Binance Executives Were Arrested In Nigeria For Allegedly Destabilizing Its Currency

Two top executives from the crypto exchange Binance have been arrested in Nigeria for allegedly destabilizing the national currency. Quartz reports: According to a Wall Street Journal report, Tigran Gambaryan, head of financial-crime compliance at Binance who previously worked at the U.S. Internal Revenue Service (IRS), and Nadeem Anjarwalla, a British-Kenyan national and Binance’s regional manager for Africa, have been held against their will for the past two weeks in the country. As per reports, Nigerian government officials invited Binance executives to discuss an ongoing dispute about the world’s largest crypto exchange allegedly driving down the value of their national currency. Gambaryan and Anjarwalla arrived in Nigeria on February 25th; after their meeting with government officials, both were taken to their hotels. Later, they were instructed to pack their belongings and move to a guesthouse run by Nigeria’s National Security Agency, as stated by their families, per reports.

The Nigerian government has accused Binance of exacerbating the country’s foreign exchange challenges through rate manipulation for profit. The authorities have also accused the crypto exchange of illegal operations and have restricted access to the company’s website. There are also reports that Nigeria sought a $10 billion penalty from Binance for processing around $26 billion in untraceable funds in the country. […] The reason why and how Nigeria’s economic crisis is linked with Binance is yet to be found out. Binance is hoping to resolve the matter soon, according to CoinDesk. The report notes that Nigeria is experiencing its worst economic crisis in recent years due to inflation and the devaluation of their currency, the naira.

Read more of this story at Slashdot.

Over 15,000 Roku Accounts Sold To Buy Streaming Subscriptions, Devices

Over 15,000 Roku customers were hacked and used to make fraudulent purchases of hardware and streaming subscriptions. According to BleepingComputer, the threat actors were “selling the stolen accounts for as little as $0.50 per account, allowing purchasers to use stored credit cards to make illegal purchases.” From the report: On Friday, Roku first disclosed the data breach, warning that 15,363 customer accounts were hacked in a credential stuffing attack. A credential stuffing attack is when threat actors collect credentials exposed in data breaches and then attempt to use them to log in to other sites, in this case, Roku.com. The company says that once an account was breached, it allowed threat actors to change the information on the account, including passwords, email addresses, and shipping addresses. This effectively locked a user out of the account, allowing the threat actors to make purchases using stored credit card information without the legitimate account holder receiving order confirmation emails.

“It appears likely that the same username/password combinations had been used as login information for such third-party services as well as certain individual Roku accounts,” reads the data breach notice. “As a result, unauthorized actors were able to obtain login information from third-party sources and then use it to access certain individual Roku accounts. “After gaining access, they then changed the Roku login information for the affected individual Roku accounts, and, in a limited number of cases, attempted to purchase streaming subscriptions.” Roku says that it secured the impacted accounts and forced a password reset upon detecting the incident. Additionally, the platform’s security team investigated for any charges due to unauthorized purchases performed by the hackers and took steps to cancel the relevant subscriptions and refund the account holders.

A researcher told BleepingComputer last week that the threat actors have been using a Roku config to perform credential stuffing attacks for months, bypassing brute force attack protections and captchas by using specific URLs and rotating through lists of proxy servers. Successfully hacked accounts are then sold on stolen account marketplaces for as little as 50 cents, as seen below where 439 accounts are being sold. The seller of these accounts provides information on how to change information on the account to make fraudulent purchases. Those who purchase the stolen accounts hijack them with their own information and use stored credit cards to purchase cameras, remotes, soundbars, light strips, and streaming boxes. After making their purchases, it is common for them to share screenshots of redacted order confirmation emails on Telegram channels associated with the stolen account marketplaces.

Read more of this story at Slashdot.

Surgeons Perform UK’s First Operation Using Apple’s Vision Pro Headset

Surgeons in the United Kingdom have performed the first operation in the country using Apple’s Vision Pro headset. TechSpot reports: During a recent operation to repair a patient’s spine at the private Cromwell Hospital in London, a scrub nurse working alongside the surgeon used the Vision Pro to help prepare, keep track of the procedure, and choose the right tools, reports the Daily Mail. This marked the first operation in the UK where the Vision Pro was used. The software running on Apple’s headset during the operation comes from US company eXeX, which has made similar programs for Microsoft’s HoloLens. It offers nurses and technicians both holographic and touch-free access to the surgical setup and the procedural guides from within the sterile field of the operating room, according to the press release. The software also tracks each stage of an operation and can measure how well the op went compared to previous procedures performed by other surgeons.

