<?xml version="1.0" encoding="UTF-8"?><rss version="2.0"
	xmlns:content="http://purl.org/rss/1.0/modules/content/"
	xmlns:wfw="http://wellformedweb.org/CommentAPI/"
	xmlns:dc="http://purl.org/dc/elements/1.1/"
	xmlns:atom="http://www.w3.org/2005/Atom"
	xmlns:sy="http://purl.org/rss/1.0/modules/syndication/"
	xmlns:slash="http://purl.org/rss/1.0/modules/slash/"
	>

<channel>
	<title>theft &#8211; Noise</title>
	<atom:link href="https://noise.getoto.net/tag/theft/feed/" rel="self" type="application/rss+xml" />
	<link>https://noise.getoto.net</link>
	<description>The collective thoughts of the interwebz</description>
	<lastBuildDate>Mon, 27 Oct 2025 15:03:15 +0000</lastBuildDate>
	<language>en-US</language>
	<sy:updatePeriod>
	hourly	</sy:updatePeriod>
	<sy:updateFrequency>
	1	</sy:updateFrequency>
	<generator>https://wordpress.org/?v=6.8.2</generator>
	<item>
		<title>Louvre Jewel Heist</title>
		<link>https://noise.getoto.net/2025/10/27/louvre-jewel-heist/</link>
		
		<dc:creator><![CDATA[Bruce Schneier]]></dc:creator>
		<pubDate>Mon, 27 Oct 2025 15:03:15 +0000</pubDate>
				<category><![CDATA[France]]></category>
		<category><![CDATA[operational security]]></category>
		<category><![CDATA[theft]]></category>
		<category><![CDATA[Uncategorized]]></category>
		<guid isPermaLink="false">https://www.schneier.com/?p=71093</guid>

					<description><![CDATA[<p>I assume I don’t have to explain last week’s <a href="https://www.nytimes.com/2025/10/19/world/europe/louvre-paris-robbery.html">Louvre jewel heist</a>. I love a good caper, and have (like <a href="https://www.nytimes.com/2025/10/23/opinion/louvre-heist-internet-thrill.html">many others</a>) eagerly followed the <a href="https://www.theguardian.com/world/2025/oct/20/louvre-museum-robbery-thieves-stolen-jewellery">details</a>. An electric ladder to a second-floor window, an angle grinder to get into the room and the display cases, security guards there more to protect patrons than valuables—seven minutes, in and out.</p>
<p>There were <a href="https://www.theatlantic.com/ideas/archive/2025/10/praise-louvre-heist/684677/">security lapses</a>:</p>
<blockquote><p>The Louvre, it turns out—at least certain nooks of the ancient former palace—is something like an anopticon: a place where no one is observed. The world now knows what the four thieves (two burglars and two accomplices) realized as recently as last week: The museum’s Apollo Gallery, which housed the stolen items, was monitored by a single outdoor camera angled away from its only exterior point of entry, a balcony. In other words, a free-roaming Roomba could have provided the world’s most famous museum with more information about the interior of this space. There is no surveillance footage of the break-in...</p></blockquote>]]></description>
		
		
		<enclosure url="" length="0" type="" />

			</item>
		<item>
		<title>Generative AI as a Cybercrime Assistant</title>
		<link>https://noise.getoto.net/2025/09/04/generative-ai-as-a-cybercrime-assistant/</link>
		
		<dc:creator><![CDATA[Bruce Schneier]]></dc:creator>
		<pubDate>Thu, 04 Sep 2025 11:06:25 +0000</pubDate>
				<category><![CDATA[AI]]></category>
		<category><![CDATA[cybercrime]]></category>
		<category><![CDATA[extortion]]></category>
		<category><![CDATA[theft]]></category>
		<category><![CDATA[Uncategorized]]></category>
		<guid isPermaLink="false">https://www.schneier.com/?p=70649</guid>

