New “DoubleFinger” Malware Strikes Cryptocurrency Wallets

andreasc
-
0
New “DoubleFinger” Malware Strikes Cryptocurrency Wallets
[ad_1]

DoubleFinger malware downloads encrypted components from Imgur.com, a seemingly innocent image-sharing platform that disguises the files as PNG images.

In a recent report released by cybersecurity experts at Kaspersky, a new strain of malware named “DoubleFinger” has emerged as a serious concern for cryptocurrency enthusiasts.

The emergence of DoubleFinger malware, equipped with a multistage attack strategy resembling an advanced persistent threat (APT), showcases the increasing sophistication of malicious actors in the realm of crimeware development.

The malware operates by initiating a series of events triggered by a malicious email attachment that contains a PIF file. Once the attachment is opened, DoubleFinger malware downloads encrypted components from Imgur.com, a seemingly innocent image-sharing platform that disguises the files as PNG images. These components include a loader for the subsequent stages, a legitimate java.exe file, and another PNG file to be utilized later in the attack.

In its report, Kaspersky Team wrote that after executing the loader, DoubleFinger malware skillfully evades security software and progresses to the subsequent stages. In the fourth stage, it employs a technique called Process Doppelganging to replace a legitimate process with a modified version, housing the fifth-stage payload. This payload installs the infamous GreetingGhoul crypto stealer, scheduled to run daily and specifically target victims’ crypto wallets including Ledger and Trezor.

New "DoubleFinger" Malware Strikes Cryptocurrency Wallets
Fake Windows for famous wallets aiming at stealing data (Left) – The malicious image file (Right) – Credit: Kaspersky

Kaspersky’s technical analysis of GreetingGhoul reveals its dual functionality. The first component identifies crypto-wallet applications within the system and steals valuable data, including private keys and seed phrases. The second component overlays the interfaces of cryptocurrency applications, intercepts user input, and grants cybercriminals control over and access to the victims’ funds.

It is worth noting that certain variations of DoubleFinger malware also install the remote access Trojan Remcos, granting cybercriminals complete control over the infected system. This further exacerbates the risks associated with the malware and emphasizes the need for proactive measures to protect against such attacks.

To safeguard cryptocurrency wallets, Kaspersky recommends a range of preventive actions, including maintaining a vigilant stance against scams, diversifying wallet usage, being aware of vulnerabilities associated with cold wallets, and purchasing hardware wallets exclusively from official sources, among other precautions.

Kaspersky’s Sergey Lozhkin stressed the importance of collective responsibility, stating, “Protecting crypto wallets is a shared responsibility between the wallet providers, individuals, and the broader cryptocurrency community.”

By remaining vigilant, implementing robust security measures, and staying informed about the latest threats, users can mitigate the risks associated with DoubleFinger malware and ensure the safety of their valuable digital assets.

As the battle between cybercriminals and security experts continues, cryptocurrency enthusiasts must remain proactive and stay one step ahead of those seeking to exploit the rapidly evolving world of digital currencies.

  1. Bandit Stealer Stealing Crypto from Windows PCs
  2. Namecheap Phishing Emails Hacking Crypto Wallets
  3. MortalKombat Ransomware Aiming for Crypto Wallets
  4. “GodFather” Android Malware Hits Crypto Wallets Apps
  5. Cracked Software: BHUNT password stealer hits crypto funds

[ad_2]
Source link

Sale Dates, Deals & What To Expect

andreasc
-
0
Sale Dates, Deals & What To Expect
[ad_1]

The biggest annual sale for Amazon, is Prime Day, and it’s happening again this July. Currently, we do not know the exact dates for Prime Day, but we do know that it’ll be happening in the first half of the month. Now, considering July 4th is the first Tuesday of the month, we’d fully expect it to happen the second week of July, on July 10 and 11.

And as we gear up for the big day, we have rounded up everything you need to know about Amazon’s Prime Day, so you can save some money and get some stuff that you might need.

With Amazon Prime Day happening very soon, here’s everything you need to know before the big day.

What is Amazon Prime Day?

Amazon started Prime Day back in 2015, as a sort of “Christmas in July” event for the company. It wanted to rival Black Friday, but only make it available to its Prime members. This was an attempt to get you to sign up for Prime, and give you another perk. However, other retailers have also jumped on-board with Prime Day, and offer rivaling sales during these dates.

