This is a Momentum Media production. Discover the changing face of business, government and national security as Australia navigates the cyber revolution. Welcome to another edition of the Cyber Uncut podcast. I'm David Hollingworth, Deputy Editor of Cyber Daily, and I'm joined by my colleague, Dan Croft. Hello, I'm back. How the hell are you doing? I'm good. You had a lovely weekend away, didn't you? I did. My band went and played Party in the Paddock in Tasmania. It was lovely.
Felt like a big VIP with the band pass, able to get backstage for all these great acts and do all that. It was excellent. Really, really good fun. It sounds marvellous. And for those who don't know, Dan is the drummer of a band. I've heard... Dan Drum live, and he's a bit of a monster. Large Mirage, if you see them touring, if you see a poster around your locals, they're playing in Sydney next week.
Yeah, yeah. I'll pay you later on for this. Excellent, fantastic. Cool, you can buy me a drink. Okay, let's forget the crass self-promotion and head straight into DeepSeek and OpenAI and all of that. once again. So what's up with DeepSeek in the last few days? Well, it's getting banned everywhere. Who knew? Yeah, well, I mean, I'm sure you spoke about it last week. We had the federal government ban.
We did, yeah. Most of the states and territories have also done the same. And now companies who are exempt from the ban, like the NBN. uh, the ABC and Oz post, uh, they've all done it anyway. Even though the federal government band said, despite the fact you work with government a lot, you know, ABC is, you know, it's the national broadcaster.
It's taxpayer funding. Exactly. You don't have to do it. They're doing it anyway under their own best judgment. So, yeah, it's kind of falling apart a little bit. What's interesting is like these are companies like I imagine. I imagine, the ABC makes use of TikTok. But they look at this and go, nope. Yeah. Don't want a thing to do with it. Yeah. And I mean, look, because from memory, the government doesn't allow TikTok on.
government devices. No, it doesn't. No, that was well and truly banned last year. So yeah, it's weird that there's been this kind of point of difference. I guess the term AI is also quite scary, but I think one of the things about it is... Yeah, as with TikTok, there's this sign of very direct Chinese government monitoring and everything of input data. It's a great tool for influence. It's got its own security risks.
DeepSeek got two databases exposed last week as well. So even DeepSeek haven't kind of set things very well for themselves. It's a great, great bit of technology as it's been, you know, advertised. and everything, but they had a cyber attack early on preventing signups, and then two databases of input data were exposed as well. Yeah, and it's like Liam and I spoke about this last week, and we looked at it as, you know, what if it is purely a disruptive tool?
Yeah. Yeah. You know, it's just meant to get, it's meant to get a mind share. It's meant to disrupt. It's meant to make the AI market in America look bad. It's meant to make companies like OpenAI go, whoa, we've got to spend more. Seems to have done exactly that. Like going on to a slightly different topic, you know, Sam Altman released a blog, CEO of OpenAI, saying, AI is going to be cheaper.
And, you know, as we all know, Deep Seek, there are one model that was ludicrously cheap. It was like 5.58 million US for the final run. And that doesn't count the money spent in the lead up. No, no. It's just the final run. But regardless, it's... dirt, dirt, dirt, cheap. And so Sam Altman said there's going to be cheaper AI, which seems like he's a bit inspired, but he says the cost of AI development is going to drop 10 times a year.
Isn't this a guy who also just called for like billions and billions of dollars investment to AI? Last year, the year before he asked, I think it was last year, asked for 700... trillion dollars. That's right. Sorry. For the AI revolution. Billions would be cheap. Yeah, yeah. Billions is nothing. But he says that there's going to be new innovative capabilities of AI. The more innovative they get, more people will use it.
cheaper it is it's going to be to develop and he said as well like you know yeah 10 times a year he's saying um it's going to be it's going to be getting that much cheaper um however their investment is not dropping. They're like, we've got no reason to stop investing the money we're investing. We're going to continue to do that. But if you're talking about DeepSeek being a tool for disruption, it's done exactly that. As we know, the NVIDIA thing, there's this.
