Ukrainian police have reportedly arrested two members of a ransomware gang -- and while some have fingered REvil, no firm details have been published by cops from multiple countries. The Register reports: A round of speculation was triggered when inter-EU law enforcement body Europol declared this morning that Ukrainian fuzz had arrested "two prolific ransomware operators known for their extortionate demands," claimed to be up to [$81.3 million]. One of the two suspects arrested on September 28, according to the National Police of Ukraine, was a "hacker." The other allegedly "helped to withdraw money obtained by criminal means." $1.3m in cryptocurrency was said to have been frozen. A multinational police operation with input from France's National Gendarmerie and the US Federal Bureau of Investigation helped lead the Ukraine cops to their targets, with support from Europol and Interpol.

The 25-year-old suspect allegedly deployed "virus software," compromising remote-working software, with one attack vector being "through spam-mailings on corporate e-mail boxes of malicious content." "In total, the hacker attacked more than 100 foreign companies in North America and Europe," said the Ukrainian police, adding that they blamed the 25-year-old arrestee for causing $150m of damage to Western organizations. [...] Numerous people speculated on Twitter that the latest Ukrainian arrests were members of the REvil ransomware gang. This was based solely on Europol's claim that the two main accused had once issued an "extortionate" [$81.3 million] ransom demand, which has not been repeated by cops in Ukraine. REvil once issued a ransom demand for $70 millionagainst managed service provider Kaseya) but that is not the same sum...

Mark Zuckerberg's personal wealth has fallen by more than $6 billion in a few hours, knocking him down a notch on the list of the world's richest people, after a whistleblower came forward and outages took Facebook's flagship products offline. Bloomberg reports: A selloff sent the social-media giant's stock plummeting 4.9% on Monday, adding to a drop of about 15% since mid-September. The stock slide on Monday sent Zuckerberg's worth down to $121.6 billion, dropping him below Bill Gates to No. 5 on the Bloomberg Billionaires Index. He's down from almost $140 billion in a matter of weeks, according to the index.

Large tree-planting initiatives often fail -- and some have even fueled deforestation. From a report: On November 11, 2019, volunteers planted 11 million trees in Turkey as part of a government-backed initiative called Breath for the Future. In one northern city, the tree-planting campaign set the Guinness World Record for the most saplings planted in one hour in a single location: 303,150. "By planting millions of young trees, the nation is working to foster a new, lush green Turkey," Turkey's president, Recep Tayyip Erdogan, said when he kicked off the project in Ankara. Less than three months later, up to 90 percent of the saplings were dead, the Guardian reported. The trees were planted at the wrong time and there wasn't enough rainfall to support the saplings, the head of the country's agriculture and forestry trade union told the paper.

In the past two decades, mass tree-planting campaigns like this one have gained popularity as a salve for many of our modern woes, from climate change to the extinction crisis. Companies and billionaires love these kinds of initiatives. So do politicians. [...] There's just one problem: These campaigns often don't work, and sometimes they can even fuel deforestation. In one recent study in the journal Nature, for example, researchers examined long-term restoration efforts in northern India, a country that has invested huge amounts of money into planting over the last 50 years. The authors found "no evidence" that planting offered substantial climate benefits or supported the livelihoods of local communities.

The study is among the most comprehensive analyses of restoration projects to date, but it's just one example in a litany of failed campaigns that call into question the value of big tree-planting initiatives. Often, the allure of bold targets obscures the challenges involved in seeing them through, and the underlying forces that destroy ecosystems in the first place. Instead of focusing on planting huge numbers of trees, experts told Vox, we should focus on growing trees for the long haul, protecting and restoring ecosystems beyond just forests, and empowering the local communities that are best positioned to care for them. In the past three decades, the number of tree-planting organizations has skyrocketed, growing nearly threefold in the tropics alone. So have global drives: Today, there are no fewer than three campaigns focused on planting 1 trillion trees, including the World Economic Forum's (WEF) One Trillion Trees Initiative, which launched in 2020.

The Guardian reports on "a new breed of scambaiters...taking over TikTok and YouTube."

And one of them has more than 1.5 million followers across both video platforms. "Three to four days a week, for one or two hours at a time, Rosie Okumura, 35, telephones thieves and messes with their minds," reports the Guardian: For the past two years, the LA-based voice actor has run a sort of reverse call centre, deliberately ringing the people most of us hang up on — scammers who pose as tax agencies or tech-support companies or inform you that you've recently been in a car accident you somehow don't recall. When Okumura gets a scammer on the line, she will pretend to be an old lady, or a six-year-old girl, or do an uncanny impression of Apple's virtual assistant Siri. Once, she successfully fooled a fake customer service representative into believing that she was Britney Spears. "I waste their time," she explains, "and now they're not stealing from someone's grandma...."

