Cybercriminals are hijacking Facebook pages and using sponsored posts to offer downloads of ChatGPT and Google Bard AI, which in reality spread RedLine Stealer malware.
According to a report from security automation startup Veriti, threat actors are attempting to exploit the popularity of OpenAI’s chatbot ChatGPT and Google Bard to distribute malware and steal sensitive data. These attempts underscore the risks associated with generative AI platforms.
It should come as no surprise that ChatGPT’s popularity has been exploited for malicious purposes since its launch. As a result, OpenAI, ChatGPT’s parent company, recently introduced its first-ever bug bounty program.
Attack Mechanism
Veriti researchers have observed that attackers first hijack Facebook business or community pages, carefully selecting pages with thousands of followers. They then post seemingly legitimate sponsored ads on these pages, offering free downloads of ChatGPT and Google Bard. Unsuspecting visitors fall into the trap and download the malicious files, which then unleash the RedLine information-stealing malware on their devices.
“These posts are designed to appear legitimate, using the buzz around OpenAI language models to deceive unsuspecting users into downloading the files. However, once the user downloads and extracts the file, the RedLine Stealer malware is activated and can steal passwords and download further malware onto the user’s device,” reads Veriti’s report.
For reference, RedLine Stealer is sold on online hacker forums as a malware-as-a-service (MaaS) platform, with a primary focus on targeting browsers to collect users’ data. This commoditized malware is often favoured by cybercriminals due to its low cost, priced at $100 to $150.
What are the Dangers?
When a victim installs the malicious file from one of these sponsored ads, their device is hijacked by the RedLine infostealer, which can then steal confidential data, disrupt critical infrastructure, and compromise financial accounts.
By targeting web browsers on the infected device, RedLine Stealer can steal credentials, credit card information, or other payment card details, as well as conduct system inventory to identify vulnerabilities for further attacks.
Furthermore, RedLine Stealer has the capability to upload/download files and execute commands, providing even novice hackers with extensive opportunities to carry out various types of cyberattacks.
Who are the Targets?
Researchers detected this campaign in January 2023 and observed a peak in March. So far, dozens of Facebook accounts have been hijacked across ten countries to distribute RedLine Stealer through malicious ads.
The highest number of victims were identified in Greece, followed by India, Mexico, the USA, and Bangladesh. Approximately 77% of the attacks were observed in the USA, with Canada at 9%, Mexico at 6%, India at 4%, and Portugal at 2%.
This campaign serves as an early warning of what may lie ahead, as the soaring popularity of AI-based chatbots has made them lucrative targets for threat actors. They can exploit the versatility of these products, which can be packaged in different forms such as open source or mobile applications, allowing them to create trojanized downloads.
The potential impact is significant, as attackers can steal anything from private to financial data and target critical infrastructure.
Researchers suggest that enterprises should upgrade their cybersecurity practices, educate employees about the risks associated with downloading files from unauthenticated or unknown sources, and ensure strong security configurations to prevent system compromise.
Limiting the downloading of executables and implementing sandboxing of executables before downloading can also reduce the risk of infecting corporate IT infrastructure.
The ASUS ZenFone 10 has surfaced on Geekbench, and some of its specs got confirmed that way. The phone appeared on the benchmarking platform under the ‘ASUS_AI2302’ model.
Some ZenFone 10 specs got revealed by Geekbench
First and foremost, let’s just say that the phone managed to score 2,008 points in the single-core test, and 5,454 points in the multi-core test. Those are excellent results, though unsurprising, as the device will be fueled by the Snapdragon 8 Gen 2 SoC. Keep in mind this is not a final unit, though, so don’t pay much attention to those benchmarking scores.
That is actually one detail that this benchmarking site revealed, the phone’s SoC. Another detail that popped up is its RAM count. The ZenFone 10 will include 16GB of RAM in one of its models. That will probably be the highest-end offering, as the ZenFone 9 also offered up to 16GB of RAM.
Android 13 is listed here for the device, and that’s the OS it will run once it launches, as it’s expected to arrive in the summer. The ZenFone 9 launched in July last year, so the ZenFone 10 is expected around that time this year. ASUS may, of course, change its release cycle, but that’s not as likely.
It will be considerably larger than its predecessor, allegedly
Now, based on previous leaks, the ZenFone 10 will be larger than its predecessor. The phone is tipped to include a 6.3-inch panel. The ZenFone 9 arrived with a 5.9-inch display, that’s quite a change, needless to say.
The device will feature a 120Hz display, and offer 256GB/512GB of internal storage. A 200-megapixel main camera with OIS support was also mentioned, as was IP68 certification. Take that info with a grain of salt, though, of course.
We are only a couple of months away from the launch event, so more info should start coming in soon, including the phone’s design.
The Huawei FreeBuds 5 truly wireless earbuds are now official. The company announced a new pair of its open-fit earbuds. These are the company’s flagship open-fit earbuds, by the way. The ‘Pro’ series has a silicone seal, these ones do not.
The Huawei FreeBuds 5 are official with a rather odd design, and various improvements
The FreeBuds 5 have changed quite a bit compared to the FreeBuds 4. If you check out the images below, you’ll notice how odd these look. Huawei refers to this design as the “droplet-shaped design”.
