Malware Campaign Impersonates VC Firm Looking To Buy Sites

BleepingComputer was recently contacted by an alleged “venture capitalist” firm that wanted to invest or purchase our site. However, as we later discovered, this was a malicious campaign designed to install malware that provides remote access to our devices. Lawrence Abrams from BleepingComputer writes: Last week, BleepingComputer received an email to our contact form from an IP address belonging to a United Kingdom virtual server company. Writing about cybersecurity for so long, I am paranoid regarding email, messaging, and visiting unknown websites. So, I immediately grew suspicious of the email, fired up a virtual machine and VPN, and did a search for Vuxner. Google showed only a few results for ‘Vuxner,’ with one being for a well-designed and legitimate-looking vuxner[.]com, a site promoting “Vuxner Chat — Next level of privacy with free instant messaging.” As this appeared to be the “Vuxner chat” the threat actors referenced in their email, BleepingComputer attempted to download it and run it on a virtual machine.

BleepingComputer found that the VuxnerChat.exe download [VirusTotal] actually installs the “Trillian” messaging app and then downloads further malware onto the computer after Trillian finishes installing. As this type of campaign looked similar to other campaigns that have pushed remote access and password-stealing trojans in the past, BleepingComputer reached out to cybersecurity firm Cluster25 who has previously helped BleepingComputer diagnose similar malware attacks in the past. Cluster25 researchers explain in a report coordinated with BleepingComputer that the Vuxner[.]com is hosted behind Cloudflare, however they could still determine hosting server’s actual address at 86.104.15[.]123.

The researchers state that the Vuxner Chat program is being used as a decoy for installing a remote desktop software known as RuRAT, which is used as a remote access trojan. Once a user installs the Vuxner Trillian client and exits the installer, it will download and execute a Setup.exe executable [VirusTotal] from https://vuxner[.]com/setup.exe. When done, the victim will be left with a C:swrbldin folder filled with a variety of batch files, VBS scripts, and other files used to install RuRAT on the device. Cluster25 told BleepingComputer that the threat actors are using this attack to gain initial access to a device and then take control over the host. Once they control the host, they can search for credentials and sensitive data or use the device as a launchpad to spread laterally in a network.

Read more of this story at Slashdot.

YouTuber DIY Project Shrinks M1 Mac Mini By 78%, Without Sacrificing Performance

In a 15-minute-long video, YouTuber Quinn Nelson from Snazzy Labs explains how he managed to shrink the current M1 Mac Mini by 78% without harming performance. 9to5Mac reports: In conclusion, by rearranging the internals and swapping out the power supply, Nelson was able to reduce the size of the Mac mini enclosure by 78%. He organized all the parts inside a 3D-printed body with a mini Mac Pro motif.

The reason that theoretical space savings are so huge is because when Apple released the first round of Apple Silicon computers, they did not change the hardware industrial design at all. So the current Mac Mini enclosure is designed to fit an Intel CPU and circuit board, including having to accommodate the large fans and heat sinks the Intel chip required.

But with the power efficiency of the M1, Apple has the headroom to do something much more drastic. Indeed, a lot of the M1 Mac mini internals is just empty space. The Snazzy Labs video gives a glimpse at what is possible if Apple is more ambitious with the next-generation Mac mini design, and tries to create something truly mini. The CAD files and schematics can be viewed here.

Read more of this story at Slashdot.

Ukraine Might Have Leaked Data On 120,000 Russian Soldiers

BrendaEM shares a report from The Register: Ukrainian news website Ukrainska Pravda says the nation’s Centre for Defense Strategies think tank has obtained the personal details of 120,000 Russian servicemen fighting in Ukraine. The publication has now shared this data freely on its website. The Register and others have been unable to fully verify the accuracy of the data from the leak. The records include what appears to be names, addresses, passport numbers, unit names, and phone numbers. Some open source intelligence researchers on Twitter said they found positive matches, as did sources who spoke confidentially to El Reg; others said they couldn’t verify dip-sampled data. Rumors swirled on the internet that activists were behind the disclosure. The Ukrainian news agency said the personnel records were obtained from “reliable sources.” Whether or not the database’s contents is real, the impact on Russian military morale — knowing that your country’s enemies have your personal details and can contact your family if you’re captured, killed, or even still alive — won’t be insignificant.

