Notices by BrianKrebs (briankrebs@infosec.exchange)

I am reliably informed by Google Shield that my site krebsonsecurity.com on Monday was the target of the biggest DDoS attack Google has ever had to deal with, clocking in at ~6.3 Tbps. This is not quite a record; apparently, an attack Cloudflare had to deal with in April is the largest known DDoS to date -- at ~6.5 Tbps.

It's been a while since we've seen a big DDoS. For reference, this one was about 10x the size of the Mirai botnet attack that launched a record DDoS against my site in 2016, knocking it offline for nearly 4 days until I got the site behind Google Sheild.

I'll know more in a bit. Below is the CF blog about their April attack.

https://blog.cloudflare.com/ddos-threat-report-for-2025-q1/#hyper-volumetric-attacks-continue-spill-into-q2

While our nation squabbles over banning books from school libraries, the POTUS has reportedly tapped the second in command at the Justice Department to head the Library of Congress. I wonder how many people would still go to the library if cops were checking out your books (literally)?

"The White House has not announced Blanche’s new role. Several Democratic members of Congress called Monday for more scrutiny of the White House’s interactions with the Library of Congress, while a lawyer who used to work with the agency said it could be problematic for the Justice Department to have visibility into communications between the library’s research arm and U.S. lawmakers."

https://www.washingtonpost.com/politics/2025/05/12/trump-blanche-library-congress-copyright/

Are recycling bins generally made from recyclable plastic? Because I'm pretty sure I tossed the plastics recycling container into the recycling dumpster the last time I visited the dump. Anyway, I've decided the plastics bin will be wood from now on.

Beware any industry that claims you need more of what it is selling to offset negative externalities generated by its unbridled use. This seems to be the pitch of the AI cheerleaders: If your systems are doing a poor job screening automated activity from AI, the real problem is you're not using enough AI, dumbass.

This is from the socials of Branden Spikes, a former DOGE guy and longtime Musk employee/lieutenant, in re an article on AI cheating in academia.

https://krebsonsecurity.com/2025/03/who-is-the-doge-and-x-technician-branden-spikes/

Anonymous pizza deliveries are very much cowards saying "we know where you live." Things usually escalate to more serious stuff arriving at your home, because often this harassment is perpetrated within a community that feels the need to constantly one-up each other. I found this bit from the WaPo story interesting, given that harassers take full advantage of consumer data services (and the broad availability of US consumer data) to find their targets in real life.

"Some of the pizza deliveries have gone to judges’ relatives. In recent weeks, orders have been placed in the name of U.S. District Judge Esther Salas’s son, Daniel Anderl, who was fatally shot at the family home in New Jersey in 2020 by an attorney who posed as a delivery person."

It's curious that the perpetrators would so heartlessly invoke Anderl's name: The person who killed Daniel Anderl was a lawyer who was upset at one of the judge's rulings, and he came to her house disguised as a Fedex driver, ended up shooting her son instead and then himself.

The result of this attack was Daniel's Law, which is currently being litigated against by nearly every consumer data broker on the planet right now. They are challenging the constitutionality of Daniel's Law, after a privacy company called Atlas sued >150 data brokers. Atlas alleged the brokers were violating the NJ statute, which allows police officers, judges and their families to be removed from consumer data broker services.

https://www.washingtonpost.com/politics/2025/05/11/justice-judges-threats-intimidation-pizza-deliveries/

https://krebsonsecurity.com/2024/10/the-global-surveillance-free-for-all-in-mobile-ad-data/

For the past several months, about 2-5 emails per day have arrived from people bitching about being banned from an illegal movie and network streaming service. I soon learned that all of this service's various domain names include my email address as the point of contact. So when people invariably get banned for spamming the chat box on this unlicensed tv streaming service, they bitch to me and plead to be let back on the service.

Last month I yelled at their Twitter account, which yelled back that they don't run the site blah blah. Just for background: I dislike spam and spammers so much that I wrote a whole book about them. And at this point I was getting so annoyed by the constant wayward emails that I started researching the accounts and things promoting these PPV networks. For a while there I was like, No Mercy! Fear does not exist in this dojo, does it?!? I was even beginning to form a plan to auto-respond to these annoying messages with a vague promise to reinstate them if they could show proof of a donation to a local shelter or something.

But then I thought, instead of going nuclear on these guys what if I just asked nicely? Sometimes asking nicely is the best way forward.

New, from me: Pakistani Firm Shipped Fentanyl Analogs, Scams to US

A Texas firm recently charged with conspiring to distribute synthetic opioids in the United States is at the center of a vast network of companies in the U.S. and Pakistan whose employees are accused of using online ads to scam westerners seeking help with trademarks, book writing, mobile app development and logo designs, a new investigation reveals.

