North Korea is getting rich off US citizens and Fortune 500 companies



A woman in Arizona was sentenced to 102 month in prison for conspiring with North Korean entities to infiltrate American companies.

Her methods are being considered a "code red" by U.S. Attorney Jeanine Ferris Pirro, as American companies are unknowingly aiding North Korea in a tech war against the United States.

Christina Chapman, 50, was found to be working on behalf of the North Korean munitions development department, using a complex network of stolen identities in a scheme that is sure to send chills down the spine of any American.

'This is a code red. Your tech sectors are being infiltrated by North Korea.'

Chapman set up a network of almost 100 laptops at her home in Arizona, designed to allow North Korean agents to log in to the computers and pose as Americans working U.S. companies.

Using the fraudulent identities of 68 Americans, the North Koreans acquired remote employment with 309 companies, some of which were Fortune 500 companies.

Simply put, the North Korean entities would remotely access the computers in Chapman's home, then fraudulently infiltrate the companies they were purporting to work at, making it seem as if the activity was coming from an Arizona address.

Many of the foreign agents listed their home addresses as Chapman's residence and received paychecks at her address. This resulted in huge sums of money going directly to the North Korean government.

RELATED: North Korea claims new destroyer can now float weeks after humiliating 'launch'

In total, Chapman helped procure $17 million for the North Korean munitions department and will be forced to pay a fine of $176,850 and forfeit over $284,000 that was to be paid to the North Koreans, according to the Department of Justice.

"North Korea's munition department has trained and deployed more than 3,000 workers in information technology, or IT skills, so that they can then commit fraud on companies in the United States to generate revenue for the North Korean regime," Pirro stated during a press conference on Friday.

In a "message to corporate America," Pirro continued, "This is a code red. Your tech sectors are being infiltrated by North Korea. And when big companies are lax and they're not doing their due diligence, they are putting America's security at risk."

RELATED: 'I love Trump! I love Elon Musk!' Korean pop star bursts into pro-America praise at LA concert

Christina Chapman's North Korean laptop farm in Arizona. Image via Department of Justice

Photos from the DOJ showed not only an example of one of the fraudulent identities but also Chapman's remote worker farm. Dozens of laptops are seen, with notes denoting which U.S. companies they are assigned to and the fake identities they are associated with.

Pirro called on American corporations to step up their employee verification systems, which "went through a change as a result of COVID."

"There is this lax kind of overseeing of who employees are. It's time for businesses to verify their workers, monitor their conduct, create a zero-trust structure, and they've got to do this before the security of our country is compromised," Pirro added.

More than 90 laptops were seized from Chapman's home in October 2023. She was also found to have shipped 49 laptops and other devices supplied by U.S. companies to different locations overseas, including to Chinese cities on the North Korean border.

The DOJ noted that North Korea's IT network has generated between $250 and $600 million annually as of 2024.

Like Blaze News? Bypass the censors, sign up for our newsletters, and get stories like this direct to your inbox. Sign up here!

Microsoft 'escort' program gave China keys to Pentagon



The absurdity is so staggering it reads like satire. Microsoft, the tech giant entrusted with America’s most sensitive defense data, has been using Chinese engineers to maintain Pentagon computer systems.

These foreign contractors work directly on classified networks, handling everything from software updates to system maintenance for the Department of Defense.

The disclosure of the arrangement led Sen. Tom Cotton (R-Ark.) to demand a list of all Department of Defense contractors and subcontractors using "Chinese personnel to provide maintenance or other services on DOD systems,” as Cybersecurity Dive reported. “While this arrangement technically meets the requirement that U.S. citizens handle sensitive data, digital escorts often do not have the technical training or expertise needed to catch malicious code or suspicious behavior.”

Faced with the specter of massive blowback, Microsoft announced it would halt the practice in a Friday news dump. "In response to concerns raised earlier this week about U.S.-supervised foreign engineers, Microsoft has made changes to our support for U.S. government customers to assure that no China-based engineering teams are providing technical assistance for DOD government cloud and related services,” Microsoft comms lead Frank X. Shaw posted on X.

Microsoft's policies eliminated the need for hacking. Why breach systems when you can simply maintain them?

Welcome to the most spectacular security failure in American history, hiding in plain sight for nearly a decade.

Now, the rest of the country is left to pick up the pieces. These “digital escorts,” earning barely above minimum wage to babysit foreign programmers with access to military secrets, are supposed to monitor the Chinese engineers’ every keystroke, ensuring no sensitive data leaves the building or gets transmitted abroad.

Even with Chinese teams snipped out of the loop, Microsoft’s escort program represents corporate negligence elevated to high art. The company recruited former military personnel with minimal coding experience, paid them $18 an hour, and expected them to supervise sophisticated Chinese engineers manipulating Pentagon networks.

