Authorities seized about $9 million in crypto, which was earned by taking advantage of over 70 victims nationwide through alleged “pig butchering” schemes.
A pig-butchering scam is an investment fraud that tricks people into investing their money in seemingly legitimate and lucrative enterprises.
These fraudsters prey on regular investors by fabricating websites that entice victims into believing their investments are profitable.
According to the Justice Department, the alleged companies and cryptocurrency exchanges were, in fact, non-existent trading platforms.
After tracing those victim deposits, U.S. Secret Service (USSS) agents and analysts noticed that the money was swiftly laundered through dozens of cryptocurrency addresses and exchanged for multiple different cryptocurrencies—a process known as “chain hopping.”
DocumentFree Webinar
In the upcoming webinar, Karthik Krishnamoorthy, CTO and Vivek Gopalan, VP of Products at Indusface demonstrate how APIs could be hacked. The session will cover: an exploit of OWASP API Top 10 vulnerability, a brute force account take-over (ATO) attack on API, a DDoS attack on an API, how a WAAP could bolster security over an API gateway
To hide the nature, source, ownership, and management of illicit gains, these strategies are utilized to “layer” them into brand-new cryptocurrency ecosystems.
The seized funds were connected to many victim reports filed through the Federal Trade Commission’s (FTC) Consumer Sentinel Network and the FBI’s Internet Crime Complaint Center (IC3). The proceeds were returned in the US dollar-linked stablecoin Tether.
“Silicon Valley remains one of the world’s preeminent locations for cryptocurrency firms. As such, we remain dedicated to using all tools at our disposal to bring justice to the victims of frauds and scams”, said U.S. Attorney Ismail J. Ramsey for the Northern District of California.
“Even when money and criminals are abroad, we will work with our partners to seize cyber criminals’ illegal proceeds.”
Seizure of $9M in Crypto Disrupted
Acting Assistant Attorney General Nicole M. Argentieri of the Justice Department’s Criminal Division stated this seizure should also serve as a warning to cybercriminals that, despite the cryptocurrency ecosystem’s current state appearing to be a perfect place to launder illicit gains, law enforcement will continue to build the skills necessary to track down and recover money for victims.
The department is also hopeful that the over 70 victims of this fraud series would feel some closure and justice as a result of the assets being recovered.
The goal of the Secret Service is to safeguard the US financial system, and this seizure is a prime example of that effort.
“We remain determined and vigilant to combat cyber-enabled financial fraud,” said Special Agent in Charge Shawn Bradstreet of the USSS San Francisco Field Office.
The case is still being handled by the Department of Justice’s computer crime division, the National Cryptocurrency Enforcement Team, and assistant US attorneys Chris Kaltsas and Galen Phillips for the Northern District of California.
The Department of Justice did not mention any arrests or the cybercriminals’ identities within the organization.
Experience how StorageGuard eliminates the security blind spots in your storage systems by trying a 14-day free trial.
Before Android users installed Android 14 on their handsets, they had a shortcut that could help them quickly see a notification from an app by long-pressing the app’s icon on the homescreen. Only one complete notification would appear on the display and a counter in the corner would alert the user if there were more notifications from that app. Tapping on the notification would open it up or the user could just swipe it to dismiss it.
But in Android 14, long-pressing on an app icon no longer shows notifications. It shows app shortcuts, App info, Pause app, and Widgets. The removal of notifications from the app icon long-press was first spotted when Google was releasing beta versions of Android 14 to those installed in the Android 14 beta program. Once the stable version of Android 14 was disseminated in October, more users realized that the notifications were missing and the number of complaints on the Google Issue Tracker soared to over 100.
One comment said, “Why would you remove such a useful feature? It is a really regressive step.” And another comment said, “Just to add my disappointment, this feature was so helpful! Any plans to put it back?” Yet another Android user expressed his/her unhappiness by writing, “The removal of this feature was a bad move. It improved notification visibility, and it was extremely intuitive. Pass on the feedback to reverse this decision. It was definitely an ill advised move, especially for users who focus on productivity.”