And yeah, open AI seemed to be, you know, shaking in their boots. And it's interesting talking about open AI because our old friend Elon and a consortium of venture capitalists and weird... Hollywood figures, have gone... Of course, for those who don't know, Elon Musk was one of the co-founders of OpenAI, and OpenAI is technically a not-for-profit. Yeah, people do forget that. Yeah, it's just so easy to forget. Well, no, not...
so much a not-for-profit now. They're moving to a for-profit structure. And that's the thing. Sam Altman absolutely wants to move to a for-profit model. And Elon Musk has come out. In fact, I'll just... I'll just quote Musk. At XAI, we live by the values I was promised OpenAI would follow. We've made Grok open source and we respect the rights of content creators. I mean, I...
My nose just grew saying that. It's time for OpenAI to return to the open source safety focus force for good it once was. We will make sure that happens. Because he's proposing a 9.74... billion US dollar buyout of the company. That seems quite cheap, actually. Seeing as he spent four times that on Twitter. I mean, Altman did say AI would get cheaper. Maybe that's what he's talking about. Yeah, well. So yeah, like suddenly Musk is...
really wanting to be altruistic and keep all of this open source. And it's like, no, you just want the smarts. Yeah. It really is all it is. The board and everything, we're happy to go for profit.
Because he wanted that from the beginning as far as I was aware. It was part of the reason he kind of... He's the world's richest man. I mean, he's poor. He needs the money. But also what I love is Altman comes back... on x of course yes of course no thank you but we will buy twitter for us 974 billion if you want yeah i saw that that's quite funny yeah i mean i i yeah i i don't know what to make of that i mean it's also it's a case of like you know
Two of the worst people in the world arguing over the future of AI is just like cool. It's almost in a way infighting. These guys are both quite close to Trump, Musk especially. Musk especially, yeah. You know, but like it was Trump. I forget the two other CEOs. There was all these AI giants forming that infrastructure agreement. Stargate. Stargate infrastructure agreement. So these guys are both quite close to...
the US government at the moment. I'm just going to go on a tangent here. And I want to say, I wish tech bros would stop appropriating science fiction and fantasy that I really like. Stargate, Anduril. Palantir, just lightly go away. I like this. I don't like you. Pretty much, exactly. And, you know, speaking of Musk.
His dismantling of the US federal government is proceeding apace. And there's a lot of cybersecurity risk that's coming with that. Yes. So the EFF is suing Doge and the Office of Personal Management over... unconstitutional access to millions of American citizens' data because they're all federal employees. And also, I think you were saying today, the DOJ is letting go some electoral advisors? No, so kind of.
so sysa has let us put on leave or on suspension a number of the election security like election officials yeah and these are the guys who go out to the states in the u.s they go out to the local electoral offices and electoral people and teach them about cyber hygiene security and basic stuff and apparently the guys being taught are like man this is really useful stuff yeah and gone no no that's not important like they are really really preparing
Already, they're a lucrative country for threat actors to target. I mean, they're the number one targeted country in the world when it comes to ransomware. I mean, obviously, that's where the money is. That's where the businesses are. That's where the people are.
And you and I know that that situation is getting worse. And while the situation is getting worse in terms of ransomware attacks and cyber activity and cyber espionage, it's like the building is on fire. Let's fire the firemen. Yeah. Yeah. That's exactly what it's like. Yeah. And on that remarkably uplifting note, let's take a short break. We'll be back in a moment. And welcome back to Cyber Uncut. I'm David. That's Dan. Hello. He's definitely still Dan.
So let's get a bit closer to home. Yeah. Let's talk the Commonwealth Bank of Australia. They've had some issues. Yeah. This has all happened really, really quickly. So ComBank had an outage with their... It's their online payment processing service, meaning that thousands, I saw it reported as tens of thousands. Combank did tell me that thousands was more accurate. But thousands of merchants unable to process online transactions.
So people are stumped. You run a small business completely online. You have no shop front. People buy something online and you send it to them. Yeah. Completely to a halt. So just online transactions or was it FPOS transactions as well? Online transactions. FPOS transactions, obviously, you know, processing cash and stuff. If you're going and putting that into the bank, that's all fine. More and more businesses rely on that kind of online.
You know, bricks and mortar stores out there, nearly all of them now will have a mail order business, a go to the internet, buy thing, get it shipped. And why not? Because so many more people are shopping online. And COVID, you know, has changed all of that. And there is a massive expense of going brick and mortar.
even just having standard card payment and everything available, why not just make it all online? Lots of small businesses operate that way. And they were completely stumped. So ComBank has said, look, we're investigating it. We're working with the supplier of what's called their B-Point service to fix the issue. Checked again today.
