Matt Burgess (WIRED)
LightNews LightNews
banner
mattburgess1.bsky.social
Matt Burgess (WIRED)
@mattburgess1.bsky.social
28K followers 510 following 330 posts
Security writer @wired.com

Cybercrime, privacy, surveillance, and more.

Signal: mattburgess.20 | Email: matt_burgess@wired.com
Posts Replies Media Videos
mattburgess1.bsky.social
Another affidavit claims there were at least 79 Starlink dishes on the roof of the notorious Tai Chang scam compound.

People trafficked to run scams at Tai Chang have been subject to "rape, torture, and murder," the affidavit says.

(Images include the alleged number of dishes on each building)
Satellite image of Tai Chang scam compound with alleged number of Starlink dishes on the roof of each building Satellite image of Tai Chang scam compound with alleged number of Starlink dishes on the roof of each building
November 14, 2025 at 9:52 PM
mattburgess1.bsky.social
The affidavit says experts analyzed buildings at the Three Pagodas Pass scam compounds and identified at least 26 Starlink satellite dishes on the roofs of buildings
Satellite image from affidavit linked to SpaceX, saying 26 satellites dishses are on the roofs of one cluster of buildings
November 14, 2025 at 9:44 PM
mattburgess1.bsky.social
NEW: The number of phones being searched at the US border just hit another high

- 16,000 devices were searched in the last three months—a record high for a quarter
- 55,000 in the fiscal year 2025 (Oct-Sept)—a yearly record high

Story with @dell.bsky.social here:

www.wired.com/story/cbp-se...
Chart showing the rise in number of phones and electronics being searched at the US border each fiscal year. Chart peaks in 2025 Fiscal Year with 55,000 devices being searched
October 28, 2025 at 3:45 PM
mattburgess1.bsky.social
WIRED's AI package launches today: 17 stories about how AI is changing us and the world we live in, from AI weaponry to what happens when the bubble bursts

Read them all here @wired.com:

www.wired.com/ai-issue/
Hundreds of millions of people use it. Trillions of dollars fuel it. In 2025, the conversation around AI turned from what it could be to what it is: Large language models are now everywhere, in our schools and our homes, on therapist couches and government computers. We feed it our data, and tell it our secrets. The world is collectively engaged in a live experiment, with few controls and almost no regulation; the best-case and the worst-case scenarios all seem to end with our planet being forever transformed. WIRED can’t tell the future, but we can try to make sense of it. Behold: 17 readings from the furthest reaches of the AI age.
October 27, 2025 at 12:18 PM
mattburgess1.bsky.social
SpaceX claims it has “disabled” more than 2,500 Starlink terminals being used around scam compounds in Myanmar.

I believe it’s the first time Starlink has publicly commented on use of its devices at the compounds. (Despite me and many other reporters, and officials, asking it over the last year)
SpaceX complies with local laws in all 150+ markets where @Starlink is licensed to operate. SpaceX continually works to identify violations of our Acceptable Use Policy and applicable law because - as with nearly all consumer electronics and services - the same technology that can provide immense benefits has a risk of misuse. On the rare occasion we identify a violation, we take appropriate action, including working with law enforcement agencies around the world. In Myanmar, for example, SpaceX proactively identified and disabled over 2,500 Starlink Kits in the vicinity of suspected “scam centers”. We are committed to ensuring the service remains a force for good and sustains trust worldwide: both connecting the unconnected and detecting and preventing misuse by bad actors.
October 22, 2025 at 1:21 PM
mattburgess1.bsky.social
OpenAI launched its AI browser yesterday—and of course there's an option where it can access all your browsing history.

More and more these AI platforms—especially agents—want access to all your data to ~personalize~ answers

WIRED story on the Atlas browser here: www.wired.com/story/openai...
Another feature OpenAI highlighted in the livestream is Atlas’ ability to collect “browser memories.” The capability is optional, and is an iteration of ChatGPT’s existing memory tool that stores details about users based on their past interactions with the chatbot. The browser can recall what you searched for in the past and use that data when suggesting topics of interest and actions to take, like automating an online routine it detects or returning back to a website you previously visited that could be helpful for a current project.
October 22, 2025 at 9:46 AM
mattburgess1.bsky.social
Some key points from the US indictment against the Prince Group CEO