Android 13, at left, showed notifications when long-pressing an app icon, That feature ended with Android 14. Image Credit-9to5Google
A Googler responded, “Thank you for reporting this issue. We have looked into the issue you have reported and would like to inform you that this is working as intended. It was removed in the latest update.” So that is bad news for Android users who were hoping that the removal of the feature was a bug that could be reversed with a software update. Now that Google has extinguished all hope, Android users need to understand that unless Google has a change of heart, long-pressing an app icon on the homescreen is not going to show notifications anymore.
In the late 1990s, VPN technology revolutionized remote work. However, the traditional VPN model has become outdated and unworkable as the world becomes increasingly mobile and cloud-based. The need for a new cybersecurity system has been growing for years.
Businesses now require secure and usable solutions for remote access. This is where Zero Trust Network Access (ZTNA) comes in. Let’s explore how ZTNA replaces VPNs for remote access and why this change is noteworthy.
Virtual Private Networks (VPN) and Zero Trust Network Access (ZTNA) are both ways to make sure that network resources are accessible safely, but they are very different in how they work and how they are built.
VPNs offer a safe way to connect to the internet, but ZTNA works based on a person’s name and gives them secure access to certain apps and services using the concept of least privilege.
Key Features of ZTNA
ZTNA helps ensure security rules are followed and lowers the risk of a breach because only approved users can get into the network. This keeps workers from using unmanaged devices to join the company network in a way that isn’t safe.
ZTNA is a highly scalable and cost-effective cloud-based security system for multiple tenants. It’s now possible to deploy in hours instead of months.
Another good thing is that IT workers don’t have to consider setting up or maintaining things by hand.
Networks can be divided into segments to stop people who aren’t supposed to be there from getting in or moving around. Over 61% of leaks were caused by stolen passwords.
A ZTNA controller can let users in or keep them out based on their jobs and rights, which makes it much harder for hackers to get in.
ZTNA vs VPN: Understanding the Differences
Understanding the Differences Zero Trust Network Access (ZTNA) and Virtual Private Networks (VPNs) have some similarities and some notable differences. For instance, while VPNs have been around since the 1990s, ZTNA is a more recent approach to securing remote connections.
One of the key aspects of ZTNA is that it focuses on the principle of minimum necessary access rather than traditional network access. A major difference between the two is that with VPNs, users are authenticated once and then placed on the network. At the same time, ZTNA validates users and devices continuously and only grants access to specific, authorized applications.
This is because ZTNA provides better security and easy scaling compared to VPNs, which are harder to scale. Another difference is that ZTNA is becoming more than just network-centric controls based on identity.
ZTNA is becoming more data- and security-centric, where DLP policies can be applied to all outbound files to prevent any malicious or inadvertent data leaks. The authentication process between ZTNA and VPN is also different.
With ZTNA, the connection between the user and the application is at an Application (Layer-7) layer, allowing the user access to only the application based on the context of the device, user, and application.
On the other hand, VPNs rely on traditional network access and can be less secure. Overall, ZTNA provides better security and user satisfaction and is more usable than VPNs. ZTNA becomes the preferred choice for connecting users remotely as remote work increases. The next section’ll discuss why ZTNA is superior to VPNs.
ZTNA vs VPN
VPN
ZTNA
A VPN allows remote access to the network as if the user were present by creating a secure, encrypted tunnel between the device and the network. The traditional security approach trusts network users.
ZTNA follows “never trust, always verify.” Not any user or device, regardless of location, is trusted. Identity verification, context, and security regulations determine resource access.
VPNs often provide extensive network access after authentication. If a user’s credentials are hacked, attackers can access broad areas of the network.
It allows just need-to-know connections to certain applications or services, not the whole network. This reduces internal lateral mobility and attack surface.
Uses the outdated premise that everything on the network is secure and trustworthy.
Takes a more current security approach, understanding attacks might come from inside and outside the network.
Users may notice reduced speeds owing to data traveling via the VPN server.
Direct links to apps and services without an intermediary can improve user experience.
Simple to install but difficult to grow, especially with a remote workforce.
It’s harder to set up since it needs knowing the network’s applications and resources and creating access control policies.