These “escorts” serve as human shields against espionage, except they lack the technical expertise to recognize an attack if it materialized on their screens. The escorts themselves acknowledge they’re flying blind while potential adversaries have their hands on the controls. They’re tasked with supervising engineers whose technical skills far exceed their own, creating a security theater that satisfies bureaucratic requirements while providing no actual protection.

Years in the making

China has spent decades perfecting the art of digital infiltration. Its state-sponsored hackers have penetrated everything from the Office of Personnel Management to senior government officials’ email accounts. In 2023, Chinese operatives downloaded 60,000 emails from the State Department alone. Yet, Microsoft’s response to this documented threat was to grant Chinese engineers even greater access to American defense systems, supervised by glorified security guards earning fast-food wages.

The logic is breathtaking in its stupidity.

China’s approach to data weaponization follows a predictable pattern. It steals intellectual property, harvests personal information, and infiltrates critical infrastructure with the patience of a civilization that thinks in centuries, not quarterly earnings reports. Every breach serves multiple purposes, from immediate intelligence gathering and long-term strategic positioning to the steady erosion of American technological advantage.

Consider how China could weaponize Pentagon data accessed through Microsoft’s escort charade. Military logistics become vulnerable to disruption. Personnel records provide targets for blackmail or recruitment. Communications patterns reveal operational planning. Financial systems become entry points for broader economic warfare.

The Chinese don’t need to steal nuclear launch codes when they can gradually map America’s entire defense infrastructure from the inside. More than just access, Microsoft’s escort program offers Beijing sustained, supervised observation of America’s most sensitive digital operations.

RELATED: Chinese nationals on student visas allegedly ripped off elderly Americans in nasty scheme

Photo by Ute Grabowsky/Photothek via Getty Images

China’s theft of American technology is well documented. The Chinese have stolen everything from military aircraft designs to semiconductor manufacturing processes. The FBI estimates Chinese economic espionage costs America hundreds of billions annually. Every major American corporation has faced Chinese cyber intrusions, including Big Tech firms like Google, consumer information giants like Equifax, and even huge hotel chains like Marriott.

Microsoft's policies eliminated the need for hacking. Why breach systems when you can simply maintain them?

Slow and steady wins the war

The escort program reveals how many American corporations have abandoned national security considerations in pursuit of global profit margins. Microsoft needed foreign engineers to reduce costs and increase efficiency. The solution wasn't to invest in American talent. It was to create an elaborate theater of security that satisfies government requirements while maintaining access to cheap foreign labor.

Armed with enough Pentagon data, China can orchestrate punishments against America that would make traditional warfare obsolete. It can strike at materiel, manipulating military supply chains to create strategic shortages during international crises, or go the psyop route, orchestrating targeted disinformation campaigns to undermine military morale and public confidence. Or, of course, China can do it all, everything everywhere all at once.

But the lightest footprints are the hardest to detect or halt. Economic warfare becomes surgical when you understand your opponent’s financial systems intimately. China could time market manipulations to coincide with American military operations, creating domestic political pressure to abandon foreign commitments. It could identify and target American defense contractors, disrupting weapons production through coordinated cyber attacks.

The ultimate punishment wouldn’t be costly, chaotic destruction — it would be inexorable, predictable dependency. With enough of an upper hand, China can gradually position itself as indispensable to American digital infrastructure, creating a scenario where confronting Chinese aggression would be too economically catastrophic to consider.

China has spent a long time putting Taiwan in a position where creeping absorption, not military annexation, will draw the country forever into China’s embrace. Why not America next?

Institutional blindness

Until last week, barely anyone was familiar with Microsoft's escort program. The Pentagon's own IT agency seemed clueless about foreign access to its most sensitive systems.

This institutional blindness isn't accidental — it's the natural result of outsourcing national security to profit-driven corporations. Microsoft created the escort program not to protect America, but to win federal contracts while maintaining access to global labor markets. The company's priority was scaling up operations, not securing them.

Microsoft's misbegotten escort program represents everything wrong with American technology policy. We've prioritized corporate convenience over national security, cost savings over strategic thinking, and global integration over sovereign protection. The company has created a system where American military secrets are maintained by foreign engineers supervised by underqualified contractors earning poverty wages.

Soft power’s hard edge

The Chinese understand what we've forgotten: Information is power, and sustained access to information is ultimate power. They don't need to destroy American systems when they can simply observe, learn, and gradually assume control over our digital infrastructure.

But this catastrophe isn't irreversible. America could mandate that all defense-related cloud maintenance be performed exclusively by cleared American citizens. Yes, it would cost more. Yes, it would require massive investment in domestic technical training. Yes, it would slow Microsoft's global scaling ambitions.

The alternative is surrendering our digital sovereignty to minimize corporate labor costs.

Congress could require complete transparency about foreign access to government systems. Defense contractors could be mandated to maintain American-only technical teams for classified work. The government could invest in rebuilding its own IT capabilities rather than outsourcing national security to profit-driven corporations.