					<description><![CDATA[<p>Anthropic <a href="https://www.anthropic.com/news/detecting-countering-misuse-aug-2025">reports</a> on a Claude user:</p>
<blockquote><p>We recently disrupted a sophisticated cybercriminal that used Claude Code to commit large-scale theft and extortion of personal data. The actor targeted at least 17 distinct organizations, including in healthcare, the emergency services, and government and religious institutions. Rather than encrypt the stolen information with traditional ransomware, the actor threatened to expose the data publicly in order to attempt to extort victims into paying ransoms that sometimes exceeded $500,000.</p>
<p>The actor used AI to what we believe is an unprecedented degree. Claude Code was used to automate reconnaissance, harvesting victims’ credentials, and penetrating networks. Claude was allowed to make both tactical and strategic decisions, such as deciding which data to exfiltrate, and how to craft psychologically targeted extortion demands. Claude analyzed the exfiltrated financial data to determine appropriate ransom amounts, and generated visually alarming ransom notes that were displayed on victim machines...</p></blockquote>]]></description>
		
		
		<enclosure url="" length="0" type="" />

			</item>
		<item>
		<title>DoorDash Hack</title>
		<link>https://noise.getoto.net/2025/05/20/doordash-hack/</link>
		
		<dc:creator><![CDATA[Bruce Schneier]]></dc:creator>
		<pubDate>Tue, 20 May 2025 11:05:00 +0000</pubDate>
				<category><![CDATA[courts]]></category>
		<category><![CDATA[scams]]></category>
		<category><![CDATA[theft]]></category>
		<category><![CDATA[Uncategorized]]></category>
		<guid isPermaLink="false">https://www.schneier.com/?p=70275</guid>

					<description><![CDATA[<p>A DoorDash driver <a href="https://www.theverge.com/news/669140/doordash-driver-convicted-delivery-scam">stole</a> over $2.5 million over several months:</p>
<blockquote><p>The driver, Sayee Chaitainya Reddy Devagiri, placed expensive orders from a fraudulent customer account in the DoorDash app. Then, using DoorDash employee credentials, he manually assigned the orders to driver accounts he and the others involved had created. Devagiri would then mark the undelivered orders as complete and prompt DoorDash’s system to pay the driver accounts. Then he’d switch those same orders back to “in process” and do it all over again. Doing this “took less than five minutes, and was repeated hundreds of times for many of the orders,” writes the US Attorney’s Office...</p></blockquote>]]></description>
		
		
		<enclosure url="" length="0" type="" />

			</item>
		<item>
		<title>Cryptocurrency Thefts Get Physical</title>
		<link>https://noise.getoto.net/2025/04/25/cryptocurrency-thefts-get-physical/</link>
		
		<dc:creator><![CDATA[Bruce Schneier]]></dc:creator>
		<pubDate>Fri, 25 Apr 2025 11:07:19 +0000</pubDate>
				<category><![CDATA[cryptocurrency]]></category>
		<category><![CDATA[cybercrime]]></category>
		<category><![CDATA[kidnapping]]></category>
		<category><![CDATA[theft]]></category>
		<category><![CDATA[Uncategorized]]></category>
		<guid isPermaLink="false">https://www.schneier.com/?p=70170</guid>

					<description><![CDATA[Long story of a $250 million cryptocurrency theft that, in a complicated chain events, resulted in a pretty brutal kidnapping.
]]></description>
		
		
		<enclosure url="" length="0" type="" />

			</item>
		<item>
		<title>North Korean Hackers Steal $1.5B in Cryptocurrency</title>
		<link>https://noise.getoto.net/2025/02/25/north-korean-hackers-steal-1-5b-in-cryptocurrency/</link>
		
		<dc:creator><![CDATA[Bruce Schneier]]></dc:creator>
		<pubDate>Tue, 25 Feb 2025 17:04:47 +0000</pubDate>
				<category><![CDATA[cryptocurrency]]></category>
		<category><![CDATA[hacking]]></category>
		<category><![CDATA[north korea]]></category>
		<category><![CDATA[theft]]></category>
		<category><![CDATA[Uncategorized]]></category>
		<guid isPermaLink="false">https://www.schneier.com/?p=69956</guid>