The company claims that it is a result of “tens of thousands of ergonomic simulations and hundreds of optimizations”. It is supposed to ensure that the double-C curves fit the contours of the ears.
This design is essentially expected to reduce strain, and ensure a breathable wearing experience, according to Huawei. The arc-shaped stem is here to ensure that the pressure is evenly distributed when you tap an earbud. We cannot confirm this just yet, but a review unit should be in soon.
The frequency response is 50% higher compared to the FreeBuds 4
The Huawei FreeBuds 5 comes with an ultra-magnet dynamic driver, which is equipped with bass turbo technology. That tech produces bass tones that drop as low as 16Hz. The frequency response is 50% higher than the FreeBuds 4, thanks to the dual circuit magnets, says Huawei.
The triple adaptive EQ is also included. It is supposed to optimize sound quality in real time, from 100Hz to 2,000Hz. The FreeBuds 5 also support the L2HC and LDAC codecs. These earbuds got certified by both HWA and Hi-Res Audio Wireless, in case you were wondering.
Huawei also said that the audio transmission rate on the FreeBuds 5 is up to 990 kbps and 96kHz/24-bit HD audio is supported here. On top of everything, you’ll also find an adaptive tri-mic hybrid noise cancellation here, with “intelligent dynamic ANC”.
They offer a 200% faster charging rate than the previous model
The company also enhanced the battery life of these earbuds. Huawei claims you can get 30 hours of use on a full charge. A 5-minute charge can provide up to 2 hours of listening time. The FreeBuds 5 also have a 200% faster charging rate than the FreeBuds 4.
The Huawei FreeBuds 5 come in Ceramic White, Coral Orange, and Silver Frost colors. The case has also been changed, it’s now egg-shaped, it reminds us of the Pixel Buds case.
These earbuds will go on sale on April 17 in Europe. They’ll be priced at €159/£139.99, and available from the Huawei Store and selected retailers.
The FBI warned consumers against using free public charging stations, stating that criminals have managed to hijack public chargers to infect devices with malware.
In a recent tweet, the FBI office in Denver warned consumers against using free public charging stations, stating that criminals have managed to hijack public chargers with the objective of infecting devices with malware or other software that can give hackers access to your phone, tablet or computer.
“Avoid using free charging stations in airports, hotels or shopping centers. Bad actors have figured out ways to use public USB ports to introduce malware and monitoring software onto devices. Carry your own charger and USB cord and use an electrical outlet instead.”
When asked, the FBI’s Denver field office said the message was meant as an advisory, and that there was no specific case that prompted it. The method the FBI is referring to is often referred to as “juice jacking.”
Imagine that the battery of your phone is dying and you’re nowhere near a power outlet, would you connect your phone to any old USB port? A juice jacking attack uses a charging port or infected cable to exfiltrate data from the connected device or upload malware onto it. The term was first used by Brian Krebs in 2011 after a proof of concept was conducted at DEF CON by Wall of Sheep. When users plugged their phones into a free charging station, a message appeared on the kiosk screen saying:
“You should not trust public kiosks with your smart phone. Information can be retrieved or downloaded without your consent. Luckily for you, this station has taken the ethical route and your data is safe. Enjoy the free charge!”
While there are no known, recent cases of juice jacking, it’s best to be aware of potential cyberattacks—you never know what will trigger the transformation of the hypothetical to the real. To avoid inadvertently infecting your mobile device while charging your phone in public, learn more about how these attacks could happen and what you can do to prevent them.
How would juice jacking work?
As you may have noticed, when you charge your phone through the USB port of your computer or laptop, you are also able to move files back and forth between the two systems. That’s because a USB port is not simply a power socket. A regular USB connector has five pins, where only one is needed to charge the receiving end. Two of the others are used by default for data transfers.
USB connection table courtesy of Sunrom
Unless you have made changes in your settings, the data transfer mode is disabled by default, except on devices running older Android versions. The connection is only visible on the end that provides the power, which in the case of juice jacking is typically not the device owner. That means, any time a user connects to a USB port for a charge, they could also be opening up a pathway to move data between devices, with the following consequences:
Data theft: during the charge, data is stolen from the connected device.
Malware installation: as soon as the connection is established, malware is dropped on the connected device. The malware remains on the device until it is detected and removed by the user.
Data theft
In the first type of juice-jacking attack, cybercriminals could steal any and all data from mobile devices connected to charging stations through their USB ports. But there’s no hoodie-wearing hacker sitting behind the controls of the kiosk, so how would they get all your data from your phone to the charging station to their own servers? And if you charge for only a couple minutes, does that save you from losing everything?
Make no mistake, data theft can be fully automated. A cybercriminal could breach an unsecured kiosk using malware, then steal the information from connected devices. There are crawlers that can search your phone for personally identifiable information (PII), account credentials, banking-related or credit card data in seconds. There are also many malicious apps that can clone all of one phone’s data to another phone, using a Windows or Mac computer as a middleman. So, if that’s what hiding on the other end of the USB port, an attacker could get all they need to impersonate you.
Cybercriminals are not necessarily targeting specific, high-profile users for data theft, either—though a threat actor would be extremely happy (and lucky) to fool a potential executive or government target into using a rigged charging station. However, the chances of that happening are rather slim. Instead, hackers know that our mobile devices store a lot of PII, which can be sold on the dark web for profit or re-used in social engineering campaigns.