— It claims the Group used political influence—including with China's MSS intelligence agency—to protect criminal operations
— There are photos of people allegedly beaten at the scam compounds an image of a phone farm being used
A photo of a "phone farm" where automated call centers used to facilitate cryptocurrency investment fraud and other cybercrimes Photos of allegedly beaten and men working for a Cambodian scam compound
October 14, 2025 at 6:14 PM
mattburgess1.bsky.social
Oh good, ChatGPT is getting "erotica for verified adults" later this year
We made ChatGPT pretty restrictive to make sure we were being careful with mental health issues. We realize this made it less useful/enjoyable to many users who had no mental health problems, but given the seriousness of the issue we wanted to get this right. Now that we have been able to mitigate the serious mental health issues and have new tools, we are going to be able to safely relax the restrictions in most cases. In a few weeks, we plan to put out a new version of ChatGPT that allows people to have a personality that behaves more like what people liked about 4o (we hope it will be better!). If you want your ChatGPT to respond in a very human-like way, or use a ton of emoji, or act like a friend, ChatGPT should do it (but only if you want it, not because we are usage-maxxing). In December, as we roll out age-gating more fully and as part of our “treat adult users like adults” principle, we will allow even more, like erotica for verified adults.
October 14, 2025 at 5:05 PM
mattburgess1.bsky.social
Just, you know, the locations of military ships and Blackhawk helicopters being broadcast unencrypted to the planet...
The researchers’ satellite dish also pulled down a significant collection of unprotected military and law enforcement communications. They obtained, for instance, unencrypted internet communications from US military sea vessels, as well as the vessels’ names. (A spokesperson for the US Defense Information Systems Agency acknowledged WIRED’s request for comment but had not provided a response at the time of writing). For Mexican military and law enforcement, the exposures were far worse: The researchers say they found what appeared to be unencrypted communications with remote command centers, surveillance facilities, and units of the Mexican military and law enforcement. In some cases, they saw the unprotected transmission of sensitive intelligence information on activities like narcotics trafficking. In others, they found military asset tracking and maintenance records for aircraft like Mil Mi-17 and UH-60 Black Hawk helicopters, sea vessels, and armored vehicles, as well as their locations and mission details. “When we started seeing military helicopters, it wasn’t necessarily the sheer volume of data, but the extreme sensitivity of that data that concerned us,” says Schulman. The Mexican military did not immediately respond to WIRED’s requests for comment.
October 14, 2025 at 10:06 AM
mattburgess1.bsky.social
As well as listing possible real-world names, a spreadsheet also lists the "ownership" of the IT worker team as: “Ryonbong”

That's likely referring to defense company Korea Ryonbong General Corporation, which has been linked to North Korea's nuclear and weapons programs for years
Another spreadsheet also lists members as being part of a “unit” called “KUT,” a potential abbreviation of North Korea’s Kim Chaek University of Technology, which has been cited in US government warnings about DPRK-linked IT workers. One column in the spreadsheet also lists “ownership” as “Ryonbong,” likely referring to defense company Korea Ryonbong General Corporation, which has been sanctioned by the US since 2005 and UN since 2009. “The vast majority of them [IT workers] are subordinate to and working on behalf of entities directly involved in the DPRK’s UN-prohibited WMD and ballistic missile programs, as well as its advanced conventional weapons development and trade sectors,” the US Treasury Department said in a May 2022 report.
August 8, 2025 at 3:40 PM
mattburgess1.bsky.social
Image of first portion of letter sent from Senator Margaret Hassan to Elon Musk: Dear Mr. Musk: According to an October 2024 report from the United Nations Office on Drugs and Crime, transnational criminal groups have used Starlink, a satellite internet serviced owned by SpaceX, to facilitate fraud against individuals in the United States.1 The U.S. Treasury Department’s Financial Crimes Enforcement Network has warned that these groups have caused billions of dollars in losses for Americans.2 In addition, since November 2022, the Secret Service has received more than 8,000 complaints related to digital asset scams, many with traces to scam networks in Southeast Asia.3 Given the significant financial consequences for Americans, I write today to request information about SpaceX’s efforts to prevent the misuse of Starlink in transnational fraud. Experts have stated that scam networks in Southeast Asia turn to Starlink for its portability, decentralized infrastructure, and independence from national telecom networks.4 In one example, a Wired investigation found that across eight scam compounds in Myanmar, at least
July 28, 2025 at 2:30 PM
mattburgess1.bsky.social
The UK introduced “robust” age checks for porn and other online content today

Also related: VPN interest massively up in the UK, according to Google Trends

Story with @lhn.bsky.social: www.wired.com/story/the-ag...
Screenshot of WIRED article. Headline: The Age-Checked Internet Has Arrived Starting today, UK adults will have to prove their age to access porn online. Experts warn that a global wave of age-check laws threatens to chill speech and ultimately harm children and adults alike. Screenshot of Google Trends VPN interest for the last 30 days in the UK, showing a large spike in recent days
July 25, 2025 at 11:17 AM
mattburgess1.bsky.social
What are we doing here.