					<description><![CDATA[<p>It looks like a <a href="https://arstechnica.com/security/2025/02/how-north-korea-pulled-off-a-1-5-billion-crypto-heist-the-biggest-in-history/">very sophisticated</a> attack against the Dubai-based exchange Bybit:</p>
<blockquote><p>Bybit officials <a href="https://announcements.bybit.com/article/incident-update---eth-cold-wallet-incident-blt292c0454d26e9140/">disclosed</a> the theft of more than 400,000 ethereum and staked ethereum coins just hours after it occurred. The notification said the digital loot had been stored in a “Multisig Cold Wallet” when, somehow, it was transferred to one of the exchange’s hot wallets. From there, the cryptocurrency was transferred out of Bybit altogether and into wallets controlled by the unknown attackers.</p>
<p>[…]</p>
<p>…a subsequent investigation by Safe found no signs of unauthorized access to its infrastructure, no compromises of other Safe wallets, and no obvious vulnerabilities in the Safe codebase. As investigators continued to dig in, they finally settled on the true cause. Bybit ultimately said that the fraudulent transaction was “manipulated by a sophisticated attack that altered the smart contract logic and masked the signing interface, enabling the attacker to gain control of the ETH Cold Wallet.”...</p></blockquote>]]></description>
		
		
		<enclosure url="" length="0" type="" />

			</item>
		<item>
		<title>Mailbox Insecurity</title>
		<link>https://noise.getoto.net/2024/12/19/mailbox-insecurity/</link>
		
		<dc:creator><![CDATA[Bruce Schneier]]></dc:creator>
		<pubDate>Thu, 19 Dec 2024 15:24:47 +0000</pubDate>
				<category><![CDATA[Locks]]></category>
		<category><![CDATA[mail]]></category>
		<category><![CDATA[physical security]]></category>
		<category><![CDATA[theft]]></category>
		<category><![CDATA[Uncategorized]]></category>
		<guid isPermaLink="false">https://www.schneier.com/?p=69707</guid>

					<description><![CDATA[It turns out that all cluster mailboxes in the Denver area have the same master key. So if someone robs a postal carrier, they can open any mailbox.
I get that a single master key makes the whole system easier, but it&#8217;s very fragile security.
]]></description>
		
		
		<enclosure url="" length="0" type="" />

			</item>
		<item>
		<title>Criminals Are Blowing up ATMs in Germany</title>
		<link>https://noise.getoto.net/2024/10/28/criminals-are-blowing-up-atms-in-germany/</link>
		
		<dc:creator><![CDATA[Bruce Schneier]]></dc:creator>
		<pubDate>Mon, 28 Oct 2024 16:12:43 +0000</pubDate>
				<category><![CDATA[atms]]></category>
		<category><![CDATA[banking]]></category>
		<category><![CDATA[bombs]]></category>
		<category><![CDATA[theft]]></category>
		<category><![CDATA[Uncategorized]]></category>
		<guid isPermaLink="false">https://www.schneier.com/?p=69531</guid>

					<description><![CDATA[It&#8217;s low tech, but effective.
Why Germany? It has more ATMs than other European countries, and&#8212;if I read the article right&#8212;they have more money in them.
]]></description>
		
		
		<enclosure url="" length="0" type="" />

			</item>
		<item>
		<title>Burglars Using Wi-Fi Jammers to Disable Security Cameras</title>
		<link>https://noise.getoto.net/2024/03/13/burglars-using-wi-fi-jammers-to-disable-security-cameras/</link>
		
		<dc:creator><![CDATA[Bruce Schneier]]></dc:creator>
		<pubDate>Wed, 13 Mar 2024 11:07:18 +0000</pubDate>
				<category><![CDATA[Internet of Things]]></category>
		<category><![CDATA[jamming]]></category>
		<category><![CDATA[theft]]></category>
		<category><![CDATA[Uncategorized]]></category>
		<category><![CDATA[wi-fi]]></category>
		<guid isPermaLink="false">https://www.schneier.com/?p=68604</guid>

					<description><![CDATA[The arms race continues, as burglars are learning how to use jammers to disable Wi-Fi security cameras.
]]></description>
		
		
		<enclosure url="" length="0" type="" />

			</item>
		<item>
		<title>New iPhone Security Features to Protect Stolen Devices</title>
		<link>https://noise.getoto.net/2023/12/27/new-iphone-security-features-to-protect-stolen-devices/</link>
		
		<dc:creator><![CDATA[Bruce Schneier]]></dc:creator>
		<pubDate>Wed, 27 Dec 2023 12:01:25 +0000</pubDate>
				<category><![CDATA[Apple]]></category>
		<category><![CDATA[computer security]]></category>
		<category><![CDATA[Data protection]]></category>
		<category><![CDATA[iPhone]]></category>
		<category><![CDATA[theft]]></category>
		<category><![CDATA[Uncategorized]]></category>
		<guid isPermaLink="false">https://www.schneier.com/?p=68236</guid>

