Cyber News 15DEC2025
General
- Founder of attempted stable-coin Terra USD (UST), that crashed in 2022, wiping out US$40b, jailed for 15 years.
In May 2022, the scheme unraveled spectacularly and the value of UST tokens fell from $1.00 to $0.09. Attempts to shore up the ecosystem by buying $3.5 billion of bitcoin didn’t work, and $40 billion of value evaporated in a puff of blockchain reverie.
Prosecutors sought a 12-year sentence. ... the Southern District of New York decided 15 years was more appropriate because Kwon’s fraud was of “epic, generational scale.”
- "Hama Film" photo booths leaking images. Sounds like an open storage bucket.
Hama Film’s booths not only print out the photos like a typical photo booth, but booths also upload the customers’ photos to the company’s servers.
- New messaging app "Freedom Chat" (Released in June), not so secure. User-enumeration seems similar to WhatsApp's weakness, disclosed again recently. Ironically, the Wired post on that article was seen by the researcher posted in the "Freedom Chat" channel.
security researcher Eric Daigle told TechCrunch that users’ phone numbers and PIN codes, used for locking the app, could be easily obtained by exploiting vulnerabilities.
it was possible to enumerate the phone numbers of close to 2,000 users who had signed up to use Freedom Chat since it launched.
- https://ericdaigle.ca/posts/super-secure-maga-messaging-app-leaks-everyones-phone-number/
- https://techcrunch.com/2025/12/11/security-flaws-in-freedom-chat-app-exposed-users-phone-numbers-and-pins/
- [US] Trump is allegedly planning to commission private organisations to undertake offensive cyber activities.
The Trump administration is preparing to enlist private companies in more aggressive efforts to go after criminal and state-sponsored hackers, according to people familiar with the matter.
- (Bloomberg) https://archive.is/hi7M8
Getting Techy
- Slightly strange way to hide code in a pirated movie bundle - link (lnk) file parses commands out of a bundled subtitle (srt) file.
- Lumma Labs pulls apart a Command and Control (C2) product from the actor(s) behind the (not very popular) Weyhro Ransomware. EDR evasion is an interesting solution - load your own ntdll.dll to get an unhooked copy, then use that to patch over the live (potentially EDR-hooked) copy.
After all of that on-host work, they then finish it off with cleartext C2 comms?! - Google Threat Intelligence Group unpack the vulnerability behind the recently publicised Samsung image (.DNG) attack. Delivered via WhatsApp, purporting to be JPEG images, they were actually DNG (TIFF based) lossless images, with some unusual image sizes. Some mitigations were lacking in the target library.
Geo-Politics
- Germany accuses Russia of meddling with its air-traffic-control systems and trying to influence election results. All likely tied to Germany's support of Ukraine.
Privacy
- [CA] Face-scanning billboards? Canada's privacy commissioner is investigating.
Cineplex Digital Media (CDM), which owns the billboards, said the technology only detects the presence of a person and estimates their age and sex.
AI
- Hooking up a kids toy to an LLM - sound like a great idea, right?!
Unsurprisingly, the guardrails on topic discussions aren't great, and Chinese models, using Chinese LLMs, give Chinese views on topics such as Taiwan.- (NBC News) https://archive.is/n7Ukh
- Amazon's AI-generated "video recap" has been pulled, after making mistakes.
The firm said in November it was testing the "first-of-its-kind" tool in the US to help viewers catch up on some of its shows on streaming service Prime Video - including Fallout, its adaptation of the popular video game franchise.
But it has since disappeared from the site after users highlighted mistakes in its video summarising the events of Fallout season one - including claiming one scene was set more than 100 years earlier than it was.
- Washington Post's AI-generated "personalized podcasts" aren't going well.
The errors have ranged from relatively minor pronunciation gaffes to significant changes to story content, like misattributing or inventing quotes and inserting commentary, such as interpreting a source’s quotes as the paper’s position on an issue.
- (Semafor) https://archive.is/oaWlw
- (Digiday - podcast announcement) https://archive.is/SEEmb
- [US] The expected Executive Order (EO) from Trump, to restrict states from creating their own AI laws.
(Section 2) It is the policy of the United States to sustain and enhance the United States’ global AI dominance through a minimally burdensome national policy framework for AI.
the Attorney General shall establish an AI Litigation Task Force (Task Force) whose sole responsibility shall be to challenge State AI laws inconsistent with the policy set forth in section 2 of this order, including on grounds that such laws unconstitutionally regulate interstate commerce, are preempted by existing Federal regulations, or are otherwise unlawful in the Attorney General’s judgment