Malware installation
The second type of juice-jacking attack would involve installing malware onto a user’s device through the same USB connection. This time, data theft isn’t always the end goal, though it often takes place in the service of other criminal activities. If threat actors were to steal data through malware installed on a mobile device, it wouldn’t happen upon USB connection but instead take place over time. This way, hackers could gather more and varied data, such as GPS locations, purchases made, social media interactions, photos, call logs, and other ongoing processes.
There are many categories of malware that cybercriminals could install through juice jacking, including adware, cryptominers, ransomware, spyware, or Trojans. In fact, Android malware nowadays is as versatile as malware aimed at Windows systems. While cryptominers mine a mobile phone’s CPU/GPU for cryptocurrency and drain its battery, ransomware freezes devices or encrypts files for ransom. Spyware allows for long-term monitoring and tracking of a target, and Trojans can hide in the background and serve up any number of other infections at will.
Many of today’s malware families are designed to hide from sight, so it’s possible users could be infected for a long time and not know it. Symptoms of a mobile phone infection include a quickly-draining battery life, random icons appearing on your screen of apps you didn’t download, advertisements popping up in browsers or notification centers, or an unusually large cell phone bill. But sometimes infections leave no trace at all, which means prevention is all the more important.
How to avoid juice jacking
The first and most obvious way to avoid juice jacking is to stay away from public charging stations or portable wall chargers. Don’t let the panic of an almost drained battery get the best of you. I’m probably showing my age here, but I can keep going without my phone for hours. I’d rather not see the latest kitty meme if it means compromising the data on my phone.
If you feel going through a part of your life without a phone is crazy talk and a battery charge is necessary to get you through the next leg of your travels, using a good old-fashioned AC socket (plug and outlet) will do the trick. No data transfer can take place while you charge—though it may be hard to find an empty outlet. While traveling, make sure you have the correct adapter for the various power outlet systems along your route. Note there are 15 major types of electrical outlet plugs in use today around the globe.
Other non-USB options include external batteries, wireless charging stations, and power banks, which are devices that can be charged to hold enough power for several recharges of your phone. Depending on the type and brand of power bank, they can hold between two and eight full charges. Power banks with a high capacity are known to cost more than US$100, but offer the option to charge multiple devices without having to look for a suitable power outlet.
If you still want the option to connect via USB, USB condoms are adaptors that allow the power transfer but don’t connect the data transfer pins. You can attach them to your charging cable as an “always on” protection. Using such a USB data blocker or “juice-jack defender” as they are sometimes called will always prevent accidental data exchange when your device is plugged into another device with a USB cable. This makes it a welcome travel companion, and will only set you back US$10–$20.
Checking your phones’ USB preference settings may help, but it’s not a foolproof solution. There have been cases where data transfers took place despite the “no data transfer” setting.
Finally, avoid using any charging cables and power banks that seem to be left behind. You can compare this trick to the “lost USB stick” in the parking lot. You know you shouldn’t connect those to your computer, right? Consider any random technology left behind as suspect. Your phone will thank you for it.
Malwarebytes removes all remnants of ransomware and prevents you from getting reinfected. Want to learn more about how we can help protect your business? Get a free trial below.
Now that the PS5 is out, you might be one of the individuals that’s on the hunt for the best headsets to pair with the console. Since the PS5 doesn’t support Bluetooth audio, that limits you a little bit in which headsets you can use, but not to worry because we’ve rounded up some of the best options.
This guide aims to save you time in finding the perfect headset to use for your PS5 gaming sessions. All of these are top-tier headsets for one reason or another, but that doesn’t mean that all of them will be expensive. In fact some of them are really rather affordable.
Not everyone likes using headsets while they’re gaming, which is understandable. But there are plenty of benefits to using one. Especially on the PS5. For example, you can’t take advantage of the 3D audio on the PS5 without using a headset.
It can also be hugely beneficial if you end playing games late at night. As the headset can help things stay quiet without you having to sacrifice hearing the game audio. If you’re searching for headsets for PS5, you can find all of our selections for the best headsets in the table below.
You’ll also find brief descriptions of each headset further down in the guide. And if you’re looking for other PS5 accessories, check out our guide on that for some top suggestions. Also if you’re looking for gaming headsets but not necessarily for the PS5, you can check our guide here.
There are some major benefits to the Pulse 3D Wireless Headset over other options. For one, Sony designed this specifically for use with the PS5.
So you can bet that it was developed to take the utmost advantage of the console’s 3D audio features. Beyond the obvious reasons for considering this headset, the audio, the Pulse 3D Wireless Headset is also stylish and designed to match the aesthetic of the console.
It’s also cheaper than some of the other options on here, and of course it’s a wireless option. Which means you can kick back and play without having something tethered to your DualSense controller.
The only issue with the Pulse 3D Wireless Headset right now is that it’s out of stock many places. So it’ll be a little hard to get probably for the next few weeks or more. That being said, it’s still one of the best PS5 headsets to have, so it’s worth keeping an eye out to ensure you can snag it once it’s available.
Next up is one of the clear contenders for the best overall headset. The SteelSeries Arctis Nova Pro Wireless. As the successor to the Arctis Pro Wireless, the Nova Pro Wireless has a lot to live up to. But it seems that it manages to surpass the older model with some pretty great upgrades.
