The apps have been available for several months, despite revealing user reviews.
Malicious fleeceware applications have been found in the App Store, putting millions of users at risk. According to the developer of iOS applications Kosta Eleftheriou, programs disguised for image editors and platforms for watching movie trailers. In reality, they are fleeceware applications designed to steal money in secret.
Apps have now been removed from the AppStore, but Apple did not say whether it will refund funds to users who have been tricked into signing up for a paid subscription, or whether it will refund the profits generated from their sale.
The apps have been available for several months, despite user reviews that reveal their true nature and advertisements. Well-known personalities on social networks “with millions of subscribers” also promoted these applications.
“While Apple does not control its App Store, these applications have already been downloaded more than 2 million times and now they bring their creators about $ 16 thousand a day, or about $ 6 million a year,” said Eleftheriu.
Fleeceware is a type of application that secretly charges excessive user fees. Typically, fleeceware applications trick victims into installing a free “trial” and then charge large amounts for a “subscription.” In some cases, the installation of such an application can cost the user $ 3 thousand per year.
Hackers hacked Tesla twice, for which they received 350 thousand dollars and Tesla Model 3
As part of Pwn2Own’s Vancouver-based commercial vulnerability finding event, a French team called Synacktiv managed to hack into Tesla systems twice.
On the first day, Synacktiv successfully performed a TOCTOU (Time-of-check to time-of-use) attack on the Tesla Gateway, and the group was rewarded with a $100,000 cash reward and a Tesla Model 3 car. And the next day hackers broke into the Tesla infotainment system, and received another 250 thousand dollars for this.
The Tesla cybersecurity team is already analyzing the actions of hackers in order to eliminate the vulnerabilities found with a firmware update.
Scissors undercut: Windows 11 vulnerability reveals sensitive information from screenshots, including deleted parts
A dangerous vulnerability has been discovered in one of the standard Windows 11 applications that could lead to the disclosure of sensitive information to the user. Moreover, at the moment the vulnerability is not closed and attackers can use it.
We are talking about the application Snipping Tool (Scissors). The vulnerability, called aCropalypse, allows you to undo changes made by a user when editing a screenshot, including cropped or blurred parts that hide sensitive data.
When you edit a screenshot, you can save it with the same name as the original file by overwriting it. However, as it turns out, the Windows 11 Snipping Tool does not remove the original information from the file, but simply leaves it added at the end, which is usually invisible to users. With some trickery, a potential attacker can extract hidden information from a file and see what information has been edited.
As you can see, edited screenshots are usually much larger due to the inclusion of information from the original image.
This is a pretty serious vulnerability. For example, if you share a screenshot of an order confirmation page on Amazon, it may contain an address, the same goes for credit card numbers and other sensitive data.
In 2018, Google had an AI ready for a ChatGPT-style chatbot, but it was closed due to security issues.
In recent months, the ChatGPT chatbot has been on the news pages, and this has forced many companies to catch up with OpenAI. Among them are Microsoft, Google and a number of Chinese corporations. However, reportedly, the situation could be different.
As early as 2018, Google is said to have had a natural language processing AI similar to ChatGPT. However, company executives closed the project, considering it too dangerous. One of the developers was research engineer Daniel De Freitas, and Noam Shazeer, a software engineer at Google, also contributed to the project.
The project was called Meena and was a chatbot that could talk about different topics. With him you could discuss TV shows, have discussions about philosophy and joke. At the same time, the developers believed that this technology could be added to the search engine, however, in the end, Google stopped development. The company said the bot did not meet its AI security standards.
Note that later, on the basis of these developments, the LaMDA chat bot was created, which flies into the basis of Bard. Thus, the development nevertheless reached the mass user, albeit with a great delay.
Nvidia has declared war on counterfeit graphics cards from China. The company cooperates with trading platforms
Nvidia has decided to start fighting counterfeit video cards that are sold in large quantities on various Chinese marketplaces, and...
The design of the new Porsche Cayenne has been declassified. It will get Taycan-style headlights.
Yesterday, high-quality images of the interior of the new Porsche Cayenne appeared on the Web, and today images have been...
1300 W, Japanese capacitors and no adapters for connecting GeForce RTX 40. Chieftec Polaris Pro power supply introduced
Chieftec has introduced a fully modular, powerful and modern Polaris Pro power supply (PPX-1300FC-A3). From the catalog number, you can...
108 MP, 144 Hz, 5000 mAh and 67 W for $220. ZTE Axon 40 Pro has fallen in price in China by 50%
In China, ZTE has significantly reduced the cost of the Axon 40 Pro smartphone, it has become half as affordable...
Components5 days ago
Resident Evil 4 favors Radeon RX 7000 graphics cards. Even with ray tracing, the RX 7900 XTX is faster than the RTX 4080
Components6 days ago
10-core processor Intel Core i5-12600K fell in price in the US by almost a third
Electric Cars5 days ago
The first Geely crossover with Meizu Flyme Auto interface, Harman Kardon acoustics and a 92-inch projection screen. Lynk & Co 08 introduced
Electric Cars5 days ago
The car brainchild of Changan, Huawei and CATL has a new version available. Presented 313-horsepower crossover Avatr 11 with acceleration to 100 km / h in 6.6 seconds