Batman became Batman to avenge the death of his parents; Okumura became a scambaiter after her mum was scammed out of $500... Thankfully, the bank was able to stop the money leaving her mother's account, but Okumura wanted more than just a refund. She asked her mum to give her the number she'd called and called it herself, spending an hour and 45 minutes wasting the scammer's time. "My computer's giving me the worst vibes," she began in Kim Kardashian's voice. "Are you in front of your computer right now?" asked the scammer. "Yeah, well it's in front of me, is that... that's like the same thing?" Okumura put the video on YouTube and since then has made over 200 more videos, through which she earns regular advertising revenue (she also takes sponsorships directly from companies).

"A lot of it is entertainment — it's funny, it's fun to do, it makes people happy," she says when asked why she scambaits. "But I also get a few emails a day saying, 'Oh, thank you so much, if it weren't for that video, I would've lost $1,500.'" Okumura isn't naive — she knows she can't stop people scamming, but she hopes to stop people falling for scams. "I think just educating people and preventing it from happening in the first place is easier than trying to get all the scammers put in jail...."
The Guardian also describes Jim Browning, a Northern Irish YouTuber with nearly 3.5 million subscribers who's been posting scambaiting videos for seven years. "Browning regularly gets access to scammers' computers and has even managed to hack into the closed-circuit TV footage of call centres in order to identify individuals. He then passes this information to the 'relevant authorities' including the police, money-processing firms and internet service providers...."

And they also tell the story of an American software engineer who joined with friends to convince a scammer he'd been offered a high-paying job — only to end up stranded in Laos after paying for a 600-miles flight.

"He was crying... that was the one where I was like, 'Ah, maybe I'm taking things a little too far.'"

"New Zealand's central bank is exploring the possibility of issuing a digital currency, saying the benefits it would bring include its potential use as a monetary policy tool," reports Bloomberg. The central bank cites "the declining use, acceptance and availability of cash in New Zealand, and emerging innovations in private money, namely stablecoins." While developing a central bank digital currency would require long lead times given the complexities and involve a multi-stage approach, the Royal Bank of New Zealand (RBNZ) said it broadly favors the idea. A digital currency should support the New Zealand dollar "as our single unit of account" and be exchanged 1-for-1 with cash, it said, adding "cash is here to stay for as long as some of us need it."

The RBNZ said a digital currency would support the value anchor role of central bank money by:

- Providing individuals and businesses with the option of converting privately issued money into a digital form of central bank money, ensuring the long-term convertibility of private money into central bank money

- Improving the technological form of central bank money to ensure it remains relevant in a digital future

- Providing an additional monetary policy tool by it being either issued to provide monetary stimulus, or interest bearing....

Other central banks around the world, including the European Central Bank, are also exploring the possibility of issuing a digital currency.

An Iowa data scientist with a computer engineering degree and a Harvard MBA has come forward as the whistleblower leaking damaging information about Facebook to the Wall Street Journal — and that's just the beginning. They've now also filed at least eight complaints with America's Securities and Exchange Commission, "which has broad oversight over financial markets and has the power to bring charges against companies suspected of misleading investors," reports the Washington Post. To buttress the complaints, the whistleblower secretly copied "tens of thousands" of pages of internal Facebook research, according to a report tonight on the CBS News show 60 Minutes, which summarizes her ultimate conclusion: "that the company is lying to the public about making significant progress against hate, violence and misinformation.

"One study she found from this year says 'We estimate that we may action as little as 3 to 5% of hate, and about 0.6% of violence and incitement on Facebook. Despite being the best in the world at it." Another internal Facebook document admits point-blank that "We have evidence from a variety of sources that hate speech, divisive political speech and misinformation on Facebook and the family of apps are affecting societies around the world."