The first couple of Prime Days were a success, but the deals weren’t that great. Mostly stuff that you wouldn’t really buy, outside of a few doorbusters on TVs. But since then, Prime Day has actually offered some really good deals. Black Friday-level deals without waiting til November.

When does Prime Day take place?

Amazon has confirmed that Prime Day will happen in the first half of July. Now, if we look at the calendar, we know they won’t do it that first week, with the 4th of July holiday happening that Tuesday. So it’s likely going to be the week of July 10.

Amazon typically does a two-day event for Prime Day, right at the beginning of the week. Which allows for some merchants to keep the sales going through the rest of the week. So expect a Monday-Tuesday event for Prime Day.

What Prime Day deals are already available?

There aren’t actually any official early Prime Day deals available yet, but there are some great deals that you can take advantage of right now. Here are a few of them.

These are just a few deals that are currently available. You can of course check out our deals here to stay up to date.

What deals can we expect to see?

Amazon hasn’t announced the slate of deals for Prime Day yet, but we can expect to see deals across all categories of products sold on Amazon’s website.

We will also see some steep discounts on Amazon’s own hardware. Including Fire TV, Fire tablets, Echo smart speakers, Ring, Blink and much more. We might even see some discounts on Amazon’s newest products that it announced last fall.

Based on the deals we’ve seen in previous years for Prime Day, we may also see some steep discounts on Instant Pots, DNA kits, smartphones, smart TVs and many more products. Instant Pots are always the big seller for Amazon on these big shopping days, so if you’ve been looking to pick one up, that might be the best time to do so.

Robot vacuum makers like Roborock, iRobot, Neato and others will also discount their products.

Amazon will offer extended trials for its services like Music Unlimited and Audible. In previous years, we’ve seen Amazon offer four months of Music Unlimited for only $0.99.

Where can I find good deals now?

You can follow AndroidHeadlines. We post the best deals all year round. Because you can’t always wait for Black Friday or Prime Day to pick up some new tech, Instant Pots, or other products.

Everyday, we post the best deals available from Amazon, Best Buy, Walmart and other retailers. To help you spend your money wisely, and not overspend. So make sure you keep this page bookmarked.

You can also check out Amazon’s deals page. This is updated every few hours with some new deals, and deals of the day.

Tribit Black Friday Deal
Black Friday

Should I just wait for Black Friday?

If it’s something you need right away, then the best bet is to buy on Prime Day. But if it’s just something you want, but don’t need immediately, then there’s no harm in waiting until Black Friday. Where it is still about five months away, it’s hard to gauge whether things will be cheaper on Black Friday versus Prime Day though. In all honesty, the prices will likely be almost the same.

Particularly since we don’t know the prices for Black Friday yet, and can’t even really do a good guess at those yet.

Black Friday will have more deals at other retailers though. So if you’re not dead set on buying from Amazon, then Black Friday might be the better time to make your purchases. Though many retailers do like to compete with Amazon on Prime Day.

How can I prepare for Amazon Prime Day?

It’ll be a good idea to make sure that your payment methods and addresses are up to date on your Amazon account. Since these deals go really fast, you don’t want to waste time changing that stuff.

It’s also a good idea to pay off your Amazon Prime Rewards Visa Card, so you can use it to its full potential on Prime Day. That’s because cardmembers with an eligible Prime membership will get 6% in cashback at Amazon and Whole Foods Market on Prime Day. Along with 5% cashback year-round and 2% back at restaurants, gas stations, and drugstores. While you’ll get 1% back everywhere else.

Amazon has also partnered with Affirm, the popular buy now, pay later service. From June 28 through Huly 1, Prime Members can get 0% APR on three equal monthly payments when they spend $50 or more on eligible products on Amazon upon credit approval by Affirm. For example, a $300 purchase might cost $100/month over three months at 0% APR.

Do I need to be a Prime member to take advantage of these deals?

Prime Day was created as a way to drive more Prime memberships. So yes, you will need to be a Prime member to take advantage of these deals. And there is a free 30-day trial you can sign up for – or six months if you’re a student – and take advantage of Prime Day.

Sellers will also be discounting products that are not officially part of Prime Day too. So the answer is yes and no. To take advantage of all Prime Day deals, you will need to be a Prime member. But not all deals during Prime Day are limited to Prime members.