					<description><![CDATA[<p>Apple is <a href="https://www.macrumors.com/2023/12/12/ios-17-3-stolen-device-protection-feature/">rolling out</a> a new “Stolen Device Protection” feature that seems well thought out:</p>
<blockquote><p>When Stolen Device Protection is turned on, Face ID or Touch ID authentication is required for additional actions, including viewing passwords or passkeys stored in iCloud Keychain, applying for a new Apple Card, turning off Lost Mode, erasing all content and settings, using payment methods saved in Safari, and more. No passcode fallback is available in the event that the user is unable to complete Face ID or Touch ID authentication.</p>
<p>For especially sensitive actions, including changing the password of the Apple ID account associated with the iPhone, the feature adds a security delay on top of biometric authentication. In these cases, the user must authenticate with Face ID or Touch ID, wait one hour, and authenticate with Face ID or Touch ID again. However, Apple said there will be no delay when the iPhone is in familiar locations, such as at home or work...</p></blockquote>]]></description>
		
		
		<enclosure url="" length="0" type="" />

			</item>
		<item>
		<title>Surveillance by the US Postal Service</title>
		<link>https://noise.getoto.net/2023/12/13/surveillance-by-the-us-postal-service/</link>
		
		<dc:creator><![CDATA[Bruce Schneier]]></dc:creator>
		<pubDate>Wed, 13 Dec 2023 12:04:24 +0000</pubDate>
				<category><![CDATA[Privacy]]></category>
		<category><![CDATA[surveillance]]></category>
		<category><![CDATA[theft]]></category>
		<category><![CDATA[Uncategorized]]></category>
		<category><![CDATA[USPS]]></category>
		<guid isPermaLink="false">https://www.schneier.com/?p=68197</guid>

					<description><![CDATA[This is not about mass surveillance of mail, this is about the sorts of targeted surveillance the US Postal Inspection Service uses to catch mail thieves:
To track down an alleged mail thief, a US postal inspector used license plate reader technology, ...]]></description>
		
		
		<enclosure url="" length="0" type="" />

			</item>
		<item>
		<title>Bypassing a Theft Threat Model</title>
		<link>https://noise.getoto.net/2023/04/13/bypassing-a-theft-threat-model/</link>
		
		<dc:creator><![CDATA[Bruce Schneier]]></dc:creator>
		<pubDate>Thu, 13 Apr 2023 11:22:19 +0000</pubDate>
				<category><![CDATA[alarms]]></category>
		<category><![CDATA[Apple]]></category>
		<category><![CDATA[iPhone]]></category>
		<category><![CDATA[theft]]></category>
		<category><![CDATA[Uncategorized]]></category>
		<guid isPermaLink="false">https://www.schneier.com/?p=67190</guid>

					<description><![CDATA[<p>Thieves <a href="https://www.vice.com/en/article/v7bmw4/thieves-cut-through-coffee-shop-wall-to-pull-off-dollar500000-apple-store-heist">cut through</a> the wall of a coffee shop to get to an Apple store, bypassing the alarms in the process.</p>
<p>I wrote about this kind of thing in 2000, in <a href="https://www.schneier.com/books/secrets-and-lies/"><i>Secrets and Lies</i></a> (page 318):</p>
<blockquote><p>My favorite example is a band of California art thieves that would break into people’s houses by cutting a hole in their walls with a chainsaw.  The attacker completely bypassed the threat model of the defender.  The countermeasures that the homeowner put in place were door and window alarms; they didn’t make a difference to this attack.</p></blockquote>
<p>The article says they took half a million dollars worth of iPhones. I don’t understand iPhone device security, but don’t they have a system of denying stolen phones access to the network?...</p>]]></description>
		
		
		<enclosure url="" length="0" type="" />

			</item>
		<item>
		<title>Car Thieves Hacking the CAN Bus</title>
		<link>https://noise.getoto.net/2023/04/11/car-thieves-hacking-the-can-bus/</link>
		
		<dc:creator><![CDATA[Bruce Schneier]]></dc:creator>
		<pubDate>Tue, 11 Apr 2023 11:22:09 +0000</pubDate>
				<category><![CDATA[cars]]></category>
		<category><![CDATA[hacking]]></category>
		<category><![CDATA[Malware]]></category>
		<category><![CDATA[theft]]></category>
		<category><![CDATA[Uncategorized]]></category>
		<guid isPermaLink="false">https://www.schneier.com/?p=67183</guid>

