Feed aggregator

COLUMBUS, Ohio (WCMH) -- A civil trial investigating allegations of misconduct on the state's teacher pension board continued Wednesday, diving into the anonymous letter that sparked the case.

Top state officials received a seemingly anonymous letter in May 2024 that alleged two State Teachers Retirement System (STRS) board members improperly conspired to take over the state's $90 million pension funds. The letter formed the basis for a civil trial, underway this week, alleging former STRS board member Wade Steen and current STRS Chairman Rudy Fichtenbaum made backroom deals with private investment firm QED.

On Wednesday, the state wrapped up its witness list, after which the defense attempted to get the case dismissed. The request was denied, and defense attorneys called their first witnesses Wednesday afternoon.

Illegal afterhours club prompts Columbus to seek nuisance landlord declaration against owners

The state's central argument is that Steen and Fichtenbaum breached their fiduciary duty, or their legal and ethical duties, to protect STRS' best interests. The pair had proposed transferring control of the state pension board to outside investment firm QED. The pension board serves around 500,000 current and former Ohio teachers. See previous coverage of the STRS trial in the video player above.

Fichtenbaum and Steen said they felt it would better the fund's performance and help teachers, particularly after annual cost of living increases were discontinued. The state alleges it was done improperly, and wants to remove Fichtenbaum from his current role and bar both men from serving on state pension boards again.

STRS chief legal counsel Stacey Wideman had been identified as part of the group who composed the letter, a fact Wideman confirmed on the stand late Wednesday afternoon. Wideman was the final witness to take the stand Wednesday, called by the defense.

Wideman testified that the first draft of the letter could be traced back to December 2021, the month after Fichtenbaum and Steen presented to the board about a possible QED collaboration. She said there were several drafts between December 2021 and May 2024, when she and others finally decided to send their whistleblower memo.

“All of these things were just completely unprecedented and out of the norm," Wideman said. "We had never had board members pitching an investment strategy before for an outside firm.”

Wideman said she was one of several STRS associates concerned by the persistence of QED, a firm with minimal prior experience. Wideman said she finally sent the letter to the state after concerns about QED's involvement continued, and she began to worry about possible election interference related to QED. She testified she had not seen evidence that either man was paid by QED.

In part, Wideman pointed to the sudden resignation of former board member Richard Stein. Stein took the stand before Wideman, and testified that he resigned because he felt other board members -- those who did not propose collaboration with QED -- were not acting appropriately, and he felt he could no longer do his duty.

Before the defense called either witness, Steen's attorney, Norman Abood, moved for the case to be dismissed. He argued the state did not prove any breach of fiduciary duty or a backroom deal. Abood also argued the state's attempt to bar Steen from serving on the STRS board was moot, as Steen is no longer on the board.

Fichtenbaum's attorney, Richard Kerger, seconded Abood's motion, and said the pair's duty was to serve teachers, not STRS board members or staff, and he felt they had fulfilled that duty.

On behalf of the state, assistant attorney general Chad Kholer said tossing the case because Steen has left the board would set a dangerous precedent allowing board members to resign to avoid legal action. Kholer said there was proof of harm, from morale issues to relationships with other external organizations.

Judge Karen Phipps sided with the state, and the trial continued.

The state also appeared to begin positioning itself as the more efficient party, particularly as Phipps voiced support for streamlining testimony where possible.

The first witness of the day was Matt Worley, the state's final witness in the trial. Worley is the former STRS chief investment officer, and he testified that the QED investment would have been "unheard of." Worley said the QED investment did not live up to the typical due diligence expectations. When asked if the QED proposal cost STRS any money, Worley said "thankfully" it did not.

COLUMBUS, Ohio (WCMH) -- His official Ohio State bio shows Nolan Baudo as a 5'10" receiver from Chicago. He's now a junior who arrived at OSU as a preferred walk-on. 

He has zero career catches. 

But when you read further down in Nolan Baudo's bio, you'll learn a unique fact from the OSU sports information team. In an informal team poll, nearly half of the team said "Baudo" when asked who they hung around with. 

"I think it's a big deal,” Nolan Baudo said about his popularity in the OSU program. "I think life is all about relationships and how you treat people. That's been instilled in me since I was a little kid.”

You will not be surprised to learn Nolan Baudo was elected student council president at Marist High School. At Marist, he met a new teammate named Carnell Tate, who would soon become a 5-star recruit.

"Nolan was the first person I met (at Marist). We've been together ever since then,” Tate said. 

"We're 100% real with each other,” Nolan Baudo said. "If he doesn't like my outfit, he's going to tell me that he doesn't like my outfit."

Nolan Baudo was an accomplished high school player on his own, but when Tate decided to become a Buckeye, he opted to keep the band together by walking on at OSU. 

"His family fought really hard to help get Nolan here, too, so, you know, that relationship is one that's based on honesty and trust,” Nolan Baudo's father Richard said. 

Their friendship has been tested by tragedy. Shortly after arriving at OSU in 2023, Tate's mother, Ashley, was killed in a drive-by shooting in Chicago. 

"When his mom passed, it was hard on everyone,” Nolan Baudo said.  "I went to my mom right when it happened. I was a 17-year-old kid. I didn't really know what to do, and she was like, well, you know, this is why Ashley, Carnell's mom, wanted you there, you know, to be with him. I think, ever since then, it's been more of a family relationship.”

Tate said Nolan Baudo played a critical role for him.

"He's just my guy,” Tate said. “I could connect with him a lot. I could talk to him a lot. Whatever I need to, I could just laugh, whatever. Yeah, he's everywhere.”

Nolan Baudo does play a critical role on game days when he helps with signals to the offense. It's a job Nolan Baudo prepares hard for each week.

"If somebody is, you know, on the field and they don't know what they've got, and they look to me, I better have the right answer. It's a big deal to me,” Nolan Baudo said. 

He does this work knowing he will not likely be on the field himself.

"He just works so hard, and to not see the field, I thought he would quit a while ago because of the hard work," Nolan Baudo’s mother Kerry said. 

"There aren't a lot of people who would go through the workouts and the things they do here without a payoff of playing the game,” Richard Baudo said. 

That selflessness develops from life experience, and it's a staple of the Baudo family. Nolan Baudo's younger brother, Parker, was born with Down Syndrome.

"I kind of felt like a protective older brother rather than, you know, just a buddy, buddy, older brother,” Nolan Baudo said.

Parker Baudo is in high school in suburban Chicago and has become one of the more popular students in his school, to the surprise of few people. 

"He (Nolan) saw the things that were difficult for Parker, and he became more empathetic and understanding and patient," Kerry Baudo said. "And similarly with Parker, he watches his older brother, wants to emulate him."

"It definitely teaches you immediate empathy,” Nolan Baudo said. "You're always going to have empathy with someone, what they're going through or how they're feeling on a day-to-day basis. It's a family dynamic that, you know, I wouldn't trade for the world."

Nolan Baudo recently helped Parker start an Instagram profile so he can keep track of many of his Buckeye friends he's made when visiting his big brother.

"He has embraced Parker; this whole team has,” Richard said.  

Nolan Baudo is considering a number of post-OSU options, including as a sports agent or even in coaching. For now, he's embracing his role and aiming to serve with scholarship-quality effort. 

"People are waiting for you to break and people are waiting for you to quit and give up. And, you know, that's just that's not my MO,” Nolan Baudo said. "I think the biggest thing is emotional maturity and knowing that there's nothing that you can't persevere through. Anything in your life, you're going to have an opportunity the next day to prove somebody right and prove somebody wrong."