These solutions exist. They require political will, financial commitment, and the radical notion that national security should take precedence over corporate profits. Microsoft's escort program proves we've chosen the opposite path.

The revolution in warfare isn't coming — it's already here, disguised as customer service. We can either recognize this reality and act accordingly, or continue paying $18 an hour for the privilege of losing it.

The real spyware threat could be in your pocket



U.S. intelligence agencies are on high alert after CNN reported that Iran is actively preparing cyberattacks aimed at critical government and military infrastructure. But the real threat may already be inside the wire — not from foreign hackers at a keyboard, but from mobile phones unknowingly or deliberately carried into the nation’s most sensitive facilities.

The devices we carry every day are now among our greatest national security vulnerabilities.

In 2025, secrets aren’t stolen with a crowbar. They’re stolen with an app.

Despite years of post-9/11 investments in hardened infrastructure, the federal government has been remiss in investing in a sensor network to keep pace with the risks of wireless technology now embedded in daily life.

When the first iPhone was introduced in 2007, it ushered in a new era of hyper-connected mobility. Since then, innovation has continued to explode, bringing countless benefits but also exposing serious vulnerabilities.

Our most secure government facilities are wide open to wireless threats.

Today, up to 90% of secure government facilities rely on little more than the honor system and self-reporting to keep unauthorized wireless devices — mobile phones, smartwatches, rogue transmitters — out of sensitive compartmented information facilities, special access program facilities, and other high-security zones. In an era of Pegasus spyware and remote malware, this should be viewed as a national security malpractice.

Portable security risks

The modern smartphone is a traitor’s dream — portable, powerful, and everywhere. It records audio and video, it transmits data instantaneously via Wi-Fi, Bluetooth, and cellular networks, and it connects to everything — from commercial clouds to encrypted chat apps. And yet these devices are routinely brought into facilities housing classified intelligence data, most often undetected and without consequence.

Take the case of Asif W. Rahman, a former CIA analyst who held a top-secret security clearance and was recently sentenced to three years in federal prison for photographing classified information and transmitting it to unauthorized recipients, who then posted the material to social media. Snapping and sharing photos of classified government documents using a smartphone is stunningly simple, with no high-tech espionage or daring break-ins required.

Every week offers new examples like this. People inside the Department of Defense and State Department have been caught photographing screens, copying documents, and walking classified data right out the door. These are crimes of opportunity, enabled by lax enforcement and outdated security measures.

If a wireless intrusion detection system were in place, the device would have triggered an alert and stopped these breaches before they became major national security failures.

Exploiting our weaknesses

Now, with Iran probing for cyber vulnerabilities, the risk of insiders being exploited or coerced into facilitating digital breaches through personal devices has never been higher. And it can happen without a trace if the right wireless defenses aren’t in place.

In 2023, the secretary of defense issued a memo directing all Defense Department offices to install wireless intrusion detection systems to monitor unauthorized devices. The technology works. It detects any device that emits a wireless signal — such as phones, smartwatches, or even printers with Wi-Fi — inside a restricted area. Yet the directive remains largely unfunded and unenforced.

RELATED: After the bombs, Iran sharpens its digital daggers

Gwengoat via iStock/Getty Images

Near-peer adversaries, terrorist groups, and criminal syndicates are exploiting wireless threats to their advantage. They don’t need sophisticated tradecraft and specialized technologies. They simply need to compromise and leverage someone with access and a phone. And with thousands of secure facilities across the country, that opportunity presents itself every day.

In light of the latest intelligence warnings, we need to fund wireless intrusion detection across all SCIFs and SAPFs and educate agency leaders on the vulnerabilities posed by modern smartphones.

We need to hold bad actors accountable — not retroactively or as part of a congressional committee hearing, but by making sure they never have the opportunity to compromise the integrity of national security in the first place.

Protecting digital secrets

The U.S. government has spent billions building concrete walls, locking doors, and implementing network-specific defenses to protect its secrets. But in 2025, secrets aren’t stolen with a crowbar; they’re stolen with an app.

Until we treat the wireless threat with the same seriousness, those secrets will remain just one text message or compromised phone away from unauthorized disclosure of highly classified information.

You can’t protect your most sensitive state secrets if you are blind to the threat. Without action, these vulnerabilities will only grow more dangerous — and more missions and lives may be put at risk.

Editor’s note: This article was originally published by RealClearDefense and made available via RealClearWire.

Trump's DOJ nabs Chinese agent accused of global CCP plot to steal COVID research



Amid the Trump administration's efforts to curb the Chinese Communist Party's influence in the U.S., the Department of Justice announced the arrest of a CCP agent accused of worldwide computer intrusions related to COVID-19 research.

Xu Zewei, 33, and Zhang Yu, 44, are facing a nine-count indictment for allegedly "hacking and stealing crucial COVID-19 research at the behest of the Chinese government while that same government was simultaneously withholding information about the virus and its origins," stated Nicholas Ganjei, U.S. Attorney for the Southern District of Texas.