[ad_2]
Source link

Apple Pay on Apple Watch Gets Easier with watchOS 10

andreasc
-
0
Apple Pay on Apple Watch Gets Easier with watchOS 10
[ad_1]

With watchOS 10, Apple is introducing the biggest changes to watchOS ever. This includes a new widget-based system, as well as moving the control center, among other features. But a feature that might have gone unnoticed is, the fact that you can now add cards to Apple Pay directly on the watch. Previously, you needed to use the Watch app on your iPhone to do this.

There is now an “Add Card” button in the Wallet app on the Apple Watch. So you can easily add a new card directly on your wrist, which is really nice to have. This means that the setup process for Apple Pay can be done entirely on the watch.

The process is basically the same as before. Where you’ll enter the credit card number, expiration date and security code right on your watch. Now, since the watch doesn’t have a camera, it can’t scan your card and auto-fill these fields for you. So it does take a bit more work to add a card.

watchOS 10 is stealing the show

Ahead of WWDC, we knew that iOS 17 and iPadOS 17 was not going to be a huge update. It was mostly going to be a bug fixing update, with some quality of life features being added. And watchOS was set to be the biggest upgrade ever for the watch. Which did end up happening.

watchOS 10 got a nice redesign, which looks a whole lot better. And Apple even got rid of the terrible honeycomb app drawer, well sort of. It’s now a scrollable list of apps in a honeycomb pattern. Instead of expanding left, right, up and down when you add more apps. So it’s a lot better to find the app you’re looking for.

It also added widgets, though it’s mostly only for first-party apps right now. Which means that you now don’t need to stick with an information-dense watch face on the Apple Watch.


[ad_2]
Source link

Instagram Notes gets the option to include short song snippets to share with your friends

andreasc
-
0
Instagram Notes gets the option to include short song snippets to share with your friends
[ad_1]
Instagram is now adding a new element to its Notes status feature, reports The Verge. The Notes feature is a feature for text-based updates that is quite reminiscent of AIM (for those of you who remember the old chat program). Now, Notes on Instagram will be getting the ability to share a quick snippet of a song.

You now get the possibility to share a part of a song on Instagram Notes

You will be able to attach a 30-second snippet of a song to your status update, and you can also add a short caption next to it. Your friends will then be able to tap on the song and listen to the snippet. Also, Instagram is getting a translation button below Notes (just in case the post is in another language).


The Notes feature was introduced back in December. It has a 60-character limit and it’s meant for something that isn’t as permanent as a post or even a Story. Now, the feature is getting the ability to also include snippets of songs. Differently to AIM though, it can share a link and other people can listen to the song instead of just posting the title and artist. It seems like teens are the main audience for the Notes feature. According to Instagram, teens are posting Notes at 10 times the rate other people are.

From all it seems, the Notes feature is a part of the efforts Instagram is making to compete with Twitter. Recently, we even saw a leak about a new app that Meta is working on that should directly compete with Twitter.


[ad_2]
Source link

Official Samsung accessories for new foldables and tablets leaked

andreasc
-
0
Official Samsung accessories for new foldables and tablets leaked
[ad_1]

Samsung is gearing up to launch several new Galaxy products next month. The Galaxy Z Fold 5 and Galaxy Z Flip 5 foldables, the Galaxy Tab S9 series flagship tablets, and the Galaxy Watch 6 series smartwatches will all debut at the end of July. Ahead of the upcoming big Galaxy Unpacked event, a bunch of official accessories for the unannounced products have been confirmed.

Mobile Fun, the UK’s largest online mobile accessory retailer, has shared a list of accessories for the new Samsung products. The list reveals the name and color variants of the accessories, along with their model numbers and unique article codes. The retailer has listed cases, screen protectors, keyboards (for tablets), wireless chargers, watch straps, and more accessories for the devices.

You can already pre-order some of these official Samsung accessories

This leak doesn’t give us images of any of these accessories. However, the retailer is already taking pre-orders for a few of them. You can now place an order for the official Silicone Cover with Ring and transparent FlipSuit Case for the Galaxy Z Flip 5. The former is priced at £34.99 (roughly $45) and comes in Apricot, Cream, Indigo, Lavender, and Ocean Green colors. Samsung isn’t offering a non-transparent version of the latter, which costs £49.99 (roughly $64).