Today is Thursday for everyone listening. Yes, yes. So this happened Wednesday. Today's Thursday. We're still checking and it'll be Friday by the time you're listening to this. Yes. If you're listening to it straight away. Good point. And you should be listening to it straight away. And as of that, the...
issue is still there. I believe recovery has begun, but it sounds like there are still thousands of merchants unable to run their businesses. And two days without business is considerable. And at the moment, it's just a fault, right? And look, this, you know, we're going to touch on how much of an impact that is for the cost of living because ComBank, in the same hour as the initial announcement, reported an...
A record after-tax profit of $5.13 billion for the six months from December. Yeah. First half of... Not December. Well, first half of the 2024-2025 financial year. Yeah. Not December. No. Scratch that. That would be horrifying. Market expectations had them at 5.06 billion. And... Their previous year earnings was 5.02 for the same period. So they've absolutely smashed that.
Every time I hear about bank profits, I get more and more socialist, I've got to say. I know Steve. If you also listen to the Defense Connect podcast, you would know Steve. He is... really angry right now that I'm getting more socialist when I hear about bank profits, but he can just cope. It's, it's excessive. Yeah. That's insane. And it's like, I know that you guys can't run your small businesses because of us. Um, but, um,
You can't make money, but we can. Yeah, we're making more money than ever. Yeah, fuck this, yeah. Yeah, and they released their report, as they would always do, and they've said that... you know, well, one of the things we've noted is that the cost of living crisis is having a detrimental effect on it, on our customers. This is the same bank that I'm pretty sure we're going to introduce.
I think it was like $3 ATM fees earlier in the year to help their customers. You know, boss sits back, lights fat cigar with $100 bill kind of energy. Yeah, it is. Like, jeez, particularly our people from Victoria and those aged between 24 and 35. really, really struggling. We're going to introduce a charge for ATMs. They didn't do it. They were very warned not to do that. Look, clearly they're struggling for cash. It's like people have fallen over and they've decided to kick dirt in their face.
while they're down there. And then this outage, which I'm not, that's not, I'm not blaming Combank for the outage. They didn't orchestrate the outage, but it is just. Really poor timing. It is, absolutely. We've made record profits and you can't make profits for two days and it'll probably hurt you more than it will hurt us. Yeah.
Yeah, but that was a nice little fun one to see. And of course, we're now trained when we hear of an outage to go, hack! Yeah, yeah, yeah. So last week, PlayStation Network had an outage. Yep. And because... Sony has been previously hacked a couple of times. Yes. Every gamer and their gamer dog was like, oh, hack! Well, when was the one in like the early 2010s? Because I remember. That's the one.
70-odd million, I think. Yeah. And it lasted for months. Oh, yeah, it did. Because I remember. Yeah. I played Call of Duty with my friends on my PS3. I'm so sorry. And... That was just not possible for like three months. And then, of course, you know, North Korea hacked Sony after they released that film, which really I must watch one day because, like, what a piece of geopolitics that was. But, yeah, so everybody was like, ah, it's a hack.
And Sony just came out and said, no, it was an operational issue. Yeah. And really, is that kind of communication enough? Well, no. Operational issue is very ambiguous. And that's the thing. It could mean anything. Because being hacked is an operational issue. Things that have turned out to be hacks.
from other companies. I can't remember names of, but I remember reading releases and they've been like, we have a technical issue or an operational issue and it turns out to be a cyber incident. In this case, no. And with ComBank... There's no sign that it is at this stage. But that's the thing. Like you and I hear like outage and we'll be like, oh, let's go to the hacking forums. Exactly. Let's keep an eye out for.
And that's the first thing I did yesterday. I started putting my, you know, my... 1970s PI jacket on and I was out looking at the darkest alleyways of the dark web to try and find anything. Or North Sydney. Yeah, yeah. And nothing. And it's funny you mention that. So a story I wrote this week. as kind of a follow-up to one from last month. So Notre Dame, University of Notre Dame, Australia has campuses in Sydney, Broome and Perth.
revealed they'd suffered a cyber incident. I was late to this one. ABC Perth had covered it. And I was told about it by one of our readers and all listeners. followed it up, got a comment from them, and it was the classic cyber incident. Yep. And I thought, well, I'm following this one. I will say, though, cyber incident is the perfect term for when you don't know yet.