					<description><![CDATA[Car thieves are injecting malicious software into a car&#8217;s network through wires in the headlights (or taillights) that fool the car into believing that the electronic key is nearby.
News articles.
]]></description>
		
		
		<enclosure url="" length="0" type="" />

			</item>
		<item>
		<title>Fines as a Security System</title>
		<link>https://noise.getoto.net/2023/02/20/fines-as-a-security-system/</link>
		
		<dc:creator><![CDATA[Bruce Schneier]]></dc:creator>
		<pubDate>Mon, 20 Feb 2023 12:09:21 +0000</pubDate>
				<category><![CDATA[courts]]></category>
		<category><![CDATA[law enforcement]]></category>
		<category><![CDATA[stalking]]></category>
		<category><![CDATA[theft]]></category>
		<category><![CDATA[tracking]]></category>
		<category><![CDATA[Uncategorized]]></category>
		<guid isPermaLink="false">https://www.schneier.com/?p=66946</guid>

					<description><![CDATA[<p>Tile has an <a href="https://www.engadget.com/tile-thinks-a-1-million-fine-will-deter-stalkers-from-using-its-trackers-181857358.html">interesting security solution</a> to make its tracking tags harder to use for stalking:</p>
<blockquote><p>The Anti-Theft Mode feature will make the devices invisible to Scan and Secure, the company’s in-app feature that lets you know if any nearby Tiles are following you. But to activate the new Anti-Theft Mode, the Tile owner will have to verify their real identity with a government-issued ID, submit a biometric scan that helps root out fake IDs, agree to let Tile share their information with law enforcement and agree to be subject to a $1 million penalty if convicted in a court of law of using Tile for criminal activity. So although it technically makes the device easier for stalkers to use Tiles silently, it makes the penalty of doing so high enough to (at least in theory) deter them from trying...</p></blockquote>]]></description>
		
		
		<enclosure url="" length="0" type="" />

			</item>
		<item>
		<title>Hacking Automobile Keyless Entry Systems</title>
		<link>https://noise.getoto.net/2022/10/17/hacking-automobile-keyless-entry-systems/</link>
		
		<dc:creator><![CDATA[Bruce Schneier]]></dc:creator>
		<pubDate>Mon, 17 Oct 2022 15:07:05 +0000</pubDate>
				<category><![CDATA[cars]]></category>
		<category><![CDATA[hacking]]></category>
		<category><![CDATA[keys]]></category>
		<category><![CDATA[law enforcement]]></category>
		<category><![CDATA[theft]]></category>
		<category><![CDATA[Uncategorized]]></category>
		<guid isPermaLink="false">https://www.schneier.com/?p=65981</guid>

					<description><![CDATA[<p>Suspected members of a European car-theft ring have been <a href="https://www.europol.europa.eu/media-press/newsroom/news/31-arrested-for-stealing-cars-hacking-keyless-tech">arrested</a>:</p>
<blockquote><p>The criminals targeted vehicles with keyless entry and start systems, exploiting the technology to get into the car and drive away.</p>
<p>As a result of a coordinated action carried out on 10 October in the three countries involved, 31 suspects were arrested. A total of 22 locations were searched, and over EUR 1 098 500 in criminal assets seized.</p>
<p>The criminals targeted keyless vehicles from two French car manufacturers. A fraudulent tool—marketed as an automotive diagnostic solution, was used to replace the original software of the vehicles, allowing the doors to be opened and the ignition to be started without the actual key fob...</p></blockquote>]]></description>
		
		
		<enclosure url="" length="0" type="" />

			</item>
		<item>
		<title>FBI Seizes Stolen Cryptocurrencies</title>
		<link>https://noise.getoto.net/2022/09/13/fbi-seizes-stolen-cryptocurrencies/</link>
		
		<dc:creator><![CDATA[Bruce Schneier]]></dc:creator>
		<pubDate>Tue, 13 Sep 2022 11:51:39 +0000</pubDate>
				<category><![CDATA[cryptocurrency]]></category>
		<category><![CDATA[fbi]]></category>
		<category><![CDATA[north korea]]></category>
		<category><![CDATA[theft]]></category>
		<category><![CDATA[Uncategorized]]></category>
		<guid isPermaLink="false">https://www.schneier.com/?p=65860</guid>