For starters, it now comes with Active Noise Cancellation and a transparency mode. So you can either choose to block out anything but your game or let a little bit more sound in. The retractable mic also now sits flush with the headset earcup.
SteelSeries also got rid of the ski goggle headband and has made the headset extendable. It even comes with a slightly smaller gaming DAC than the last model. Which still lets you connect to two devices at once. So you can plug it into your PS5 and your PC. Best of all, it comes with two hot-swappable batteries so you can always keep one charged and never have to worry about the headset battery dying on you in the middle of a game.
All that said, the headset is certainly pricey. But you get what you pay for. And you’re paying for quality here. If you want one headset for basically everything, this should do the trick. You can also pick up the wired model for Xbox and save $100. Whether you go with wireless or wired, this is one of the best PS5 gaming headsets out there.
Xbox Series X|S has the Beoplay Portal headset, and now PS5 has its own luxury gaming headset in the Master & Dynamic MG20. While pricey at $449, you’re paying a premium for a super high-quality gaming headset that comes with just the right features. And trust us, you’re getting every single damn thing you pay for here.
For starters, Master & Dynamic is using materials like magnesium earcups, lambskin leather earpads, and an Alcantara and canvas-coated headband. Additionally, it comes with a detachable boom mic which comes with a pop filter, and it has a second built-in mic for voice calls or chat in a more casual setting.
It also comes with a low-latency adaptor, a premium carry pouch, and it uses USB-C for charging. There’s 7.1 surround sound onboard as well, and it comes with up to 22 hours of battery life. I could go on. As there are many more features that make this headset worth it. Sure, it’s $50 less than the Disc Edition of the PS5 console itself. But, you’ll be glad you picked it up if you want a more premium experience in your games.
Razer is a tested name in gaming audio and has been for a long time. Starting with PC gaming, Razer has branched out into console and mobile gaming over the years, and the Nari Ultimate is one of the best PS5 headsets available because it’s one of the best PS4 headsets available. And all PS4 headsets will work with the PS5 wirelessly if they connect through USB dongles. Which the Razer Nari Ultimate does.
At $179.99 (down from $199.99), this headset is a definite bargain because it has loads of features to enhance your PS5 gaming sessions. Like the cooling gel-infused earpads to help keep you comfortable during longer sessions. The cooling gel also keeps your ears from sweating, or at least sweating too much.
It comes with a retractable mic with an easy-access mute button, as well as THX spatial audio for some great immersion in your games. And of course it can also be used with PS4, as well as PC. In addition to all these great features, the mic is noise cancelling so it only picks up your voice, and the headset has a 16-hour battery life on a single charge.
It also comes with Razer HyperSense, an advanced audio haptics feature that Razer announced alongside the Kraken V3 Pro.
As they say, go big or go home. And if you want to go big, go for the EPOS | Sennheiser GSP 670 wireless gaming headset. This is a bit pricey, but it’s the cream of the crop of wireless gaming headsets.
With not only the ease of use of wireless play, but the top-tier quality for audio that Sennheiser provides and is hard to beat.
Some of the key highlights include an adjustable headband to fit just about anyone, and the headband even has tension adjustment up on top for an even better fit. It has a flip up boom mic too that auto mutes when you flip it up, and unmutes when you flip it back down. I can’t stress how awesome and convenient this is.
One of the best features though is the separate dials for game and chat volume that let you independently adjust both of them. So you get the absolute perfect balance of both. This headset works extremely well on PS5. But you can also use it on PC, PS4, and there’s a Bluetooth option for mobile or other devices that support Bluetooth.
If you’re using it on PC, then you can even connect the headset to the companion software to increase the audio features and finely tune your sound to just the way you like it with different game and entertainment profiles.
Razer is back on this list with another awesome headset that works great for PS5, as well as the PS4, PC, Xbox One, and Xbox Series X and Xbox Series S. This is a very versatile headset that you want to heavily consider if you need something that works with multiple platforms.
It also features Razer’s special cooling gel-infused earpads, and THX spatial audio for full gaming immersion. Beyond that, it comes with a detachable boom mic so it’s there when you need it, and it’s not when you don’t.
The Black Shark V2 Pro is also heavily used by Esports pros and competitive streamers. If you fall into that category of gamer, this might be the headset for you. Even if you don’t play at a pro level but you do play competitively, this is a headset to keep an eye on.
These two closed-back headsets from Beyerdynamic are some of the best you can get for around their price point. Which is $150 for the MMX 150 and $99.99 for the MMX 100. Fitting, we know.
Both come with detachable META Voice cardioid condenser microphones for vocal clarity, as well as an impedance of 32 ohms, dedicated volume dials for precise audio adjustment and more. And if you go with the MMX 150 you get the benefit of the augmented mode. Turning this on enables sounds from outside the headset to filter in some. So you can hear both the game audio and what’s around you.
Both headsets are wired so you’ll not have the freedom of a wireless headset here. But the comfort and sound quality are awesome and they’re both relatively affordable.
The Beoplay Portal is another high-priced headset for the PS5, but after spending a couple of weeks with it it definitely feels worthy of a high price. $499 might be a bit much, but that doesn’t take away from how good this headset is. While it was initially designed with Xbox in mind, Bang & Olufsen finally released a PS4/PS5 compatible version earlier this year, and it’s still compatible with PC and mobile too.