COLUMBUS, Ohio (WCMH) -- An illegal afterhours club in the Hilltop is among the Columbus properties operated by two landlords now facing a lawsuit from the city.

Columbus City Attorney Zach Klein announced the action on Wednesday, seeking to declare Vikas Dadlani and Sadna Hingorani as nuisance landlords.

Court documents state the club, in the 1800 block of Sullivant Avenue, “often sees large crowds, fights, alleged drug use, numerous noise complaints from neighbors, threatened gun violence, and a sexual assault.” The club also violated state liquor laws, zoning clearances and fire code inspections.

Woman accused of fatally dragging, running over man with vehicle in Westerville

Dadlani and Hingorani's properties have been the subject of narcotics-related police surveillance.

The court is being asked to shut down the afterhours club, as well as close the upper floor of a rental property not zoned for renting or up to code.

Columbus police have surveilled the pair's properties for evidence of drug use and sales. Those located in the 400 block of Columbian Avenue, the 1800 block of Sullivant Avenue, the 200 block of South Highland Avenue and the 400 block of Clarendon Avenue have all been suspected and surveilled for narcotics-related activity.

The landlords are owners of "several" units that are risks to public safety, Klein said in a news release. The landlords "refuse to take any meaningful action to abate nuisance activity, improve living conditions for tenants, and improve public safety."

San Diego, Orlando, Montreal: New seasonal, nonstop flights added at CMH

The properties are also subject to multiple code and safety violations, including "unsafe and unsanitary conditions, steps in disrepair, exposed electrical wiring, the use of gas generators to power units, rotting window sills, rodent infestations, and extensive damage to the exterior of several properties."

Dadlani and Hingorani own eight other properties, most of which are in the Hilltop neighborhood.

A preliminary injunction hearing is set for Nov. 5.

COLUMBUS, Ohio (WCMH) — As central Ohio communities prepare for trick-or-treating this Halloween season, there are important safety reminders for both little “beggars” and neighbors passing out candy.

With rain in the forecast for much of central Ohio, taking certain precautions is more essential than ever this year. From best practices with costumes and candy to avoiding the houses of registered sex offenders, there are several ways to keep the night fun and kids out of harm's way.

Halloween costumes

Dr. Mike Patrick, an emergency medicine physician at Nationwide Children’s Hospital, recommends making sure children are comfortable in their costumes, avoiding anything too tight or restrictive that could make them feel suffocated or claustrophobic. Patrick also urged parents to steer clear of outfits that could pose a trip hazard. Parents should opt for good-fitting shoes and ensure costume details do not hinder their children's ability to walk.

“You also want them to have a really good range of vision,” Patrick said. “So, you know, if they're going to be crossing a street, you want them to be able to see cars that are coming at them. And then, reflection is going to be important, too. It's going to be dark out there. And you want headlights to reflect off of costumes so that the drivers can see you.”

Additionally, parents should confirm the costume is flame-resistant with a quick check of its packaging.

Makeup and contact lenses

As long as the child does not have sensitive skin, Patrick said nontoxic makeup is generally fine and fun to use. Decorative contact lenses, however, can pose a significant risk of eye injury if not used correctly.

“If you have a teenager who already wears contacts, as long as they follow all the directions on the package and take them out at the first hint of any discomfort, that's going to be important,” Patrick said. “But for the younger kids, probably this is not the best time to start teaching them how to use those appropriately.”

Candy safety

When it comes to candy safety, it is recommended that children wait to eat their treats until they get home. This way, parents can sort what they received and remove any items that could cause issues for those with allergies.

“Just make sure the packaging is intact, that everything seems appropriate and safe and, and nothing seems like it's been opened or tampered with,” said Patrick.

And, in the event a child has a reaction to something they eat, Patrick has key advice on what steps parents should take.

“If they seem to be OK and you're really not sure what it was, I would call the Central Ohio Poison Center, 1-800-222-1222. That's the poison center phone number wherever you are in the country,” said Patrick. “If they seem like they're having trouble breathing, or they're, you know, their face is swelling or there's hives on their body, then I would just call 911. If they have a history of food allergy and an EpiPen, go ahead and give that.”

Inventorying the goodies also gives parents control over how much sugar their kids might ingest right before bed.

“I think portion control is a great idea, and not only for the kids, but for us parents as well,” said Patrick.

Kids who trick-or-treat without parents

When it comes to kids heading out without a chaperone, Patrick suggests parents consider their child's maturity level, not their age.

“If they usually ride their bikes around the neighborhood and you are used to trusting them, then it's probably fine to do that as long as they know what rules are in order,” said Patrick. “For the younger kids and the older kids that maybe you don't think they're quite mature enough to do that, then adult supervision is really going to be important.”

Tips for handing out candy

Many households will have their porch lights on, handing out candy to kids, but there are some safety issues to keep in mind. Trick-or-treat hosts might want to consider food allergies, such as peanuts, tree nuts and chocolate, and offer treats for kids who cannot have certain candies.

“You don't want it to be something that little kids could choke on,” said Patrick. “So, you just want lots of options and maybe even some non-food options as well.”

It is also advisable to avoid open flames, including those in jack-o-lanterns.

“You really don't want open flames anywhere near where the trick-or-treaters are going to be, because you worry about costumes igniting,” said Patrick. “And even if something says it's non-flammable, you still don't want to take that chance with kids. So using flicker bulbs or a flashlight or something like that, it's going to be a lot safer.”

For neighbors who want to make sure their home is included in the festivities, the free Nextdoor app allows members to pin their home to its “Treat Map,” where spooky decorations, trick-or-treat spots, and Halloween happenings can be shared with the community.

Avoiding sex offenders

An interactive tool on the Ohio Attorney General’s website allows people to check for registered sex offenders in their area. 

To perform a search, parents can enter their address, which then links to a map page displaying the names, addresses, photos and more information about sex offenders who live or work nearby. Additionally, users can search for a specific name, view the full list of registered sex offenders in Ohio, and sign up for email alerts about the whereabouts of registered sex offenders.

According to the attorney general’s office, registered sex offenders in Ohio are required by law to register their home address, work address and vehicle information with their local sheriff’s office to be publicly accessible through the eSORN database.

Follow this link to access the database.

View the full interview with Dr. Patrick in the video player above.

COLUMBUS, Ohio (WCMH) – The national coffee chain Dutch Bros is proposing a new central Ohio drive-thru, in addition to its plans for a northeast Columbus location. 

On Oct. 14, Prairie Township’s Board of Zoning Appeals approved site plans for a Dutch Bros drive-thru at 5300 W. Broad St. but asked the company to return next month to further discuss signage, Columbus Business First reported. 

The property at 5300 W. Broad St., which is currently undeveloped. (Photo courtesy/Franklin County Auditor's Office)

Dutch Bros is also working toward opening at 5470 N. Hamilton Road, according to a preliminary site plan filed with the City of Columbus. The address is in the Preserve North neighborhood, which sits just west of New Albany and north of Gahanna.

Dutch Bros recently established its first Ohio location and has been quickly expanding in the state. On Sept. 2, the brand debuted in Ohio with a Springfield Township drive-thru. On Sept. 10, it opened another location in the Dayton area, and on Sept. 22, it launched in the Cincinnati suburb of Milford.  

The brand was founded by brothers Dane and Travis Boersma in Oregon in 1992 and has since spread to over 1,000 locations, most of which are drive-thru only, across 19 states. While the chain was originally concentrated in the western U.S., its reach now expands as far east as South Carolina. 