60 Minutes points out that Facebook "has 2.8 billion users, which is 60% of all internet-connected people on Earth."

[Whistleblower Frances] Haugen told us the root of Facebook's problem is in a change that it made in 2018 to its algorithms — the programming that decides what you see on your Facebook news feed... "One of the consequences of how Facebook is picking out that content today is it is optimizing for content that gets engagement, or reaction. But its own research is showing that content that is hateful, that is divisive, that is polarizing, it's easier to inspire people to anger than it is to other emotions... Facebook has realized that if they change the algorithm to be safer, people will spend less time on the site, they'll click on less ads, they'll make less money."
60 Minutes reports that Facebook was even contacted by "major political parties across Europe," according to leaked internal documents which say the parties specifically complained that a change Facebook's algorithm "has forced them to skew negative in their communications on Facebook... leading them into more extreme policy positions." (Or, as 60 Minutes puts it, "The European political parties were essentially saying to Facebook the way you've written your algorithm is changing the way we lead our countries." The whistleblower sees their position as "You are forcing us to take positions that we don't like, that we know are bad for society. We know if we don't take those positions, we won't win in the marketplace of social media." Haugen says Facebook understood the danger to the 2020 Election. So, it turned on safety systems to reduce misinformation — but many of those changes, she says, were temporary. "And as soon as the election was over, they turned them back off or they changed the settings back to what they were before, to prioritize growth over safety. And that really feels like a betrayal of democracy to me." Facebook says some of the safety systems remained. But, after the election, Facebook was used by some to organize the January 6th insurrection....

After the attack, Facebook employees raged on an internal message board copied by Haugen. "...Haven't we had enough time to figure out how to manage discourse without enabling violence?"
The whistleblower will now appear Tuesday before a U.S. Senate Commerce consumer protection subcommittee — and has already shared some of their documents with Congressional offices probing Facebook, according to the Washington Post. "It's important because Big Tech is at an inflection point," the whistleblower's lawyer tells the newspaper. They argue that ultimately Big Tech "touches every aspect of our lives — whether it's individuals personally or democratic institutions globally. With such far reaching consequences, transparency is critical to oversight.

"And lawful whistleblowing is a critical component of oversight and holding companies accountable."

"Cyber criminals using a ransomware-as-a-service scheme have been spotted complaining that the group they rent the malware from could be using a hidden backdoor to grab ransom payments for themselves," reports ZDNet: REvil is one of the most notorious and most common forms of ransomware around and has been responsible for several major incidents. The group behind REvil lease their ransomware out to other crooks in exchange for a cut of the profits these affiliates make by extorting Bitcoin payments in exchange for the ransomware decryption keys that the victims need. But it seems that cut isn't enough for those behind REvil: it was recently disclosed that there's a secret backdoor coded into their product, which allows REvil to restore the encrypted files without the involvement of the affiliate. This could allow REvil to takeover negotiations with victims, hijack the so-called "customer support" chats — and steal the ransom payments for themselves.

Analysis of underground forums by cybersecurity researchers at Flashpoint suggests that the disclosure of the REvil backdoor hasn't gone down well with affiliates. One forum user claimed to have had suspicions of REvil's tactics, and said their own plans to extort $7 million from a victim was abruptly ended. They believe that one of the REvil authors took over the negotiations using the backdoor and made off with the money.

Bleeping Computer has an update on the unique predicament of Compound, "an Ethereum-based money market protocol that enables users to earn interest or borrow assets against collateral." (Which "Due to an erroneous upgrade process, the decentralized finance platform ended up spilling out Ethereum assets worth $90 million to its users...") Compound's founder Robert Leshner urged users who received these Compound tokens in error to return the assets to the platform's Timelock contract. To incentivize users, Leshner stated that for their "white-hat" behaviour they may keep 10% as a reward. "Otherwise, it's being reported as income to the IRS, and most of you are doxxed," threatened the founder in the same tweet... Realizing that the original wording of his tweet may not have sat well with many, Leshner revised his tone:

"I'm trying to do anything I can to help the community get some of its COMP back, and this was a bone-headed tweet / approach. That's on me," said Leshner. "Luckily, the community is much bigger, and smarter, than just me. I appreciate your ridicule and support...."

Because the Compound protocol requires a seven-day governance process before any production changes can be made, Compound's only option at this time is to wait on users, hoping they will return the assets.
CoinDesk reported Friday afternoon that "So far, two users have returned a total of 37,493 COMP tokens worth over $12 million at the time of writing." But on Saturday Leshner was tweeting out more thank-you's to additional white-hat users "returning COMP to the community." In an interview with CoinDesk, Leshner said the moral dilemma can be split roughly into two camps. "There's a lot of members of the community that view protocols like Compound as benefitting the entire ecosystem," he said. "And there are some users that don't necessarily care. The builder mindset is, 'This adds value, this is crucially important,' and the trader mindset is 'Money is money,' and that's the only ethos of crypto."

