Andy Greenberg

Andy Greenberg is an American technology journalist and author who serves as a senior writer at Wired magazine. For more than a decade, he's established himself as one of the most respected reporters covering cybersecurity, hacking, digital privacy, and the intersection of technology and civil liberties. His investigations have ranged from the remote hacking of automobiles to state-sponsored cyberwarfare and how law enforcement traces cryptocurrency transactions. He's written three books: This Machine Kills Secrets (2012), which examines whistleblowing and information leaks; Sandworm (2019), an investigation into a Russian military hacking group behind some of history's most destructive cyberattacks; and Tracers in the Dark (2022), which chronicles law enforcement's development of techniques to trace supposedly anonymous cryptocurrency. Before Wired, he worked at Forbes and Forbes.com. His reporting has won multiple Gerald Loeb Award nominations and recognition from the SANS Institute and the Security Bloggers Network. What sets his work apart is the ability to take deeply technical subjects and turn them into narrative journalism that actual people can understand. His reporting has had real consequences: a major automotive recall and congressional legislation both trace back to his investigations.

Career

Forbes

Greenberg started in journalism at Forbes, where he worked as a staff writer and contributor for Forbes.com. Technology, cybersecurity, and digital privacy were his beats. A standout early piece came in 2013: a deep dive into Palantir Technologies, the data-mining company co-founded by Peter Thiel and backed in part by the CIA's venture capital arm, In-Q-Tel. The article, "Agent of Intelligence: How a Deviant Philosopher Built Palantir, a CIA-Funded Data-Mining Juggernaut," gave readers a rare look inside the secretive company and its founder, Alex Karp.^[1]

Wired

He moved to Wired as a senior writer specializing in cybersecurity, digital privacy, hacking, and technology topics.^[2] Some of his most impactful and widely cited reporting has come from this role.

Jeep Cherokee Remote Hack

July 2015 brought one of the most consequential cybersecurity stories in recent journalism. Working with security researchers Charlie Miller and Chris Valasek, Greenberg let them remotely take control of a Jeep Cherokee while he was driving it on a highway. They wirelessly accessed the vehicle's entertainment system and from there took control of steering, brakes, and transmission. In "Hackers Remotely Kill a Jeep on the Highway—With Me in It," Greenberg described in vivid detail how the researchers disabled the transmission while he was driving on Interstate 64 near St. Louis.^[3]

The impact was immediate and sweeping. Fiat Chrysler Automobiles recalled 1.4 million vehicles to patch the software vulnerability that Miller and Valasek had exploited.^[4] Congress moved quickly too. Lawmakers introduced a bill aimed at establishing cybersecurity standards for connected vehicles.^[5] The story became the go-to example of how Internet of Things vulnerabilities could pose direct physical danger to everyday people.

Cyberwarfare and State-Sponsored Hacking

Much of Greenberg's work at Wired has centered on state-sponsored cyberattacks and digital espionage. In 2019, he published a detailed account of the 2018 Olympic Destroyer attack, which targeted the Winter Olympics in Pyeongchang, South Korea. "The Untold Story of the 2018 Olympics Cyberattack, the Most Deceptive Hack in History" explored how Russian military hackers launched a sophisticated attack designed to disrupt the Games while disguising their involvement by planting false flags pointing to other nations.^[6] This reporting became the basis for his book Sandworm.

He's continued covering nation-state cyber operations since then. In December 2025, he reported on two individuals linked to China's Salt Typhoon hacker group who'd likely been trained through Cisco's Networking Academy, a global educational program teaching IT networking and cybersecurity fundamentals. The article raised important questions about how state-sponsored hackers acquire technical skills through legitimate training.^[7]

Digital Privacy and Surveillance

Privacy vulnerabilities and surveillance techniques have also been central to his reporting. In November 2025, he broke a story about a security flaw in WhatsApp that had exposed an estimated 3.5 billion phone numbers. By systematically querying WhatsApp's contact discovery tool with tens of billions of phone numbers, researchers could determine which numbers belonged to active WhatsApp accounts. It was "the most extensive exposure" of user data of its kind.^[8]

Early 2026 brought coverage of Coruna, a sophisticated iPhone-hacking toolkit that was likely developed for U.S. government agencies but had fallen into the hands of foreign intelligence services and criminals. The toolkit had infected tens of thousands of phones, possibly more.^[9] He also covered a congressional inquiry into electromagnetic eavesdropping, an espionage technique with roots going back roughly 80 years, after two U.S. lawmakers demanded an investigation into the threat.^[10]

Cryptocurrency, Human Trafficking, and Scam Compounds

His more recent work explores the intersection of cryptocurrency and crime, building on themes from Tracers in the Dark. Early 2026 saw an investigation into cryptocurrency's growing role in human trafficking. The use of cryptocurrency in sales of human beings for forced prostitution and labor in scam compounds had nearly doubled in 2025.^[11]