ZTNA – The Superior Choice
The Superior Choice Zero Trust Network Access (ZTNA) is becoming increasingly popular in today’s cloud, and mobile-first world, and for good reason. Compared to legacy VPNs, ZTNA reduces the attack surface significantly and prevents lateral movement, providing a more secure environment overall.
User satisfaction with ZTNA is higher, thanks to faster and easier access to applications compared to VPNs. The company that switched from VPN to ZTNA reported rave reviews from users, with an average rating of 4.8 out of 5.0.
Unlike VPNs, which require backhauling user traffic through a corporate data center and slowing down internet performance, ZTNA connects users directly to private applications, making them more usable. By shifting towards a more data and security-centric approach, ZTNA provides better security, easy scaling, and smooth onboarding and manageability.
It is far more than network-centric controls and identity-based. With the application determining who can access its contents, the user and device are continuously validated and granted access based on contextual information. ZTNA also allows for data loss prevention (DLP) policies to be applied to all outbound files, preventing any malicious or inadvertent data leaks.
Myth Busting ZTNA and VPN
Myth Busting ZTNA and VPN There are a lot of misconceptions surrounding ZTNA and VPN technologies. One of the biggest is that ZTNA and Zero Trust are the same.
While ZTNA is the first use case of Zero Trust, it’s important to remember that it is a set of architectural principles based on “always verify then trust”. Regarding remote access, ZTNA is far better suited than VPN.
ZTNA provides better security, easy scaling out, and smooth onboarding and manageability, making it ideal for today’s cloud- and mobile-first world. On the other hand, VPNs have many different use cases beyond remote access.
While there may be technological differences in the actual implementations of VPN and ZTNA, they use the same encryption, key generation, and authentication algorithms, meaning neither is inherently more secure.
ZTNA goes beyond network-centric controls and is becoming increasingly data- and security-centric, allowing for more effective DLP policies and preventing malicious or inadvertent data leaks. It’s important to note that ZTNA does not always require a client. ZTNA can use browser-native capabilities and plugins for web applications to create secure connectivity for the end user. With all of these myths debunked, it’s clear that ZTNA is the future, and the time for VPNs has passed.
Conclusion
The antiquated VPN model is losing ground to Zero Trust Network Access (ZTNA). Born out of the need for secure and efficient solutions for remote access, ZTNA outshines VPNs with its focus on minimal necessary access and continuous user validation.
Unlike VPNs, which authenticate users once and grant network access, ZTNA ensures secure connections by validating users and devices continuously, providing access only to authorized applications.
ZTNA’s shift towards a data and security-centric approach enhances DLP policies, preventing data leaks. With superior security, user satisfaction, and ease of use, ZTNA is emerging as the preferred choice, signaling the end of the VPN era.
It’s that time of year, time for Android Headlines annual Holiday Giveaway, and this year, we’re making it a Pixel Christmas. In this giveaway, we are giving out a Google Pixel 8, Pixel 8 Pro, Pixel Fold, Pixel Tablet and (two) Pixel Watch 2 to six lucky winners. Read on to find out how you can enter to win this giveaway.
About the Giveaway prizes
This year, we’re giving away five prizes to five different lucky winners. So your chances to win this giveaway are much higher than on our previous giveaways. Here’s a bit more about each prize that we are giving away this year.
Google Pixel 8
Google Pixel 8
The Google Pixel 8 is one of the newest smartphones from Google, which launched in October of 2023. It’s a really impressive smartphone from the company, especially when you consider the price. We’re looking at a $699 price tag here, which we aptly called “The Android phone you deserve” in our Pixel 8 review.
There are some really cool features about the Pixel 8, including Magic Editor, which is by far my favorite camera feature. With Magic Editor, you are able to swap out the sky for golden hour, less clouds or more clouds, you can also remove people, and do so much more. This uses generative AI, so as things progress, Magic Editor will continue to get better and better.
Google also included a super bright display on the Pixel 8. It’s able to get up to 2000 nits of peak brightness. Meaning that you’ll have no trouble seeing it in direct sunlight. This is also an OLED 120Hz display, something that the iPhone 15 can’t tout. And now you have a chance to win one for free.
