Yazılar

Rogue Communication Devices Found in Chinese Solar Inverters Spark Global Security Alarm

/in /tarafından

U.S. energy officials are reevaluating the national security risks posed by Chinese-made power inverters after uncovering unexplained communication components inside devices used in critical infrastructure across the U.S., according to multiple sources with knowledge of the matter.

These undocumented modules, such as cellular radios, were discovered in inverters and batteries produced by Chinese manufacturers, raising concerns that firewalls could be bypassed, allowing remote manipulation or shutdowns of energy systems — with potentially catastrophic consequences for power grids.

That effectively means there is a built-in way to physically destroy the grid,” one expert warned.

What Are Inverters and Why This Matters

Inverters are vital for connecting solar panels, batteries, heat pumps, and EV chargers to the power grid. Most are produced in China and designed to allow remote updates, but are expected to be firewalled from foreign access. The recent discovery, however, suggests that some Chinese models include hidden communications hardware, not disclosed in product documentation.

Implications for National Security and Grid Stability

  • Disruption risk: Experts warn that coordinated manipulation of these devices could trigger blackouts, grid damage, or widespread energy instability.

  • Huawei, the world’s leading inverter manufacturer, left the U.S. market in 2019 but dominates globally, especially in Europe.

  • Over 200 GW of European solar power is linked to Chinese inverters, equivalent to more than 200 nuclear plants.

If you remotely control a large enough number of home solar inverters… that could have catastrophic implications,” said Uri Sadot of SolarEdge.

Government and Industry Response

  • The U.S. Department of Energy (DOE) acknowledged the challenge of ensuring manufacturers disclose full functionality. It is working to enhance transparency via Software Bill of Materials (SBOM) policies and contractual safeguards.

  • The U.S. Senate is considering the Decoupling from Foreign Adversarial Battery Dependence Act, targeting Chinese firms like CATL, BYD, Envision Energy, and others from 2027 onward.

  • Utilities such as Florida Power & Light are already seeking to reduce their reliance on Chinese inverter components.

  • Lithuania, Estonia, and Britain have also begun reassessing or restricting the use of Chinese inverters, with NATO warning that China’s influence over infrastructure is a growing threat.

The CCP stops at nothing to target our sensitive infrastructure,” said U.S. Representative August Pfluger.

Recent Incidents and Commercial Fallout

  • In November 2024, some inverters were reportedly disabled remotely from China, triggering internal industry disputes and heightened U.S. government scrutiny.

  • A commercial conflict between Sol-Ark and Deye ensued, with Sol-Ark confirming it had no control over affected devices not bearing its brand.

  • Chinese firms Huawei, Deye, and others declined to comment.

As the solar and renewable energy sector expands, experts are calling for urgent reforms to ensure hardware used in critical infrastructure is trusted, secure, and transparentechoing the regulatory efforts already in place in sectors like telecom and semiconductors.

Star Health Hacker Claims Responsibility for Death Threats and Bullet Packages Sent to Executives

/in /tarafından

The hacker known as xenZen”, who last year leaked sensitive data from Star Health and Allied Insurance CompanyIndia’s largest health insurer—has claimed responsibility for sending death threats and bullet cartridges to the company’s top executives, according to a March 31 email obtained by Reuters.

In a chilling escalation, xenZen said the threats were a direct reprisal for the insurer’s alleged denial of medical claims to customers. The packages, reportedly sent in February to Star Health’s headquarters in Chennai, Tamil Nadu, were addressed to CEO Anand Roy and CFO Nilesh Kambli. Inside, a note warned:

next one will go in ur and ur peoples head. tik tik tik.”

Reuters reviewed photographs included in the hacker’s email that appear to show the threatening packages. While the news agency has not independently verified the hacker’s identity or the full accuracy of the information provided, three Indian police sources confirmed that a criminal investigation is underway. According to one source, a man in the neighboring state of Telangana has been arrested for allegedly facilitating the delivery of the packages.

Star Health declined to comment in detail, citing an “ongoing, highly sensitive criminal investigation.” CFO Kambli directed inquiries to the company’s PR team, and CEO Roy did not respond to calls for comment.

The case adds to growing concerns over executive security in the healthcare industry, especially after the murder of UnitedHealthcare CEO Brian Thompson in December — an incident that reportedly inspired xenZen’s threats.

Last year, the hacker leaked what they claimed was 7.24 terabytes of personal data related to over 31 million customers, including medical reports and insurance details. Star Health confirmed the data breach, which followed a ransom demand of $68,000. The company has since launched legal action against xenZen and Telegram, which was used to distribute the stolen data via chatbots. Those bots have since been removed.

In the latest email, xenZen claimed the threats followed requests from disgruntled customers who alleged their valid claims had been denied despite having coverage. Star Health has not responded to these specific allegations.

As the case unfolds, the incident raises urgent questions about data security, corporate accountability, and the physical safety of executives in an era where cyberattacks increasingly blur into real-world consequences.

Ransomware Gang Lockbit Reportedly Hacked in Embarrassing Leak

/in /tarafından

In an ironic twist, Lockbitone of the world’s most notorious ransomware gangs — appears to have fallen victim to a cyberattack of its own, according to security analysts and a rogue message posted on one of the group’s darkweb sites.

On Wednesday, Lockbit’s site was replaced with a taunting message that read:

Don’t do crime. CRIME IS BAD xoxo from Prague
The site also included a link to what appears to be a leaked cache of internal data, potentially containing chats between Lockbit members and their victims.

While Reuters has not independently verified the data, multiple cybersecurity experts have assessed the leak and confirmed its authenticity.

It’s legit,” said Jon DiMaggio, chief security strategist at Analyst1.
Christiaan Beek of Rapid7 noted the leak revealed Lockbit’s indiscriminate targeting — even aggressively pursuing small businesses for minor ransom payouts.
They attack everyone,” he added.

Who hacked Lockbit remains unclear, and some of the group’s associated darkweb infrastructure is currently down, with placeholder messages stating sites will be “working soon.” However, the damage may already be done.

This is not the first time Lockbit has faced disruption. In 2023, U.K. and U.S. authorities, alongside international partners, seized parts of the gang’s infrastructure. At the time, Lockbit quickly resurfaced and defiantly declared,

I cannot be stopped.”
But this latest incident appears more personal — and humiliating.

DiMaggio described the breach as a significant blow to the gang’s operations and credibility:

I think it will hurt them and slow them down.”

Lockbit, once dubbed “the Walmart of ransomwaredue to its prolific activity and reach, now faces a potentially destabilizing turn of events — and an unexpected reminder that even cybercriminals aren’t immune to being hacked.