The design of its virtual boom mics makes it fairly discrete in terms of a gaming headset. Making it easy to transition from a gaming headset to your everyday driver for audio and media.
If you like having one headset for all things, this is another good option. Provided you’re willing to spend the money. The Beoplay Portal also comes built with premium materials for that ultra-luxury feel. It’s also fairly lightweight, comes with Active Noise Cancellation, and is pretty easy to connect and setup.
This model also comes with improved battery life. Bang & Olufsen rates it at up to 42 hours. The dongle is also now USB-C for a faster connection across devices.
There’s a lot of good things about the Astro A20, but one feature that stands out is the 15-foot wireless range. This is excellent if you need to get up from the couch and run to the fridge for a bottle of water or some snacks. Provided the console isn’t too far from where your you’re trying to get to.
Like the GSP 670 it has the flip up boom mic that mutes automatically when you flip it up. As well as on-ear controls for volume and power. One thing that it offers that some of the others don’t though is the 3 different EQ presets. With these you can tweak the audio to be a better fit for the type of game you’re playing.
It has a 15-hour battery life, which is not bad but not the longest of all the options on here. So if you want something with more longevity, you might consider something like the Black Shark V2 Pro or the Pulse 3D Wireless Headset.
You can also use this headset with PC, and Astro boasts that it stays comfortable even after a long day of gaming.
Rounding out our list is the most affordable option, but also still one of the best PS5 headsets. The Razer Kraken X for console was designed for use on consoles just like the name suggests.
And this one in particular has the black and blue color scheme of the PlayStation 4 as well as the PlayStation branding. This is a wired headset, so that is a big part of why it’s only $50. But if you don’t need anything fancy or you don’t mind plugging the headset into your DualSense controller, you can’t go wrong here.
It comes with 7.1 surround sound for positional audio during games, and a bendable noise cancelling mic for good placement and clear voice for your teammates. Worth noting though is that the 7.1 surround sound positional audio is only available when using this headset with PC because it needs the companion software to enable that. It still does offer great audio with the PS5 though. And did we mention it’s only $50?
Lastly, it comes with on-ear controls for volume and muting the mic.
Spam calls are one of the biggest things plaguing tech owners, and Google is looking to cure it. According to 9To5Google, Jonathan Eccles stated that Google wants to take its AI spam calling even further this year.
In case you don’t know, Google has a podcast called the Made By Google Podcast. It’s a show where Google execs can discuss what the company is planning on doing and its products. It started with the unveiling of the Pixel 7. If you’re interested, you can check it out.
Google will take its AI call blocking to the next level
One of the reasons that people like to use Pixel phones is the call blocking. Pixel phones are great when it comes to filtering spam calls and silencing ones it’s iffy on. Along with that, there’s the call screening feature. This will have the Assistant pick up the phone for you and it will dictate what the caller says in real-time.
For as effective as Google’s efforts are on this front, the company wants to take this even further. During the podcast episode, Eccles talked about what the company wants to do as far as spam calls are concerned. Google wants a “future where you should never ever, ever be annoyed at the thought of your phone ringing.”
It seems that Google might implement Bard or its Large Language Model into its call blocking. During the podcast, Eccles mentioned that “multi-step, multi-turn conversational AI could open a lot of interesting doors in terms of creating this protective and helpful layer at the front of every incoming call.”
At this point, we’re unsure what the company is planning on doing, but anything sort of improvement is welcome. Millions of spam calls are sent out on the daily, and it’s a huge headache. They slow down productivity, offer scams, and generally annoy people. Hopefully, Google will bring some useful changes.
The Kodi Foundation learned that a dump of the Kodi user forum, MyBB software, was being sold on online forums.
Kodi is a multi-platform, open-source media player, manager, and streaming suite. It supports a wide range of third-party add-ons, which give users access to content from numerous sources and let them personalize their viewing.
A total of 3 million posts were made on the Kodi forum by its 401,000 users, who used it to talk about media streaming, share new add-ons, offer help, and more.
Attackers Stole the Forum Database by Logging into the Admin Console
Reports say MyBB admin logs reveal that on February 16 and February 21, the web-based MyBB admin console was accessed using the account of a reliable but presently inactive member of the forum admin team.
Database backups were made using the account, downloaded, and then removed. It also downloaded the database’s existing nightly full backups. The account owner indicated they did not perform these operations using the admin console.
The admin team disabled the compromised account after this incident and started to investigate.
“The nightly full backups that were downloaded expose all public forum posts, all team forum posts, all messages sent through the user-to-user messaging system, and user data including forum username, email address used for notifications, and an encrypted (hashed and salted) password generated by the MyBB (v1.8.27) software”, according to Kodi Forum Data Breach Notification.
Kodi has not yet discovered proof of unauthorized access to the MyBB software server.
Kodi cautions that even if the passwords were hashed and salted, they should all now be regarded as compromised. The admin team is planning a global password reset that may unavoidably affect service availability.
“Users must assume their Kodi forum credentials and any private data shared with other users through the user-to-user messaging system is compromised,” suggest Kodi.
“If you have used the same username and password on any other site, you should follow the password reset/change procedure for that site.”
