Andy Greenberg

Andy Greenberg is an American technology journalist and author who serves as a senior writer at Wired magazine. Over the course of more than a decade of reporting, Greenberg has established himself as one of the foremost journalists covering cybersecurity, hacking, digital privacy, and the intersection of technology and civil liberties. His investigative work has explored subjects ranging from the remote hacking of automobiles to state-sponsored cyberwarfare and the use of cryptocurrency tracing by law enforcement. Greenberg is the author of three books: This Machine Kills Secrets (2012), which examines the history and future of whistleblowing and information leaks; Sandworm (2019), an investigation into a Russian military hacking group responsible for some of the most destructive cyberattacks in history; and Tracers in the Dark (2022), which chronicles how law enforcement agencies developed techniques to trace supposedly anonymous cryptocurrency transactions. Before joining Wired, he worked as a staff writer and contributor at Forbes and Forbes.com. His reporting has earned multiple awards, including Gerald Loeb Award nominations and wins, and recognition from the SANS Institute and the Security Bloggers Network. Greenberg's work frequently bridges the gap between deeply technical subject matter and narrative-driven journalism accessible to a general audience, and his reporting has had tangible real-world consequences, including prompting a major automotive recall and influencing congressional legislation.

Career

Forbes

Greenberg began his journalism career at Forbes, where he worked as a staff writer and contributor for Forbes.com. During his tenure at the publication, he covered technology, cybersecurity, and digital privacy. One of his notable early pieces was a 2013 investigation into Palantir Technologies, the data-mining company co-founded by Peter Thiel and funded in part by the Central Intelligence Agency's venture capital arm, In-Q-Tel. The article, titled "Agent of Intelligence: How a Deviant Philosopher Built Palantir, a CIA-Funded Data-Mining Juggernaut," provided an in-depth look at the secretive company and its founder, Alex Karp.^[1]

Wired

Greenberg transitioned to Wired, where he has served as a senior writer specializing in cybersecurity, digital privacy, hacking, and related technology topics.^[2] At Wired, he has produced some of his most consequential and widely cited reporting.

Jeep Cherokee Remote Hack

In July 2015, Greenberg published one of the most impactful cybersecurity stories in recent journalism history. Working with security researchers Charlie Miller and Chris Valasek, Greenberg allowed the two hackers to remotely take control of a Jeep Cherokee he was driving on a highway. The researchers demonstrated that they could wirelessly access the vehicle's entertainment system and, from there, take control of critical functions including the steering, brakes, and transmission. Greenberg documented the experience in a Wired article titled "Hackers Remotely Kill a Jeep on the Highway—With Me in It," which described in vivid detail how the researchers were able to disable the vehicle's transmission while Greenberg was driving on Interstate 64 near St. Louis.^[3]

The story had immediate and far-reaching consequences. Fiat Chrysler Automobiles issued a recall of 1.4 million vehicles to patch the software vulnerability that Miller and Valasek had exploited.^[4] The demonstration also prompted legislative action in the United States Congress, with lawmakers introducing a bill aimed at establishing cybersecurity standards for connected vehicles.^[5] The story became one of the most widely read and cited examples of how cybersecurity vulnerabilities in the Internet of Things could pose direct physical dangers to consumers.

Cyberwarfare and State-Sponsored Hacking

A significant portion of Greenberg's work at Wired has focused on state-sponsored cyberattacks and digital espionage. In 2019, he published a detailed account of the 2018 Olympic Destroyer cyberattack, which targeted the Winter Olympics in Pyeongchang, South Korea. The article, "The Untold Story of the 2018 Olympics Cyberattack, the Most Deceptive Hack in History," explored how Russian military hackers launched a sophisticated attack designed to disrupt the Olympic Games while disguising their involvement by planting false flags pointing to other nation-states.^[6] This reporting contributed to the research that formed the basis of his book Sandworm.

Greenberg has continued to report on nation-state cyber operations in subsequent years. In December 2025, he reported on the discovery that two individuals linked to China's Salt Typhoon hacker group had likely received training through Cisco's Networking Academy, a global educational program designed to teach IT networking and cybersecurity fundamentals. The story raised questions about how state-sponsored hackers acquire their technical skills through legitimate training programs.^[7]

Digital Privacy and Surveillance

Greenberg's reporting at Wired has also encompassed digital privacy vulnerabilities and surveillance techniques. In November 2025, he reported on a security flaw in WhatsApp that had exposed an estimated 3.5 billion phone numbers. Researchers discovered that by systematically querying WhatsApp's contact discovery tool with tens of billions of phone numbers, they could determine which numbers were associated with active WhatsApp accounts, representing what was described as "the most extensive exposure" of user data of its kind.^[8]

In early 2026, Greenberg reported on a sophisticated iPhone-hacking toolkit, referred to as Coruna, that had likely been developed for use by U.S. government agencies but had fallen into the hands of foreign intelligence services and criminal organizations. The toolkit had reportedly infected tens of thousands of phones or more.^[9] He also covered a congressional inquiry into the vulnerability of computers to electromagnetic eavesdropping, an espionage technique with roots going back approximately 80 years, after a pair of U.S. lawmakers called for an investigation into the threat.^[10]

Cryptocurrency, Human Trafficking, and Scam Compounds

In more recent work, Greenberg has reported extensively on the intersection of cryptocurrency and crime, building on themes explored in his book Tracers in the Dark. In early 2026, he published an investigation into the growing use of cryptocurrency in human trafficking, reporting that the use of cryptocurrency in sales of human beings for forced prostitution and labor in scam compounds had nearly doubled in 2025.^[11]