Google Pixel 8 Pro
Google Pixel 8 Pro
The highest end Pixel phone right now is the Pixel 8 Pro. This phone has everything that the Pixel 8 has, and a bit more. This year, Google decided to move to a flat display, instead of using a curved display, and when I reviewed the phone back in October, that was one of my favorite changes that Google made. This makes the phone a lot easier to hold onto, and far less accidental touches.
Much like the Pixel 8, the Pixel 8 Pro also has a stunning and bright display. It’s still a 120Hz OLED display, but now it can get up to 2400 nits of peak brightness. This is thanks to the Super Actua Display on Pixel 8 Pro. It looks amazing, and goes much further than just the brightness. Once you see this display, you won’t want to use any other phone.
Magic Editor is here, as well as AI Wallpapers. The AI Wallpapers feature is a really cool thing to have on a phone. Allowing you to make all sorts of different wallpapers, to make your phone really stand apart from everyone else with a Pixel. Google has the Tensor G3 processor inside with 8GB of RAM and 128GB of storage here too.
With the Pixel 8 and Pixel 8 Pro, Google is promising seven years of updates, that means these phones will get updates all the way until 2030.
Google Pixel Fold
Google Pixel Fold
Google’s Pixel Fold is their first foldable, and it’s honestly one of my favorite foldable devices. What really makes the Pixel Fold standout from the competition is that the front display is wider than others. Google made this phone to be the same size as a passport, and they achieved that too. That resulted in the front display being a 17.5:9 aspect ratio, kinda like the phones from a few years ago. What this does is it makes the phone be in “landscape” mode when you open it. Meaning that you get tablet apps without having to rotate the phone. Which does make a difference in usability.
The Pixel Fold has some pretty thick bezels, but honestly, after using it for about 4-5 months, they don’t bother me. By making the bezels thicker, Google was able to hide more of the hinge in the bezel, making it thinner. And also providing a decent quality front-facing camera, versus what you get on some other foldables with under-display cameras.
One of the best use-cases of the Pixel Fold is definitely Google Translate. With Google Translate, you are able to use both screens, and have a conversation with someone in another language very easily. This makes it a clutch feature for those that do a lot of traveling.
Google Pixel Tablet
Google Pixel Tablet
Google’s Pixel Tablet is the first tablet from the company in quite some time. Google did make a Pixel C tablet back in 2015, but that was before they started using the “Pixel” name for phones – it was only for Chromebooks. So this is the first tablet since then, under the Pixel brand, and it’s still a rather unique tablet. Honestly, I love this tablet for that reason.
Pixel Tablet comes with a speaker dock in the box. This speaker dock can transform your Pixel Tablet into a smart display (though Google doesn’t want to call it that). And that’s what makes this so great. You can have this sitting in the kitchen, or beside your bed and play videos from YouTube, Amazon Prime Video and more, then pick up the tablet and take it with you.
With the Pixel Tablet, Google has included a pretty good looking 10.95-inch display. Which has some rather large bezels, however they are fine. Remember with a tablet, you do need to be able to hold the tablet. So having bigger bezels isn’t as much of an issue compared to phones. It does also come with the Tensor G2 and 8GB of RAM.
Google Pixel Watch 2
Google Pixel Watch 2
Finally, rounding out products that we are giving away this year, is the new Pixel Watch 2. It looks a lot like the original Pixel Watch, but it did receive some quite nice upgrades internally, including a new processor. This helps make the Pixel Watch 2 a whole lot faster, compared to its predecessor. But let’s not forget, this is powered by Wear OS and Fitbit.
With Fitbit being at the center of this watch, that means it is going to be really good for tracking your sleep and workouts, as well as your activity throughout the day. With Wear OS being inside too, it gives you access to all of your favorite apps, including the new Gmail app that just launched a few weeks ago.
Pixel Watch 2 is still on the small size at 41mm. This includes a 1.2-inch circular display that has a resolution of 450 x 450 pixels. It’s one of the smaller watch displays out there actually. And pair that with a 306mAh capacity battery, it should get you through a full day.
