The tactic is actively used to distribute the OpenSUpdater family of potentially unwanted software.
Malware developers create malformed code signatures that are considered valid in Windows and avoid detection by security software. According to experts from Google, this tactic is actively used by financially motivated criminals to distribute the OpenSUpdater family of riskware. OpenSUpdater injects ads into victims’ browsers and installs other unwanted programs on their devices.
During the malicious campaign, OpenSUpdater operators try to infect as many devices as possible. Most of the targets for these attacks are located in the United States.
According to a team of researchers from the Google Threat Analysis Group (TAG), the OpenSUpdater developers have begun signing their samples with legitimate but deliberately modified certificates. Certificates are accepted by Windows but rejected by OpenSSL.
If the certificate parsing for OpenSSL is broken (which will not be able to decode and verify digital signatures), malicious samples will not be detected by some security solutions that use OpenSSL-based detection rules.
Security solutions that use OpenSSL to analyze digital signatures effectively ignore the malicious nature of the samples as they reject the signature information as invalid, confusing and disrupting the malware scanning process.
Google TAG is currently working with the Google Safe Browsing team to block this family of potentially dangerous software and stop it from spreading to users’ computers.
Cryptocurrency exchange Binance was robbed of $570 million. Hacker withdrew BNB tokens
Cryptocurrency exchange Binance has undergone another hacker attack. The attackers managed to withdraw BNB tokens worth about $570 million.
Somewhat earlier it was reported that the attack allowed the hackers to steal about $110 million, but now it turned out that everything is much worse. At the same time, the specialists of the exchange managed to freeze part of the funds, but we are talking about only 7 million dollars, which is clearly insignificant against the background of 570 million.
The exchange revealed that a cross-chain bridge connected to its BNB chain was attacked, allowing hackers to move BNB tokens off the network. Now the network has been restored, and the clients’ funds, according to Binance, are safe.
The fact of the theft of funds contributed to a sharp drop in the BNB rate by almost 5%, but after a few hours, almost half of the fall was redeemed.
Hacker who earned $27 million in cyberattacks will spend 20 years in prison and pay $21 million in fines
A Florida district court has sentenced 34-year-old IT engineer Sebastien Vashon-Desjardins to 20 years in prison for carrying out at least 90 cyberattacks.
It is noted that for several years of his activity, the hacker, using the NetWalker encryption virus, earned about $ 27 million. A search of Vashon-Desjardins revealed a crypto wallet containing 719 bitcoins, which was about $22 million at the time of the cybercriminal’s arrest in January 2022.
According to investigators, the 34-year-old cybercriminal acted in collusion with other hackers. Vashon-Desjardins himself played the role of an attacker: he infected the corporate networks of various companies with a virus and then demanded a ransom from them. Organizations from the USA, Canada and a number of European countries suffered from the activities of the criminal.
It is noted that, in addition to the prison term, the court also imposed a fine on Vashon-Desjardins in the amount of $ 21 million. Also, the criminal will have to pay compensation to the companies affected by his actions. The amount of damages has not yet been established.
Unique behavior of Ryzen 7000 processors. The notorious patches from the Specter vulnerability improve the performance of new CPUs
Recently, various vulnerabilities in processors have been talked about much less often, and users no longer worry about performance degradation due to patches. As it turns out, Ryzen 7000 processors generally benefit from such patches!
At least this is true for Linux, since it was in this OS that the author tested the Ryzen 9 7950X and Ryzen 5 7600X. It turned out that when working out of the box, the CPUs show better performance than when loading a special version of Linux with a deactivated patch from the Specter V2 vulnerability.
Of course, such results do not appear everywhere, and during normal work they are unlikely to be critical. In particular, in total, according to the results of 190 tests, the difference was only 3%.
Windows 11 introduces third-party widgets
Microsoft has released a new test build of the Windows 11 operating system in the Developer (Dev) channel. The assembly...
This is the world’s lightest 16-inch laptop. It is equipped with an OLED screen and weighs only 1.1 kg
Acer has launched the world’s lightest 16-inch laptop. Acer Swift Edge was shown a couple of months ago, but now...
Yes, the Ryzen 7000 gets very hot, but the Ryzen 5 7600X is quite enough to run the usual inexpensive cooler
The Ryzen 7000 processors proved to be very productive, but also quite hot. Power consumption and temperatures have grown to...
Ryzen 7000 Thermal Grease Protection Introduced. Noctua NA-TPG1 Frame $8
Ryzen 7000 processors have an unusually shaped cover, which is why applying thermal paste to CPU data has its own...
Phones6 days ago
“iPhone 13 Pro Max battery is draining like crazy. Apple needs to do something about this.” A common problem in iOS 16 has not gone away
Electric Cars6 days ago
“I have expensive cars, I play golf and caress women with large breasts.” One of the leaders of Apple was fired after a bad joke
News6 days ago
There may be alien life. The Juno spacecraft flew just 417 km from the surface of Europa
Electric Cars4 days ago
Tesla Model 3 loses control, crashes and catches fire. This was caught on video