Central Ohio communities adjust trick-or-treat dates due to rain, sports

Dutch Bros offers an assortment of hot, iced and frozen coffee drinks, including its best seller, the Golden Eagle, which includes espresso, caramel and vanilla breve, and caramel drizzle. Other menu items include matcha, energy drinks, iced tea, lemonade, smoothies, milkshakes and hot cocoa. The chain also serves snacks, such as muffin tops in the flavors chocolate chip, lemon poppyseed, and orange cranberry, as well as granola bars. 

The company did not immediately respond to a request for comment on its proposed Prairie Township location.  

LEWIS CENTER, Ohio (WCMH) -- An ice cream shop known for neon flavors in egg "puffle cones" has closed a central Ohio location after less than three years of business.

The shop, named "CRMD," announced on social media that it permanently shuttered its Lewis Center location at 5915 Evans Farm Dr. this month. In the post, the owners said the decision came after "a long year and due to unforeseen circumstances."

Longhorn sets plan for first Delaware County steakhouse

"We're burnt out with the stress and fighting constant battles, so decided it's time to focus on our mobile ice truck," the post said. "Thank you to everyone who's welcomed us into Lewis Center and supported us over the years."

• (Courtesy Photo/CRMD)
• (Courtesy Photo/CRMD)

CRMD launched the Lewis Center storefront in March 2023, marking the second Ohio location after a shop at 1190 N. High St. in the Short North opened in 2019. The brand also operated a Chicago storefront in Lakeview East before closing it in 2024 after a year and a half of business.

Jennifer Billerter, vice president of asset management for Evans Farm, told Columbus Business First that Parlor Doughnuts, which opened next door to CRMD in August, is expanding into the former ice cream shop. Parlor also owns a storefront at 4290 Home Road in Powell.

CRMD became known for its bold flavors, including "Nilla Cookie Dough," "Choco Marsh Swirl," "Cereal and Milk," "Salted Choco Pretz" and "Cookie Budder." The shop is also home to a buckeye flavor, mango sorbet, strawberry and more.

Smucker sues Trader Joe’s over alleged ‘dupe’ Uncrustables product

Customers can order their flavor in a waffle cone or a puffle, also known as an egg waffle. This type of waffle in popular in Hong Kong, CRMD's website states, and are made using an egg batter cooked in a special mold that gives them their signature bubble-like shape.

According to CRMD's Yelp profile, the Short North location is open 5 to 10 p.m. Monday through Wednesday, 5 to 11 p.m. Thursday, 4 p.m. to midnight Friday and Saturday, and 4 to 10 p.m. Sunday.

WESTERVILLE, Ohio (WCMH) — A woman accused of killing a man with her vehicle after a minor crash in a Kroger parking lot was in court Tuesday.

According to a criminal complaint, two people were involved in a minor traffic accident on Oct. 22 outside a Kroger on West Schrock Road. Police said a woman fled the scene and was followed by the other person.

Ibrahim Diakite followed Danielle Henry west onto Schrock Road until he was able to pull in front of her at the intersection of Schrock and Cooper roads. That is where, police said, Diakite stood in front of Henry’s vehicle and eventually on the hood in an attempt to prevent her from leaving.

San Diego, Orlando, Montreal: New seasonal, nonstop flights added at CMH

Henry tried to jerk her vehicle several times to shake Diakite off the vehicle but was unsuccessful. She then reportedly accelerated up to 45 mph with Diakite still on the hood.

Diakite was pulled under the vehicle and dragged 300-600 feet before being run over. He was taken to a hospital and later pronounced dead.

An arrest warrant was issued for Henry, who was taken into custody on Oct. 25. A Franklin County Municipal Court judge issued her a $750,000 bond on charges of aggravated vehicular homicide, involuntary manslaughter and failure to stop at the scene of an accident. She is next scheduled to appear in court on Nov. 4 for a preliminary hearing.

Court records indicate that Henry was driving without a license, as evidenced by a June incident in which she was pulled over for failure to obey a traffic control device. She was also charged with the same offense in March 2020.

In addition, Henry has faced dozens of felony and misdemeanor charges out of municipal court, both traffic and criminal related, including fleeing an officer in 2025, receiving stolen property in 2023, drug paraphernalia possession five times since 2018, theft twice since 2016, soliciting four times since 2012, driving while under suspension three times since 2011, assault in 2013 and carrying a concealed weapon in 2011, plus multiple moving violations.

COLUMBUS, Ohio (WCMH) -- With a win Saturday over Penn State, No. 1 Ohio State can say it is the top-ranked team in the official College Football Playoff rankings.

After months of speculation, college football fans will finally get to see the initial playoff rankings revealed on Tuesday at 8 p.m. Barring a crazy upset, the Buckeyes should be No. 1, but the last projections likely will change once again.

State senator wants buckeye named Ohio’s official candy before Michigan game

Here is a final look at the projected playoff field using the AP rankings before we get the real thing and what games to watch on Saturday for Week 10.

Last projected bracket before initial rankings

NBC4 looks at the AP rankings for playoff projections, and this is the last time we will be using them to create a 12-team playoff bracket.

The top four seeds have stayed put for multiple weeks now as Ohio State, Indiana, Texas A&M, and Alabama control their destinies to get into the playoff. The likes of Georgia and Oregon seem safely in there as well, barring any upsets.

Where things get interesting is once you get past Oregon, with Mississippi, Georgia Tech, Vanderbilt and Miami rounding out the top 10. All still face decent opposition in the regular season and could see their spots go away.

The two teams hanging on are BYU and Memphis, which could easily lose their grasps on their conference leads with the wild nature of the Big 12 and American conferences, respectively.

It will be fascinating to see how the ranking committee seeds these teams, especially if Indiana hops over Ohio State for No. 1. There is a decent argument to make for the Hoosiers to be ranked higher over the Buckeyes based purely on in-season resume. We will get all these answers Tuesday at 8 p.m.

Teams' odds to make the playoff

Among the 12 teams in the final projected field using the AP poll, the top three are so likely to get in that oddsmakers didn't even bother putting up odds. Ohio State, Indiana and Texas A&M, who are all undefeated, have room for error to get into the field still, with two losses usually the most a playoff team can take.

Ohio State’s Ryan Day discusses upcoming Big Ten showdown against Penn State

Oddsmakers have Notre Dame as a likely option to make the field with the Fighting Irish winning out after losses to Miami and Texas A&M to start the season. The Irish have not been in the projections for weeks, but a 10-2 finish could put the reigning runners-up in as an at-large team.

Here is how the current odds stack up for teams to get into the playoff (odds provided by DraftKings Sportsbook):

• Alabama (-900)
• Notre Dame (-330)
• Georgia (-310)
• Ole Miss (-300)
• Oregon (-280)
• Miami (-250)
• Texas Tech (-170)
• Georgia Tech (-120)
• Vanderbilt (+125)
• Louisville (+240)
• BYU (+260)
• Tennessee (+300)
• Tulane (+320)
• Cincinnati (+330)
• South Florida (+400)
• Memphis (+450)
• Virginia (+500)
• Texas (+500)
• Oklahoma (+500)
• North Texas (+500)

What to watch in Week 10

Navy at North Texas (Saturday, noon): Denton, Texas, will be rocking as the 7-1 Mean Green host the 7-0 Midshipmen, led by Hilliard native Blake Horvath at quarterback. Memphis is seen as the top playoff contender from the American, but the winner of this game increases its playoff odds drastically.