How To enter
To be entered for a chance to win the Google Pixel 8, Pixel 8 Pro, Pixel Fold, Pixel Tablet or Pixel Watch 2, all you need to do is take part in the giveaway widget below. To get started, simply enter the contest with your email address.
Once you have entered, you’ll have the opportunity to gain additional entries by completing various actions, including visiting Android Headlines social media channels.
You are entitled to complete as many actions as you like, each action offers a unique number of entries and each entry has the potential to be the winning one.
This Pixel giveaway is a USA-ONLY contest and will close promptly at 2:59 pm PST on Friday, January 5, 2023.
Enter now for a chance to win a Google Pixel 8, Pixel 8 Pro, Pixel Fold, Pixel Tablet or Pixel Watch 2, courtesy of Android Headlines.
This is a USA-only Giveaway.
Entrants need to be of a suitable age to enter.
Shipping issues are not controlled by Android Headlines or our partners. You should be aware that things can go wrong. Android Headlines or our partners are not responsible for items lost in transit.
It only takes one email entry to win, so only enter using one email address. Entering with more than one email will not improve your chances of winning and may result in disqualification. Email addresses are checked and confirmed.
Winner(s) will be emailed and if no response is given within 48 hours, another entrant(s) will be selected.
Anyone deemed to be ‘spamming’ the contest will be disqualified.
Android Headlines reserves the right to make changes to this contest/giveaway.
Samsung is working on a new rugged Android smartphone, the Galaxy Xcover 7. We recently shared exclusive official renders of the handset, revealing its design early. A subsequent benchmark listing gave us a few additional details about the phone. While there is still no word on its launch date, the upcoming device has just popped up on the BIS (Bureau of Indian Standards) certification website. It may head out to the market soon.
Galaxy Xcover 7 picks up the BIS certification
The BIS certified the Galaxy Xcover 7 with the model number SM-G556B (via MySmartPrice), which we have known for a while now. The listing doesn’t reveal anything about the device, which isn’t surprising. The BIS website usually only mentions the model number of the product. The surprising thing is that Samsung didn’t release the Galaxy Xcover 5 and Galaxy Xcover 6 Pro in India. It appears the company plans to bring the next-gen model to the country.
The Korean firm will soon pick up other necessary regulatory approvals for the Galaxy Xcover 7, so the specs may not be under wraps for much longer. As things stand, we only have a handful of details about the phone. The next-gen rugged handset will ship with Android 14 onboard, featuring 6GB of RAM. Samsung may offer it in multiple RAM variants, but there is no confirmation of that.
The octa-core chipset powering the Galaxy Xcover 7 has two high-performance CPU cores operating at a maximum frequency of 2.2GHz. The six efficiency cores are clocked at 2.0GHz. ARM’s Mali-G57 MC2 GPU supports the CPU. Based on this information, we might be looking at MediaTek’s Helio G99 or Dimensity 6100+ SoC. These chipsets have the same core specs but the latter supports 5G cellular connectivity.
Since we are talking about budget SoCs, the Galaxy Xcover 7 may not be a direct sequel to last year’s Galaxy Xcover 6 Pro, which features a relatively more powerful Snapdragon 778G 5G chipset. A single rear camera also points toward a budget-friendly rugged smartphone. The model number (SM-G556B) suggests it is the successor to 2021’s Galaxy Xcover 5 (SM-G525F), which is less powerful than the 2022 model.
The new model should boast a MIL-STD-810H-compliant build quality
Samsung’s Xcover-series smartphones feature the same level of ruggedness irrespective of their pricing. So the Galaxy Xcover 7 should boast MIL-STD-810H-compliant build quality with an IP68 rating for dust and water resistance. We are also expecting drop-to-concrete resistance, customizable hardware buttons, a removable battery, and enhanced touch sensitivity. Stay tuned for the official launch of the next-gen rugged Samsung smartphone.
Google Messages has been receiving a steady stream of new features this month, and the latest update adds a bit more flair to your conversations. Following the addition of animated emojis earlier this year, the Google Messages app is now experimenting with animated emoji reactions as well.