Additionally, the retailer is also taking pre-orders for the Slim Case with S Pen for the Galaxy Z Fold 5. It is available in Blue, Graphite, and Sand colors with a price tag of £48.99 (roughly $62). Samsung using “Slim” in the name itself hints at a slimmer foldable this year. Rumors are that the redesigned waterdrop-type hinge will make the new Galaxy foldables lighter and slimmer. That’s thanks to the hinge allowing the devices to fold shut without any gap.

Samsung is also equipping the Flip model with a bigger cover display this year. And that design change seems to have marked the end of a strap case for the phone. The list doesn’t include any such cases, not even a third-party solution. The Galaxy Z Fold 5, on the other hand, is getting an official Standing Cover with Strap in Graphite and Sand colors. Samsung will also offer a Clear Gadget Case and an Eco-Leather Cover for the new foldables.

Apart from foldables, Samsung has multiple case options for the Galaxy Tab S9 series, including some with a keyboard. The Galaxy Watch 6 series will also get several strap options in a host of colors. You can see the full list here. All of these accessories should be available from Samsung’s official website as well as third-party retailers, including Mobile Fun in the UK, after the launch of the new devices at the end of July.


[ad_2]
Source link

Some Reddit communities will extend mass protest indefinitely

andreasc
-
0
Some Reddit communities will extend mass protest indefinitely
[ad_1]

The ongoing unrest at Reddit may continue for a long. Moderators of many popular subreddits have pledged to keep their communities private indefinitely. This mass protest against the company’s recent API policy changes was originally planned for 48 hours, which ended Tuesday.

A lot is going on at Reddit lately. The company recently announced plans to charge for access to its APIs, which have been free all this while. It wants to monetize the massive amount of data it has accumulated over the 18 years of its existence. This comes amid the growing LLM (Large Language Models) craze as several major tech companies rush to develop generative AI tools.

However, the prices Reddit has set for its APIs are said to be too high for the developers of third-party apps. The operating cost of some apps would be around $20 million, which is much higher than their annual revenue. Apps like Apollo, RIF (Reddit is Fun) Sync, and ReddPlanet are shutting down due to exorbitant prices. The changes also break some other functions on the platform.

The Reddit community has come together to protest against this change. More than 8,000 subreddits went dark or private on Monday, including several with over 20 million subscribers. While some went live again today, others are still private. According to a recent Reddit post, at least 300 subreddits have pledged to remain private indefinitely. These include r/aww and r/music, both with more than 30 million subscribers.

“Reddit has budged microscopically. The announcement that moderator access to the ‘Pushshift’ data-archiving tool would be restored was welcome. But our core concerns still aren’t satisfied, and these concessions came prior to the blackout start date,” the Reddit post by u/SpicyThunder335, a moderator for r/ModCoord, reads. “More is needed for Reddit to act.”

Reddit has shown little regard for this protest from its communities

Despite the mass protest from the Reddit community, the company has been largely unmoved. It hasn’t shown any signs of leniency, likely because the protest hasn’t affected its business. In a memo to employees earlier this week, Huffman said that the blackout hasn’t had a significant impact on the company’s revenue. He urged the staff to stay focused and stick to the plan, adding that this noise will pass.

“There’s a lot of noise with this one. Among the noisiest we’ve seen… and like all blowups on Reddit, this one will pass as well,” Huffman said. “We absolutely must ship what we said we would”. Quite clearly, the Reddit CEO has little regard for public disappointment. He also publicly lashed out at third-party developers during his AMA with users last Friday. The onus is now on the Reddit community to force the company into action.


[ad_2]
Source link

Android Auto can finally do this and it was about time

andreasc
-
0
Android Auto can finally do this and it was about time
[ad_1]
Android Auto — when it not broken — is a great app that basically lets your modern car communicate with your Android phone in the best possible way. It basically lets you get more done through mirroring compatible apps, so that you don’t need to look at your phone while driving.

And so that whoever’s riding shotgun can still act like a DJ without touching your phone. Neat!

That, however, pretty much meant that Android Auto was stuck with media and navigation apps. But given that the most impactful navigation apps can be counted on the fingers of one of your hands alone, that meant that the services provided users with plenty of opportunities to get distracted.