Setting Up a New Forum Server
The administrators of Kodi told the community earlier today that they are setting up a new forum server even though they have not detected any indications of intrusion on the current ones.
With the most recent MyBB release, the forum will be relaunched. A delay of several days is expected because there is a lot of work to backport security fixes and incorporate customized functional modifications.
Also, Kodi is adopting the uncommon step of providing the Have I Been Pwned data breach reporting service with a list of exposed email addresses linked to forum accounts.
Subscribers of the Have I Been Pwned service will be notified if their email address was among the exposed data once this data has been placed into HIBP. If you don’t subscribe to HIBP, you may still input your email address to view a list of all data breaches that include it.
“The admin team would like to conduct formal penetration testing once the forum and other services are back online,” Kodi said.
In the last 12 months, the UK has been second only to the USA in terms of ransomware attacks, and its education sector has been subjected to a feeding frenzy by Vice Society.
This article is based on research by Marcelo Rivero, Malwarebytes’ ransomware specialist, who monitors information published by ransomware gangs on their dark web sites. In this report, “known attacks” are attacks where the victim opted not to pay a ransom. This provides the best overall picture of ransomware activity, but the true number of attacks is far higher.
Between April 2022 and March 2023, the UK was a prime target for ransomware gangs. During that period:
The UK was the second most attacked country in the world.
Royal Mail was hit with the largest known ransom demand ever: $80 million.
The education sector was hit far harder than in other countries.
The UK was a prime target for Vice Society, which targets education.
In August 2022, a ransomware attack on IT supplier Advanced caused widespread outages across the UK’s National Health Service (NHS), the biggest employer in Europe and the seventh largest in the world. The attack affected services including patient referrals, ambulance dispatch, out-of-hours appointment bookings, mental health services and emergency prescriptions.
Later that year, British newspaper The Guardian experienced a major ransomware attack that shut down part of its IT infrastructure. The Guardian, which operates one of the most visited websites in the world, described the incident as a “highly sophisticated cyberattack involving unauthorised third-party access to parts of our network”, most likely triggered by a successful phishing attempt.
In January 2023, Britain’s multinational postal service, Royal Mail, was attacked by LockBit, arguably the world’s most dangerous ransomware, which demanded the biggest ransom we have ever seen anywhere, in any country: $80 million. Royal Mail rejected the demand, calling it ‘absurd’, and LockBit consequently published the files stolen from the company alongside an illuminating transcript of the negotiation between the two parties.
The UK: Just like the USA
In the 12 months from April 2022 to March 2023, the UK suffered more known ransomware attacks than any country other than the USA. However, the sheer number of ransomware attacks in the USA dwarfs all other countries. Given the disparity between the USA and the UK it would be easy to conclude that ransomware is, first-and-foremost, a USA problem.
It is not.
Known attacks in the ten most attacked countries, April 2022 – March 2023
The USA suffered a little over seven times more attacks in the last twelve months than the UK and it is perhaps not a coincidence that the USA’s economic output, measured by gross domestic product (GDP), was also about seven times larger than the UK.
We can account for the difference in the size of countries’ economies by dividing the number of known ransomware attacks by a country’s nominal GDP, which gives us an approximate rate of attacks per $1T of economic output. On that basis, the USA and the UK suffered nearly identical rates of attack, at around 50 known attacks per $1T.
Measured this way, the UK is third, almost a mirror of its Atlantic cousin and quite different from its geographic and economic near neighbours, France and Germany. In other words, on this measure, ransomware gangs appear to make no distinction between the UK and the USA.
The ten most attacked countries between April 2022 – March 2023, ordered by attacks per $1T GDP
Another way to account for the vast difference in size in countries in the top ten is to divide known attacks by each country’s population. On that measure, the UK ranks fourth, and again suffers a far higher rate of attacks than either France or Germany.
The ten most attacked countries between April 2022 – March 2023, ordered by attacks per capita
The most likely explanation for the difference between the UK, France and Germany is language. To make serious money, ransomware gangs have to be able to attack businesses in the USA. They have to be able to operate inside company networks where things are written in English, understand the value of the English-language data they’ve stolen, and negotiate in English.
However you rank the top ten, English-speaking countries occupy at least three of the top five positions. In the per-capita list they occupy four. It seems that when it comes to ransomware, speaking English may be a serious drawback, which helps ensure the UK is a prime target.
Education, education, education
Over the last 12 months, the education sector in the UK suffered far more than in other countries. Education was the target in 16% of known attacks in the UK, but only 4% in France and Germany, and 7% in the USA.
Known ransomware attacks by industry sector in the UK, April 2022 – March 2023
Our data shows that one of the main reasons for this is Vice Society, an extremely dangerous ransomware group with an appetite for the education sector.
In 2022, LockBit was used in 31% of known attacks globally, 3.5 times more than its nearest competitor, ALPHV. (You can read much more about why LockBit is the number one threat to your business in our 2023 State of Malware report.) As you’d expect, given its global preeminence, LockBit was also the most widely used ransomware in the UK in the last twelve months.
However, in the UK, Vice Society was second, not ALPHV.
Known attacks by the ten most used ransomware in the UK, April 2022 – March 2023
In fact, the UK is one of Vice Society’s favourite targets, accounting for 21% of the group’s known attacks in the last 12 months, a close second to the USA which accounted for 23%, and vastly more than the next country, Spain, which accounted for 8%.