This story was quite a lot of work, and I really hope some good can come of it. The scale of this operation is something to behold:

https://krebsonsecurity.com/2025/05/pakistani-firm-shipped-fentanyl-analogs-scams-to-us/

Today's scoop: xAI Dev Leaks API Key for Private SpaceX, Tesla LLMs

An employee at Elon Musk's artificial intelligence company xAI leaked a private key on GitHub that for the past two months could have allowed anyone to query private xAI large language models (LLMs) which appear to have been custom made for working with internal data from Musk's companies, including SpaceX, Tesla and Twitter/X, KrebsOnSecurity has learned.

GitGuardian's Eric Fourrier told KrebsOnSecurity the exposed API key had access to several unreleased models of Grok, the AI chatbot developed by xAI. In total, GitGuardian found the key had access to at least 60 distinct data sets.

"The credentials can be used to access the X.ai API with the identity of the user," GitGuardian wrote in an email explaining their findings to xAI. "The associated account not only has access to public Grok models (grok-2-1212, etc) but also to what appears to be unreleased (grok-2.5V), development (research-grok-2p5v-1018), and private models (tweet-rejector, grok-spacex-2024-11-04)."

Fourrier found GitGuardian had alerted the xAI employee about the exposed API key nearly two months ago -- on March 2. But as of April 30, when GitGuardian directly alerted xAI's security team to the exposure, the key was still valid and usable. xAI told GitGuardian to report the matter through its bug bounty program at HackerOne, but just a few hours later the repository containing the API key was removed from GitHub.

Read more: https://krebsonsecurity.com/2025/05/xai-dev-leaks-api-key-for-private-spacex-tesla-llms/

Independent writer Anthony Clark lists a number of ways that Trump's nominee for surgeon general appears to have falsified, misled, selectively omitted, or lied about her medical education, board certifications, and military experience.

https://lastcampaign.substack.com/p/trumps-surgeon-general-pick-distorted

Clark published a follow-up with more detail here:

https://substack.com/home/post/p-161849494

Okay this is really interesting. The NLRB whistleblower Daniel Berulis told me that he found the DOGE accounts had downloaded three different code libraries from GitHub that none of their IT people or contractors used or knew about. One of them, Berulis said, had in its "README" file a description that said the software was designed as "a proxy to generate pseudo-infinite IPs for web scraping and brute forcing."

One of the core DOGE employees is Marko Elez, and Elez's GitHub page has a very interesting code repository: async-ip-rotator, created in January 2025

https://github.com/markoelez/async-ip-rotator

Checking the history of this code, Elez's profile says it was forked from this

https://github.com/Ge0rg3/requests-ip-rotator, which says in its description:

"A Python library to utilize AWS API Gateway's large IP pool as a proxy to generate pseudo-infinite IPs for web scraping and brute forcing."

"This library will allow the user to bypass IP-based rate-limits for sites and services."

Gee, I wonder which DOGE employee was in the NLRB in early March?

ICYMI, Defense Secretary Pete Hegseth managed to leak Yemen bombing plans with friends and family in yet another Signal chat fiasco, the NYT reported.

The first time this happened, when administration officials including Hegseth texted war plans to the editor of The Atlantic, the White House said basically everyone makes mistakes, nothing to see here, nothing classified, no investigation, case closed.

But screw up the same way a second time and there have to be consequences, right? BZZZT. The administration claims the real problem are the "woke" leakers who are showing what an absolute clownshow the administration is running.

https://www.nytimes.com/2025/04/20/us/politics/hegseth-yemen-attack-second-signal-chat.html

My wife and I have gotten into the habit of asking each other at dinner what was the best thing that happened to each other that day. She now likes this tradition so much she's expanded it into three things, which I contend makes the whole thing more of a mental exercise, but I usually manage. I have found though that it makes me take closer note of the good things that happen during the day, so I'm not left with "uh...." when it's my turn. It also helps punctuate the positive at a time when there's a whole lot of the opposite.

I published a follow-up on NPR's scoop last week about a whistleblower at the National Labor Relations Board (NLRB), who alleges DOGE created super admin accounts (w/ no logging) at NLRB and transferred ~10GB worth of data from the agency's case files.

The story includes an interview with the whistleblower -- NLRB security architect Daniel Berulis -- and examines the technical claims in his report to lawmakers. He's taking some paid leave for now, noting that the same day the NPR story ran, the NLRB removed administrative rights for its IT staff and almost everyone else at the agency.

The backstory is that both Amazon and Musk’s SpaceX have been suing the NLRB over complaints the agency filed in disputes about workers’ rights and union organizing, arguing that the NLRB’s very existence is unconstitutional. On March 5, a U.S. appeals court unanimously rejected Musk’s claim that the NLRB’s structure somehow violates the Constitution.

Here's the lede:

"A security architect with the National Labor Relations Board (NLRB) alleges that employees from Elon Musk‘s Department of Government Efficiency (DOGE) transferred gigabytes of sensitive data from agency case files in early March, using short-lived accounts configured to leave few traces of network activity. The NLRB whistleblower said the unusual large data outflows coincided with multiple blocked login attempts from an Internet address in Russia that tried to use valid credentials for a newly-created DOGE user account."

https://krebsonsecurity.com/2025/04/whistleblower-doge-siphoned-nlrb-case-data/

The Trump administration is actively censoring the White House press pool, @mmasnick writes for Techdirt.

