Opens profile photo
Follow
Andy Greenberg (@agreenberg at the other places)
@a_greenberg
Writer for WIRED. Author of SANDWORM. New book, TRACERS IN THE DARK: The Global Hunt for the Crime Lords of Cryptocurrency, out now. agreenberg@wired.com
New Yorkwired.com/author/andy-gr…Joined April 2007

Andy Greenberg (@agreenberg at the other places)’s Tweets

Pinned Tweet
Since 2020, I've been writing a book on how Bitcoin, once said to be untraceable, turned out to be the opposite. Today we're releasing an early, 15,000-word excerpt: Inside the crypto tracing case that took down the largest known child sex abuse site ever.
78
1,060
Show this thread
Lots of well deserved remembrances of Ellsberg’s heroism today. I’ll just post my favorite passage from his incredible memoir, Secrets. He’s telling Henry Kissinger (who as many have noted is somehow still alive) what access to truly secret information can do to a person’s mind.
Image
Image
Image
40
1,909
Chinese firm Hualan is on a US government trade restriction list for its ties to China's military. But its subsidiary Initio's encryption chips are in products still widely used by Western government and military customers, raising fears of a backdoor.
3
107
Show this thread
If anyone is looking for a signed copy of TRACERS IN THE DARK, Ada's Technical Books now has some for sale online that are left over from our event Monday: adasbooks.com/signed-tracers
Quote Tweet
I'll be talking about TRACERS IN THE DARK at one of my favorite bookstores in the world, Ada's Technical Books in Seattle, on Monday evening of next week, in conversation with Ada's co-owner and crypto(graphy + currency) guru @0x31337. adasbooks.com/author-talk-gl (Thx @AdasDanielle!)
3
12
New: A court used an invasive smart-phone app to surveil the entire family of a man released on bond. The app sent screenshots of everything the family did on their phones back to probation officers. Now he’s back in jail, and the app may be to blame.
18
820
Show this thread
Two more Russians have been indicted for the 650,000 BTC hack of Mt. Gox that first came to light in 2014, by some measures still the biggest heist in crypto history. coindesk.com/policy/2023/06 (One of their alleged accomplices, Alexander Vinnik, was previously convicted in 2020.)
3
60
Show this thread
Kaspersky reveals iOS malware used to target its staff and the FSB chimes in to say “…AND the NSA hacked thousands of other Russian iPhones AND Apple helped.” A solid case of your embarrassing drunk acquaintance at the bar escalating a polite argument.
2
114
Hundreds of models of Gigabyte motherboards, used in gaming and other high-performance computers, have a backdoor in their firmware that invisibly downloads code to the machine at startup—and does so insecurely, leaving the feature open to abuse.
16
542
Mandiant found a rare specimen of power-grid-targeting malware on VirusTotal, uploaded from Russia in 2021. But some signs suggest it's a red teaming tool created by the Russian cybersecurity firm Rostelecom-Solar for government-funded defensive exercises.
2
193
Show this thread
Updated this story with more research published today from Chainalysis on Chinese crypto-fueled fentanyl ingredient sales. Chainalysis went as far as showing a correlation between those crypto sales and fentanyl seizures at the US southern border a month later.
Quote Tweet
For years, law enforcement has cracked down on dark web fentanyl sales. But new research by crypto tracing firm Elliptic found more than 90 Chinese firms selling ingredients to manufacture that deadly opioid on the open web. Of those, 90% accepted crypto. wired.com/story/fentanyl
1
14
A leaked doc obtained by shows how the CSAM scanning legislation sausage is getting made in the EU right now, with commentary from 20 countries about their thoughts on strategy/end-to-end encryption. And Spain is out here calling for an E2EE EU ban!
5
151
It's come to my attention that I omitted another notable moment in Turla history: That time they used comments on Britney Spears' instagram account as a malware command-and-control mechanism. welivesecurity.com/2017/06/06/tur (To be fair it seems APT29/Cozy Bear had done this trick first.)
Quote Tweet
Last week’s news of an FBI operation against the Russian hacker group Turla offered an excuse to sketch out the 25-year history of these elite FSB cyberspies—and to try to capture why so many intel analysts and security researchers are obsessed with them. wired.com/story/turla-hi
Show this thread
2
19
Last week’s news of an FBI operation against the Russian hacker group Turla offered an excuse to sketch out the 25-year history of these elite FSB cyberspies—and to try to capture why so many intel analysts and security researchers are obsessed with them.
10
493
Show this thread
Last week’s news of an FBI operation against the Russian hacker group Turla offered an excuse to sketch out the 25-year history of these elite FSB cyberspies—and to try to capture why so many intel analysts and security researchers are obsessed with them.
10
493
Show this thread
Thank you to NYSPJ award judges and to everyone who worked on adapting this excerpt from TRACERS IN THE DARK for WIRED, including , , , , , and !
Quote Tweet
.@a_greenberg wins @deadlineclub award for business feature writing: talkingbiznews.com/media-news/wir
Image
2
13
To sum up, the best way to send someone an end-to-end encrypted message via Twitter remains the same today as it was yesterday: DM them and ask for their Signal number.
Quote Tweet
Twitter’s encrypted DM feature is technically flawed, opt-in, limited to 1-to-1 text-based messages, restricted to a small user base, and generally inferior in just about every way to encrypted apps like Signal and WhatsApp. And all for just $8 a month. wired.com/story/twitter-
3
73
Twitter’s encrypted DM feature is technically flawed, opt-in, limited to 1-to-1 text-based messages, restricted to a small user base, and generally inferior in just about every way to encrypted apps like Signal and WhatsApp. And all for just $8 a month.
24
586
Twitter’s encrypted DM feature is technically flawed, opt-in, limited to 1-to-1 text-based messages, restricted to a small user base, and generally inferior in just about every way to encrypted apps like Signal and WhatsApp. And all for just $8 a month.
24
586
Over the last 5 years, a group called Big Pipes—with members from many of the biggest internet companies, as well as security researchers and academics—has quietly worked with the FBI to take down dozens of DDOS-for-hire services and ID their operators.
3
155
In Operation SpecTor, feds arrest 288 worldwide. A new record for dark web drug busts, and a sign of an ever-widening dragnet: crypto tracing combined with leads from seized market databases like that of Monopoly Market, quietly grabbed in 2021.
6
23
Two years ago the SolarWinds hack made history as the boldest, most sophisticated supply chain hack ever pulled off. I dug into the detailed story about the ingenious way the hackers pulled it off - and then got caught - in this tale for WIRED magazine
17
686
Show this thread
DOJ detected SolarWinds hack i own network in summer of 2020 - 6 months before it was publicly exposed by Mandiant - but didn't know significance of what it found. Microsoft/Mandiant/SolarWinds all helped inv, but none could solve the mystery at the time
7
298