I think so. I actually don't hate the term cyber incident. Yeah, but also I think if you say cyber incident, people are going to just go, it's a hack. Yeah. Here they're revealing that it happened, but I'm talking more like a case of ambiguous cyber incident.
keep an eye on the dark web. Yeah. And in this case, yesterday, the Fogg ransomware gang claimed responsibility, said they had the data, like, I think, more than 100 gigabytes of data. Yeah. Which is not the largest hack I've seen, but, you know, when you're talking... PDFs and emails and document file sizes. It all depends on what the data is. Yeah. But they've taken responsibility and now...
The university is working with the ACSC. They're trying to work out what the data is. And it's apparently got a lot of people on campus really, really concerned. Understandably. Yeah. And it's quite an interesting one because... So another hack, and this is one that you and I both covered. Yes. Spectrum Medical Imaging. Yes. You covered that last month. Yeah, quite a while ago now. Yeah. And from memory, they told you we're not aware of a hack.
And by the way, it's not our policy to pay ransoms. Yeah, which that was good to hear, but they didn't kind of mention anything beyond that. But yeah, they were happy to say our policy is to not pay. Yeah. Um, and then yesterday and so, so in work chat, Dan's like, Oh, good spot. It really wasn't a friend of mine actually got a notification, uh, via text message and shared it on Facebook. And I'm like, Hey.
Can I talk to you about this? Shared the message with me and I went to their site and apparently it's taken them a month to work out what the data was. And now they're contacting people whose data has been impacted and it does involve medical records. Pathology reports, scans. I mean, this is a medical imaging place, right? Yeah. And, you know, that's – I feel bad for companies who get dragged over the coals for taking time.
the apparent time to work out what's been impacted, but these are large data sets. And it's very, very hard to find specific pieces of data in that. You know, we're talking... hundreds of thousands, sometimes millions of lines of data. And that's just a file listing. Yeah, exactly. Look, I actually would not...
I'm not going to attack them at all over their response. I actually think they did a pretty good job a month. It's not too bad a turnaround for a smaller business. And when they spoke to me, they said, pretty much all the right things. They didn't want to give me anything. They didn't give me anything, but they made it clear that what their stance is with ransom, which I think is not a bad thing to do either. It's not a bad one, but we also know that a lot of healthcare entities-
almost as policy will pay the ransom. Yeah, due to the nature of the data and there's almost like a life and death scenario. If you get... infrastructure of a hospital somehow accessed and you know someone's able to access an account remotely turn things off which is like
An extreme. I mean, that is the extreme, but you and I have both seen attacks that have disrupted hospital operations. Yeah. And, you know, that's critical stuff. It is, yeah. But even then, it's just the nature of the data, too. It is, yeah. Yeah. Yeah, it's kind of... quite serious stuff. I did suspect this might have been legitimate from the beginning. There was a sample that was quite damning. It did seem very legitimate. I couldn't verify it for sure. You never can. But...
But this is the thing with ransomware gangs, right? If they say they've got the data nine times out of 10, in fact, I would say 99 times out of 100, they have the data. They usually do. Because that's what... that's what their bread and butter is. You need to trust that they are bad guys. You need to trust that they have stolen your data. That's the whole way this ransomware ecosystem works. So generally when Dan and I see a ransomware gang claiming a...
a hack on a company, it's like, oh, it's done. Whether that data is interesting, whether there's a lot of it, whether it's worth any money. We don't know. And the other thing is, it's worth clarifying. We don't then go and write a story as if something's happened. No, no, no. One of the things we do like to do is, that's why we like to talk to these companies. Because, you know, even if these people usually do tell the truth.
They are criminals and they will lie. We're not going to take their word for it, but the company that, the victim company. we will rely on. We will trust their words. So of course we like to talk to them about it. No, 100%. Speaking of the time it takes to work out what happens in a data breach like this. So last year I wrote about the Watergate Hotel. Yes.
That Watergate. Got hit by a ransomware attack. I contacted the hotel. They didn't get back. Of course, they didn't get back to some random Australian journalist, right? But the ransomware gang actually shared quite a lot of the... evidence of the hack. And we're talking like security pass keys, names of people who stay there. And the thing about Watergate is a lot of government people stay there. So it was sensitive. That was May last year. Just...