Sadly, Vice Society’s disproportionate interest in the UK lands squarely on the education sector.
76% of Vice Society’s known attacks in the UK over the last 12 months hit the education sector, and Vice Society was responsible for 70% of known attacks on UK education institutions.
Known ransomware attacks by month on the UK education sector, by gang, April 2022 – March 2023
It is worth remembering that our numbers only reflect attacks where a ransom wasn’t paid, and the true number of attacks is far larger.
In 2023, the BBC reported on 14 schools in the UK that were attacked by Vice Society including Carmel College, St Helens, Durham Johnston Comprehensive School (hacked in 2021, documents posted online in January 2022), and Frances King School of English, London/Dublin.
Vice Society doesn’t reinvent the wheel in terms of how it breaks in to its victim’s networks. It uses familiar techniques such as phishing, compromised credentials, and exploits to establish a foothold.
Vice Society is also known to use legitimate software in its attacks, to avoid detection by security tools. This technique, known as “living off the land”, allows the gang to hide in plain sight on victim’s networks. One of the tools it favours is Windows Management Instrumentation (WMI), which is designed for administrators to manage and monitor computers from a remote location. The only effective way to spot attackers who are living off the land is with EDR software operated by trained security staff, or with a service like MDR.
We can only speculate about why Vice Society has such an appetite for UK schools, colleges, and universities, but we know the sector is not exactly awash with money. Education in the UK has suffered a significant drop in funding in the last decade, according to the non-partisan Education Policy Institute, which says that “between 2009–10 and 2019–20, spending per pupil in England fell by 9 percent in real terms.”
Following a spike in inflation in 2022, the UK’s largest teaching union voted to strike for better pay for its members. The strikes themselves are not the cause of education’s susceptibility to ransomware, but they are indicative of the deteriorating financial situation in UK education.
In 2021, this author interviewed a number of people involved in providing cyberprotection for UK schools. The picture in each was the same: Cybersecurity was one responsibility among many being carried by very small numbers of IT staff who were under tremendous pressure, and ill-equipped to fight off the attentions of a ransomware gang like Vice Society.
Conclusions
In the last 12 months there was no hiding place for organisations in the UK. Our analysis of total known attacks, known attacks per $1T of GDP, and known attacks per capita, shows that ransomware gangs treated the entire Anglosphere, not just the USA, as their prime hunting ground. As part of that group, the UK was on the front line against ransomware, and will almost certainly remain there.
Within the UK, the education sector was disproportionately affected. It suffered far more known attacks than education in France or Germany, and accounted for a much higher proportion of known attacks than education did in the USA. The vulnerability of the education sector was exposed by Vice Society, a ruthless ransomware gang with an outsized appetite for education targets. In the last 12 months, Vice Society was as active in the UK as it was in the USA. While LockBit remains the most dangerous ransomware in the world for almost all sectors in almost all countries, in the cash-strapped UK education sector Vice Society is the most dangerous predator.
The education sector in the UK should be alarmed that with an entire world of targets to choose from, ransomware gangs have singled it out for disproportionate attention. More than any other sector, it will need to rethink, reskill and retool its approach to ransomware to fend off the determined attentions of attackers who smell an opportunity.
Detect intrusions. Make it harder for intruders to operate inside your organization by segmenting networks and assigning access rights prudently. Use EDR or MDR to detect unusual activity before an attack occurs.
Stop malicious encryption. Deploy Endpoint Detection and Response software like Malwarebytes EDR that uses multiple different detection techniques to identify ransomware, and ransomware rollback to restore damaged system files.
Create offsite, offline backups. Keep backups offsite and offline, beyond the reach of attackers. Test them regularly to make sure you can restore essential business functions swiftly.
Don’t get attacked twice. Once you’ve isolated the outbreak and stopped the first attack, you must remove every trace of the attackers, their malware, their tools, and their methods of entry, to avoid being attacked again.
Malwarebytes removes all remnants of ransomware and prevents you from getting reinfected. Want to learn more about how we can help protect your business? Get a free trial below.
In a recent update on the Android Developer Blog, the arrival of the app auto-archive feature got confirmation. This feature is similar to one that has been available on iOS devices for a long time. Seeing this feature make its way to Android devices is a big deal as it will be helpful to lots of users.
With this coming feature, Android users will be able to deactivate their apps to free up space. Currently, if you need more space on your Android device, you might need to uninstall some apps. Well, the Android Developer community says that you won’t need to uninstall your apps to free up space any more.
So how exactly can you free up your phone’s storage without uninstalling any apps? The simple answer to that question is ‘app auto-archive,’ and you will soon be able to make use of this feature. But how can you access and make use of this feature if your device is running low on storage space?
Everything you need to know about the coming app auto-archive feature
With this new feature, Android is mimicking Apple, which already has a similar feature. On iOS devices, instead of uninstalling apps, users can simply offload apps. This is a solid replacement for uninstalling apps, as it simply deactivates the app until you need to use it again.
Now the Android community is set to receive a similar feature to help deactivate apps instead of uninstalling them. This feature is ideal for those looking to free up some space on their Android device. So users get to free up to 60% of an app’s storage space instead without uninstalling the said app.