No. 18 Oklahoma at No. 14 Tennessee (Saturday, 7:30 p.m.): There is nothing like a regular-season elimination game to start November in the Southeastern Conference. The Sooners and Volunteers enter with two losses each, and although the winner might not be a shoo-in for the playoff, the loser's playoff aspirations are over.

No. 17 Cincinnati at No. 24 Utah (Saturday, 10:15 p.m.): Bearcats fans have scheduled multiple naps for this Saturday so they can stay up for a late kickoff from Salt Lake City. This all-ranked Big 12 showdown has a Cincinnati team that can realistically make its second playoff, while Utah tries to move up the conference standings.

COLUMBUS, Ohio (WCMH) — John Glenn Columbus International Airport is announcing new routes from multiple airlines.

CMH recently shared in its Fly Columbus newsletter the many new nonstop opportunities customers will find to get them where they want to go. Whether traveling internationally or escaping to a warmer U.S. destination, travelers have updated choices.

Central Ohio communities adjust trick-or-treat dates due to rain, sports

Currently, CMH and Rickenbacker International Airport (LCK) offer more than 50 nonstop flights from Columbus.

Southwest — San Diego

Earlier this month, Southwest Airlines began its near-daily nonstop flights to San Diego. According to the airport, this flight enhances last year’s popular Saturday-only service by offering more frequent options for travel to California.

Delta — Orlando

Beginning December 20, holiday travelers will find seasonal Saturday-only flights from CMH to Orlando (MCO), with additional flights for Christmas and New Year's.

Southwest — Panama City Beach

Provided from March 7 to April 4, spring breakers will find a new short seasonal option to get to Florida with weekend-only service.

Air Canada — Montreal

Starting May 1, 2026, passengers can fly nonstop from CMH to Montreal with Air Canada. This will be a new seasonal route, just in time for a spring getaway. Additionally, travelers will get access to Air Canada’s extensive European network from Montreal with this flight.

Delta — Austin

Beginning just days before the start of summer on June 7, 2026, Delta Air Lines will add daily nonstop service to Austin. CMH noted that this will provide people with an additional route to Texas alongside Southwest's offerings.

COLUMBUS, Ohio (WCMH) – Six Ohio cities rank among the best in the United States, according to a recent report by a global tourism adviser.

Resonance determined the 100 “best cities” in America by analyzing more than 400 metropolitan areas across the country with a population greater than 500,000, based on their quality of life, culture and economy. New York, Los Angeles and Chicago took the top three spots, respectively.

Ohio bill to require U.S.-made flags could expand job training for incarcerated women

Out of all Ohio cities that made the list, Columbus ranked the highest at No. 33. The company called Columbus a “Midwest magnet,” noting the city added more than 30,000 residents in 2024 – a growth rate 38% higher than the national average. The report pointed to Ohio State University, along with Google, Intel and Amazon expanding their footprints in the Columbus area, as factors behind the city’s growing popularity. 

Cleveland placed next at No. 40, with the study praising the city for its urban investments such as its $150‑million revamp of the Cleveland Museum of Natural History. The report also highlighted the city’s presence of large employers, including Sherwin-Williams, which has provided thousands of jobs. 

The study ranked Cincinnati at No. 51, calling it “Ohio’s fun-loving economic epicenter.” The city is fueled by locally headquartered Fortune 500 companies such as Kroger and has a diverse restaurant scene, the report stated. 

Dayton, at No. 77, was praised as an "aerospace hub" with "countless green spaces." The Gem City boasted the nation’s fourth most affordable housing and saw $400 million in new investments in its downtown area in 2024, double that of 2023.

Ohio legislators propose state currency backed by silver and gold

Closely following Dayton in the rankings is Toledo (No. 79), which had the second-most affordable housing in the country. Resonance called the city an “arts and culture hub,” anchored by the world-renowned Toledo Museum of Art, plus an “epic” zoo. 

The last Ohio city featured on the list was Akron, at No. 84. The city is one of the world’s leading polymer centers, and is home to two Fortune 500 companies: Goodyear Tire and Rubber Company, and FirstEnergy Corp. It also ranks 10th in the nation for green spaces.

Resonance’s full list and methodology can be found here. 

COLUMBUS, Ohio (WCMH) -- A proposal to ban state agencies from buying United States and Ohio flags that weren't made in the U.S. could expand opportunities for incarcerated women who sew flags at a Marysville prison, a state corrections official told lawmakers.

Ann King, Ohio Penal Industries chief for the Ohio Department of Rehabilitation and Correction, said the department's century-old flag shop at the Ohio Reformatory for Women could grow if House Bill 223 becomes law.

Ohio legislators propose state currency backed by silver and gold

"The Ohio Department of Rehabilitation and Correction's Ohio Penal Industries has operated a flag shop at the Ohio Reformatory for Women since 1926," King said in written testimony submitted Oct. 21 to the House Government Oversight Committee. "Currently, 36 incarcerated women sew U.S., Ohio, and Prisoner of War flags 35 hours each week within the flag shop. These flags are created from raw materials to the finished product, including each star and stripe that is hand-cut and sewn."

The shop sells flags to public agencies and residents across the state. King said recent additions to the program include a printed flag line that offers a more affordable option.

"Increased flag sales stemming from the enactment of H.B. 223 would likely offer additional opportunities for more women incarcerated at the Ohio Reformatory for Women to participate in the flag manufacturing operation and obtain the rehabilitative benefits of the Ohio Penal Industries work and job skill training program," King said.

H.B. 223, introduced in April by Reps. Ty Mathews (R-Findlay) and Bernie Willis (R-Springfield), would prohibit state agencies and local governments from purchasing U.S. or Ohio flags that were not made domestically. The measure would apply to all levels of government -- counties, municipalities and townships.

State senator wants buckeye named Ohio’s official candy before Michigan game

Mathews told the House Government Oversight Committee during a May hearing that the bill is about both patriotism and economic support.

"[This bill] honors the significance of our flags as symbols of freedom, sacrifice, and service; supports American jobs and manufacturers by ensuring taxpayer dollars stay in the U.S.," Mathews said. "[It] aligns Ohio with other states that have enacted similar common-sense, patriotic policies ... and reinforces that we don't just salute the flag -- we stand behind those who make it."

Willis called the proposal "straightforward but meaningful," saying it would reaffirm a commitment to American workers and the values symbolized by the flag.

"Our flags are powerful symbols of our nation's values, our history, and the sacrifices made to defend our freedoms," Willis said. "They deserve to be made by American hands. By requiring that these flags be manufactured domestically, we reaffirm our commitment to American workers and uphold the integrity of the very symbols that represent our unity and sovereignty."

Trial investigating alleged misconduct on Ohio’s teacher pension board begins

The bill remains under consideration in the House Government Oversight Committee. View H.B. 223 below.

Ohio House Bill 223Download

COLUMBUS, Ohio (WCMH) -- Ohioans could soon buy their groceries or morning coffee with silver and gold instead of the American dollar.

House Bill 206, introduced by Reps. Jennifer Gross (R-West Chester) and Riordan McClain (R-Ashland), would establish a state currency based on gold and silver. The bill directs the state treasurer to set up a transactional currency rooted in silver and gold to address concerns with the value of the U.S. dollar.

Central Ohio communities adjust trick-or-treat dates due to rain, sports

"You no longer need to be rich to own gold, you can spend gold and silver anywhere that accepts Mastercard," Gross said.

The U.S. Constitution said only the federal government can coin money and regulate its value, so states are generally not allowed to make their own currency. The Constitution does allow one exception, as it says, "no state shall ... make anything but gold and silver coin a tender in payment of debts."