Read more of this story at Slashdot.

Hackers Demand NVIDIA Open Source Their Drivers Or They Leak More Data

New submitter briaguya shares a report from VideoCardz: Hackers that infiltrated NVIDIA systems are now threatening to release more confidential information unless the company commits to open sourcing their drivers. It is unclear what the stolen data contains, but the group confirmed that there are 250GB of hardware related data in their possession. Furthermore, the group confirmed they have evaluated NVIDIA position, which means that NVIDIA is might trying to communicate with the group to prevent future leaks. The group has already published information on NVIDIA DLSS technology and upcoming architectures. Yesterday, Nvidia reportedly retaliated against the hacker group known as “Lapsus$” by sneaking back into the hacker’s system and encrypting the stolen data. The group claimed that it had a backup of the data, though.

Read more of this story at Slashdot.

Burnt-Out Ship Carrying 4,000 Vehicles Sinks, Costing VW At Least $155 Million

McGruber shares a report from AutoNews: The cargo ship that caught fire in the Atlantic while transporting roughly 4,000 Volkswagen Group vehicles to the U.S. has sunk despite efforts to tow it to safety. The Felicity Ace sank 220 nautical miles off the coast of Portugal’s Azores Islands around 9 a.m. local time on Tuesday after being battered by waves and leaning 45 degrees to its starboard side, the ship’s operator said. Joao Mendes Cabecas, the captain of the nearest port on the island of Faial, told Reuters the Panama-flagged Felicity Ace had sunk as efforts to tow it began due to structural problems caused by the fire and rough seas.

Volkswagen had VW, Porsche, Audi, Bentley and Lamborghini-branded models on the vessel, which was on its way to Rhode Island from Germany’s Emden port when the fire broke out on Feb. 16. […] In a projection assuming all vehicles would be lost, the risk-modeling company Russell Group last week estimated that the incident could cost the automaker at least $155 million. About $438 million worth of goods were aboard the ship, $401 million of which were cars.

Read more of this story at Slashdot.

MediaTek Might Have Overtaken Qualcomm In US Android Marketshare

MediaTek might have just beaten out Qualcomm to claim the biggest market share of any chipmaker for Android phones in the United States — at least, according to one analyst group. The Verge reports: According to IDC’s quarterly mobile phone sales tracker, as Q4 2021 MediaTek chips account for 48.1 percent of all Android phones in the United States, compared to 43.9 percent for Qualcomm, as spotted by PCMag. Those numbers are a stark inversion from the previous quarter, where MediaTek had a 41 percent market share to Qualcomm’s 56 percent. IDC’s report notes that MediaTek’s surge was driven largely by sales of the Galaxy A12, Galaxy A32, and G Pure, which made up 51 percent of MediaTek devices sold in Q4 and 24 percent of the entire Android market in the US. There are conflicting reports, however. According to The Verge, “Counterpoint Research’s own report puts the Q4 2021 split at 55 percent for Qualcomm, and 37 percent for MediaTek, so it’s possible that Qualcomm is still holding on to its crown for now.”

Read more of this story at Slashdot.

Sid Meier Warns the Games Industry About Monetization

Speaking to the BBC on the 30th anniversary of Civilization, American developer Sid Meier says if major companies continue to focus on monetization or other things that are not gameplay-focused, they risk losing the audience. From the report: “The real challenge and the real opportunity is keeping our focus on gameplay,” says American developer Sid Meier. “That is what is unique, special and appealing about games as a form of entertainment. When we forget that, and decide it’s monetization or other things that are not gameplay-focused, when we start to forget about making great games and start thinking about games as a vehicle or an opportunity for something else, that’s when we stray a little bit further from the path.”

The financial model that supports how games companies make their money has changed dramatically in the past decade or so. Now many developers and publishers rely on in-game purchases to help with their bottom line rather than solely on the up-front cost of buying a title to play. […] Some games companies are also exploring the introduction of non-fungible-tokens (NFTs) – a form of digital art that players can buy and own — into their games. […] Sid Meier says that if major companies continue to focus on ways like this to monetize gaming, they risk losing the audience: “People can assume that a game is going to be fun and what it needs for success are more cinematics or monetization or whatever — but if the core just is not there with good gameplay, then it won’t work. “In a sense gameplay is cheap… The game design part is critical and crucial but doesn’t require a cast of thousands in the way some of the other aspects do. So it’s perhaps easy to overlook how important the investment in game design and gameplay is.”