Access to this feature will be found on the Play Store, as Google will give developers the option to activate this feature with their apps. Developers will be to activate auto-archive for their apps with the App Bundle publish system.
If developers don’t use the App Bundle system, they won’t be able to activate the app auto-archive feature. Google keeps this feature exclusive to developers that make use of the App Bundle to publish their apps. Once the app auto-archive feature rolls out, developers will be able to add it to their apps via an update.
Users will then be able to opt into the app auto-archive feature across their Android devices. This will take place on the Play Store while installing an app or making an update that comes with the auto-archive feature. A pop-up window will allow users to enable or disable this feature.
Turning on this feature will archive apps on your device that you haven’t used in a while. The archived apps will appear on the home screen with a cloud icon overshadowing them to tell them apart from other apps. This will be a very easy way to manage the storage on your device, especially if you have lots of apps on your device.
Apple Music is one of the bigger music streaming services out there, behind Spotify. It is one of the more expensive services, actually. And that’s mostly because it just issued a price hike a few months ago. It is now $10.99 per month, compared to $9.99 for Spotify. While students can get Apple Music for just $5.99 per month.
With Apple Music, you can listen to over 100 million songs, and get over 30,000 playlists, all ad-free. It also includes Spatial Audio and Dolby Atmos for audio, which sounds incredible, with the right pair of headphones. Apple Music is one of the only ones offering that, right now. YouTube Music and Spotify are supposed to add it, as well as Lossless in the future, but there’s no word as to when that will happen. It also offers Apple Music Sing, so you can use Apple Music for karoake, as well as Apple Music Classical. Classical is another app, but if you are big into classical music then it’s worth checking out.
But what if we told you that you could get Apple Music for free? Well, you can. And there are a few different ways that you can do this.
Verizon Unlimited
If you want Apple Music free, forever, then Verizon is the best option. On two of its Unlimited plans, it offers Apple Music for free, as long as you keep the plan. Both of these plans are $90 per month for a single line, or as low as $45 per month for five lines.
One Unlimited for iPhone
This is a newer plan from Verizon, which it debuted with the iPhone 14 in late 2022. It’s basically a plan made specifically for iPhone users. You get all the good stuff that Verizon offers like unlimited 5G UW data, 25GB of premium mobile hotspot data, as well as Apple One.
So with Apple One included here, you’ll get Apple Music, Apple TV+, Apple Arcade and iCloud+ included. And you’ll also get up to 50% off a watch, tablet, hotspot or Hum plan.
If you use a lot of Apple’s services already, then this is a really good plan to check out. It can be quite pricey, if you’re not on a family plan however. But where that Apple One plus connectivity is valued at $42.95/month, that’s about half the cost of the actual plan right there.
5G Get More
Verizon’s 5G Get More plan is available with quite a few things included. Not only do you get Apple Music for free, but you also get the Disney+ bundle for free. That includes Disney+, ESPN+ and Hulu. You’ll also get Apple Arcade or Google Play Pass included.
On top of all that, Verizon will take 50% off of a watch, tablet, hotspot or Hum plan. Gives you one TravelPass day per month and 600GB of Verizon Cloud for free. Which makes it a great plan for those that do some traveling, and uses multiple devices.
Apple One plan
While not technically “free” you can get Apple Music included in the Apple One subscription plan, which does also include the other Apple services like TV+, Arcade, iCloud+, News+ and Fitness+.
Apple has three Apple One plans available – Individual, Family and Premier. Individual starts at $16.95 per month, and gives you 50GB of iCloud+, Apple TV+, Apple Music and Apple Arcade. If you purchased these by themselves, you’d be paying $23.96 per month. So it’s not too shabby.
Of course, the better plan, in our opinion is the Premier plan. This one is $32.95 per month. It comes with 2TB of iCloud+ storage, Apple TV+, Apple Music, Apple Arcade, Apple Fitness+ and Apple News+. Separately these would cost you $58.94 per month. This one, unlike the individual plan, can be shared with up to five people. So you can split the cost as well, making that $32.95 a whole lot less.
Best Buy
Over at Best Buy, they will give you a free four-month trial to Apple Music (as well as three months for Apple TV+ and three months of iCloud+), with the purchase of almost any Apple product. This includes MacBooks, Apple Watches, iPads, iPhones and much more. And it is also available for new and returning subscribers. You just can’t be a current subscriber to these services.
It’s pretty easy to redeem as well. Once you purchase your product, Best Buy will send you an email about how to claim these freebies. And you’ll be able to claim your free four months of Apple Music.
As a warning, these freebies do tend to change up every so often. So while right now it is four months free, it may not always be four months. It could be three or six. So be sure to checkout Best Buy, as these will change based on what Apple is offering.
Apple Music free trial
While a lot of streaming services are ditching the free trial, Apple Music has kept it. At least for now. With the free trial, you’ll get a month of the service for free. Just head to the Apple Music web page in your browser, or open the Apple Music app on your phone to get started.
Now, if you had Apple Music, and then ditched it for something else and now want to come back, Apple will sweeten the deal. After an unspecified amount of time, Apple may send you a notification about coming back to Apple Music and getting between three and six months free. Or getting between three and six months for just $10.99 (the cost of a single month), to join Apple Music again.