One of his most notable 2026 features told the story of a human trafficking victim using the pseudonym "Red Bull," trapped inside a Southeast Asian scam compound in the Golden Triangle region. The source reached out to Greenberg, determined to expose the criminal operation from inside and escape. "He Leaked the Secrets of a Southeast Asian Scam Compound. Then He Had to Get Out Alive" was published in Wired and later highlighted by Longreads as outstanding long-form journalism.^[12][13]

March 2026 brought reporting on a U.S. law enforcement operation taking down multiple botnets: Aisuru, Kimwolf, JackSkid, and Mossad. They'd collectively infected more than three million devices, many within home networks, and had been used to launch record-breaking cyberattacks.^[14]

Books

This Machine Kills Secrets (2012)

His first book, This Machine Kills Secrets: How WikiLeakers, Cypherpunks, and Hacktivists Aim to Free the World's Information, came out in 2012. It examined the history and technology of whistleblowing and information leaks, from the cypherpunk movement to WikiLeaks and its founder, Julian Assange. The title references folk singer Woody Guthrie's guitar, which bore the inscription "This machine kills fascists." The New York Times reviewed it, giving a substantive take on its examination of the cultural and technological forces driving classified and confidential information into the open.^[15]

Sandworm (2019)

Sandworm: A New Era of Cyberwar and the Hunt for the Kremlin's Most Dangerous Hackers was published in 2019. It's an investigation into the Russian military hacking group Sandworm, linked to Unit 74455 of the GRU, Russia's military intelligence agency. Greenberg traces the group's activities: cyberattacks on the Ukrainian power grid in 2015 and 2016, the NotPetya malware attack of 2017 that caused an estimated $10 billion in damage worldwide, and the Olympic Destroyer attack on the 2018 Winter Olympics. Much of the book's reporting built on his earlier Wired coverage of these events, including the 2019 Olympic Destroyer article.^[16] It was a finalist for the Gerald Loeb Award in 2019.^[17]

Tracers in the Dark (2022)

His third book, Tracers in the Dark: The Global Hunt for the Crime Lords of Cryptocurrency, was published in 2022. It chronicles how law enforcement investigators and academic researchers developed techniques to trace Bitcoin blockchain transactions and other cryptocurrency networks, which everyone had assumed were anonymous. The book details how these methods solved major criminal cases: dark web marketplace takedowns and identification of people involved in child exploitation networks. The New York Times reviewed it, assessing its contribution to understanding how cryptocurrency tracing became a significant law enforcement tool.^[18]

Film

His reporting has intersected with documentary filmmaking as well. The 2015 documentary Deep Web, directed by Alex Winter, explored the Silk Road dark web marketplace and the trial of its founder, Ross Ulbricht. It drew on themes related to Greenberg's reporting on digital anonymity and cryptocurrency. The film premiered at South by Southwest and was reviewed by The Hollywood Reporter.^[19]

Recognition

Multiple organizations in technology, business, and cybersecurity circles have recognized Greenberg's work.

In 2014, he was named a Gerald Loeb Award finalist, administered by the UCLA Anderson School of Management to recognize distinguished business and financial journalism.^[20] His book Sandworm was again associated with the Gerald Loeb Awards in 2019.^[21]

The SANS Institute, a prominent cybersecurity training and research organization, included him on its 2014 list of top journalists covering information security, recognizing his contributions to public understanding of cybersecurity.^[22]

The Security Bloggers Network has also recognized him through its Security Blogger Awards, which honor individuals and organizations contributing to cybersecurity discourse.^[23]

His 2015 Jeep story remains one of the most cited examples of reporting that led directly to corporate and legislative action: a 1.4 million vehicle recall and federal legislation on connected vehicle cybersecurity standards.^[24][25]

Legacy

His work spans more than a decade covering the most consequential cybersecurity and digital privacy developments of the early 21st century. The three books form a loose trilogy examining different facets of the digital underground: This Machine Kills Secrets addressed the mechanics and philosophy of leaking and whistleblowing in the digital age. Sandworm documented cyberwarfare as a tool of state power. Tracers in the Dark explored how cryptocurrency's perceived anonymity was systematically dismantled by law enforcement investigators.

The 2015 Jeep story demonstrated something crucial. Investigative technology journalism could produce immediate, measurable changes in corporate behavior and public policy. Beyond exposing that specific vulnerability, it catalyzed a broader public conversation about cybersecurity risks in connected consumer devices and the Internet of Things.

Through his continued reporting at Wired on everything from Chinese state-sponsored hacking groups to cryptocurrency-funded human trafficking to the spread of government hacking tools, Greenberg has maintained consistent focus on how digital technologies create both new capabilities and new vulnerabilities for individuals, corporations, and governments. His work has been reviewed and featured in publications including The New York Times and highlighted by organizations such as Longreads for its narrative quality and investigative depth.^[26]

References