The global games market is reported to be worth around $175 billion and is forecast to almost double in five years. But Sid Meier says that continued growth isn’t guaranteed: “There are lots of other ways that people can spend their leisure time… I think the way the internet works, once a shift starts to happen, then everybody runs to that side of the ship. “I think we need to be sure that our games continue to be high quality and fun to play – there are so many forms of entertainment out there now. We’re in a good position… but we need to be sure we realize how critical gameplay is – and how that is the engine that really keeps players happy, engaged and having fun.”

Sid says he has no plans to retire just yet, and explains the most gratifying change he’s experienced during his more than 30 years in the industry, is the wider public’s shift in attitude when it comes to games. People were telling him back in 1991 that he was “wasting his time” working in games – now he smiles, as people say to him: “I wish I could get a job making games.”

Read more of this story at Slashdot.

Twitter To Label Tweets Linking To Russian State Media

wiredmikey writes: “Twitter will put warnings on tweets sharing links to Russian state-affiliated media, the platform said Monday, as Kremlin-tied outlets are accused of spreading misinformation on Moscow’s invasion of Ukraine,” reports SecurityWeek. The news comes as Russian troops have launched a major assault on Ukraine and while their forces battle in the physical world for control over various cities and regions, a battle is also taking place in cyberspace with attacks and misinformation campaigns. Yoel Roth, Twitter’s head of site integrity, says the platform is seeing more than 45,000 tweets per day that are sharing links to state-affiliated media outlets.

“Our product should make it easy to understand who’s behind the content you see, and what their motivations and intentions are,” he added. In addition to adding labels that identify the sources of links, Roth said the platform is also “taking steps to significantly reduce the circulation of this content on Twitter.”

Read more of this story at Slashdot.

Satellite Outage Knocks Out Thousands of Enercon’s Wind Turbines

Germany’s Enercon on Monday said a “massive disruption” of satellite connections in Europe was affecting the operations of 5,800 wind turbines in central Europe. MarketScreener reports: It said the satellite connections stopped working on Thursday, knocking out remote monitoring and control of the wind turbines, which have a total capacity of 11 gigawatt (GW). “The exact cause of the disruption is not yet known. The communication services failed almost simultaneously with the start of the Russian invasion of Ukraine,” Enercon said in a statement.

Enercon has informed Germany’s cybersecurity watchdog BSI and is working with the relevant providers of the satellite communication networks to resolve the disruption, which it said affected around 30,000 satellite terminals used by companies and organisations from various sectors across Europe. “However, no effects on power grid stability are currently expected due to redundant communication capabilities of the responsible grid operators. Further investigations into the cause are being carried out by the company concerned in close exchange with the responsible authorities,” BSI said. There was no risk to the turbines as they continued to operate on “auto mode,” the company said. The report also notes that Viasat was “investigating a suspected cyberattack that caused a partial outage in its residential broadband services in Ukraine and other European countries”

Read more of this story at Slashdot.

Nvidia Allegedly Hacks Hackers Who Stole Company’s Data

According to Vx-underground on Twitter, Nvidia has reportedly retaliated against the hacker group that stole over 1TB of the company’s data by sneaking back into the hacker’s system and encrypting the stolen data. Tom’s Hardware reports: LAPSU$, an extortion group in South America, had illegally tapped into Nvidia’s mailing server and installed malware on the software distribution server. As a result, the hacker group purportedly extracted over 1TB of Nvidia’s data. However, it’s unknown what kind of data the hackers had stolen, whether Nvidia’s or its clients’ data. It would seem that Nvidia has identified the attackers. According to the Vx-underground’s Twitter post and backed by screenshots, the chipmaker has infected the perpetrators’ system with ransomware and encrypted the stolen data in response to the attack. The group claimed that it had a backup of the data, though.

Read more of this story at Slashdot.