He went on: "I'm personally hopeful users will return funds to the community. It's not my property, it's not their property, it's the community's property...."
One suggestion from Twitter? "The first 5 people to return COMP get 1/5 pieces of Leshner NFT that can be combined Exodia style to summon Robert in real life." "This idea is crazy, and I'm in," Leshner tweeted, adding later that "Anyone who returns COMP to the community is an alien giga-chad; and if a squad of alien giga-chads ever summon me, I will appear."

Leshner told CoinDesk: "I want to hear other people's views on this, because it's not my decision," he said. "This is a decision every user has to make themselves, and I think most of them are taking the view of, 'Haha, f**k you guys, it's your problem.'"

Miami is a city "that unblushingly loves rule-breaking and money," according to a new article in New York magazine, wondering whether Miami could ever really replace Silicon Valley as "a more natural home — and maybe even an accelerant — for the next generation of disruption fiends." On December 4, Delian Asparouhov, a venture capitalist in San Francisco, posted, "ok guys hear me out, what if we move silicon valley to Miami," and Miami mayor Francis Suarez, lying in bed at home in Coconut Grove, replied, "How can I help...?" Ever since, Suarez has been on a mission to rebrand Miami — long a place to spend money, rather than earn it — as a haven for founders who feel underappreciated in more calcified urban climes. He bought (with money from a venture capitalist) billboards in San Francisco featuring his Twitter handle and an invitation to "DM me." As he put it, "I saw the tsunami coming, got out my surfboard, and started paddling."

The flood of new Miamians who have arrived, full or part time, during the pandemic includes tech investors (Peter Thiel, David Sacks), cryptocurrency bulls (Anthony Pompliano, Ari Paul), new-media tycoons (Bryan Goldberg, Dave Portnoy), start-up founders (Alexandra Wilkis Wilson, Steven Galanis), and many more who aren't yet billionaires but think the Magic City will give them their best shot... The boom is visible in the city's crane-spiked skyline, too, with deals for Spotify, Microsoft, Apple, and TikTok either signed or in the offing. In greater South Florida, a related incursion by the finance industry — Goldman Sachs, Citadel, Elliott — is in full swing... In July, according to Redfin, Miami was the top migration destination for home buyers in the U.S., while San Francisco had the largest homeowner exodus. Suarez told me about a playful text he recently received from the mayor there, London Breed: "Stop stealing my techies." He says he replied, "Sorry, London, I love you, but no."

Already, Suarez has made gains in turning Miami into the most cryptocurrency-friendly city in the U.S. In the past six months, the world's largest bitcoin conference happened here; a crypto exchange called FTX paid $135 million for the naming rights to the NBA arena (edging out the hometown porn studio BangBros); and a city-sanctioned currency called MiamiCoin debuted, generating millions in fees for municipal coffers. Suarez also accepts campaign contributions in bitcoin. He's running for reelection this November and looks certain to win, thanks in part to hefty donations and cheerleading from Silicon Valley eminences...

The tech case for Miami isn't wholly persuasive. (The most notable local start-up is a company that sells kibble.) But it is infectious.
The article notes, for example, that "For all his enthusiasm, Suarez acknowledges that a robust tech ecosystem needs one thing he can't simply market into existence: a standout university" (with a world-class engineering department to fuel startups). Suarez's solution appears to be offering Miami land parcels to Florida Polytechnic University for a possible satellite campus teaching DeFi/crypto/blockchain/NFT technologies.

The article also points out the possibility of global warming-induced hurricanes and rising sea levels, the city's widening income gap and rising cost of living, and Miami's record number of pediatric-ICU COVID admissions.

Netflix's co-CEO revealed a list Monday showing its top shows and movies of all-time, reports NBC News. The list revealed that the 19th-century drama Bridgerton "was its most watched TV series ever, with 82 million subscribers tuning in for at least two minutes in its first 28 days on the service..." French series "Lupin: Part 1" and season one of "The Witcher," a fantasy series starring Henry Cavill, tied for second on the list, with 76 million accounts.

Among movies, the action film Extraction earned the No. 1 spot. The film about a captured CIA agent was watched by 99 million accounts in the first 28 days, Netflix said. Bird Box, a post-apocalyptic horror film, and the action-comedy Spenser Confidential were the second- and third-most popular films, according to the company.

All the films and series on the list were Netflix originals.
Using a different metric — which shows attracted the most hours of actual viewing time — Bridgerton still came in #1 for TV shows, followed by "Money Heist: Part 4" and "Stranger Things Season 3."

And the top three movies (based on hours of viewing) were Bird Box, Extraction, and Martin Scorsese's The Irishman.