'Through HAFNIUM, the CCP targeted over 60,000 U.S. entities, successfully victimizing more than 12,700 in order to steal sensitive information.'

Federal authorities alleged that the Ministry of State Security's Shanghai State Security Bureau directed Xu to perform computer intrusions between February 2020 and June 2021.

Xu allegedly targeted American universities, immunologists, and virologists to obtain information on COVID-19 research related to vaccines, treatment, and testing.

In February 2020, Xu informed the SSSB that he had breached the "network of a research university located in the Southern District of Texas," the DOJ reported. An SSSB officer then reportedly instructed him to target email accounts belonging to certain virologists and immunologists.

Brett Leatherman, the assistant director of the FBI's Cyber Division, explained that Xu and his co-conspirators later operated as a group known as HAFNIUM, which "exploited zero-day vulnerabilities in U.S. systems to steal additional research."

"Through HAFNIUM, the CCP targeted over 60,000 U.S. entities, successfully victimizing more than 12,700 in order to steal sensitive information," Leatherman said.

RELATED: Chinese official avows Beijing is behind cyberattacks on US, identifies motive: Report

Photo Illustration by Budrul Chukrut/SOPA Images/LightRocket via Getty Images

In late 2020, HAFNIUM allegedly breached the Microsoft Exchange Server, impacting computers worldwide, including a law firm and another university in the Southern District of Texas.

Microsoft announced the breach in March 2021, describing HAFNIUM as a "state-sponsored" group "operating out of China." It noted that the hackers had targeted "infectious disease researchers, law firms, higher education institutions, defense contractors, policy think tanks, and NGOs."

RELATED: Agriculture secretary unveils plan to stop China’s farmland grab, bio-material smuggling threats

Feature China/Future Publishing via Getty Images

Xu was arrested in Milan, Italy, on July 3 at the request of the U.S. government and now awaits extradition proceedings. He was charged with wire fraud, conspiracy to commit wire fraud, conspiracy to cause damage to and obtain information by unauthorized access to protected computers to commit wire fraud and to commit identity theft, obtaining information by unauthorized access to protected computers, intentional damage to a protected computer, and aggravated identity theft.

Ganjei stated, "The Southern District of Texas has been waiting years to bring Xu to justice and that day is nearly at hand. As this case shows, even if it takes years, we will track hackers down and make them answer for their crimes. The United States does not forget."

The DOJ reported that Zhang remains at large.

Like Blaze News? Bypass the censors, sign up for our newsletters, and get stories like this direct to your inbox. Sign up here!

After the bombs, Iran sharpens its digital daggers



The footage was unmistakable: plumes of smoke rising over Iran’s nuclear sites, a fiery punctuation mark on years of brinkmanship and intelligence coups. With one sweeping air campaign, the United States delivered a message: The Islamic Republic won’t cross the nuclear threshold.

But anyone assuming the threat has been neutralized is mistaken. Iran’s nuclear humiliation may hasten a shift already under way — from building bombs to waging war through digital disruption.

Cyber warfare offers something the mullahs crave: the ability to humiliate, disrupt, and retaliate without risking direct military confrontation.

Even as diplomats celebrate a ceasefire, cybersecurity experts remain on alert. In 2025, a regime doesn’t need enriched uranium to paralyze an enemy. It needs a cadre of skilled hackers, access to stolen exploits, and no scruples about targeting civilian infrastructure.

Iran’s cyber playbook didn’t appear overnight. In 2012, the Shamoon virus devastated Saudi Aramco’s systems, wiping tens of thousands of computers. Since then, Tehran has steadily advanced its cyber operations.

Today, Iran commands a capable and motivated digital force. With its nuclear facilities in ruins, the regime has every reason to flex other muscles. Cyber warfare offers something the mullahs crave: the ability to humiliate, disrupt, and retaliate without risking direct military confrontation.

They’re not the first to embrace this model.

Russia, long dominant in the cyber realm, has hammered Ukraine with digital attacks targeting power grids, satellites, and financial systems. Criminal groups like Conti and Black Basta operate under Moscow’s protection, extorting ransoms and leaking stolen data to sow chaos.

This blending of espionage, sabotage, and state-backed crime has become a blueprint for autocracies under pressure. Iran, hemmed in by sanctions and unrest, doesn’t need to invent the model. It just needs to adopt it.

Most Americans still think of cyberwar as an abstract threat — something IT departments handle behind the scenes. That complacency works to our enemies’ advantage.

Take zero-day vulnerabilities: flaws in software even the developers don’t yet know exist. They’re sold on dark markets for eye-watering sums and let hostile actors bypass traditional defenses undetected.

Then there’s Chaos RAT, a remote access trojan capable of burrowing into a network and sitting dormant for months. Once triggered, it can steal sensitive data, erase backups, or crash entire systems on command.