					<description><![CDATA[<p>The <i>Wall Street Journal</i> is <a href="https://www.wsj.com/articles/u-s-recovers-over-30-million-in-cryptocurrency-stolen-by-north-korean-hackers-11662648600">reporting</a> that the FBI has recovered over $30 million in cryptocurrency stolen by North Korean hackers earlier this year. It’s only a fraction of the $540 million stolen, but it’s something.</p>
<blockquote><p>The Axie Infinity recovery represents a shift in law enforcement’s ability to trace funds through a web of so-called crypto addresses, the virtual accounts where cryptocurrencies are stored. These addresses can be created quickly without them being linked to a cryptocurrency company that could freeze the funds.</p>
<p>In its effort to mask the stolen crypto, Lazarus Group used more than 12,000 different addresses, according to Chainalysis. Unlike bank transactions that happen through private networks, movement between crypto accounts is visible to the world on the blockchain...</p></blockquote>]]></description>
		
		
		<enclosure url="" length="0" type="" />

			</item>
		<item>
		<title>Clever Cryptocurrency Theft</title>
		<link>https://noise.getoto.net/2022/04/20/clever-cryptocurrency-theft/</link>
		
		<dc:creator><![CDATA[Bruce Schneier]]></dc:creator>
		<pubDate>Wed, 20 Apr 2022 13:57:49 +0000</pubDate>
				<category><![CDATA[cryptocurrency]]></category>
		<category><![CDATA[theft]]></category>
		<category><![CDATA[Uncategorized]]></category>
		<guid isPermaLink="false">https://www.schneier.com/?p=65343</guid>

					<description><![CDATA[Beanstalk Farms is a decentralized finance project that has a majority stake governance system: basically people have proportional votes based on the amount of currency they own. A clever hacker used a &#8220;flash loan&#8221; feature  of another decen...]]></description>
		
		
		<enclosure url="" length="0" type="" />

			</item>
		<item>
		<title>Stealing Bicycles by Swapping QR Codes</title>
		<link>https://noise.getoto.net/2022/02/21/stealing-bicycles-by-swapping-qr-codes/</link>
		
		<dc:creator><![CDATA[Bruce Schneier]]></dc:creator>
		<pubDate>Mon, 21 Feb 2022 12:31:01 +0000</pubDate>
				<category><![CDATA[scams]]></category>
		<category><![CDATA[theft]]></category>
		<category><![CDATA[Uncategorized]]></category>
		<guid isPermaLink="false">https://www.schneier.com/?p=65158</guid>

					<description><![CDATA[<p>This is a <a href="https://nypost.com/2021/08/07/citi-bikes-being-swiped-by-joyriding-scammers-who-have-cracked-the-qr-code/">clever hack</a> against those bike-rental kiosks:</p>
<blockquote><p>They’re stealing Citi Bikes by switching the QR scan codes on two bicycles near each other at a docking station, then waiting for an unsuspecting cyclist to try to unlock a bike with his or her smartphone app.</p>
<p>The app doesn’t work for the rider but does free up the nearby Citi Bike with the switched code, where a thief is waiting, jumps on the bicycle and rides off.</p></blockquote>
<p>Presumably they’re using camera, printers, and stickers to swap the codes on the bikes. And presumably the victim is charged for not returning the stolen bicycle...</p>]]></description>
		
		
		<enclosure url="" length="0" type="" />

			</item>
		<item>
		<title>Stolen Bitcoins Returned</title>
		<link>https://noise.getoto.net/2021/12/22/stolen-bitcoins-returned/</link>
		
		<dc:creator><![CDATA[Bruce Schneier]]></dc:creator>
		<pubDate>Wed, 22 Dec 2021 16:20:57 +0000</pubDate>
				<category><![CDATA[Bitcoin]]></category>
		<category><![CDATA[cryptocurrency]]></category>
		<category><![CDATA[cybercrime]]></category>
		<category><![CDATA[fbi]]></category>
		<category><![CDATA[law enforcement]]></category>
		<category><![CDATA[theft]]></category>
		<category><![CDATA[Uncategorized]]></category>
		<guid isPermaLink="false">https://www.schneier.com/?p=64738</guid>