Over the last few days, they've started contacting customers. So it's taken them a year to investigate the data that's been taken, to work out who's been affected. And even now, they go, we've contacted everybody we could find who's been. impacted by it. But if you're concerned, contact us and we'll try and find out for you. So even now, they're not sure. This is very similar to UnitedHealth.
They contacted everyone they could and they said, there's still some people we can't contact. And they only said that they were really starting to notify people. I think it was like... Over three months later, a month late from when they had to start notifying people. So yeah, same thing. I get when it's a big, big, big organization or, you know, something that has particularly sensitive data, like the hotel, like Watergate, you have to be meticulous.
And it will take time. I understand that. But, yeah, same sort of thing. Yeah, it's kind of wild. You covered another KillSec. KillSec? Great name for a gang, though. I did. You covered another KillSec hack this week, didn't you, as well? It did. That's a local one. It is. So there was an Australian education center by the name of the Albright Institute of Language and Business, and they're a registered training organization.
deal with training in the English language. They offer diplomas and other qualifications in business. This allows students, I think typically international students, to then get the foundations they need to go off to an Australian university. Great. Sounds great. More student data. Great. Cool. Yeah. Which KillSec, I'll touch on this, seems to be good at.
Um, so they didn't set a ransom payment in the last few, cause I'm looking at another, which I won't talk about yet. Um, oh, you know, maybe I will after this. Um, they, they have not. set a ransom payment, but they're going to publish the data in under six days at the time of this podcast. And that contained things like passport scans, study offer letters.
payment plan documents, visa application documents, and more. And then they had a full sheet of just personal data, like names, IDs, emails, mobile numbers. All of this kind of stuff. Yeah, and, you know, we commonly talk about how some of that basic data, names, addresses, emails, phone numbers, this is the kind of stuff that a lot of people hand out to loyalty reward programs. Exactly, yeah. They hand it out hand over fist. Yeah. But it's things like...
signed forms and visa applications, that's going to have family references. It's going to have signatures. Signatures, yeah. You know, you start to get stuff like, you know, the thing which I always find concerning is whenever I start seeing passport and driver's license scans. Well, ID documents. AID document. So powerful. You need 100 points of ID. Well, Hacker now has 100 points of ID. Exactly. And then this also had things like...
People's qualifications, the units they're doing, their assessments and the status of the assessments, deadlines, results. And the more of that data you know, the more a scammer... You can look at that and call you up and go, hey, Dan, I know you're enrolled here, but your fees haven't come through or you're late or something and just start pressuring. And even if one in 20 people fall for that.
You start making money. Oh, no, we've noticed this person hasn't actually passed their assessment or handed it in by the deadline. Hey, so we're actually going to need you to redo that subject. We want to reach out just to get payment for said subject. Yeah, exactly. There's so many ways you can get... Get through it. Yeah. Stuff like that. So we reached out to them, didn't get a response from them, unfortunately. So again, unsure if it's legit.
It looks legit, but I can't say, I can't verify that. I can never say for sure. Yeah. I won't talk about the second one. That's something that will be on the site. Dan and I are always in the middle of at least two or three of these stories, which we're working in the middle of when we record the podcast. Okay, we'll probably leave the local ransomware stuff there, but we'll come back.
from a short break with something a little bit more topical, kind of lighthearted, kind of not. Yeah. Yeah. Anyway, talk soon. Are you ready to elevate your cyber expertise? The Australian Cyber Summit is back for 2025, coming to Illumina Sydney in April, featuring a content packed agenda and top experts in the field. Explore ways to navigate the ever evolving digital landscape and discover effective tools and strategies to combat new cyber threats.
To deepen your knowledge and network with like-minded professionals dedicated to securing our digital landscape, visit AustralianCyberSummit.au to learn more about our content-packed sessions, expert speakers and to secure your ticket. And we're back. Welcome back to Cyber Uncut. He's Dan. I'm David. Yep. Today is Valentine's Day. And unfortunately, as fun as Valentine's and romantic as Valentine's Day can be...