Iran possesses both the motive and the skill to deploy these weapons — and the timing couldn’t be better for the regime. With its nuclear program crippled, it needs a new front to demonstrate relevance.

RELATED: Google confirms Iranian hacking group targeted Trump, Harris presidential campaigns

daoleduc via iStock/Getty Images

China’s cyber militias show what’s possible. Groups like APT Silver Fox specialize in patient infiltration, building access over years. Iran lacks Beijing’s global reach, but the methods are accessible. Tehran’s hackers borrow code from Russia, shop the same black markets, and lease infrastructure from the same digital underworld.

The global cyber arena now functions like a black-market bazaar: fluid alliances, shared tradecraft, and few rules. Almost everything’s for sale.

So while headlines tout the ceasefire between Israel and Iran, they miss the next act. No truce binds a nation’s hackers. Cyber operations offer deniability by design. When a hospital network locks up or a power grid fails, Tehran’s response will be predictable: denial, distraction, and a smirk about the West’s poor “cyber hygiene.”

Expect Iran to probe how far it can push in cyberspace without drawing more missiles in return. And unless the West prepares accordingly, those probes may succeed.

America still leads the world in conventional firepower. But cyber defense remains its soft underbelly. Agencies like the Cybersecurity and Infrastructure Security Agency have made strides, but critical infrastructure — power plants, water systems, hospitals — still run on aging software and patchwork security.

Iran doesn’t need to destroy a city to spread fear. A flip of a switch in a power station or the theft of sensitive government files can inflict lasting damage — and create leverage.

This imbalance between battlefield dominance and digital vulnerability demands urgent correction.

Cybersecurity must move from an IT line item to a strategic national priority. That means building AI-driven detection systems, developing real deterrence for cyberattacks, and forging public-private partnerships to defend vital infrastructure.

Iran’s nuclear setback matters. But no bomb erases a hacker’s know-how. No missile strike disables an ideology that thrives on asymmetrical warfare.

The coming months will test whether the West has learned anything. Tehran’s leaders need to prove they still have teeth. While their nuclear ambitions smolder, their cyber arsenal remains sharp — and likely emboldened.

The next war may not begin with jets roaring over deserts. It may start silently in the fluorescent-lit halls of a data center, where intruders already hide behind blinking servers, waiting.

In that theater, the rules are different — and the consequences no less severe.

Congress just saved your credit card rewards — for now



Sens. Dick Durbin (D-Ill.) and Roger Marshall (R-Kan.) just failed — again — in their bid to ram through the Credit Card Competition Act, a sweeping regulatory proposal that would overhaul the U.S. credit card system to resemble Europe’s heavy-handed financial regime. Their latest attempt to sneak the measure into a stablecoin bill collapsed under scrutiny, marking yet another setback for legislation that critics say would harm consumers, weaken data security, and empower retail giants.

This outcome is welcome but unsurprising. The bill is wildly unpopular with consumers — for good reason. As written, it’s a thinly veiled giveaway to big-box retailers at the expense of virtually everyone else. Its sponsors claim it would inject competition into a noncompetitive market.

Senate leadership clearly got the message. Americans don’t want to fix something that isn’t broken.

In reality, the CCCA would allow retailers to continue accepting name-brand credit cards while processing payments through lesser-known networks — all without consumer knowledge or consent. Lawmakers should stand firm against any future efforts to resurrect this awful proposal.

The central premise of the bill — that the credit card market lacks competition — is unfounded. As of 2025, 152 companies in the United States issue credit cards. Between 2020 and 2025, market entry has grown at an average annual rate of 8.1%. This kind of steady growth does not indicate a broken market, but rather a dynamic and competitive system that continues to serve consumers well.

Kiss rewards goodbye

If passed, the CCCA would jeopardize that progress. Fraud rates, already on the rise, would skyrocket. Unvetted payment processors would be handed vast troves of sensitive consumer data. The only beneficiaries of using these cheaper alternatives are the retailers, who lack a vested interest in cardholder safety. Meanwhile, smaller institutions — including community banks and credit unions — would see revenue streams dry up.

RELATED: SCARY: President of European Central Bank admits 'digital Euro' is ready for launch

dem10 via iStock/Getty Images

Retailers insist these alleged “cost savings” would trickle down to their customers. That’s about as likely as the claim that businesses absorb tariffs or taxes without raising prices. History suggests otherwise.

Worse still, the bill would also end the ability of banks and credit unions to operate popular credit card rewards programs. These programs are funded largely by the interchange fees charged by payment processors. When Durbin succeeded in passing his debit card price controls, consumers lost card benefits and experienced no savings. A Wall Street Journal article highlighted this history:

Debit-card rewards programs have nearly disappeared since the Durbin amendment, part of the 2010 Dodd-Frank law that cut retailers’ fees nearly in half. Stores didn’t pass the savings to customers, while the banks that issue the cards found other ways to recoup revenue.