Utah was the first state to take advantage of this exception, codifying its own gold tender law in 2011. If passed, H.B. 206 would make Ohio the 12th state to recognize its own gold and silver currency. The bill would also remove taxes associated with silver and gold purchases, making it easier to pay without the dollar.

Concerns with the system have included the fluctuating price of gold, the fact that gold investments are taxed federally, and the logistics in acquiring and keeping gold reserves.

If passed, the bill would allow Ohioans to purchase gold and silver through the state and use their gold and silver to make purchases instead of American currency. The system would be electronic, and every dollar spent would be represented by physical gold and silver held by the state in a protected reserve.

Safety truck crash on I-270 a reminder to distracted drivers

Spending silver and gold would look similar to using a credit card or Apple Pay. Ohioans using the system would have to purchase silver and gold through the state and pay a fee to be authorized to spend that money.

"If there's one asset that's really stood the test of time, it's gold," McClain said. "It's silver to some degree."

McClain said the bill emerged from concerns about the American dollar. The dollar used to be backed by gold, where every dollar had an attached gold value held in a U.S. reserve. In 1971, the U.S. removed the gold standard, and McClain said that made the dollar a lot less protected.

"The U.S. dollar is what's called a fiat currency, and all that means is that the only thing that's backing the dollar is the perception of the U.S. economy or the federal government or the U.S. reserve," McClain said. "There's nothing actually backing the dollar."

McClain said the dollar has lost a lot of purchasing power over the past 100 years, where gold and silver have increased in value. According to the Federal Reserve Bank of Minneapolis, $1 in 1925 has the purchasing power of $18.37 today. Comparably, the National Mining Association valued one ounce of gold at $379.16 in 1925, using 2025 dollar values. One ounce of gold is valued at $2,394.86 today.

McClain said offering a simpler way to make purchases with silver and gold will help Ohioans, especially those with similar concerns to his own. He said he is concerned by the dollar's devaluation, and by the federal government's printing of more money regardless of increasing debt.

Ohio lawmaker encourages action as SNAP benefits set to expire

He is also troubled by the switch toward gold- and silver-backed currencies on the global stage. According to J.P. Morgan, countries like China, Russia and Turkey have been heavily investing in gold in recent years, indicating a shift away from the American dollar, which used to be more standard in international business.

"We've seen a number of our foreign adversaries move in the way of gold, and in my opinion that is intentionally targeting the U.S.," McClain said.

The new currency would only work in the state of Ohio. McClain said he hopes the federal government will make similar adjustments to protect Americans' purchasing power, but he can only offer statewide solutions. Although he is advocating for national change, he said he did not anticipate any significant federal reforms anytime soon.

H.B. 206 is in House Financial Institutions Committee, and had its first hearing on Oct. 15. A second hearing is not yet scheduled.

COLUMBUS, Ohio (WCMH) - Lutheran Social Services has been providing resources and programs for Central Ohioans for over a century. The number of services they provide is being reduced with the sale of three senior living facilities.

LSS Kensington Place in Columbus, LSS Lutheran Village in Ashland and LSS The Good Shepherd in Ashland will all be sold to Medical Facilities of America, said President and CEO of Lutheran Social Services Rachel Lustig.

"We're doing this because when we look at the long-term future for our clients and residents at these facilities, and we look at our portfolio, which within the Columbus area also includes a very extensive human service portfolio. We thought we can focus on our human service portfolio," Lustig explained on a Zoom call Tuesday afternoon.

Anonymous central Ohio crime reporting program seeks to make streets safer

Lustig said the move will allow the organization to "facilitate our capacity to double down where we are most needed in the areas of homelessness and domestic violence and community health and food assistance, affordable housing."

The new owners of the three facilities will continue to operate each at it's current level of service, according to Lustig. Kensington Place and Lutheran Village are Assisted Living communities while The Good Shepherd is a Skilled Nursing and Rehabilitation facility.

Lustig said the process for finding the right buyer was intensive. 

"We were very serious in choosing a partner who held on to quality programing as a way, that that took care of the residents. That's what we were looking for. I brought one of our directors of nursing to be a part of the selection team, because it was really important to me to find a good partner, to take care of our people going forward," Lusting said.

Lustig said the process required in-depth research.

"We went through and did our research and kind of evaluated, well, who's providing quality, services. So, we looked at, what Medicare produces for the five-star ratings of quality ratings. And we looked at which organizations were doing the best that were interested in, and medical facilities of America rose to the top," Lustig explained.

"When you find a a company that has more, you can get some economies of scale, and you can have one person who's reviewing all the regulations and then figuring out how do you provide that training to our staff. So, it is our hope that they'll be better able to support our team in today's changing landscape," Lustig said.

Safety truck crash on I-270 a reminder to distracted drivers

Lustig said the changes will be minimal.

"You know, I think for most people, they won't see too much difference. But our team is going to go with their sale, and so they're still going to be able to kind of see the same nurses that are taking care of them and the same administrators," she said.

"This is an operations transfer. So, our senior living staff will accompany the transition," added Lustig, noting that staff members will stay employed at each location.

Lustig said Lutheran Social Services has, "about a $40 million operating budget" and that "this will provide us with about one fourth or one third of our annual operating budget. Around in that ballpark" in net compensation for the sale of the three facilities.

"It's a big change for people. We want to be able to be here to provide them with the answers and the support. We're here to stay. We're going to do the best we can for our local community and be on those front lines of where most needed," explained Lustig.

Lutheran Social Services will now focus its efforts on other areas of need like affordable housing, community health, food for those in need, and domestic violence resources among other human services.

A timetable of when the sale will be finalized was not announced.

Just when you thought DNS cache poisoning was a thing of the past, Steve and Leo reveal why this 17-year-old bug is making a dramatic comeback—and why most DNS resolvers still can't manage high-quality random numbers after all this time.

• The unsuspected sucking power of a Linux-based robot vacuum.
• Russia to follow China's vulnerability reporting laws.
• A pair of Scattered Spider UK teen hackers arrested.
• Facebook,Instagram and TikTok violating the EU's DSA.
• Microsoft Teams bringing user WiFi tracking bypolicy.
• You backed up. That's great. Did you test that backup?
• Coveware reports all-time lowransomware payment rate.
• Ransomware negotiator reports how the bad guys get in.
• Lots of listener thoughts and feedback about NIST passwords.
• And against all reason and begging credulity, it seems we still haven't managed to put high-quality random number generators into our DNS resolvers.

Show Notes - https://www.grc.com/sn/SN-1049-Notes.pdf

Hosts: Steve Gibson and Leo Laporte

Download or subscribe to Security Now at https://twit.tv/shows/security-now.

You can submit a question to Security Now at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

Join Club TWiT for Ad-Free Podcasts!
Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit

Sponsors:

• hoxhunt.com/securitynow
• zapier.com/securitynow
• 1password.com/securitynow
• veeam.com
• zscaler.com/security

Aisuru, the botnet responsible for a series of record-smashing distributed denial-of-service (DDoS) attacks this year, recently was overhauled to support a more low-key, lucrative and sustainable business: Renting hundreds of thousands of infected Internet of Things (IoT) devices to proxy services that help cybercriminals anonymize their traffic. Experts says a glut of proxies from Aisuru and other sources is fueling large-scale data harvesting efforts tied to various artificial intelligence (AI) projects, helping content scrapers evade detection by routing their traffic through residential connections that appear to be regular Internet users.

