaling?
>Trace
đŠThreat Actor Drop: FunkSec RANSOMWARE (S'ouvre dans une nouvelle fenĂȘtre)
A new Ransomware threat actor has emerged, claiming over 30 victims in 10 days.
đŠ"#OP_Germany" December DDoS Attacks: Some Observations (S'ouvre dans une nouvelle fenĂȘtre)
"Hacktivists" from at least 10 groups claim to try overwhelming numerous German and other NATO country targets.
đŠClaims of Cisco Source Code Leaked? (S'ouvre dans une nouvelle fenĂȘtre)
Sometimes it's old code. Sometimes they're just full of it. But sometimes, threat actors hit pay-dirt.
đŠThreat Actor Drop: BASHE Ransomware (S'ouvre dans une nouvelle fenĂȘtre)
Since April, BASHE, a ransomware group that allegedly spun off of LockBit, has been rapidly growing its reputation. They've claimed over twenty victims this past October. They're also probably lying.
(S'ouvre dans une nouvelle fenĂȘtre)Some final things:
I also got picked up for my first freelance writing contract. Once that piece gets closer to publication, Iâll share more of the details! Itâs specifically about Salt Typhoon and what they got up to throughout 2024. This will be a research heavy piece, and a lot less fun to read (I would expect) than my usual, but it might be an in for routine work with a much bigger publication. More specifics to come!
As of the time Iâm writing this, Iâm about to wrap up the final paper that will earn me an MS in Cybersecurity and Information Assurance. This year with The Moloch and its related projects has proven to be such an awesome time for sharing the knowledge that Iâve gained with you, but itâs also not the end of my formal education, which means Iâm only going to get better at what Iâm doing.
In January, Iâll no longer be working, and focusing that reclaimed time on full-time studies for an MA in International Relations. My hope is to use that angle to better inform this work, as it grows from just being shitposts about cybercriminals and cool stuff I saw in the Army, into what I hope will be a genuinely insightful platform for investigating and analyzing the growing digital monstrosities the world will be facing.
Letâs not kid ourselves.
2025 looks like itâs going to be a rough one. Tech oligarchs are poised to be stronger than ever in the US. An ever-escalating series of conflicts rages throughout the world with increasingly sophisticated weapons and tactics. Europe, still hanging in there as a bastion of digital rights, continues to show its cracks.
I want The Moloch to be an explainer for what little bit I can cover regarding what the world is going through, and Iâm going to continue to try and grow its capabilities and my capacity for conducting quality research beyond what a dumb little tech blog can typically offer.
As always, stay safe! Have a happy new year! And đŠHail Moloch!đ