"On Tuesday, the White House effectively eliminated the Associated Press from the White House press pool, changing the rules to basically bar the wire service entirely. This is even after (or perhaps in response to) a Trump-appointed judge ruling that the White House was clearly violating the First Amendment in excluding the AP from various press conferences. This isn’t a huge surprise, because last week there were reports that the White House was still excluding AP reporters… and then directly censoring press pool reports that mentioned this and other embarrassing facts."

"Last week, Oliver Darcy was the first to call out two troubling developments related to this: First, the White House was ignoring the ruling and still blocking the AP from certain access. Indeed, what Darcy had found is that the pool reporter on duty, Joseph Morton, the Washington correspondent for The Dallas Morning News, had written in the pool report the following:"

“A reporter and photographer with The Associated Press were turned away from joining the pool.”

"So why are we hearing this from Darcy instead of Morton?"

"Well, that’s the second discovery that Darcy reported on. The White House is now directly censoring White House press pool reports:"

"It was likely that sentence, which came after a judge had ordered the administration to restore the AP’s access, that irked the White House. That specific pool report from Morton, I’ve learned, was never distributed by the White House to news outlets subscribed to its pool report mailing list — a notable omission and a clear break from precedent."

"It also wasn’t the first time this week that the White House chose to censor the pool. On Monday, Philip Wegmann, a reporter for RealClearPolitics, filed a pool report noting that a scheduled press conference between Trump and Israeli Prime Minister Benjamin Netanyahu had been “cancelled” and was “no longer taking place.” That report, too, was never sent out by the White House."

https://www.techdirt.com/2025/04/18/white-house-censoring-press-pool-reports-while-still-discriminating-against-ap/

Someone remind me what is the argument against holding the White House in criminal contempt at this point? I keep reading headlines like "Will Trump Create a Constitutional Crisis?" He already has, many times over.

There is little indication this administration is doing anything to comply w/ multiple court orders, and it is thumbing its nose at the rulings. The POTUS is going to force the issue sooner or later. But later does not really seem like an appropriate response from the judiciary and does nobody any favors.

Today's most meta announcement: The FBI is warning that scammers are impersonating the Internet Crime Complaint Center (IC3), which is operated in partnership with the FBI to receive consumer complaints about fraud.

Naturally, the FBI urges victims to immediately report the fraud to the IC3.

tl;dr: 25% of students enrolled in California community colleges are reportedly AI bots set up to commit financial aid fraud. Probably this time next year it will be 40-50 percent.

Tired: Teachers using tools to find students cheating with AI.

Wired: Teachers using tools to figure out how many of their new students are bots who are just there to submit enough AI-completed assignments that they can claim financial aid in someone else's name.

This story from the Voice of San Diego is worth a read:

"When the spring semester began, Southwestern College professor Elizabeth Smith felt good. Two of her online classes were completely full, boasting 32 students each. Even the classes’ waitlists, which fit 20 students, were maxed out. That had never happened before. "

"By the end of the first two weeks of the semester, Smith had whittled down the 104 students enrolled in her classes, including those on the waitlist, to just 15. The rest, she’d concluded, were fake students, often referred to as bots."

"The bots’ goal is to bilk state and federal financial aid money by enrolling in classes, and remaining enrolled in them, long enough for aid disbursements to go out. They often accomplish this by submitting AI-generated work. And because community colleges accept all applicants, they’ve been almost exclusively impacted by the fraud."

"That has put teachers on the front lines of an ever-evolving war on fraud, muddied the teaching experience and thrown up significant barriers to students’ ability to access courses. What has made the situation at Southwestern all the more difficult, some teachers say, is the feeling that administrators haven’t done enough to curb the crisis."

https://voiceofsandiego.org/2025/04/14/as-bot-students-continue-to-flood-in-community-colleges-struggle-to-respond/

Another area where the POTUS is setting up a constitutional challenge with the judicial branch:

"The Associated Press said in a court filing on Wednesday that the Trump administration had defied a federal judge’s order requiring the administration to restore the wire service’s full access to the White House."

"Lawyers for the The A.P. wrote that a White House spokesman had told A.P. reporters on Monday that they would continue to be excluded from the press pool — a small, rotating group of journalists who cover certain events in confined spaces at the White House — because the “case is ‘ongoing.’”

"For the last two months, The A.P.’s access to President Trump has been sharply curtailed over its refusal to refer to the Gulf of Mexico as the Gulf of America, the name that Mr. Trump designated for the body of water."

"In a temporary order last week, Judge Trevor N. McFadden of the Federal District Court in Washington, D.C., said the exclusion violated the First Amendment’s free-speech clause and instructed the White House to restore The A.P.’s access “immediately.”

https://www.nytimes.com/2025/04/16/us/politics/trump-ap-white-house-access.html

And, just like that there IS content on the foundation's site.