Tesco supermarket AI cameras that make sure you scan items at self-service tills and do a video replay if it detects something wrong

www.independent.co.uk/life-style/f...
This is not science fiction. It’s not the future. It’s your local Tesco. The supermarket giant is now trialling “VAR-style” technology at self-checkouts – a reference to the video assistant referee system used in football – where a bird’s-eye-view, AI-powered camera is mounted above each till, watching you as you scan and pack your items. If the system detects that something hasn’t been scanned correctly, it immediately plays back a short video on the screen showing what happened and prompting you to rescan.
May 30, 2025 at 1:51 PM
mattburgess1.bsky.social
There's a lot going on in that photo

full story: www.wired.com/story/north-...
Barnhart explains that while much is unknown about the photo, it reveals some details about how the group of IT workers operate. One of the men, in the far right corner of the photograph, appears to have WhatsApp messages open on his computer screen, with multiple chats ongoing. Attached to the wall above him is a surveillance camera. “The MSS watches them so they don’t become defectors,” Barnhart says, referring to North Korea’s counterintelligence agency and secret police, the Ministry of State Security. As the men are based out of a small work space, they are likely to be lower down the pecking order of IT workers and will, like their compatriots, also face digital surveillance when they use their computers, he says. Barnhart says software he has seen monitors what the IT workers type and send on their devices. “They hate it,” he says. “It sends flags out to external servers whenever sexual imagery or sexual content is talked about or if Kim Jong Un [is mentioned].” Other researchers have spotted suspected IT workers ending job interviews when asked a variation on the question: “How fat is Kim Jong Un?”
May 14, 2025 at 3:50 PM
mattburgess1.bsky.social
But in their haste, the North Korean IT workers often leave data about their personas exposed

One IT worker can be seen, in this image obtained by DTEX, posing for a portrait.

They then edited the image and used it as part of their false profile and CV

(Screenshot from DTEX report)
Alleged North Korean IT worker, who then manipulated the image to be used in false personas
May 14, 2025 at 3:47 PM
mattburgess1.bsky.social
A group of North Korean watchers, who call themselves the Misfits, has been sharing alleged IT workers on X for the last few weeks.

In one instance, they claim North Koreans interviewed each other for jobs without knowing they were both false personalities

(Screenshots from X)
May 14, 2025 at 3:47 PM
mattburgess1.bsky.social
Meet ‘Naoki Murano’ and ‘Jenson Collins’, the two alleged IT workers who were stationed in Laos and Russia in recent years.

Murano has been linked to a $6 million crypto heist, while Collins has been linked to other revenue generating IT work

(Screenshot from DTEX report)
Figure 2. This image shows two IT workers, personas "Naoki Murano" and "Jenson Collins", who were relocated from Laos to Vladivostok, Russia. Related information has been passed on to the appropriate authorities. Naoki, left, is associated with the DeltaPrime Heist of $6 million USD. Both are suspected to be associated with Chinyong related IT worker efforts.
May 14, 2025 at 3:44 PM
mattburgess1.bsky.social
Tag yourself
A captcha containing what appears to be nine AI-generated cats. The Captcha instruction is to "Click on every animal with both eyes pointed right at you"
April 15, 2025 at 3:55 PM
mattburgess1.bsky.social
Here’s the Huanya compound and also eight other compounds along the Myanmar-Thai border

An analyst who shared data about mobile phone/Starlink use said Starlink had been present in every scam compound they had looked into
Huanya scam compound Starlink logs Locations of Starlink logs at eight scam compounds along the Myanmar-Thailand border
February 27, 2025 at 1:11 PM
mattburgess1.bsky.social
Internet connections are crucial to the operations. They piggyback off cell and fibre from across the Thai border. Increasingly Starlink has been used.

Digital ad industry data shows devices logging thousands of connections in KK Park.