This feature is currently hidden in Google Messages beta (version messages.android_20231121_01_RCOO.phone.openbeta_dynamic) and was enabled by AssembleDebug from TheSpAndroid by tinkering with some flags, suggesting that although not yet rolled out to everyone, it may begin to show up for users soon as the feature appears complete. These reactions are very similar to the ones currently present in Telegram for its premium users, which bring a bit more life and flair to otherwise static interactions.
In Google’s implementation, when you react to a message with certain emojis, you’ll see colorful animations that burst on the screen and highlight the message you are reacting to — such as floating exclamation marks, flames, inflatable tube men, an umbrella, etc. These reactions are currently limited to a select few emojis, but hopefully Google expands the list in the future. You can see an example of how these animations work when reacting using emoji in the video below:
Source – AssembleDebug/TheSpAndroid
The addition of animated emoji reactions is just one of several new features that Google has introduced to Messages this month. The app has also received noise cancellation for voice calls, text formatting options, and a revamped profile and chat UI. These updates are part of Google’s ongoing efforts to push Rich Communication Services (RCS) as the standard for messaging, encouraging even Apple to join the RCS conversation.
As Google continues to add new features to Messages, the app is becoming increasingly more feature-rich and user-friendly. The addition of animated emoji reactions is a welcome addition that adds a bit more fun and personality to your conversations.
A well-known tipster has just revealed something really interesting about OnePlus’ upcoming flagship. The OnePlus 12 will either have a wood texture on its back, or a wood texture case, one or the other.
This information comes from Digital Chat Station, one of the most prominent Chinese tipsters. He’s usually spot on, so we really don’t have a reason not to believe him. His post was not the clearest, though.
The OnePlus 12 is expected to include a wood texture backplate or case
He said the following: “OnePlus 12 has a classic wood grain shell” (machine translation). So, we’re not really sure if he means instead of the glass on the back, or a wood texture case. We’ll have to wait in order to find out.
OnePlus has a history of offering wood texture cases for its smartphones. The same goes for wood texture backplates. The company’s first-ever smartphone, the OnePlus One, had one such backplate.
The OnePlus 12 will become official in China on December 4. It is coming to global markets in January, and we could see more than one smartphone, actually. A well-known tipster recently said that the company will launch a OnePlus 12 series in January.
This phone will be immensely powerful, and OnePlus could even launch a second device
Needless to say, the OnePlus 12 will be quite powerful. Information has been surfacing for quite some time now. The phone will not only be fueled by the Snapdragon 8 Gen 3 SoC, but offer top-of-the-line RAM and UFS storage units.
Its display will be a force to be reckoned with too, BOE’s X1 panel. It will be immensely bright, and have a high refresh rate, not to mention various other perks. OnePlus is also seemingly planning to revive 50W wireless charging with this phone. That was a feature that the OnePlus 11 lacked.
A flagship-grade camera setup will also be included, and so much more. While we’re waiting for more information, feel free to check out our OnePlus 12 preview piece.
The scam primarily targets popular Russian online marketplaces like YULA or OLX, but ESET researchers also observed non-Russian targets, including eBay, Sbazar, Jófogás, and BlaBlaCar.
In their latest report, ESET researchers have disclosed their findings on the Telekopye toolkit that simplifies online scamming for individuals with limited technical expertise. This is a follow-up report. The company shared a preliminary analysis on Telekopye in August 2023.
Researchers have delved deeper into the onboard process of the scammers to unearth the wicked scamming operation, including the explanation of different scam scenarios they are using to deceive users.
About TelekopyeToolkit
Telekopye Toolkit is implemented as a Telegram bot and helps cyber criminals scam unsuspecting users in online marketplaces. This tool allows scammers to create phishing websites, fabricate fake screenshots, and transmit emails, SMS messages, etc.
As per ESET telemetry, Telekopye Toolkit is operational and under active development. The scammers call their victims Mammoths, and ESET has assigned scammers the name Neanderthals.
How Are Scammers Recruited?
Research reveals that scammers (ESET researchers have named the scammers utilizing Telekopye Toolkit as Neanderthals) are recruited via advertisements distributed across different online channels, mainly underground forums. These ads are designed to defraud online marketplace users.