Man, scammers love dates like this. Oh yeah. Yeah. Like everyone's going to be, they're going to be on their dating apps. They're going to be, you know, booking romantic trips. They're going to be looking for gifts. They're just going to be like, you know, wanting to do stuff with their couple or maybe trying. Reach out and find their loved one. So I thought it might be worthwhile just to run through some basics of Valentine's Day and romance scams. Have you used a...
Dating apps? I have. Yeah? Yeah, I've used dating apps for years. That's a really plausible question. I should have asked consent for that one. No, no, no. I used dating apps for years. Yeah. Looking back on that, you can absolutely see how easy it would be to scam. They're full of bots for one.
They're full of people asking for services like drugs. I often got asked for drugs because I had long hair. I was going to say it's long hair, right? I used to get that all the time at festivals and concerts. They were like, hey man, you got weed? No, dude, I don't. Yeah, exactly. Yeah.
So yes, no, but I use dating apps and yeah, they're full of scammers and bots and things like that. But so let's just do a quick run through. Fake flower and gift delivery scams. Basically, they'll set up a fake web. site. The flowers will be incredibly cheap. This is one of the things which is one of the through lines of all these scams. It's too good to be true if it's a bargain basement price, if the... If the price won't last forever and you must buy now...
chances are it's a scam. Yeah, probably. So yeah, discounted flowers, gift delivery, all that kind of stuff. So they can harvest credentials, financial information, even get people to pay. And guess what? It's a scam. and your money's gone. And what to look out for are suspiciously low prices, poor site design because...
These scams have been set up by people who are probably not professional web developers. They're trying to mimic other websites. And unusual payment methods. So imagine going online and, like, you want to send delivery of flowers. I want to send you flowers for Valentine's Day. And they ask for a payment. in Bitcoin.
Can't I just use my credit card? No, you've got to use a direct transfer or pay it Monero, man. Yeah. No. Yeah, can you pay for this in Apple gift cards? Oh, yeah. No, no, I don't think I will. Yeah. And as you mentioned about the bots on dating sites, fake dating profiles. So these often... impersonate real people using their data. And again, this is another thing that scammers can use from data taken from other breaches, photos, personal details. So they can create a very real looking persona.
And so these are fake profiles that look really good. Yeah. They're beautiful. They're friendly. All of the things which you might be looking for in a partner, but they're just not real. And because they're everything you're looking for in a partner, they can manipulate you. into sharing personal information or maybe even sending them money if they're having a crisis. I don't know why I just air quoted in the microphone, but I just did. So yeah, that's something to watch out for.
Travel scams. This is something I wasn't even aware of. Scammers create fake travel sites offering romantic getaways at, again, bargain basement. prices. So again, if it's too cheap, there's no contact details or any reviews of the travel agent that they're purporting to be, or again, asking you to pay in. Bitcoin? It's probably dodge. Seriously, seriously dodge. Cryptocurrency scams.
It's the last thing I'd think of, except for the fact that we've just been talking about all this revolving around crypto. But effectively, what this means is you are romantically interested in someone, possibly via a fake profile. And once you get to know them, they'll be like... by the way, I've got the inside loop on this cryptocurrency and you should get in now on the ground floor. And I love you and I don't want you to, that kind of stuff. Yeah, yeah, yeah.
One, be wary of anybody who like in the first few days of a relationship says, yeah, crypto. That's probably not cool. Any investment platform that doesn't have reviews. And again, anyone pressuring you to act now will lose that opportunity. Yeah, that sense of urgency. It's exactly, you know, engaging a sense of crisis in the victim and pressuring them. And you make bad choices when you... being rushed. Yeah. You also make bad choices when you think you're in love with a...
And when you think you might make money. I mean, you've got FOMO, you've got romance, and you've got, yeah, it's just, yeah, it's a perfect storm. Fake jewelry. Oh. Right. Yeah, okay. So again, it's the too good to be true category. Yeah. But so it's a, you know, fake website setting up, you know, fancy rings, necklaces, jewelry.
I don't know, piercings maybe, who knows. And you want to buy one for your loved one and you buy it and either it never turns up or what you get is a really, really cheap fake. Yeah. Yeah. Unsurprising. And again-
You know, one of those things, if it's too cheap, it's too good to be true. It's probably, it probably is. So apparently a lot of these scams only exist as on social media. So it's like, we don't have any shop front. We don't have a retail website. We're just, yeah, we just run a Facebook store. Be wary of that. They won't have readily identifiable refund policies. And again, impossibly low prices. You mentioned gift cards.