Recently, though, Google has gotten inspired to change that. Android Auto got completely revamped recently and it finally got more useful apps like smart home control apps and Weather apps.

Now, though, 9to5Google is reporting that the icing on the cake is live: the ability to open your garage’s door.

This is a no-brainer feature, right? Well, naturally it won’t work with just any garage door, so you might have to upgrade in order to ensure that you can take advantage of this new Android Auto feature.

The app that allows you to do this is called Tailwind and it is completely dedicated to opening your garage door. And using the app is as simple as can get too:

  1. Open the app
  2. Choose the garage door you need to open
  3. Done

Awesome! So, where is the catch? Well, it is that it only works with Tailwind systems. But you can get one from the company’s website as cheap as $80, which isn’t that bad at all. And the best thing about it is that a single purchase is all you need, no strings attached.

And a neat little side-benefit of this system is that it can help you check if you’ve forgotten to close your garage door. If you open the app from Android Auto, you can see the status of the door and close it from a distance if need be. 


This might be a turning point for Android Auto. With this essential feature out of the way, we can’t wait to see what the Big G has in store for its auto service next.


[ad_2]
Source link

Massive Phishing Campaign Uses 6,000 Sites

andreasc
-
0
Massive Phishing Campaign Uses 6,000 Sites
[ad_1]
Massive Phishing Campaign

Bolster’s threat research team recently discovered an extensive brand impersonation effort targeting more than 100 well-known clothes, footwear, and apparel firms.

The peak phishing activity for this campaign occurred between November 2022 and February 2023, after becoming active around June 2022.  

CSN

Nike, Puma, Asics, Vans, Adidas, Columbia, Superdry Converse, Casio, Timberland, Salomon, Crocs, Sketchers, The North Face, UGG, Guess, Caterpillar, New Balance, Fila, Doc Martens, Reebok, Tommy Hilfiger, and countless more well-known companies are among those impacted by this campaign.

A massive network of brand imitation scam websites with over 3,000 domains and around 6,000 sites, including inactive ones, was discovered via investigation.

Specifics of the Massive Phishing Campaign

Researchers say this campaign domains linked to this fraud may be linked to the autonomous system with the number AS48950. 

Two specialized internet service providers, Packet Exchange Limited and Global Colocation Limited, host the IP addresses for these domains.

It’s important to remember that both suppliers have a bad reputation for being vulnerable to scams.

The average domain age is between two and 90 days, and the majority are registered through Alibaba.com Singapore.

“In their attempts to deceive, the attackers predominantly utilize a pattern of combining the brand name with a random country name, followed by a generic top-level domain (TLD),” explains the Bolster’s threat research team.

Fraud potential

Examples of Puma-targeting domains include puma-shoes-singapore[.]com, pumaenmexico[.]com.mx, bestpumaindia[.]in, and much more.

Domain aging is an important component in phishing operations since the longer a domain is active yet harmless, the less likely it is to be identified as suspicious by security systems.

Confiant noted last year that a domain should be allowed to age for at least two years after spotting the strategy being used successfully by a global malvertising operation since 2018.

Many of the malicious sites in the Bolster-found campaign persisted long enough without being detected that Google Search crawled them, and they now probably score highly for particular search phrases.

“Attackers are employing various search engine optimization (SEO) techniques to manipulate search engine rankings and increase visibility”, researchers.

Site for Clarks coming up top in Google Search

Customers who fail to recognize that these websites are not official brand sites frequently fall for the trap.

They willingly expose their personal information when they input their email, password, and payment card information.

 Even worse, some of these imitation websites are ranked highly in search engine results, which makes it simpler for victims to go upon them and believe them to be trustworthy unintentionally.

Recommendation

  • Users should take care to confirm the legitimacy of websites, especially when dealing with well-known brands.
  • Watch out for any indications of a questionable domain name. 
  • You should go above and above to confirm the integrity of the site if you come across a deal or product pricing that looks too good to be true.

Looking For an All-in-One Multi-OS Patch Management Platform – Try Patch Manager Plus


[ad_2]
Source link

Here’s how much the OnePlus Nord 3 will cost

andreasc
-
0
Here’s how much the OnePlus Nord 3 will cost
[ad_1]

The OnePlus Nord 3 is hardly a secret at this point. The phone’s seemingly-official renders surfaced yesterday, and now its price tag appeared. We now know how much the OnePlus Nord 3 will cost, at least in Europe.