The American media company Ozy "boasted of a large audience for its general interest website, its newsletters and its videos," remembers the New York Times, calling it "a Gen X dream of what millennial media ought to be: earnest, policy-focused, inclusive, slickly sans-serif." Ozy was founded in 2013 with seed funding from Laurene Powell Jobs, followed by further investments that by 2020 were over $83 million (according to the data service PitchBook).

But the Times reports that something strange happened last winter while Ozy was pursuing a $40 million investment from Goldman Sachs: Ozy said it had a great relationship with YouTube, where many of its videos attracted more than a million views... That's what the Zoom videoconference on February 2 that Ozy arranged between the Goldman Sachs asset management division and YouTube was supposed to be about. The scheduled participants included Alex Piper, the head of unscripted programming for YouTube Originals.

He was running late and apologized to the Goldman Sachs team, saying he'd had trouble logging onto Zoom, and he suggested that the meeting be moved to a conference call, according to four people who were briefed on the meeting, all of whom spoke on the condition of anonymity to reveal details of a private discussion. Once everyone had made the switch to an old-fashioned conference call, the guest told the bankers what they had been wanting to hear: that Ozy was a great success on YouTube, racking up significant views and ad dollars, and that [CEO/co-founder Carlos] Watson was as good a leader as he seemed to be. As he spoke, however, the man's voice began to sound strange to the Goldman Sachs team, as though it might have been digitally altered, the four people said.

After the meeting, someone on the Goldman Sachs side reached out to Mr. Piper, not through the Gmail address that Mr. Watson had provided before the meeting, but through Mr. Piper's assistant at YouTube. That's when things got weird. A confused Mr. Piper told the Goldman Sachs investor that he had never spoken with her before. Someone else, it seemed, had been playing the part of Mr. Piper on the call with Ozy.
Four people told the Times that CEO Watson later said the voice on the call belonged to Ozy co-founder/chief operating officer Samir Rao and attributed the incident to a temporary mental health crisis. Ozy's chairman of the board called it "an unfortunate one-time event." But in addition the site's editor-at-large — who was fired earlier this year — says Ozy's claims of 50 million unique users a month "seemed high," according to the Times: In 2017, BuzzFeed News reported that Ozy had been among the publishers buying web traffic from "low-quality sources," companies using systems that caused articles to pop open under a reader's browser without the reader's knowledge. Ozy said it had been buying the traffic to build its email lists and had not billed advertisers for those views... Ozy doesn't rely on standard measurements of traffic, but the best known service, Comscore, shows nothing close to the company's public claims. According to Comscore, Ozy reached nearly 2.5 million people during some months in 2018, but only 230,000 people in June 2021 and 479,000 in July.

Mr. Watson called the Comscore numbers "incomplete," noting they don't include impressions on platforms ranging from social media to television and podcasts.
The Times' story "triggered canceled shows, an internal investigation, investor concern and high-level departures at the company," ABC News reported Friday. And the same day the Times delivered one more update — that Ozy was shutting down: In an article in The Times on Thursday, Brad Bessey, an Emmy-winning executive producer, and Heidi Clements, a longtime TV writer, said Ozy executives had misled them while they were working on "The Carlos Watson Show," Mr. Watson's talk show, for the company. Specifically, they said, executives told them that the show would appear on the cable network A&E. Mr. Bessey resigned when he learned there was no such deal in place, and the show ended up appearing on YouTube and the Ozy website.

Also this week: Advertisers including Chevrolet, Walmart, Facebook, Target and Goldman Sachs itself — many of which had been paying for placement on "The Carlos Watson Show" — hit the brakes on their spending with Ozy. By Friday afternoon, Mr. Watson and the other remaining board member, Michael Moe (another high-profile investment figure, who had published a book called "Finding the Next Starbucks"), concluded that the company could not recover and issued the farewell statement through a spokeswoman....

The Ozy staff received the news that the company was no more on Friday afternoon.

In a statement released Thursday, Scarlett Johansson said she has resolved her legal dispute with Disney. "I am happy to have resolved our differences with Disney," said Johansson. "I'm incredibly proud of the work we've done together over the years and have greatly enjoyed my creative relationship with the team. I look forward to continuing our collaboration in years to come." The movie star filed the lawsuit against Disney in late July, alleging her contract was breached when the media giant released "Black Widow" on its Disney+ streaming service at the same time as its theatrical debut, thus negatively impacting her salary that was based in large part on the box-office performance of the film. Deadline reports: Unlike in their vitriolic filings and their shaming PR statements over the past few, Marvel-owner Disney had nothing but love today for the actor who brought Natasha Romanoff to life for them in nearly 10 separate films. I'm very pleased that we have been able to come to a mutual agreement with Scarlett Johansson regarding Black Widow, said Alan Bergman, Chairman, Disney Studios Content. "We appreciate her contributions to the Marvel Cinematic Universe and look forward to working together on a number of upcoming projects, including Disney's Tower of Terror."