A failed Trojan horse

Like a one-trick pony, Durbin and Marshall have not given up — despite the bill neither gaining traction nor receiving a committee markup. As they have done previously, the senators once again tried to tuck their proposal into a “must-pass” bill. Their first target in the 119th Congress was the GENIUS Act, a bipartisan bill focused on stablecoin regulations. Thankfully, Senate leadership saw right through this ploy.

Polling confirms that Americans are largely content with the current credit card marketplace. In fact, 77% of respondents trust credit card companies to handle key responsibilities, such as fraud prevention. Three-quarters of respondents trust that their private payment networks will handle the protection of personal data. The poll also showed that 79% of cardholders use rewards cards, and more than half (58%) use those rewards regularly. Rewards are a tool many families and businesses rely on to make purchases while also earning cash back.

Senate leadership clearly got the message. Americans don’t want to fix something that isn’t broken — which is why they rightly rejected the addition of Durbin’s credit card mandates to the GENIUS Act.

Consumers can breathe easier

It is a relief the bill didn’t slip in as an amendment with no opportunity for debate. Any legislation with sweeping financial implications deserves full congressional scrutiny — and the voices of constituents must be heard. Still, Durbin and Marshall are reportedly eyeing the National Defense Authorization Act as their next legislative vehicle.

Taxpayers must remain vigilant to hold their representatives accountable. Policymakers must also be vigilant in defending the interests of their constituents. But for now, millions of Americans can breathe a sigh of relief.

Chinese official avows Beijing is behind cyberattacks on US, identifies motive: Report



U.S. officials and tech companies have long understood that the communist regime in Beijing has orchestrated numerous significant cyberattacks on American institutions and critical infrastructure. In a secret December meeting, Chinese officials apparently admitted as much and identified a major reason for doing so: America's continued support for the island nation of Taiwan.

A pair of anonymous sources said to be familiar with the matter told the Wall Street Journal that Chinese officials met with elements of the outgoing Biden administration during a December summit in Geneva that was led by Nate Fick, the State Department's then-ambassador at large for cyberspace and digital policy.

Whereas previously, China has played off Volt Typhoon — its hacker outfit tasked with espionage and information gathering — as a criminal crew of rogue hackers or the product of Western fantasy, the Chinese delegation apparently acknowledged that it was indeed a state-backed enterprise.

According to Microsoft, Volt Typhoon has pursued "development of capabilities that could disrupt critical communications infrastructure between the United States and Asia region during future crises."

Blaze News previously reported that Volt Typhoon — distinct from Salt Typhoon, the Chinese state-sponsored hacker group that recently compromised at least eight American telecommunications companies, enabling Beijing to spy on the Trump and Harris presidential campaigns — has hit critical infrastructure in Guam and other American regions, affecting communications, manufacturing, transportation, government, maritime, and other sectors.

The U.S. National Security Agency, the U.S. Cybersecurity and Infrastructure Security Agency, the FBI, and various allied cybersecurity agencies in the Anglosphere issued a joint advisory in 2023 highlighting "a recently discovered cluster of activity of interest" associated with the group. In their advisory, the cybersecurity groups noted that "one of [Volt Typhoon's] primary tactics, techniques, and procedures (TTPs) is living off the land, which uses built-in network administration tools to perform their objectives."

The New York Times reported at the time that while the Volt Typhoon attacks on the U.S. presently amount to a likely espionage campaign, "the Chinese could use the code, which is designed to pierce firewalls, to enable destructive attacks, if they choose."

In January 2024, the Department of Justice announced that it had disrupted certain efforts by Volt Typhoon to "target America's critical infrastructure using a botnet."

Former FBI Director Christopher Wray noted, "Volt Typhoon malware enabled China to hide as they targeted our communications, energy, transportation, and water sectors."

According to current and former U.S. officials, Wang Lei, a senior cyber official with China's ministry of foreign affairs, not only acknowledged the infrastructure hacks at the December 2024 summit but indicated that they were executed in response to the American military's backing of Taiwan.

Wang's comments were reportedly in response to American officials' suggestion that China's prepositioning in civilian infrastructure could be viewed as an act of war.

U.S. officials told the Journal that while the Chinese delegates at the summit did not explicitly state that Beijing was directly responsible for the group and its actions, "American officials present and others later briefed on the meeting perceived the comments as confirmation of Beijing's role and was intended to scare the U.S. from involving itself if a conflict erupts in the Taiwan Strait."

Dakota Cary, a China expert at the cybersecurity firm SentinelOne, told the Wall Street Journal that an official such as Wang would acknowledge the cyberattacks only if told to do so by Xi Jinping's regime and that doing so would likely serve to signal to the inbound Trump administration the stakes of America's involvement with Taiwan.