(Dots are total logs by all devices, not individual phones)
Starlink Use at KK Park Scam Compound Each dot represents a mobile phone record of a Starlink connection. At KK Park, 24,000 records from 127 devices were collected between November 2024 and February 2025.
February 27, 2025 at 1:10 PM
mattburgess1.bsky.social
Compounds have appeared in Myanmar, Laos, and Cambodia over the last 5 years. People are trafficked there to run online scams.

Criminal gangs have made billions from pig butchering scams, which has allowed quick expansion.

Here’s how the KK Park compound has grown

(📷 Maxar Technologies)
KK Park scam compound in Myanmar in Feb 2020 KK Park scam compound in Myanmar in Jan 2022 KK Park scam compound in Myanmar in Sept 2023 KK Park scam compound in Myanmar in Jan 2024
February 27, 2025 at 1:06 PM
mattburgess1.bsky.social
In this story:

— An anti-trafficking organisation that took on 25 new teenage trafficking victims but couldn’t help them
— Safe houses supporting victims running out of money
— A breakdown of support for criminal investigations
The person with links to work in a European country says their organization has 74 investigations into traffickers ongoing, plus 66 prosecutions that are underway. They say that the funding changes will have a "significant and negative impact on these criminal trials" and the safety of people who may give evidence in the cases.
February 10, 2025 at 6:18 PM
mattburgess1.bsky.social
Per @paulfscott.bsky.social's research: Technical Capability Notices, issued under UK law, can require encryption to be removed, can be issued to companies outside of the UK
www.tandfonline.com/doi/full/10....
Also, and perhaps more obviously, relevant to the question of encryption are the provisions of the 2016 Act which provide for ‘Technical Capability Notices’ – provisions which were, in draft form, assessed by the Joint Committee – and those relating to ‘National Security Notices’. TCNs may be made where the Secretary of State considers it necessary and proportionate ‘for securing that the operator has the capability to provide any assistance which the operator may be required to provide’ in relation to a warrant or authorisation issued under the Act. They require operators of telecommunication or postal services to take any steps specified in the notice for the purpose of complying with the obligations imposed on them by that notice. Amongst the obligations that might be imposed by a TCN are, the Act specifies, ‘obligations relating to the removal by a relevant operator of electronic protection applied by or on behalf of that operator to any communications or data’. The formulation ‘or on behalf’ is an addition to the original text found in the draft Bill, but does not obviously communicate the intention which the government claimed to have, seeming in fact to extend the obligation as compared to its draft form, though to an uncertain extent. In particular, it immediately prompts the question of whether it carries implications for a system of end-to-end encryption, a point to which we return below. TCNs are legally capable of extraterritorial effect: that is, the 2016 Act provides that such a notice ‘may be given to persons outside the United Kingdom (and may require things to be done, or not to be done, outside the United Kingdom),’ and the service of process can be effected by sending a TCN electronically to a person outside the UK.
February 7, 2025 at 11:39 AM
mattburgess1.bsky.social
Hello, many new Bluesky followers!

I’m a WIRED reporter looking to talk to people about the repercussions of Trump/Musk’s cuts. (In and outside of US)

In particular on issues such as child protection, cybercrime, national security, intel sharing

I can be reached on Signal: mattburgess.20
QR code for Signal, username: mattburgess.20
February 5, 2025 at 7:44 PM
mattburgess1.bsky.social
Groundhog day vibes. Italy's data regulator has asked DeepSeek to send it information on what personal data it collects, where it gets it from, and the legal basis for doing so

(Machine translated post)

www.garanteprivacy.it/home/docweb/...
The Guarantor for the protection of personal data has sent a request for information to Hangzhou DeepSeek Artificial Intelligence and to Beijing DeepSeek Artificial Intelligence, the companies that provide the DeepSeek chatbot service, both on the web platform and on the App. Given the possible high risk for the data of millions of people in Italy, the Authority asked the two companies and their affiliates to confirm what personal data are collected, from which sources, for what purposes, what the basis is legal treatment, and whether they are stored on servers located in China. The Guarantor also asked the companies what type of information is used to train the artificial intelligence system and, in the event that personal data is collected through web scraping activities, to clarify how users registered and those not registered in the service have been or are informed about the processing of their data. Within 20 days, the companies will have to provide the Authority with the requested information.
January 29, 2025 at 9:15 AM