“It eliminates human error and eliminates the guesswork,” said Suvi Verho, lead scrub nurse at London Independent Hospital. “It gives you confidence in surgery.” While this marked the first time that the Vision Pro was used during a UK surgery, the first-ever time the device was used in an operating room was last month, just three days after its release, when Orlando resident and world-renowned Neurosurgeon Dr. Robert Masson wore it during several spine reconstruction surgeries. “We are in a new era of surgery, and for the first time, our surgical teams have the brilliance of visual holographic guidance and maps, improving visuospatial and temporal orientation for each surgical team and for each surgery in all specialties,” said Masson.

Read more of this story at Slashdot.

Misconfigured Cloud Servers Targeted with Linux Malware for New Cryptojacking Campaign

Researchers at Cado Security Labs received an alert about a honeypot using the Docker Engine API. “A Docker command was received…” they write, “that spawned a new container, based on Alpine Linux, and created a bind mount for the underlying honeypot server’s root directory…”
Typically, this is exploited to write out a job for the Cron scheduler to execute… In this particular campaign, the attacker exploits this exact method to write out an executable at the path /usr/bin/vurl, along with registering a Cron job to decode some base64-encoded shell commands and execute them on the fly by piping through bash.

The vurl executable consists solely of a simple shell script function, used to establish a TCP connection with the attacker’s Command and Control (C2) infrastructure via the /dev/tcp device file. The Cron jobs mentioned above then utilise the vurl executable to retrieve the first stage payload from the C2 server… To provide redundancy in the event that the vurl payload retrieval method fails, the attackers write out an additional Cron job that attempts to use Python and the urllib2 library to retrieve another payload named t.sh

“Multiple user mode rootkits are deployed to hide malicious processes,” they note. And one of the shell scripts “makes use of the shopt (shell options) built-in to prevent additional shell commands from the attacker’s session from being appended to the history file… Not only are additional commands prevented from being written to the history file, but the shopt command itself doesn’t appear in the shell history once a new session has been spawned.”

The same script also inserts “an attacker-controlled SSH key to maintain access to the compromised host,” according to the article, retrieves a miner for the Monero cryptocurrency and then “registers persistence in the form of systemd services” for both the miner and an open source Golang reverse shell utility named Platypus.

It also delivers “various utilities,” according to the blog Security Week, “including ‘masscan’ for host discovery.” Citing CADO’s researchers, they write that the shell script also “weakens the machine by disabling SELinux and other functions and by uninstalling monitoring agents.”
The Golang payloads deployed in these attacks allow attackers to search for Docker images from the Ubuntu or Alpine repositories and delete them, and identify and exploit misconfigured or vulnerable Hadoop, Confluence, Docker, and Redis instances exposed to the internet… [“For the Docker compromise, the attackers spawn a container and escape from it onto the underlying host,” the researchers writes.]

“This extensive attack demonstrates the variety in initial access techniques available to cloud and Linux malware developers,” Cado notes. “It’s clear that attackers are investing significant time into understanding the types of web-facing services deployed in cloud environments, keeping abreast of reported vulnerabilities in those services and using this knowledge to gain a foothold in target environments.”

Read more of this story at Slashdot.

Does Reddit Represent the Return of the Junk Stock IPO?

An article in Inc notes a “wild projection” in Reddit’s SEC filing that Reddit’s global market opportunity by 2027 is $1.4 trillion.”
Some of the numbers lead back to a single individual: Sam Altman. The co-founder and chief executive of ChatGPT-maker OpenAI owns an 8.7 percent stake in Reddit, more than its co-founder and CEO, Steve Huffman, who owns 3.3 percent… Altman, through various funds and holding companies he owns or manages, controls more than a million shares of Reddit at $60 million in aggregate purchase price — and holds more than 9 percent of voting rights…
Discussing Reddit’s future, financial analyst and journalist Herb Greenberg recently told CNBC, “This is an AI play.”