The State Department did not comment on the December meeting but told the Wall Street Journal that the Trump administration has made clear to Beijing that it will "take actions in response to Chinese malicious cyber activity."

The Chinese embassy in Washington apparently accused the U.S. of "using cybersecurity to smear and slander China" and spreading so-called disinformation.

Like Blaze News? Bypass the censors, sign up for our newsletters, and get stories like this direct to your inbox. Sign up here!

23andMe files for bankruptcy as founding CEO Anne Wojcicki seeks buyback for pennies on the dollar



DNA testing firm 23andMe has filed for bankruptcy in the United States following what was reported as weak demand since a catastrophic data breach in 2023.

As Reuters reported, founding CEO Anne Wojcicki announced her resignation but has quickly attempted to buy the company back at a much lower valuation than it had once peaked at.

Fortune originally reported that Wojcicki recently offered more than $74 million for the company, but soon updated its report with an SEC filing purporting to show an new purchase offer worth $42 million.

The recent valuations are light-years away from the $6 billion the company was reportedly worth after going public in 2021.

As Blaze News noted in early 2024, 23andMe's reputation took a massive hit when customers of the DNA-identifying company had their data breached, an infiltration that impacted 6.9 million account holders. This totaled nearly half of the company's users and resulted in dozens of lawsuits.

'Users negligently recycled and failed to update their passwords ...'

In a letter sent to users from a legal firm representing 23andMe, the company denied fault and shifted the blame onto users for using "recycled" passwords.

Cyber criminals used a method known as "credential stuffing," which involves hackers using login credentials taken from other hacks to attempt to log in to different online accounts belonging to the same person.

The 23andMe hack was accomplished through this method, with hackers gaining access to 14,000 user accounts, then using that access to gain further entry into the company's database of users who had opted into the website's DNA Relatives feature.

"As set forth in 23andMe's October 6, 2023 blog post, 23andMe believes that unauthorized actors managed to access certain user accounts in instances where users recycled their own login credentials — that is, users used the same usernames and passwords used on 23andMe.com as on other websites that had been subject to prior security breaches, and users negligently recycled and failed to update their passwords following these past security incidents, which are unrelated to 23andMe," the letter claimed.

Anne Wojcicki is the sister of recently deceased YouTube CEO Susan Wojcicki, who was not seen favorably by YouTube content creators due to ongoing censorship and monetization issues.

The family connections have resulted in users asking where their data went, how it has been used, and why the founding CEO wants to buy back a failing company.

23andMe has been unable to maintain its user base since the data breach, with marketing ploys like continued feedback and personalized wellness plans failing to acquire repeat customers.

Like Blaze News? Bypass the censors, sign up for our newsletters, and get stories like this direct to your inbox. Sign up here!

Encrypted apps urged by lawmakers amid major Chinese telecom breach



U.S. officials are imploring individuals and companies alike to use encrypted messaging apps in order to minimize the chances of the communist Chinese regime intercepting their communications.

The recommendations coincide with the confirmation by a top U.S. security official this week of a historic state-sponsored hacking campaign that compromised at least eight American telecommunications companies, including AT&T, T-Mobile, and Verizon.

Microsoft dubbed the Chinese group responsible Salt Typhoon. Salt Typhoon, which has been active since at least 3020, is also occasionally referred to as GhostEmperor, Earth Estries, UNC2286 or FamousSparrow.

The Wall Street Journal first reported on the Salt Typhoon attack in September, noting that the hackers penetrated numerous broadband providers earlier this year, affording them a foothold within the broadband infrastructure with which to access private data and possible launch a ruinous cyberattack.

While exponents of the Chinese regime have repeatedly denied its role in the attack, American officials aren't buying what they are selling.

'Encryption is your friend.'

The Cybersecurity and Infrastructure Security Agency and the FBI issued a joint statement last month indicating that the U.S. government's "continued investigation into the People's Republic of China (PRC) targeting of commercial telecommunications infrastructure has revealed a broad and significant cyber espionage campaign."

"Specifically, we have identified that PRC-affiliated actors have compromised networks at multiple telecommunications companies to enable the theft of customer call records data, the compromise of private communications of a limited number of individuals who are primarily involved in government or political activity, and the copying of certain information that was subject to U.S. law enforcement requests pursuant to court orders," said the agencies.

Rep. Jake Auchincloss (D-Mass.) stated on Nov. 29, "Salt Typhoon is the worst telecom hack in American history, and demands both a proportionate response to the Chinese Communist Party and increased accountability for U.S. corporations to prevent these intrusions."

Auchincloss suggested to CNN that the hackers were especially brazen, re-asserting themselves in the networks after being discovered.

An unnamed senior FBI official and Jeff Greene, executive assistant director for cybersecurity at CISA, told NBC News Tuesday that Americans should use encrypted messaging apps.