First identified in August 2024, Aisuru has spread to at least 700,000 IoT systems, such as poorly secured Internet routers and security cameras. Aisuru’s overlords have used their massive botnet to clobber targets with headline-grabbing DDoS attacks, flooding targeted hosts with blasts of junk requests from all infected systems simultaneously.

In June, Aisuru hit KrebsOnSecurity.com with a DDoS clocking at 6.3 terabits per second — the biggest attack that Google had ever mitigated at the time. In the weeks and months that followed, Aisuru’s operators demonstrated DDoS capabilities of nearly 30 terabits of data per second — well beyond the attack mitigation capabilities of most Internet destinations.

These digital sieges have been particularly disruptive this year for U.S.-based Internet service providers (ISPs), in part because Aisuru recently succeeded in taking over a large number of IoT devices in the United States. And when Aisuru launches attacks, the volume of outgoing traffic from infected systems on these ISPs is often so high that it can disrupt or degrade Internet service for adjacent (non-botted) customers of the ISPs.

“Multiple broadband access network operators have experienced significant operational impact due to outbound DDoS attacks in excess of 1.5Tb/sec launched from Aisuru botnet nodes residing on end-customer premises,” wrote Roland Dobbins, principal engineer at Netscout, in a recent executive summary on Aisuru. “Outbound/crossbound attack traffic exceeding 1Tb/sec from compromised customer premise equipment (CPE) devices has caused significant disruption to wireline and wireless broadband access networks. High-throughput attacks have caused chassis-based router line card failures.”

The incessant attacks from Aisuru have caught the attention of federal authorities in the United States and Europe (many of Aisuru’s victims are customers of ISPs and hosting providers based in Europe). Quite recently, some of the world’s largest ISPs have started informally sharing block lists identifying the rapidly shifting locations of the servers that the attackers use to control the activities of the botnet.

Experts say the Aisuru botmasters recently updated their malware so that compromised devices can more easily be rented to so-called “residential proxy” providers. These proxy services allow paying customers to route their Internet communications through someone else’s device, providing anonymity and the ability to appear as a regular Internet user in almost any major city worldwide.

From a website’s perspective, the IP traffic of a residential proxy network user appears to originate from the rented residential IP address, not from the proxy service customer. Proxy services can be used in a legitimate manner for several business purposes — such as price comparisons or sales intelligence. But they are massively abused for hiding cybercrime activity (think advertising fraud, credential stuffing) because they can make it difficult to trace malicious traffic to its original source.

And as we’ll see in a moment, this entire shadowy industry appears to be shifting its focus toward enabling aggressive content scraping activity that continuously feeds raw data into large language models (LLMs) built to support various AI projects.

‘INSANE’ GROWTH

Riley Kilmer is co-founder of spur.us, a service that tracks proxy networks. Kilmer said all of the top proxy services have grown exponentially over the past six months — with some adding between 10 to 200 times more proxies for rent.

“I just checked, and in the last 90 days we’ve seen 250 million unique residential proxy IPs,” Kilmer said. “That is insane. That is so high of a number, it’s unheard of. These proxies are absolutely everywhere now.”

To put Kilmer’s comments in perspective, here was Spur’s view of the Top 10 proxy networks by approximate install base, circa May 2025:

AUPROXIES_PROXY  66,097
RAYOBYTE_PROXY    43,894
OXYLABS_PROXY   43,008
WEBSHARE_PROXY   39,800
IPROYAL_PROXY    32,723
PROXYCHEAP_PROXY    26,368
IPIDEA_PROXY    26,202
MYPRIVATEPROXY_PROXY  25,287
HYPE_PROXY    18,185
MASSIVE_PROXY    17,152

Today, Spur says it is tracking an unprecedented spike in available proxies across all providers, including;

LUMINATI_PROXY    11,856,421
NETNUT_PROXY    10,982,458
ABCPROXY_PROXY    9,294,419
OXYLABS_PROXY     6,754,790
IPIDEA_PROXY     3,209,313
EARNFM_PROXY    2,659,913
NODEMAVEN_PROXY    2,627,851
INFATICA_PROXY    2,335,194
IPROYAL_PROXY    2,032,027
YILU_PROXY    1,549,155

Reached for comment about the apparent rapid growth in their proxy network, Oxylabs (#4 on Spur’s list) said while their proxy pool did grow recently, it did so at nowhere near the rate cited by Spur.

“We don’t systematically track other providers’ figures, and we’re not aware of any instances of 10× or 100× growth, especially when it comes to a few bigger companies that are legitimate businesses,” the company said in a written statement.

Bright Data was formerly known as Luminati Networks, the name that is currently at the top of Spur’s list of the biggest residential proxy networks, with more than 11 million proxies. Bright Data likewise told KrebsOnSecurity that Spur’s current estimates of its proxy network are dramatically overstated and inaccurate.

“We did not actively initiate nor do we see any 10x or 100x expansion of our network, which leads me to believe that someone might be presenting these IPs as Bright Data’s in some way,” said Rony Shalit, Bright Data’s chief compliance and ethics officer. “In many cases in the past, due to us being the leading data collection proxy provider, IPs were falsely tagged as being part of our network, or while being used by other proxy providers for malicious activity.”

“Our network is only sourced from verified IP providers and a robust opt-in only residential peers, which we work hard and in complete transparency to obtain,” Shalit continued. “Every DC, ISP or SDK partner is reviewed and approved, and every residential peer must actively opt in to be part of our network.”

HK NETWORK

Even Spur acknowledges that Luminati and Oxylabs are unlike most other proxy services on their top proxy providers list, in that these providers actually adhere to “know-your-customer” policies, such as requiring video calls with all customers, and strictly blocking customers from reselling access.

Benjamin Brundage is founder of Synthient, a startup that helps companies detect proxy networks. Brundage said if there is increasing confusion around which proxy networks are the most worrisome, it’s because nearly all of these lesser-known proxy services have evolved into highly incestuous bandwidth resellers. What’s more, he said, some proxy providers do not appreciate being tracked and have been known to take aggressive steps to confuse systems that scan the Internet for residential proxy nodes.

Brundage said most proxy services today have created their own software development kit or SDK that other app developers can bundle with their code to earn revenue. These SDKs quietly modify the user’s device so that some portion of their bandwidth can be used to forward traffic from proxy service customers.

“Proxy providers have pools of constantly churning IP addresses,” he said. “These IP addresses are sourced through various means, such as bandwidth-sharing apps, botnets, Android SDKs, and more. These providers will often either directly approach resellers or offer a reseller program that allows users to resell bandwidth through their platform.”

Many SDK providers say they require full consent before allowing their software to be installed on end-user devices. Still, those opt-in agreements and consent checkboxes may be little more than a formality for cybercriminals like the Aisuru botmasters, who can earn a commission each time one of their infected devices is forced to install some SDK that enables one or more of these proxy services.

Depending on its structure, a single provider may operate hundreds of different proxy pools at a time — all maintained through other means, Brundage said.

“Often, you’ll see resellers maintaining their own proxy pool in addition to an upstream provider,” he said. “It allows them to market a proxy pool to high-value clients and offer an unlimited bandwidth plan for cheap reduce their own costs.”

Some proxy providers appear to be directly in league with botmasters. Brundage identified one proxy provider that was aggressively advertising cheap and plentiful bandwidth to content scraping companies. After scanning that provider’s pool of available proxies, Brundage said he found a one-to-one match with IP addresses he’d previously mapped to the Aisuru botnet.