Gift card scams. Yep. Yep. Yep. That's a big one. And in this one, scammers will reach out and go, you've won a gift card. Give us your details. Yeah. And guess what? Your details have been taken and the gift card isn't there at all. So again, nothing to watch out for. And this is general in scams, although AI is changing this a bit, is poor grammar and spelling, unclear or vague branding. And again, you know.
pushing you. Yeah. Oh, if you don't, if you don't validate this gift card now, you miss out. You'll lose it. Yeah. Yeah. So yeah, I mean, there's, there's so many commonalities there, but they're all very distinct little different kind of scams, all preying on the same kind of, the same themes of. FOMO, romance, getting something that's cheap. Yeah. So money, love. Yeah.
Yeah. The big motivators. Money, love and urgency. That's the one. However, send money to. No, do not send money to us. We are not accredited in any way to receive your cash. But I think we may end that there. It's been a week, hasn't it? It has. I was actually going to touch on one more thing. Actually, yesterday was a week, wasn't it? Yesterday was a week. I was going to touch on one last thing. Oh, yes? There was Australia, the US, and the UK have sanctioned...
Z Servers and five of their employees. These guys are based in Russia, right? They are, Russia. They're found out to be in a town called Banul. In southern Russia, it's not far from Mongolia. This is kind of a positive ending, actually. It's Australia leading the charge. Strike one for the good guys. Also, the way you told me about this today, the way this was done makes me so proud to be an Australian. Yeah, so pretty much.
Australia, the US and the UK placed sanctions on Z servers and five of its employees. Under these new sanctions, it'll be a criminal offence to use Z servers. or any of its services, and the five individuals, which include the owner of Z servers, will be banned from entering the country. Now, why Z servers, though? So, that's a good point. It was the infrastructure used by Lockbit, by Alpha slash Black Cat, and for the Medibank hacker, Alexander Omikov. So, okay, all three countries knew about.
about Z servers. It was a problem. And then the Medibank hack happened. And Australia went, right, cracked knuckles, we're getting on this. And so they began an investigation. And Ermakov left this sloppy trail of evidence the way it's worded. And so they zeroed in. And they tracked this activity to Barnall. This is gold. This takedown is brilliant. This is legit gold.
A technical takedown? Was it coders? Was it a crack law enforcement black ops operation? No. Or was it vodka? Yeah, well, it seems that those five gentlemen decided that... One night there was Australian spies within the area. One night they decided to go out for a night on the town, have a few vodkas as it's been worded.
That's what it's reported as. I'm not making a Russian joke. I can guarantee you it's probably vodka. Yeah. And so the Australian spies went in, looked at the infrastructure, found the Medibank data, deleted it. And pretty much disabled it, as far as I'm aware. And now Z Servers is no more. Nice little tidbit. A lot of this was coverage by the Sydney Morning Herald. Yes. Thank you to them. Very good journalism there.
But one of the things that they wrote, which I love, this is a great little tidbit. If you've ever received a dodgy text, it was likely sent through ZService. Like, these guys were... big. I know. So it's a good thing you brought that up. You were just talking about scams and text messages and all of that. And so to hear that it was, you know, because a lot of these takedowns, you see the FBI leading it, you see Europol leading it, you see the UK leading it. It's really cool to see.
that a big part of this was Aussie. Australians out there taking advantage of drunk Russians. Yeah, yeah, exactly. You just love to see it. I do. And right, that is a good note to end on. I think that is, yeah. We often end on remarkably grim notes. Oh, that's some bad news. Anyway, have a great week. Yeah. Yeah.
I'm quite, yeah, it makes me quite proud to see the Aussies taking a bit of a charge on that one. That's really, really good stuff. You've got to love it when law enforcement take these guys down. Yeah, especially when it's vodka related. Anything vodka related is good. Yeah. And on that note.
I do believe it's vodka o'clock. So thank you for listening to Cyber Uncut. Please subscribe to Cyber Daily's newsletter. Become a member of the website that gives you free unlimited access to all our articles. We are on all the socials. And hey, if you guys have any information about any interesting hacks, any data you think we should know about, any incidents, please reach out to us. You can find Dan and my contact details on the website. Thank you for listening.
We'll see you next week. We will. See you later.