As is almost always the case in cases like this, neither side gave any indication of how much money was involved in the settlement. However, when all is said and done, the deal will run to more than $40 million, sources tell me. Accordingly, the funds will not be paid by Disney in a single lump sum, if you pick up the creative accounting I'm putting down.

Apple, Google, Sony, Zoom, PayPal and several other tech companies as well as scores of banks have cautioned customers and partners in India to expect a surge in declined transactions as the world's second-largest internet market's central bank enforces a new directive for the way recurring payments are processed in the country. From a report: The Reserve Bank of India's directive, which goes into effect on Friday, requires banks, financial institutions and payment gateways to obtain additional approval for auto-renewables transactions worth over 5,000 Indian rupees ($67) from users by conducting notifications, e-mandates and Additional Factors of Authentication (AFA). The directive impacts all such transactions for debit cards as well as credit cards. The Reserve Bank of India said in the original circular in 2019, that the framework was designed to serve as "a risk mitigant and customer facilitation measure," adding that the issuer processing such transactions "shall send a pre-transaction notification to the customer, at least 24 hours prior to the actual charge by SMS or email, as per the customer's preferences."

Google is abandoning plans to pitch bank accounts to its users, marking a retreat from an effort to make the tech giant a bigger name in finance. The Wall Street Journal: The Alphabet unit announced almost two years ago that users of its Google Pay digital wallet would be able to sign up for enhanced checking accounts and debit cards at a handful of financial institutions large and small, including Citigroup and Stanford Federal Credit Union. The new offerings, called Plex accounts, would sync with Google Pay, carry both Google and bank branding and provide a digital dashboard of where and how users spent and saved. Plex was billed as a new way to bank, with an emphasis on simplicity and financial wellness and without monthly or overdraft fees.

The project was initially expected to debut in 2020. A series of missed deadlines, along with the April departure of the Google Pay executive who championed the project, prompted Google to pull the plug on Plex, people familiar with the matter said. A Google spokeswoman said the company would now focus primarily on "delivering digital enablement for banks and other financial services providers rather than us serving as the provider of these services."

phalse phace writes: Robert Leshner, the founder of Compound Labs, just sent out a tweet pleading its users to return the $90.1 million in COMP tokens it accidentally deposited to user accounts.

Users of the popular DeFi staking protocol received the platform's crypto tokens after a system upgrade went epically wrong. As an incentive, Leshner told users to "keep 10% as a white-hat. Otherwise, it's being reported as income to the IRS, and most of you are doxxed."

In another tweet Leshner explains what happened: "A few hours ago, Proposal 62 went into effect, updating the Comptroller contract, which distributes COMP to users of the protocol. The new Comptroller contract contains a bug, causing some users to receive far too much COMP. All supplied assets, borrowed assets, and positions are completely unaffected. Users don't have to worry about their funds; the only risk is that you (or another user) receives an unfairly large quantity of COMP."

A new report finds that some of the country's most powerful utilities raked in millions of dollars in taxpayer bailout funds last year -- while continuing to shut off service for households across the U.S. during the pandemic. Gizmodo: The report, released Thursday from the Center for Biological Diversity and BailoutWatch, takes a look at states with publicly available data on utility shutoffs. In the 17 states where there was available data on shutoffs, the report found that the 16 utilities operating in those states cut off electric services for their customers nearly 1 million times between February 2020 and June 2021. (For some context on shutoffs during a normal, non-pandemic year, the U.S. Census found that 1.2 million households in 50 states reported experiencing shutoffs within a three-month period of taking the survey in 2017, the latest Census Bureau data available on disconnections.)

The offenses here are not shared by the utility industry equally; there are especially bad actors. The report highlights six utilities that were responsible for a jaw-dropping 94% of all shutoffs last year. NextEra, Duke Energy, Southern Company, Dominion Energy, Exelon, and DTE Energy make up what the authors call a "Hall of Shame." NextEra alone, the report found, accounted for more than half of all shutoffs. The analysis also examined financial documents, including proxy statements filed with the Securities and Exchange Commission before a company's shareholder meeting, to calculate how much money these 16 utilities received from the government as part of relief efforts during the pandemic. The CARES Act was originally designed to help struggling businesses pay workers, but utilities took advantage of corporate loopholes within the act that changed how big businesses could report taxes. (The CARES Act also disproportionately benefited oil and gas producers: BailoutWatch, one of the authors of this report, has also used financial documents to show how oil companies laid off thousands of people and yet still gave their CEOs raises during the pandemic, all the while taking handouts from the government.)