New leak reveals how much will the OnePlus Nord 3 cost

This information has been shared by Roland Quandt, the same source that delivered the aforementioned renders. He claims that the phone will arrive in two variants. The model with 8GB of RAM and 128GB of storage will set you back €449. The variant with 16GB of RAM and 256GB of storage will cost €549.

Considering the source, chances are these price tags are accurate. The OnePlus Nord 3 will become OnePlus’ new mid-range smartphone, quite possibly the most powerful one the company has to offer.

This handset will essentially be a rebranded OnePlus Ace 2V phone. That device launched in China earlier this year, and the OnePlus Nord 3 will borrow both its design and specifications.

The OnePlus Nord 3 will borrow the Ace 2V’s design and specs

The OnePlus Nord 3 will feature a flat display, and flat sides, while its backplate will also be flat, but will curve into the frame on all sides. Two camera islands will be placed on the back, and three cameras will be spread across them. A display camera hole will be included on the front, and centered.

MediaTek’s Dimensity 9000 SoC will fuel the OnePlus Nord 3. The device will feature a 6.74-inch 2772 x 1240 AMOLED display with a 120Hz refresh rate.

A 50-megapixel main camera will be backed by an 8-megapixel ultrawide camera, and a 2-megapixel macro camera. A 5,000mAh battery will also be a part of the package, along with 80W charging support. A charger will be included in the package too.

Android 13 is expected to come pre-installed, along with OnePlus’ custom UI. Do note that the phone will be on sale in Europe, but not in Germany, due to a patent dispute with Nokia. The phone is coming soon, but we still don’t have the exact launch date.


[ad_2]
Source link

Reddit unmoved by mass protest, CEO says the “noise” will pass

andreasc
-
0
Reddit unmoved by mass protest, CEO says the “noise” will pass
[ad_1]

Reddit is unmoved by the ongoing mass protest on the platform. In an internal memo to employees, CEO Steve Huffman labeled the protest as a “noisy” blowup that will eventually pass. He encouraged the staff to stick to the plan as the mass subreddit blackout doesn’t have any significant impact on the company’s revenue.

Steve Huffman doesn’t care about the mass protest from the Reddit community

More than 8,000 subreddits have gone dark (private) starting this Monday in protest against Reddit’s recent API policy changes. The company has introduced a paywall to access its APIs, which have been free all this while. The plan is to monetize the data it has in store, but the prices are proving too high for most third-party apps to afford. Many of them are now shutting down due to this change, including the two biggest names, Apollo and RIF (aka Reddit is Fun).

However, the Reddit CEO seemingly doesn’t care about this mass protest from the community. “There’s a lot of noise with this one. Among the noisiest we’ve seen… and like all blowups on Reddit, this one will pass as well,” Huffman said in an internal memo seen by The Verge. He urged the staff to stay focused and stick to the plan. “We absolutely must ship what we said we would,” the Reddit CEO said.

He added that the company hasn’t seen “any significant revenue impact” due to the ongoing protest, so there’s no reason to worry. Moreover, Reddit expects most subreddits to come back online “by Wednesday” as it is supposed to be a 48-hour protest. However, some subreddits have said that they will remain private indefinitely until Reddit makes changes to its new API policy. Several subreddits participating in this blackout have millions of subscribers.

Unfortunately, Reddit doesn’t seem to be willing to listen to the community. Huffman has already made it clear that the new API prices are final and the company wouldn’t make any concessions for third-party apps, even if they have to shut down. It’s a decision made in the best interest of its business. “We’ll continue to be profit-driven until profits arrive,” Huffman said during an AMA with users last Friday. “Unlike some of the 3P [third-party] apps, we are not profitable.”

Reddit CEO warns employees about wearing company items in public

Steve Huffman has also urged employees to avoid wearing Reddit items in public. The Reddit CEO said he doesn’t want his staff to suffer because of the anger directed at the company. “I am sorry to say this, but please be mindful of wearing Reddit gear in public. Some folks are really upset, and we don’t want you to be the object of their frustrations,” he said in the internal memo. You can see the full memo here.


[ad_2]
Source link
1...1,1711,1721,173...1,472Page 1,172 of 1,472