Brundage says that by almost any measurement, the world’s largest residential proxy service is IPidea, a China-based proxy network. IPidea is #5 on Spur’s Top 10, and Brundage said its brands include ABCProxy (#3), Roxlabs, LunaProxy, PIA S5 Proxy, PyProxy, 922Proxy, 360Proxy, IP2World, and Cherry Proxy. Spur’s Kilmer said they also track Yilu Proxy (#10) as IPidea.

Brundage said all of these providers operate under a corporate umbrella known on the cybercrime forums as “HK Network.”

“The way it works is there’s this whole reseller ecosystem, where IPidea will be incredibly aggressive and approach all these proxy providers with the offer, ‘Hey, if you guys buy bandwidth from us, we’ll give you these amazing reseller prices,'” Brundage explained. “But they’re also very aggressive in recruiting resellers for their apps.”

A graphic depicting the relationship between proxy providers that Synthient found are white labeling IPidea proxies. Image: Synthient.com.

Those apps include a range of low-cost and “free” virtual private networking (VPN) services that indeed allow users to enjoy a free VPN, but which also turn the user’s device into a traffic relay that can be rented to cybercriminals, or else parceled out to countless other proxy networks.

“They have all this bandwidth to offload,” Brundage said of IPidea and its sister networks. “And they can do it through their own platforms, or they go get resellers to do it for them by advertising on sketchy hacker forums to reach more people.”

One of IPidea’s core brands is 922S5Proxy, which is a not-so-subtle nod to the 911S5Proxy service that was hugely popular between 2015 and 2022. In July 2022, KrebsOnSecurity published a deep dive into 911S5Proxy’s origins and apparent owners in China. Less than a week later, 911S5Proxy announced it was closing down after the company’s servers were massively hacked.

That 2022 story named Yunhe Wang from Beijing as the apparent owner and/or manager of the 911S5 proxy service. In May 2024, the U.S. Department of Justice arrested Mr Wang, alleging that his network was used to steal billions of dollars from financial institutions, credit card issuers, and federal lending programs. At the same time, the U.S. Treasury Department announced sanctions against Wang and two other Chinese nationals for operating 911S5Proxy.

The website for 922Proxy.

DATA SCRAPING FOR AI

In recent months, multiple experts who track botnet and proxy activity have shared that a great deal of content scraping which ultimate benefits AI companies is now leveraging these proxy networks to further obfuscate their aggressive data-slurping activity. That’s because by routing it through residential IP addresses, content scraping firms can make their traffic far trickier to filter out.

“It’s really difficult to block, because there’s a risk of blocking real people,” Spur’s Kilmer said of the LLM scraping activity that is fed through individual residential IP addresses, which are often shared by multiple customers at once.

Kilmer says the AI industry has brought a veneer of legitimacy to residential proxy business, which has heretofore mostly been associated with sketchy affiliate money making programs, automated abuse, and unwanted Internet traffic.

“Web crawling and scraping has always been a thing, but AI made it like a commodity, data that had to be collected,” Kilmer said. “Everybody wanted to monetize their own data pots, and how they monetize that is different across the board.”

Kilmer said many LLM-related scrapers rely on residential proxies in cases where the content provider has restricted access to their platform in some way, such as forcing interaction through an app, or keeping all content behind a login page with multi-factor authentication.

“Where the cost of data is out of reach — there is some exclusivity or reason they can’t access the data — they’ll turn to residential proxies so they look like a real person accessing that data,” Kilmer said of the content scraping efforts.

Aggressive AI crawlers increasingly are overloading community-maintained infrastructure, causing what amounts to persistent DDoS attacks on vital public resources. A report earlier this year from LibreNews found some open-source projects now see as much as 97 percent of their traffic originating from AI company bots, dramatically increasing bandwidth costs, service instability, and burdening already stretched-thin maintainers.

Cloudflare is now experimenting with tools that will allow content creators to charge a fee to AI crawlers to scrape their websites. The company’s “pay-per-crawl” feature is currently in a private beta, but it lets publishers set their own prices that bots must pay before scraping content.

On October 22, the social media and news network Reddit sued Oxylabs (PDF) and several other proxy providers, alleging that their systems enabled the mass-scraping of Reddit user content even though Reddit had taken steps to block such activity.

“Recognizing that Reddit denies scrapers like them access to its site, Defendants scrape the data from Google’s search results instead,” the lawsuit alleges. “They do so by masking their identities, hiding their locations, and disguising their web scrapers as regular people (among other techniques) to circumvent or bypass the security restrictions meant to stop them.”

Denas Grybauskas, chief governance and strategy officer at Oxylabs, said the company was shocked and disappointed by the lawsuit.

“Reddit has made no attempt to speak with us directly or communicate any potential concerns,” Grybauskas said in a written statement. “Oxylabs has always been and will continue to be a pioneer and an industry leader in public data collection, and it will not hesitate to defend itself against these allegations. Oxylabs’ position is that no company should claim ownership of public data that does not belong to them. It is possible that it is just an attempt to sell the same public data at an inflated price.”

As big and powerful as Aisuru may be, it is hardly the only botnet that is contributing to the overall broad availability of residential proxies. For example, on June 5 the FBI’s Internet Crime Complaint Center warned that an IoT malware threat dubbed BADBOX 2.0 had compromised millions of smart-TV boxes, digital projectors, vehicle infotainment units, picture frames, and other IoT devices.

In July 2025, Google filed a lawsuit in New York federal court against the Badbox botnet’s alleged perpetrators. Google said the Badbox 2.0 botnet “compromised more than 10 million uncertified devices running Android’s open-source software, which lacks Google’s security protections. Cybercriminals infected these devices with pre-installed malware and exploited them to conduct large-scale ad fraud and other digital crimes.”

A FAMILIAR DOMAIN NAME

Brundage said the Aisuru botmasters have their own SDK, and for some reason part of its code tells many newly-infected systems to query the domain name fuckbriankrebs[.]com. This may be little more than an elaborate “screw you” to this site’s author: One of the botnet’s alleged partners goes by the handle “Forky,” and was identified in June by KrebsOnSecurity as a young man from Sao Paulo, Brazil.

Brundage noted that only systems infected with Aisuru’s Android SDK will be forced to resolve the domain. Initially, there was some discussion about whether the domain might have some utility as a “kill switch” capable of disrupting the botnet’s operations, although Brundage and others interviewed for this story say that is unlikely.

A tiny sample of the traffic after a DNS server was enabled on the newly registered domain fuckbriankrebs dot com. Each unique IP address requested its own unique subdomain. Image: Seralys.

For one thing, they said, if the domain was somehow critical to the operation of the botnet, why was it still unregistered and actively for-sale? Why indeed, we asked. Happily, the domain name was deftly snatched up last week by Philippe Caturegli, “chief hacking officer” for the security intelligence company Seralys.

Caturegli enabled a passive DNS server on that domain and within a few hours received more than 700,000 requests for unique subdomains on fuckbriankrebs[.]com.

But even with that visibility into Aisuru, it is difficult to use this domain check-in feature to measure its true size, Brundage said. After all, he said, the systems that are phoning home to the domain are only a small portion of the overall botnet.

“The bots are hardcoded to just spam lookups on the subdomains,” he said. “So anytime an infection occurs or it runs in the background, it will do one of those DNS queries.”

Caturegli briefly configured all subdomains on fuckbriankrebs dot com to display this ASCII art image to visiting systems today.

The domain fuckbriankrebs[.]com has a storied history. On its initial launch in 2009, it was used to spread malicious software by the Cutwail spam botnet. In 2011, the domain was involved in a notable DDoS against this website from a botnet powered by Russkill (a.k.a. “Dirt Jumper”).