Interested Neanderthals have to complete an application form and answer key questions about their previous experience in this kind of work. Existing group members approve them with relevant ranks and give them full access to Telekopye’s functionalities.
Forum recruiting Neanderthals (left) – Example of phishing links created by Telekopye toolkit (right) – Screenshot credit: ESET
Scam Scenarios:
In a blog post, ESET researchers identified three different scam scenarios.
1.Seller Scam
In this scam, attackers pose as sellers and entice users into purchasing items that don’t exist. Suppose the victim expresses interest in buying the item. In that case, the seller lures them into making an online payment and gives them a phishing website link, which appears as a legitimate payment portal. But this website solicits the victim’s banking credentials or credit card details (may even provide balance information) and transfers the data to the scammers. Sellers internally refer to this scam as 1.0.
2. Buyer Scam
This scam is referred to as 2.0. Attackers pose as buyers in this scam and target their victims after comprehensive research. They express interest in an item and claim to have paid through the provided platform. They send the victim a Telekopye Toolkit-created SMS or email containing a link to a phishing website. The victim is persuaded to click this link to receive the payment from the platform. The remaining method is similar to the seller scam.
3. Refund
This scenario entails Neanderthals creating a situation where the Mammoth expects a refund. The scammer sends them a phishing email with a link to a phishing website. This email can be sent to victims the scammers haven’t contacted before or used in combination with the seller scam. They exploit the greed of victims who want this non-existent refund. In seller scams, when the victims don’t receive the goods, they are again scammed by Neanderthals via refund phishing emails.
Every Neanderthal had to join a group where they communicated the rules and manuals and another channel where transaction logs were stored. Telekopye Toolkit attackers refer to law enforcement and researchers as rats and try to stick to their rules.
The scam primarily targets popular Russian online marketplaces like YULA or OLX, but ESET researchers also observed non-Russian targets, including eBay, Sbazar, Jófogás, and BlaBlaCar.
If you are a Telegram user, there are several ways to protect yourself from such bots including the following:
Be wary of unexpected messages and links. If you receive a message from someone you don’t know, or if you receive a link that seems suspicious, don’t click on it. Instead, report the message or link to Telegram.
Never give out your personal information to a Telegram bot. This includes your name, address, phone number, email address, and password.
Be careful about what you download from Telegram bots. Only download files from bots that you trust.
Keep your Telegram app up to date. Telegram releases security updates regularly, so make sure you have the latest version installed.
Report any suspicious activity to Telegram. If you think you may have been scammed by a Telegram bot, report it to Telegram immediately.
After an unexpected delay, Samsung’s Android 14 rollout is now back on track—and how! It has already released the update for more than 15 Galaxy devices if you count each model in a series separately. Except for the Galaxy S23 series, all other devices received One UI 6.0 within the past three days. The company may not take its foot off the gas anytime soon as it is aiming to update most eligible Galaxy models to Android 14 before the end of the year.
Samsung releases a detailed Android 14 update roadmap
Samsung releases a roadmap for its major Android OS updates every year. The precise calendar varies depending on the market as some devices aren’t sold everywhere. However, the schedules turn out to be mostly identical. With the Android 14 rollout now well and truly underway, the Korean firm is here with its latest roadmap. It has released the schedules for South Korea and Germany, with the latter featuring more devices.
According to these roadmaps, the vast majority of eligible Galaxy devices will receive the Android 14-based One UI 6.0 update before the end of 2023. The Galaxy Z Fold 4, Galaxy Z Flip 4, Galaxy Z Fold 3, Galaxy Z Flip 3, Galaxy S21 series, Galaxy S21 FE, Galaxy Tab S8 series, Galaxy A53 5G, Galaxy A33 5G, Galaxy A652, Galaxy Xcover 6 Pro, and many other models are scheduled to make the jump to the new Android version within the next few weeks.
As said earlier, some devices may pick up the update earlier than others in some markets. Moreover, the schedule may not be 100 percent accurate. For example, Samsung says the Galaxy Tab S6 Lite will receive Android 14 ahead of the Galaxy Tab S8, recent foldables, and the Galaxy S21 series, which may be untrue. The Galaxy M53, which has already got Android 14 and One UI 6.0 in some European countries, is scheduled to get it in December in Germany.
