Podcast cover art featuring three people smiling, each in a separate portrait against a blue background. Text reads "From Locate X to Midnight Blizzard: Privacy's Frosty Future" with "Breaking Badness Podcast" logo and "Episode 194." Delve into the evolution of hacking and its ethical implications.
Breaking Badness
Breaking Badness

Locate X Unleashed & APT29’s Latest Gambit: The Battle for Digital Privacy Option

In this segment, host Kali Fencl opens the discussion on Locate X, a powerful tool that can track smartphones globally without a warrant. As Tim Helming elaborates, “What’s new here with Locate X is this really easy-to-use front end that Babel Street put onto the data,” emphasizing the tool’s seamless interface and accessibility to law enforcement agencies. 

Key Points Discussed: 

  • Functionality and Mechanism: Locate X can track smartphones via cell towers and GPS data. This data is readily sold to data brokers and utilized by entities, as Tim shared “Unless you’ve taken specific configuration measures, your smartphone is happily sending that data to data brokers who are creating shareholder value off of your location data.” 
  • Privacy Concerns: The discussion highlights the ethical dilemmas, particularly around monitoring sensitive locations like places of worship and healthcare centers. Tim remarks, “Do we as a society believe in an individual’s right to privacy or don’t we? The government seems to be increasingly saying that we don’t.”
  • Mitigations: Our hosts agree that disabling the Mobile Advertising Identifier (MAID) and adjusting smartphone settings can help, they emphasize that true privacy would require drastic measures like not carrying a phone at all. 

Related Resource: 404 Media for in-depth coverage on digital privacy and surveillance.


When a Blizzard Becomes Flurries: APT29’s Latest Tactics

The second story shifts to Amazon’s identification of internet domains exploited by APT29, also known as Midnight Blizzard. Taylor Wilkes-Pierce outlines the group’s history and new tactics: “This group’s been around for quite some time… They are very well known for pretexting in their phishing campaigns and targeting organizations aligned with industry and government.” 

Key Points Discussed: 

  • Phishing Tactics: APT29’s latest campaign leveraged AWS lookalike URLs to deceive targets into revealing their credentials. Taylor explains, “Imitating the simple storage service from AWS… they used phishing lures that impersonated AWS services and regions to build trust.” 
  • Target Profiles: The campaign targeted entities aligned with military and governmental interests, particularly in Ukraine. The Computer Emergency Response Team (CERT) of Ukraine played a key role in identifying these domains. 
  • Defensive Measures: Both hosts recommend blocking .rdp files at the mail gateway and being vigilant for domain impersonation that mimics legitimate cloud service providers. 

Tim points out, “The threat of URLs that imitate Amazon infrastructure absolutely is… more dangerous than average.” 

Related Resource: AWS Security Blog for more information on APT29


Gold, Guidance, and Grievances

  • Tim’s Guidance: “Disable all the tracking that you possibly can in everything. It’s worth spending time on this.” 
  • Taylor’s Highlight: A mention of Ross Bevington’s talk on phishing deception techniques, reinforcing the importance of defensive innovation. 
  • Grievances: The team shares their frustration over the state of surveillance capitalism and the need for stronger legislative action

For more thought-provoking discussions, check out DomainTools Blog for articles and insights related to the episode’s topics. 

Join us next week for another insightful discussion on Breaking Badness!

Watch on YouTube


That’s about all we have for this week, you can find us on Mastodon and Twitter/X @domaintools, all of the articles mentioned in our podcast will always be included on our podcast recap. Catch us Wednesdays at 9 AM Pacific time when we publish our next podcast and blog.

*A special thanks to John Roderick for our incredible podcast music!