Breathalyzer Firm Cyberattack Strands Drivers
â–¼ Summary
– US law enforcement dismantled four major botnets (Aisuru, Kimwolf, JackSkid, Mossad) that infected over 3 million devices and enabled large-scale cyberattacks.
– A Russian hacker tool called DarkSword currently threatens hundreds of millions of iPhones, allowing data theft and device takeover.
– A cybersecurity researcher found that Sears Home Services’ AI bot, Samantha, exposed sensitive customer service call and chat data, including post-call audio recordings.
– Meta is removing default end-to-end encryption for Instagram Direct Messages, a reversal that experts warn sets a dangerous precedent for user privacy.
– A cyberattack on Intoxalock, a breathalyzer manufacturer, disabled its systems, stranding thousands of drivers whose court-mandated devices require server connection for calibration.
A major cybersecurity incident at a leading breathalyzer manufacturer has left thousands of drivers across the United States stranded and unable to start their vehicles, highlighting the unexpected vulnerabilities in court-ordered monitoring technology. Intoxalock, a company that provides ignition interlock devices to roughly 150,000 drivers daily, recently announced it was hit by a cyberattack causing significant system downtime. This disruption has prevented many devices from completing mandatory periodic calibrations that require a server connection, effectively turning vehicles into immobile “paperweights” for affected users. The company is now offering ten-day calibration extensions and towing assistance in response to the crisis, though it has not disclosed the attack’s nature or whether sensitive user data was compromised.
In a separate but significant law enforcement development, the FBI has resumed its controversial practice of purchasing Americans’ location data from commercial brokers. During a Senate hearing, FBI Director Kash Patel confirmed the agency is acquiring what he termed “commercially available information,” asserting the practice is lawful and has provided “valuable intelligence.” This marks a reversal from three years prior when then-Director Christopher Wray stated the bureau had ceased such warrantless purchases. The data is typically aggregated by advertising technology within mobile apps and then sold in bulk by data brokers, raising substantial privacy concerns.
On the broader cybersecurity front, U. S. authorities successfully dismantled several major botnets this week. The coordinated takedown targeted the Aisuru, Kimwolf, JackSkid, and Mossad networks, which collectively infected over three million devices globally. These botnets were instrumental in executing some of the largest cyberattacks on record. Concurrently, a new threat dubbed DarkSword has emerged, exposing hundreds of millions of iPhones to potential takeover by Russian hackers for data theft.
Privacy incidents continue to surface across the tech industry. A security researcher discovered that customer service interactions with Sears Home Services’ AI chatbot, Samantha, were left exposed and publicly accessible online. The leak included personal details from calls and chats, with some recordings capturing hours of audio after customers believed their calls had ended. Furthermore, an investigation into dozens of Telegram channels revealed a disturbing trend of job listings for “AI face models.” These positions, primarily filled by women, are suspected of using their likenesses as fronts for sophisticated AI-powered financial scams.
In a policy shift drawing criticism from privacy advocates, Meta announced it will remove end-to-end encryption as a default for Instagram Direct Messages, citing low user adoption of the feature. Security experts warn this reversal on a long-promised protection could establish a dangerous precedent for user privacy across social platforms. In a contrasting move, Meta is collaborating with Signal creator Moxie Marlinspike to integrate elements of his encrypted AI platform, Confer, into its Meta AI services.
(Source: Wired)