Security researchers have found a massive malware operation that has infected more than 10 million Android smartphones across more than 70 countries since at least November 2020 and is making millions of dollars for its operators on a monthly basis. The Record reports: Discovered by mobile security firm Zimperium, the new GriftHorse malware has been distributed via benign-looking apps uploaded on the official Google Play Store and on third-party Android app stores. If users install any of these malicious apps, GriftHorse starts peppering users with popups and notifications that offer various prizes and special offers. Users who tap on these notifications are redirected to an online page where they are asked to confirm their phone number in order to access the offer. But, in reality, users are subscribing themselves to premium SMS services that charge over $35 per month, money that are later redirected into the GriftHorse operators' pockets.

Zimperium researchers Aazim Yaswant & Nipun Gupta, who have been tracking the GriftHorse malware for months, described it as "one of the most widespread campaigns the zLabs threat research team has witnessed in 2021." Based on what they've seen until now, the researchers estimated that the GriftHorse gang is currently making between $1.5 million to $4 million per month from their scheme.

An anonymous reader shares a report from Daring Fireball, written by John Gruber: Chaim Gartenberg, writing for The Verge, "The Lightning Port Isn't About Convenience; It's About Control": "Notably absent from Apple's argument, though, is the fact that cutting out a Lightning port on an iPhone wouldn't just create more e-waste (if you buy Apple's logic) or inconvenience its customers. It also means that Apple would lose out on the revenue it makes from every Lightning cable and accessory that works with the iPhone, Apple-made or not -- along with the control it has over what kinds of hardware does (or doesn't) get to exist for the iPhone and which companies get to make them. Apple's MFi program means that if you want to plug anything into an iPhone, be it charger or adapter or accessory, you have to go through Apple. And Apple takes a cut of every one of those devices, too." Gartenberg summarizes a commonly-held theory here: that Apple is sticking with its proprietary Lightning port on iPhones because they profit from MFi peripherals. That it's a money grab.

I don't think this is the case at all. Apple is happy to keep the money it earns from MFi, of course. And they're glad to have control over all iPhone peripherals. But I don't think there's serious money in that. It's loose-change-under-the-couch-cushion revenue by Apple's astonishingly high standards. How many normal people do you know who ever buy anything that plugs into a Lightning port other than a USB cable? And Apple doesn't make more money selling their own (admittedly overpriced) Lightning cables to iPhone owners than they do selling their own (also overpriced) USB-C cables to iPad Pro and MacBook owners. My theory is that Apple carefully weighs the pros and cons for each port on each device it makes, and chooses the technologies for those ports that it thinks makes for the best product for the most people. "What makes sense for the goals of this product that we will ship in three years? And then the subsequent models for the years after that?" Those are the questions Apple product designers ask.

The sub-head on Gartenberg's piece is "The iPhone doesn't have USB-C for a reason". Putting that in the singular does not do justice to the complexity of such decisions. There are numerous reasons that the iPhones 13 still use Lightning -- and there are numerous reasons why switching to USB-C would make sense. The pro-USB-C crowd, to me, often comes across as ideological. I'm not accusing Gartenberg of this -- though it is his piece with the sub-head claiming there's "a" singular reason -- but many iPhones-should-definitely-use-USB-C proponents argue as though there are no good reasons for the iPhone to continue using Lightning. That's nonsense. To be clear, I'm neither pro-Lightning nor pro-USB-C. I see the trade-offs. If the iPhones 13 had switched to USB-C, I wouldn't have complained. But I didn't complain about them not switching, either. You'll note that in none of my reviews of iPad models that have switched from Lightning to USB-C in recent years have I complained about the switch. Apple, to my eyes, has been managing this well. But, if the iPhones 13 had switched to USB-C, you know who would have complained? Hundreds of millions of existing iPhone users who have no interest in replacing the Lightning cables and docks they already own. "In 15 generations of iPhones, Apple has changed the connector once. And that one time was a clear win in every single regard," adds Gruber. "Changing from Lightning to USB-C is not so clearly an upgrade at all. It's a sidestep."