"Our suggestion, what we have told folks internally, is not new here: Encryption is your friend, whether it's on text messaging or if you have the capacity to use encrypted voice communication. Even if the adversary is able to intercept the data, if it is encrypted, it will make it impossible," said Greene.

"People looking to further protect their mobile device communications would benefit from considering using a cellphone that automatically receives timely operating system updates, responsibly managed encryption and phishing resistant" multi-factor authentication for email, social media and collaboration tool accounts, said the FBI official.

Greene indicated the networks remained compromised and that intelligence agencies cannot presently "predict a time frame on when we'll have full eviction."

The FBI, CISA, and the National Security Agency published a joint guide Wednesday, titled "Enhanced Visibility and Hardening Guidance for Communications Infrastructure," detailing ways that network engineers and "defenders of communications infrastructure" can harden their network devices against further exploitation by Chinese hackers.

"The PRC-affiliated cyber activity poses a serious threat to critical infrastructure, government agencies, and businesses. This guide will help telecommunications and other organizations detect and prevent compromises by the PRC and other cyber actors," Greene said in a statement.

'It should never have happened.'

The Biden White House's deputy national security adviser, Anne Neuberger, told reporters this week that none of the impacted companies have "fully removed the Chinese actors from these networks," reported the Associated Press.

"So there is a risk of ongoing compromises to communications until U.S. companies address the cybersecurity gaps the Chinese are likely to maintain their access," added Neuberger.

Neuberger added, "We don't believe any classified communications has been compromised."

After intelligence officials briefed members of the U.S. Senate Wednesday, Sen. Rick Scott (R-Fla.) reportedly expressed frustration, noting, "They have not told us why they didn't catch it; what they could have done to prevent it."

Sen. Richard Blumenthal (D-Conn.) said, "The extent and depth and breadth of Chinese hacking is absolutely mind-boggling — that we would permit as much as has happened in just the last year is terrifying," reported Reuters.

The Federal Communications Commission announced Thursday that it is "taking decisive steps to address vulnerabilities in U.S. telecommunications networks following the Salt Typhoon cyberattack, a sophisticated intrusion linked to foreign state-sponsored actors. These measures aim to safeguard critical communications infrastructure and ensure national security, public safety, and economic resilience in the future."

FCC commissioner Brendan Carr tweeted, "The Salt Typhoon intrusion is a serious and unacceptable risk to our national security. It should never have happened. I will be working with national security agencies through the transition and next year in an effort to root out the threat and secure our networks."

Like Blaze News? Bypass the censors, sign up for our newsletters, and get stories like this direct to your inbox. Sign up here!

Could a hacker blow up your EV remotely?



Pagers and walkie-talkies can be turned into remotely triggered bombs — so why not electric vehicles?

That was my first thought when I read about last month's coordinated attacks on Hezbollah — believed to have been orchestrated by Israel — in which pagers and walkie-talkies exploded across Lebanon, killing dozens and wounding thousands.

A thermal runaway event could be induced deliberately, even when the EV's 'ignition' is off — especially if a hacker gained access to the vehicle's battery management system.

While those devices appear to have been modified at some point during the supply chain, the principle behind turning them into deadly weapons is relatively simple: Heat the battery until it catches fire or explodes.

It could just as easily apply to EVs — as well as hybrids, plug-ins, or 48v cars, all of which use batteries much larger than in any handheld device.

Of course, these vehicles have a number of safety systems to prevent the battery from catching fire and overheating. But those safety systems run on software that can be hacked, especially since they are already years old by the time the vehicles are built and sold.

Roy Fridman, CEO and chief revenue officer for C2A Security, an Israel-based cybersecurity company focused on the automotive industry, recently said that one automaker told him that the software that controls a motor has two million lines of code. And that’s just the motor.

He stated, “You have hundreds of millions of lines of code inside a vehicle. If you were talking about autonomous vehicles, it's even more. But the number of lines of code in a vehicle is continuously growing.”

This code is vulnerable to exploitation thanks to wireless connections to the internet (for software updates) and to charging infrastructure. Vehicle-to-grid technology, which allows EV owners to sell their energy storage capacity to grid operators, requires connection to the electricity grid.

“The more communication protocols you have, the more lines of code you have, the more you are susceptible to [hacking],” Fridman said.

We already know the technology exists to disable cars remotely. Cybersecurity experts are also worried that EVs could be hacked to steal drivers' personal data.

As Fridman says, its plausible that someone could "create a battery overload and disable some of the protective mechanisms" within your car.

Lithium-ion batteries catch fire when they enter an uncontrolled, self-heating event called thermal runaway. Most often, it occurs due to damage or a defect in the battery. But such an event could be induced deliberately, even when the EV's "ignition" is off — especially if a hacker gained access to the vehicle's battery management system.

An overheated battery gives off toxic and flammable gases, which can cause an explosion. At the very least, it produces a smoldering, difficult-to-extinguish fire.

For more on this, see my video below: