A Hacker Stole $610M of Cryptocurrency'and Returned Most of It

It was a huge week for smartphone privacy. Or at least, in the various ways that external forces make location data more secure or less secure. The bad news is that most 5G connections in America today aren’t fully 5G. This makes them vulnerable to the kind of stingray surveillance the next-generation standard is supposed to prevent. Researchers have discovered a way to stop your carrier knowing where you are each time you connect to a cell tower. It's difficult to get them to implement it.Privacy advocates released documents this week that showed the NYPD spent at least $159 Million since 2007 to buy surveillance tools. This includes stingrays and policing software.Our UK colleagues looked at new research which shows where and how extremists have established themselves on platforms such as Steam and Discord. This is a problem that has been around for a while, and it's frustrating that well-resourced services haven’t yet managed to address it.Google has made some changes in the Play Store. Most of these are more important for developers than for end users. Scammers will find it harder to sell malware-laden sideloaded apps by switching from Android app packages to Android app bundles.The Poly Network, a decentralized financial system, has been on a rollercoaster ride. The hacker took over $600 million in just the first week and began returning it Wednesday. They had already returned $342 million, and another $33 million in Tether stablecoins. The rest of the crypto assets were placed in a wallet that requires keys both from Poly Network and the hacker. Their fate remains in the balance.Although virtual private networks seem nice in theory, they allow you to browse the internet without your ISP being able to see what you are doing. Additionally, encrypted connections make it difficult for anyone to spy on your activities. The Markup has discovered that many VPNs allow third-party trackers to monitor your activities, despite not being logged by them. This practice is detrimental to VPN privacy and we consider it in our top VPN recommendations.Apple sued Corellium for its iOS virtualization software in 2019. Corellium's products were popular among security researchers who only have limited access to iOS. Apple claimed that Corellium's software violated its copyright claims. Apple's controversial steps to locate child sexual abuse materials in iCloud, which involves iPhones, has led privacy advocates to criticize the company. It needs all the support it can get from the security community; a lawsuit against a crucial research tool was not going to help.Microsoft has had to deal with many security issues over the past few months related to Windows Print Spooler. This includes more than one unsuccessful attempt to fix a vulnerability known as PrintNightmare. Although it is a temporary solution, Microsoft finally provided a solution to its printer problems this week. Anyone who uses Windows Point and Print to install drivers will require administrative privileges. This should prevent most PrintNighmare attacks, but it has been proven not to stop all.Here are more great WIRED stories