But the senior investing editor for Kiplinger.com argues that retail investors “may want to hold tight before rushing out to buy the Reddit IPO.”
While IPO stocks tend to have strong first-day showings, returns for the first year are generally weak, says the team of analysts at Trivariate Research, a market research firm based in New York. And since 2020, “the average IPO has lagged its industry average by 30% over the subsequent three years following its first closing price…”

Other commenters have noted that Reddit’s allotment of shares to select Redditors could lower demand on the first day of trading, which would work against any IPO pop.

“Over the past few years, there have been a bunch of IPOs in the U.S. in which overhyped names enjoyed flashy stock-market debuts only to drop sharply soon after,” notes the Street.
Notable examples include Coinbase, which plummeted by almost 90% after its debut, Robinhood, still down 53% since its IPO, and Rivian, down over 91% since its debut. However, it’s crucial to note that all of these IPOs occurred in 2021 amid market euphoria fueled by low interest rates, significant economic stimulus, and the lingering effects of the Covid-19 pandemic. Although the current macroeconomic landscape differs from three years ago, valuations of tech and growth stocks remain stretched.

Kiplingers.com concludes it “boils down to your own personal investing goals and risk tolerance. If you do decide to buy Reddit stock when it first begins trading, do so in a small amount that you can afford to lose.”

But they also cite analysis from David Trainer, CEO of New Constructs, a research firm powered by artificial intelligence. “Reddit’s IPO marks the return of the junk IPO,” Trainer wrote in Forbes. “[The valuation] implies that Reddit will grow its user base to 26 times current levels, which would be nearly five times the size of [Snapchat-maker] Snap, and a highly unlikely feat. Reddit looks overvalued, and we think investors should pass on this IPO.”
Trainer writes:
[T]he company has never been profitable and should not be a publicly traded company… I think the company may never monetize its platform without angering its users and the entire premise of Reddit is user-generated content. This business model is inescapably built on a catch-22: make money or please users… Reddit looks overvalued, and I think investors should pass on this IPO.

Buyers and analysts told the site Marketing Brew “that they see the platform as nice-to-have, but that it is not an essential part of their media plans, like Meta or Google are.”

“They’ve always been solidly in the second or third tier of social networks,” alongside Snap, Pinterest, and X, Brian Wieser, a former GroupM exec who’s now author of the industry newsletter Madison and Wall, told Marketing Brew.

Yet Trainer notes that “98% of Reddit’s revenue in 2023 came from third-party advertising on the site and 28% of all revenue came from ten customers,” and “Reddit’s cost of revenue, sales & marketing, general & administrative, and research & development costs were 117% of revenue in 2023.”

Trainer concludes “Reddit is nowhere near breakeven. Reddit is an unprofitable social media company fighting for users.”

Bloomberg adds that the subreddit r/WallStreetBets “has threatened to bet against the stock, with many people noting that the company still loses money two decades into its existence. (Reddit lost $90.8 million last year, down from $158.6 million the year before.)”

Some have complained that the invitation to invest fails to make up for the unpaid labor they’ve invested making the site work… In 2021 the platform’s WallStreetBets forum ignited a meme-stock frenzy, propelling skyward the stocks of nostalgic but struggling companies like GameStop Corp. and AMC Entertainment Holdings Inc. and sending shockwaves through the financial industry… When it goes public, the platform that invented meme stocks runs the risk of becoming one itself.

Reddit noted the possibility as a risk in its IPO filing. “Given the broad awareness and brand recognition of Reddit, including as a result of the popularity of r/wallstreetbets among retail investors,” the company warned that its stock could “experience extreme volatility … which could cause you to lose all or part of your investment if you are unable to sell your shares at or above the initial offering price.”
Users on WallStreetBets got a kick out of the fact that the company listed the forum as a risk factor, posting about it with a sly smiling emoji…

Meanwhile, reports that marketers are infiltrating subreddits have been confirmed. Over 200 businesses have “integrated Reddit Pro into their digital strategies,” reports Search Engine Land, including “well-known names such as Taco Bell, the NFL, and The Wall Street Journal…
“During the initial alpha testing phase with approximately 20 businesses, Reddit reported its Pro partners, on average, generated 11 additional posts and comments per month.”