You will find the roadmap for your region in the Samsung Members app
Nonetheless, these roadmaps give us an idea of when a Samsung smartphone or tablet may receive Android 14. We expect the company to push the update to some models earlier than scheduled. From what it looks like, the Korean behemoth will complete the rollout by February 2024. As always, we will keep you posted on the rollouts. Don’t forget to watch out for Samsung’s Android 14 roadmap for your region in the Samsung Members app.
Google has announced it will shut down Manifest V2 in June 2024 and move on to Manifest V3, the latest version of its Chrome extension specification that has faced criticism for putting limits on ad blockers. Roughly said, Manifest V2 and V3 are the rules that browser extension developers have to follow if they want their extensions to get accepted into the Google Play Store.
Manifest V2 is the old model. The Chrome Web Store no longer accepts Manifest V2 extensions, but browsers can still use them. For now. Manifest V3 is supported generally in Chrome 88 or later and will be the standard after the transition planned to take place in June 2024.
A popular type of browser extensions are ad blockers. Almost all these ad blockers work with block lists, which are long lists of domains, subdomains, and IP addresses that they filter out of your web traffic. These lists are commonly referred to as rulesets. One part of the transition will “improve” content filtering. And to be fair, Google has made some compromises when it comes to the version as it’s now in the planning, compared to what it originally planned to do.
Originally, each extension could offer users a choice of 50 static rulesets, and 10 of these rulesets could be enabled simultaneously. This changes to 50 extensions simultaneously and 100 in total.
Extensions could add up to 5,000 rules dynamically which encouraged using this functionality sparingly and made it easier for Google to detect abuse. Extensions can add rules dynamically to support more frequent updates and user-defined rules. But it comes with the risks of phishing or data theft because these “updates” are not checked during the Chrome Web Store review. For example, a redirect rule could be abused to inject affiliate links without consent. But Google has decided that block and allow are not that easily abused so it will allow up to 30,000 rules to be added dynamically.
However, this is still far from enough to fully reach the potential of the best ad blockers we have now. And it’s not just the hard limits on filtering rulesets, there are a lot of other new limits on filtering. Items can’t be filtered based on the response headers or according to the URL in the address bar. Also, extension developers are limited in what regular expressions they can use, along with other technical limitations.
Even if this is not targeted at ad blockers specifically, it’s still a major change that makes blocking requests less flexible. But the bottom line result is that it limits the API that many ad blockers use, and replace it with a less capable one.
Google’s will tell you that by limiting extensions, the browser can be lighter on resources, and Google can protect your privacy from extension developers and calls it “a step in the direction of privacy, security, and performance.” The Electronic Frontier Foundation (EFF) however calls Manifest V3 deceitful and threatening.
“Manifest V3 is another example of the inherent conflict of interest that comes from Google controlling both the dominant web browser and one of the largest internet advertising networks.”
Under the new specifications, browser extensions that monitor and filter the web traffic between the browser and the website will have greatly reduced capabilities. This includes ad blockers and privacy-protective tracker blockers. No real surprise, considering Google has trackers installed on 75% of the top one million websites.
According to Firefox’s Add-on Operations Manager, most malicious extension that manage to get through the security review process, are usually interested in simply observing the conversation between your browser and whatever websites you visit. The malicious activity happens elsewhere, after the data has already been read. So in their mind, what would really help security is a more thorough review process, but that’s not something Google says it has plans for.
After looking at the arguments Google used to justify this transition, ArsTechnica came to the conclusion that there’s no justification for arbitrarily limiting the list of filter rules. It says once Manifest V3 happens, Chrome users will be limited to light ad blocker functionality while users will need to switch to Firefox or some other non-limited browser to get the full extension.
Nevertheless, Firefox said it will adopt Manifest V3 in the interest of cross-browser compatibility. And Chrome’s market share will certainly have influenced that decision as well.
Google Chrome Enterprise users with the “ExtensionManifestV2Availability” policy turned on will get an extra year of Manifest V2 compatibility.