Domaintools.com finds that in 2015, fuckbriankrebs[.]com was registered to an email address attributed to David “Abdilo” Crees, a 26-year-old Australian man sentenced in May 2025 to time served for cybercrime convictions related to the Lizard Squad hacking group.

COLUMBUS, Ohio (WCMH) -- A new push to stop gun violence in central Ohio is now underway in one of Columbus' hardest hit neighborhoods. 

Central Ohio Crime Stoppers and the Ohio Crime Prevention Association are rolling out a community initiative at the Wedgewood Apartment Complex to encourage residents to report gunfire in an effort to make the city's streets safer. 

They're working in partnership with the Columbus Division of Police, local law enforcement agencies, apartment management teams and community residents. 

2 firefighters hurt in south Columbus house fire

Leaders placed door hangers and posters on every unit in the complex Tuesday afternoon with information on how to call in an anonymous tip or submit one online. They said this collaboration relies on residents, not just police, to help reduce gun violence across central Ohio by giving people a safe and anonymous way to share what they know. 

"Oftentimes we don't want to come forward with information because we're afraid of our own safety," Mothers of Murdered Columbus Children founder Malissa Thomas-St. Clair said. "I'm a mother who's lost a child to homicide and if it wasn't for someone saying something, my offender would've never been caught."

According to Napolean Bell, president of Central Ohio Crime Stoppers, the Wedgewood Apartments have long struggled with gun violence. 

"Even when no one is struck, every bullet fired endangers lives," Bell said. "As we often say a bullet has no name, but it can hurt and kill just the same."

If an anonymous tip leads to an arrest or an indictment, that person will receive a cash reward. 

"You will also take a gun off the street or help save someone's life," Bell said. "You might be scared. You might be hesitant because you think somebody might find out. You are totally anonymous. Totally anonymous. A subpoena couldn't get the information because we don't know who you are."

Bell said safety starts with everyone and this effort is about building trust and restoring peace in neighborhoods. He said if you see something, say something. 

"I always say that crime scene number two is typically worse than crime scene number one," Ohio Crime Prevention Association president John DiPietro said. "What happens is after that gun is stolen, sold to somebody, given to somebody, chances are it's going to be used in a very serious crime. Robbery. Homicide. Even these young children that don't know any better just playing around with a weapon that's out there."

Man accused in Licking County karaoke bar murder to change plea

The mission is to empower residents to take an active role in improving safety in their neighborhoods. 

"Please give these families the justice they deserve, give yourself an opportunity to live in a safer Columbus by being an upstander and saying something," Thomas-St. Clair said. 

The goal is to later expand the effort to other central Ohio communities identified as having higher levels of gun-related incidents. 

"Together we can make a difference," Bell said. "Together we can make our city and county safer."

Anyone with information on a gun-related incident is asked to call Central Ohio Crime Stoppers at 614-461-TIPS (8477), visit www.stopcrime.org, or use the P3 Tips mobile app (iOS & Android). All tips remain anonymous.

COLUMBUS, Ohio (WCMH) — As Hurricane Melissa hits the Caribbean, a central Ohio family is concerned about their loved ones who are directly affected by the storm.

The Hayles own Ena's Caribbean Kitchen in Linden. They moved to Columbus in 1982 but still have many loved ones in Jamaica. As they got food ready on Tuesday, coverage of the storm was on in the background.

“That's the number one topic right now. It's been like that for the last couple days," said Marlon Hayles, co-owner of Ena's Caribbean Kitchen. "It’s been pretty tense for us, I know the kids have been tracking it and monitoring what's going on."

Columbus Dollar General removes boards from windows after worries of loss of SNAP benefits

The Hayles have been checking on their family members every day since Saturday.

"That’s all we've got to do, hope and pray for them and when the weather is done, we'll find out what help they need and we try to help them the best way we can," said Vinell Hayles, Co-Owner of Ena's Caribbean Kitchen.

She was on the phone with her older sister in Jamaica on Tuesday morning as the storm hit.

"Jamaica will survive. Because that wouldn't be the first, this is the worst one, but this wouldn't be the first," Vinell Hayles said.

As of Tuesday afternoon, The Hayles said some of their loved ones are dealing with property damage. They said the relatives they'd spoken with so far are ok.

"We’re just waiting to see what the outcome is going to be like, we hope it's not going to be too bad and then start planning for whatever type of help they may need afterwards," Marlon Hayles said.

COLUMBUS, Ohio (WCMH) -- About 1.4 million Ohioans receive federal SNAP benefits -- benefits that are expected to expire at the end of this week as the government shutdown grinds toward its second month.

One state lawmaker is encouraging the legislature and the governor to take immediate action as needy Ohioans agonize about what is to come. 

“Folks are constantly messaging me on TikTok, Instagram, wherever they can,” Rep. Latyna Humphrey (D-Columbus) said. “They want to know what's going to happen, what folks are saying, who's saying what in power. People want information because they want to know how to prepare, but they're also afraid.” 

On Monday, Humphrey released an open letter urging Gov. Mike DeWine to take certain administrative steps that she believes would relieve some of the burden on people and families who depend on SNAP. DeWine spokesperson Dan Tierney warned that since SNAP is a federal program, there is no mechanism in place for the state to pay out benefits. 

“Of course I would like to see direct payments to people, but I’m not oblivious to the fact that that might not be feasible right now,” Humphrey said. “So maybe we support the food banks that are doing the good work in our communities every day. I have multiple food banks in my community, they would love the support.”

In addition to supporting food banks, Humphrey argues the governor could use the Office of Budget and Management Controlling Board to redirect necessary funds in the event of an emergency. 

“All the Governor would need to do is say, ‘hey, I’m recognizing this may be an issue, let’s pull from X, Y, and Z, go to the Controlling Board and then make that happen, because there are funds available to do so,” Humphrey said. 

Humphrey has also introduced House Bill 502, which would provide interim relief for SNAP beneficiaries, to be reimbursed after the government shutdown ends. That bill has not yet received a hearing, and would also rely on tapping into the state’s “Rainy Day” fund -- something the Governor’s office has already rejected. 

“The ‘Rainy Day Fund’ is a colloquial name for the Budget Stabilization Fund,” Tierney said in an email. “The sole purpose of the Budget Stabilization Fund is to support a previously enacted budget if state revenue decreases in an economic downturn. The fund may be accessed only [if] the Ohio General Assembly enacts legislation to do so. It is very common for activists and special interests to take the nickname of the Budget Stabilization Fund literally and suggest it be used for spending during circumstances that they believe constitute a ‘Rainy Day.’ However, almost none of those ‘Rainy Days’ are in line with the statutorily established purpose of the fund.” 

Humphrey acknowledged there are constraints on how the "Rainy Day" fund can be used, saying, "Maybe House Bill 502 is not the vehicle that we need to drive right now but there are some things that can be done as it relates to the Controlling Board.” 

On Tuesday, Tierney said the Governor’s office was reviewing options, “but to be clear there is no avenue to backfill SNAP at a state level.” 

“Any state aid would simply be a bandage to the bigger problem,” Tierney said. “The solution needed is for Congress, especially the U.S. Senate, to pass a permanent budget or continuing resolution to fund SNAP. This should be everyone’s priority.” 

Humphrey said the Governor’s office is not wrong.

“This is a federal issue," Humphrey said. "Bottom line, full stop. But at the end of the day, the people we say we love are struggling. If we have the ability to do something right now for our people then we should do it. If we say we care about our constituents, if we say we love our constituents then we have got to understand that both of those words are action words.”