					<description><![CDATA[The US has returned $154 million in bitcoins stolen by a Sony employee.
However, on December 1, following an investigation in collaboration with Japanese law enforcement authorities, the FBI seized the 3879.16242937 BTC in Ishii&#8217;s wallet after ob...]]></description>
		
		
		<enclosure url="" length="0" type="" />

			</item>
		<item>
		<title>Thieves Using AirTags to “Follow” Cars</title>
		<link>https://noise.getoto.net/2021/12/06/thieves-using-airtags-to-follow-cars/</link>
		
		<dc:creator><![CDATA[Bruce Schneier]]></dc:creator>
		<pubDate>Mon, 06 Dec 2021 16:25:33 +0000</pubDate>
				<category><![CDATA[Apple]]></category>
		<category><![CDATA[cars]]></category>
		<category><![CDATA[geolocation]]></category>
		<category><![CDATA[theft]]></category>
		<category><![CDATA[tracking]]></category>
		<category><![CDATA[Uncategorized]]></category>
		<guid isPermaLink="false">https://www.schneier.com/?p=64614</guid>

					<description><![CDATA[<p>From Ontario and <a href="https://www.yrp.ca/en/Modules/News/index.aspx?newsId=167fa5b3-3583-431d-8cc0-91e49aee3bff">not surprising</a>:</p>
<blockquote><p>Since September 2021, officers have investigated five incidents where suspects have placed small tracking devices on high-end vehicles so they can later locate and steal them. Brand name “air tags” are placed in out-of-sight areas of the target vehicles when they are parked in public places like malls or parking lots. Thieves then track the targeted vehicles to the victim’s residence, where they are stolen from the driveway.</p>
<p>Thieves typically use tools like screwdrivers to enter the vehicles through the driver or passenger door, while ensuring not to set off alarms. Once inside, an electronic device, typically used by mechanics to reprogram the factory setting, is connected to the onboard diagnostics port below the dashboard and programs the vehicle to accept a key the thieves have brought with them. Once the new key is programmed, the vehicle will start and the thieves drive it away...</p></blockquote>]]></description>
		
		
		<enclosure url="" length="0" type="" />

			</item>
		<item>
		<title>Smart Contract Bug Results in $31 Million Loss</title>
		<link>https://noise.getoto.net/2021/12/02/smart-contract-bug-results-in-31-million-loss/</link>
		
		<dc:creator><![CDATA[Bruce Schneier]]></dc:creator>
		<pubDate>Thu, 02 Dec 2021 14:32:36 +0000</pubDate>
				<category><![CDATA[blockchain]]></category>
		<category><![CDATA[cryptocurrency]]></category>
		<category><![CDATA[security tokens]]></category>
		<category><![CDATA[theft]]></category>
		<category><![CDATA[Uncategorized]]></category>
		<guid isPermaLink="false">https://www.schneier.com/?p=64598</guid>

					<description><![CDATA[<p>A hacker stole $31 million from the blockchain company MonoX Finance , by <a href="https://arstechnica.com/information-technology/2021/12/hackers-drain-31-million-from-cryptocurrency-service-monox-finance/">exploiting a bug</a> in software the service uses to draft smart contracts.</p>
<blockquote><p>Specifically, the hack used the same token as both the tokenIn and tokenOut, which are methods for exchanging the value of one token for another. MonoX updates prices after each swap by calculating new prices for both tokens. When the swap is completed, the price of tokenIn­that is, the token sent by the user­decreases and the price of tokenOut­or the token received by the user­increases.</p>
<p>By using the same token for both tokenIn and tokenOut, the hacker greatly inflated the price of the MONO token because the updating of the tokenOut overwrote the price update of the tokenIn. The hacker then exchanged the token for $31 million worth of tokens on the Ethereum and Polygon blockchains...</p></blockquote>]]></description>
		
		
		<enclosure url="" length="0" type="" />

			</item>
	</channel>
</rss>

<!--
Performance optimized by W3 Total Cache. Learn more: https://www.boldgrid.com/w3-total-cache/

Object Caching 31/312 objects using Memcached
Page Caching using Disk: Enhanced 
Lazy Loading (feed)
Database Caching using Memcached

Served from: noise.getoto.net @ 2025-12-10 02:22:49 by W3 Total Cache
-->