In perhaps the most adorable hacker story of the year, a trio of Indian technologists found an innovative way to bypass Apple’s location restrictions on AirPods Pro 2s so that they can activate the hearing aid function of the headphones for their grandmothers. The hack involved a homemade Faraday cage, a microwave oven, and a lot of trial and error.

At the other end of the spectrum of technological advancements, the US military is currently testing an AI machine gun which is capable of automatically targeting swarms of drones. Bullfrog, built by Allen Control Systems, is one of several advanced weapons technologies in the works to combat the growing threat of small, inexpensive drones on the battlefield.

The US Department of Justice announced this week that an 18-year-old from California has admitted to committing or orchestrating more than 375 swatting attacks over the United States.

Then, of course, there’s everyone’s Donald Trump. This week I published a practical guide to protecting yourself from government surveillance. WIRED has covered the dangers of government surveillance for decades, of course. But when the president-elect is explicitly threatening to jail his political enemies—whatever that might be—now is probably a good time to brush up on your digital best practices.

In addition to potential network surveillance of US citizens, US Immigration and Customs Enforcement began ramping up its surveillance arsenal the day after Trump won re-election. Meanwhile, experts expect the next administration to do so rolling back cybersecurity rules put in place under President Joe Biden while taking a harder line against state-sponsored hackers. And if all this political turmoil makes you protest, watch out: An investigation co-published by WIRED and The Marshall Project found that mask bans in several states add a complicated new layer to the exercise of free speech.

And that’s not all. Each week, we round up the privacy and security news we haven’t covered in depth. Click on the headlines to read the full stories and stay safe there.

In August 2016, around 120,000 bitcoins – worth around $71 million at the time – were stolen in a hack at cryptocurrency exchange Bitfinex. Then in 2022, as the value of cryptocurrency skyrocketed, law enforcement officials in New York arrested husband and wife Ilya Lichtenstein and Heather Morgan in connection with the hack and laundering of $4.5 billion in stolen cryptocurrency. (At the time, $3.6 billion of the funds were recovered by law enforcement investigators.)

This week, after pleading guilty in 2023, Lichtenstein was sentenced to five years in prison for hacking and laundering profits. With subsequent cryptocurrency spikes and additional seizures related to the hack, the US government has now been able to recover more than $10 billion in assets. A series of operational security errors de Lichtenstein made much of the illicit cryptocurrency easy for officials to seize, but investigators also applied sophisticated crypto-tracing methods to reveal how the funds were stolen and subsequently moved.

Aside from the outrageous scale of the theft, Lichtenstein and Morgan gained online prominence and ridicule after their arrests, thanks to a series of Forbes articles written by Morgan and rap videos posted on YouTube under the name “Razzlekhan”. Morgan, who also pleaded guilty, is scheduled to be sentenced on November 18.

Fraudsters are increasingly adopting AI as part of their criminal toolkit, using the technology to create deepfakes, translate scripts and streamline their operations. But artificial intelligence is also directed against fraudsters. British telco Virgin Media and its mobile operator O2 have created a new ‘grandmother AI’ that can answer phone calls from scammers and keep them talking. The system uses different AI models, according to The Register, which listen to what a scammer is saying and respond immediately. In one case, the company says it kept a scammer on the line for 40 minutes and provided others with false personal information. Unfortunately, the system (at least at the moment) cannot directly answer calls made to your phone; instead, O2 has created a system-specific phone number that the company says has been able to be placed on lists of numbers scammers call.

In a new legal strategy for those trying to hold commercial spyware vendors accountable, lawyer Andreu Van den Eynde, who was allegedly hacked with NSO Group’s spyware, is directly accusing two of the company’s founders, Omri Lavie and Shalev Julio, and one of its directors. , Yuval Somekh, on hacking offenses in a lawsuit. Barcelona-based human rights nonprofit Iridia announced this week that it had filed the complaint with a Catalan court. Van den Eynde was reportedly the victim of a hacking campaign that used the NSO’s notorious Pegasus spyware against at least 65 Catalans. Van den Eynde and Iridia initially sued NSO Group in a Barcelona court in 2022, along with affiliates Osy Technologies and Q Cyber ​​Technologies. “The persons responsible for NSO Group must explain their concrete activities,” a legal representative of Iridia and Van den Eynde wrote in the complaint, which was written in Catalan and translated by TechCrunch.

Research published this week by mobile device management firm Jamf found that hackers who have been linked to North Korea worked to implant malware into macOS apps built with a certain open-source software development kit. The campaigns focused on cryptocurrency-related targets and involved infrastructure similar to systems that were used by North Korea’s notorious Lazarus group. It is not clear if the activity resulted in actual victim compromise or if it was still in a testing phase.

Financially motivated and state-backed hackers have less opportunity to use malware targeting Apple Mac computers than hacking tools that infect Microsoft Windows or Linux desktops and servers. So when Mac malware appears, it’s usually a niche point, but it can also be a telling indicator of trends and priorities among hackers.