Read more of this story at Slashdot.

Mock ‘News’ Sites With Russian Ties Pop Up in U.S.

An anonymous reader shared this story from the New York Times:

Into the depleted field of journalism in America, a handful of websites have appeared in recent weeks with names suggesting a focus on news close to home: D.C. Weekly, the New York News Daily, the Chicago Chronicle and a newer sister publication, the Miami Chronicle. In fact, they are not local news organizations at all. They are Russian creations, researchers and government officials say, meant to mimic actual news organizations to push Kremlin propaganda by interspersing it among an at-times odd mix of stories about crime, politics and culture.

While Russia has long sought ways to influence public discourse in the United States, the fake news organizations — at least five, so far — represent a technological leap in its efforts to find new platforms to dupe unsuspecting American readers. The sites, the researchers and officials said, could well be the foundations of an online network primed to surface disinformation ahead of the American presidential election in November…

The Miami Chronicle’s website first appeared on Feb. 26. Its tagline falsely claims to have delivered “the Florida News since 1937.”

Amid some true reports, the site published a story last week about a “leaked audio recording” of Victoria Nuland, the U.S. under secretary of state for political affairs, discussing a shift in American support for Russia’s beleaguered opposition after the death of the Russian dissident Aleksei A. Navalny. The recording is a crude fake, according to administration officials who would speak only anonymously to discuss intelligence matters.

From the Raw Story:
The network was discovered by Clemson University’s Media Forensics Hub by researchers Patrick Warren and Darren Linvill, who tell the Times that its websites are designed to lend journalistic credibility to slickly produced propaganda.

“The page is just there to look realistic enough to fool a casual reader into thinking they’re reading a genuine, U.S.-branded article,” Linvill told the Times.

Read more of this story at Slashdot.

‘Canonical Turns 20: Shaping the Ubuntu Linux World’

“2004 was already an eventful year for Linux,” writes ZDNet’s Jack Wallen. “As I reported at the time, SCO was trying to drive Linux out of business. Red Hat was abandoning Linux end-user fans for enterprise customers by closing down Red Hat Linux 9 and launching the business-friendly Red Hat Enterprise Linux (RHEL). Oh, and South African tech millionaire and astronaut Mark Shuttleworth [also a Debian Linux developer] launched Canonical, Ubuntu Linux’s parent company.

“Little did I — or anyone else — suspect that Canonical would become one of the world’s major Linux companies.”

Mark Shuttleworth answered questions from Slashdot reader in 2005 and again in 2012. And this year, Canonical celebrates its 20th anniversary. ZDNet reports:
Canonical’s purpose, from the beginning, was to support and share free software and open-source software… Then, as now, Ubuntu was based on Debian Linux. Unlike Debian, which never met a delivery deadline it couldn’t miss, Ubuntu was set to be updated to the latest desktop, kernel, and infrastructure with a new release every six months. Canonical has kept to that cadence — except for the Ubuntu 6.06 release — for 20 years now…

Released in October 2004, Ubuntu Linux quickly became synonymous with ease of use, stability, and security, bridging the gap between the power of Linux and the usability demanded by end users. The early years of Canonical were marked by rapid innovation and community building. The Ubuntu community, a vibrant and passionate group of developers and users, became the heart and soul of the project. Forums, wikis, and IRC channels buzzed with activity as people from all over the world came together to contribute code, report bugs, write documentation, and support each other….

Canonical’s influence extends beyond the desktop. Ubuntu Linux, for example, is the number one cloud operating system. Ubuntu started as a community desktop distribution, but it’s become a major enterprise Linux power [also widely use as a server and Internet of Things operating system.]

The article notes Canonical’s 2011 creation of the Unity desktop. (“While Ubuntu Unity still lives on — open-source projects have nine lives — it’s now a sideline. Ubuntu renewed its commitment to the GNOME desktop…”)

But the article also argues that “2016, on the other hand, saw the emergence of Ubuntu Snap, a containerized way to install software, which –along with its rival Red Hat’s Flatpak — is helping Linux gain some desktop popularity.”

Read more of this story at Slashdot.