Regardless of which side you take on this debate, it's inevitable that Apple iPhones will adopt USB-C. Last week, the executive arm of the European Union, the European Commission, announced plans to force smartphone and other electronics manufacturers to fit a common USB-C charging port on their devices. The rules are intended to cut down on electronic waste by allowing people to re-use existing chargers and cables when they buy new electronics. Unless Apple plans to skip out on the European market or pay a potentially steep fine for refusing to adopt the port, they'll likely give into the pressure and release a USB-C-equipped iPhone by the time this law goes into effect in late 2023 or 2024.

Tesla's Big Battery, located in southern Australia, just got hit with a federal lawsuit for failing to provide the crucial grid support it once promised it could. Motherboard reports: Built by Tesla in 2017, the 150-megawatt battery supplies 189 megawatt-hours of storage and was designed to support the grid when it becomes overloaded. Now operated by French renewable energy producer Neoen, it supplies storage for the adjacent Hornsdale wind farm, using clean energy to fill gaps that coal power leaves behind. It made waves at the time of its construction for being the largest lithium-ion battery in the world -- though it's now been superseded by another Tesla battery, the 300-megawatt Victorian Big Battery, also in Australia, which caught fire in July. On Wednesday, the Australian Energy Regulator (AER), the body that oversees the country's wholesale electricity and gas markets, announced it had filed a federal lawsuit against the Hornsdale Power Reserve (HPR) -- the energy storage system that owns the Tesla battery -- for failing to provide "frequency control ancillary services" numerous times over the course of four months in the summer and fall of 2019. In other words, the battery was supposed to supply grid backup when a primary power source, like a coal plant, fails.

The HPR's alleged pattern of failures was first brought to light during a disruption to a nearby coal plant in 2019, according to the regulator. When the nearby Queensland's Kogan Creek power station tripped on October 9, 2019, the HPR was called on to offer grid backup, having made offers to the Australian Energy Market Operator (AEMO) to do so. But the power reserve failed to provide the level of grid support that AEMO expected, and, in fact, was never able to do so in the first place, the lawsuit alleges, despite making money off of offering them. Though HPR did step in eventually, and no outages were recorded, the incident spurred investigation into a number of similar failures over the course of July to November 2019. The reserve's failure to support the grid in the way it promised created "a risk to power system security and stability," a press release on the lawsuit says.

According to the SEC, Robinhood CEO Vlad Tenev unwittingly inspired brokerages to engage in a scheme involving illegal wash trading, or trading with yourself. An anonymous reader shares the report from Bloomberg: The SEC accused Suyun Gu and Yong Lee of improperly pocketing more than $1 million of rebates from stock exchanges from February through April, after placing thousands of options trades for hot shares like GameStop, AMC , BlackBerry and Nokia. The U.S. equity market, including the related options business, is built atop a system known as maker-taker. Traders who submit orders that sit on an exchange's public order book are, in many cases, paid a "maker" rebate -- an incentive designed to attract more liquidity. Those who trade against those resting orders are charged a "taker" fee. Gu, who lives in Miami, and Lee, a resident of Torrance, California, placed the first part of their trades through a broker based in Greenwich, Connecticut and another in Morristown, New Jersey, that pass along the maker rebates to their clients, according to the SEC's complaint. They targeted out-of-the-money puts for their resting orders, investments that others were unlikely to trade against because the holdings offered little opportunity to make money -- barring something nefarious. Gu, 35, and Lee, 37, then traded against their own orders through accounts they opened at brokers including Robinhood, which doesn't pass along "taker" fees to customers. In summary, their profits came from collecting maker rebates without having to pay taker fees. Gu executed approximately 11,430 wash trades, pocketing $668,671, according to the SEC. For Lee, it was 2,360 wash trades and $51,334 of profits, the regulator said.

The SEC didn't name Tenev or Robinhood. Instead, the agency refers to a "Broker-dealer B" based in Menlo Park, California. The SEC complaint adds that the firm's CEO appeared before the House Financial Services Committee on Feb. 18, where he said the firm "pioneered commission free and zero contract fee options trading." For Tenev, that day was a grueling five-hour ordeal. He faced dozens of probing questions from lawmakers, who accused Robinhood of turning the stock market into a casino while failing to protect retail investors amid the frenzied run-up of GameStop and other stocks. But Gu heard opportunity, according to the SEC. The former trade-system developer who had worked at several financial firms concluded from Tenev's testimony that Robinhood didn't charge its customers "take fees," the agency said. Gu's friend, Lee, joined in the scheme, according to the SEC. While Gu is contesting the regulator's claims, Lee agreed to pay a $25,000 fine and about $52,000 in disgorgement and interest without admitting or denying wrongdoing. The SEC added that its investigation didn't initially prompt Gu to stop breaking the law.