Wickr has a new plan for dodging internet blocks

As encrypted chat apps grow more popular, they’re also becoming more popular targets for state-level blocks. Whether it’s brief interruptions in Brazil and Egypt or long-term censorship in China and Iran, countries are testing out their ability to block traffic at a national level, and apps are having to get creative to stay online.

Wickr’s latest solution is a partnership with the circumvention service Psiphon, which will be available to enterprise users starting today and rolling out to free users in the weeks to come. Similar to a VPN, Psiphon will disguise Wickr traffic through proxies and other routing protocols designed to make the traffic hard to spot and even harder to block.

Emerging from the University of Toronto’s Citizen Lab, Psiphon already provides anti-blocking services for a number of digital rights tools, most notably in Iran. “The systems doing network disruptions are very sophisticated,” says Psiphon’s Michael Hull. “So you have to have a smarter kind of VPN to perform under the various kinds of filters and attacks.”

That’s a particularly valuable service now that it’s harder to hide your traffic among larger networks. In recent months, both Amazon and Google have disallowed a practice called domain-fronting, which allowed apps like Wickr to forward their traffic through the larger network as a way of evading censorship. Botnets also sometimes used the technique to avoid detection, which ultimately inspired the broader networks to shut down the practice.

Wickr CEO Joel Wallenstrom put the move in business terms. “People trust very secure stuff to Wickr, and they’re trusting us not only to secure the data but that we’ll get it where it needs to be,” he told The Verge. “It was very apparent that the world is changing, and we need to respond to that.”

Ukrainian hackers arrested for stealing 15 million credit card records

Three Ukranian nationals have been arrested in connection with a lengthy hacking campaign that targeted more than 100 American businesses, including the theft of credit card information from Chili’s, Arby’s, and Chipotle. According to the indictment, the group stole more than 15 million credit card records from more than 6,500 point-of-sale terminals over the course of the campaign.

Known to security researchers as the Carbanak group, the group used social engineering and phishing attacks to infiltrate businesses and steal financial data. The initial infection typically came from malware included as an email attachment, sometimes presented as a lost hotel reservation or an SEC complaint.

In one incident, the group masqueraded as the FDA’s Center for Food Safety and Applied Nutrition, informing the business of a food poisoning incident. (Chipotle has struggled with food safety issues, although it’s unclear if they were the target of the spoofed FDA email.) “You can find attached the list of inspections and checks scheduled to take place at your restaurant,” the email read. In fact, the attachment contained malware.

The indictments unsealed today name Dmytro Fedorov, Fedir Hladyr, and Andrii Kolpakov as conspiring to commit the attacks, charging each man with 26 counts of conspiracy, wire fraud, computer hacking, access device fraud, and aggravated identity theft. According to the indictment, the men constructed a sham security company as a front for the hacking campaign, pretending to offer penetration testing services to corporate customers. The arrests were made in Germany, Poland, and Spain in cooperation with local authorities, and two of the three suspects are still awaiting extradition.

It’s not the first arrest made in connection with the Carbanak hacking campaign. In March, the Spanish National Police announced they had apprehended the mastermind of the Carbanak group, describing him as a Ukrainian national called “Denis K.” One of today’s suspects, Andrii Kolpakov, was also arrested in Spain, although the arrest took place months after the Denis K. announcement.