One of Greenberg's most notable long-form features of 2026 told the story of a human-trafficking victim, identified by the pseudonym "Red Bull," who was trapped inside a Southeast Asian scam compound in the Golden Triangle region. The source contacted Greenberg, determined to expose the criminal operation from the inside and ultimately to escape. The resulting article, "He Leaked the Secrets of a Southeast Asian Scam Compound. Then He Had to Get Out Alive," was published in Wired and was subsequently highlighted by Longreads as a notable piece of long-form journalism.^[12][13]

In March 2026, Greenberg reported on a U.S. law enforcement operation that took down multiple botnets—identified as Aisuru, Kimwolf, JackSkid, and Mossad—which had collectively infected more than three million devices, many of them within home networks, and had been used to carry out record-breaking cyberattacks.^[14]

Books

This Machine Kills Secrets (2012)

Greenberg's first book, This Machine Kills Secrets: How WikiLeakers, Cypherpunks, and Hacktivists Aim to Free the World's Information, was published in 2012. The book examined the history and technology of whistleblowing and information leaks, from the cypherpunk movement to the rise of WikiLeaks and its founder, Julian Assange. The title is a reference to folk singer Woody Guthrie's guitar, which bore the inscription "This machine kills fascists." The book was reviewed in The New York Times, which provided a substantive assessment of its examination of the cultural and technological forces driving the leaking of classified and confidential information.^[15]

Sandworm (2019)

Greenberg's second book, Sandworm: A New Era of Cyberwar and the Hunt for the Kremlin's Most Dangerous Hackers, was published in 2019. The book is an investigation into the Russian military hacking group known as Sandworm, which has been linked to Unit 74455 of the GRU, Russia's military intelligence agency. The book traces the group's activities, including the cyberattacks on the Ukrainian power grid in 2015 and 2016, the NotPetya malware attack of 2017 that caused an estimated $10 billion in damage worldwide, and the Olympic Destroyer attack on the 2018 Winter Olympics. Much of the reporting in the book built on Greenberg's earlier Wired coverage of these events, including his 2019 article on the Olympic Destroyer attack.^[16] The book was a finalist for the Gerald Loeb Award in 2019.^[17]

Tracers in the Dark (2022)

Greenberg's third book, Tracers in the Dark: The Global Hunt for the Crime Lords of Cryptocurrency, was published in 2022. The book chronicles how law enforcement investigators and academic researchers developed techniques to trace transactions on the Bitcoin blockchain and other cryptocurrency networks, which had been widely believed to be anonymous. The book details how these tracing methods were used to solve major criminal cases, including the takedown of dark web marketplaces and the identification of individuals involved in child exploitation networks. The New York Times reviewed the book, providing an assessment of its contribution to the understanding of how cryptocurrency tracing had become a significant law enforcement tool.^[18]

Film

Greenberg's reporting has also intersected with documentary filmmaking. The 2015 documentary Deep Web, directed by Alex Winter, which explored the Silk Road dark web marketplace and the trial of its founder, Ross Ulbricht, drew on themes related to Greenberg's reporting on digital anonymity and cryptocurrency. The film premiered at the South by Southwest film festival and was reviewed by The Hollywood Reporter.^[19]

Recognition

Greenberg's journalism has received recognition from multiple organizations within the technology, business, and cybersecurity communities.

In 2014, he was named a finalist for the Gerald Loeb Award, which is administered by the UCLA Anderson School of Management and recognizes distinguished business and financial journalism.^[20] In 2019, his book Sandworm was again associated with the Gerald Loeb Awards.^[21]

The SANS Institute, a prominent cybersecurity training and research organization, included Greenberg on its list of top journalists covering information security in 2014, recognizing his contributions to public understanding of cybersecurity issues.^[22]

Greenberg has also been recognized by the Security Bloggers Network, which presents Security Blogger Awards to individuals and organizations contributing to the cybersecurity discourse.^[23]

His Jeep Cherokee hacking story in 2015 remains one of the most cited examples in journalism and cybersecurity circles of reporting that led directly to corporate and legislative action, with the resulting recall of 1.4 million vehicles and the introduction of federal legislation on connected vehicle cybersecurity standards.^[24][25]

Legacy

Greenberg's body of work spans more than a decade of reporting on the most consequential cybersecurity and digital privacy developments of the early 21st century. His three books form a loose trilogy examining different facets of the digital underground: This Machine Kills Secrets addressed the mechanics and philosophy of leaking and whistleblowing in the digital age; Sandworm documented the emergence of cyberwarfare as a tool of state power; and Tracers in the Dark explored how the perceived anonymity of cryptocurrency was systematically dismantled by law enforcement investigators.

His 2015 Jeep Cherokee hacking story demonstrated the capacity of investigative technology journalism to produce immediate, measurable changes in corporate behavior and public policy. The story's impact extended beyond the specific vulnerability it exposed, helping to catalyze a broader public conversation about cybersecurity risks in connected consumer devices and the Internet of Things.

Through his continued reporting at Wired—covering topics from Chinese state-sponsored hacking groups to cryptocurrency-funded human trafficking to the proliferation of government hacking tools—Greenberg has maintained a consistent focus on the ways in which digital technologies create both new capabilities and new vulnerabilities for individuals, corporations, and governments. His work has been reviewed and featured in publications including The New York Times and has been highlighted by organizations such as Longreads for its narrative quality and investigative depth.^[26]

References