A Newly Discovered Malware Hijacks Facebook Business Accounts

An ongoing cybercriminal operation is targeting digital marketing and human resources professionals in an effort to hijack Facebook Business accounts using a newly discovered data-stealing malware. TechCrunch reports: Researchers at WithSecure, the enterprise spin-off of security giant F-Secure, discovered the ongoing campaign they dubbed Ducktail and found evidence to suggest that a Vietnamese threat actor has been developing and distributing the malware since the latter half of 2021. The firm added that the operations’ motives appear to be purely financially driven. The threat actor first scouts targets via LinkedIn where it selects employees likely to have high-level access to Facebook Business accounts, particularly those with the highest level of access. The threat actor then uses social engineering to convince the target to download a file hosted on a legitimate cloud host, like Dropbox or iCloud. While the file features keywords related to brands, products, and project planning in an attempt to appear legitimate, it contains data-stealing malware that WithSecure says is the first malware that they have seen specifically designed to hijack Facebook Business accounts.

Once installed on a victim’s system, the Ducktail malware steals browser cookies and hijacks authenticated Facebook sessions to steal information from the victim’s Facebook account, including account information, location data, and two-factor authentication codes. The malware also allows the threat actor to hijack any Facebook Business account that the victim has sufficient access to simply by adding their email address to the compromised account, which prompts Facebook to to send a link, via email, to the same email address. The recipient — in this case, the threat actor — then interacts with the emailed link to gain access to that Facebook Business. The threat actors then leverage their new privileges to replace the account’s set financial details in order to direct payments to their accounts or to run Facebook Ad campaigns using money from the victimized firms.

Read more of this story at Slashdot.

Saudi Arabia Plans IPO of $500 Billion For Its Megacity ‘Neom’

Saudi Arabia’s Crown Prince Mohammed bin Salman said they are planning an initial public offering of the Kingdom’s $500 billion megaproject Neom as soon as 2024. Arabian Business reports: Talking to reporters in Jeddah, the crown prince said the Kingdom is setting aside $80 billion for Neom Investment Fund, where it would invest in companies that agree to operate in the futuristic city, Bloomberg has reported. The announcement was witnessed by global investors including Bridgewater Associates founder Ray Dalio, Tim Collins of Ripplewood, Saudi Prince Alwaleed bin Talal and Kuwaiti retail billionaire Mohammed Alshaya.

The Saudi crown prince also unveiled funding details of Neom. First phase, which runs until 2030, will cost 1.2 trillion riyals, with about half of that covered by the Public Investment Fund. Officials will then seek to raise another 600 billion riyals from other sovereign wealth funds in the region, private investors in Saudi Arabia and abroad, and the planned IPO on Tadawul. The IPO, which could happen by 2024, will add more than 1 trillion riyals to the Kingdom’s stock market, the crown prince noted. In addition to the news about the IPO, a teaser video was released, revealing the design for The Line: a “vertical city” some 500 meters tall, 170 kilometers in length, and covered in mirrors.

“Although it looks like a wall, The Line is actually supposed to be comprised of two huge parallel buildings, connected via walkways and divided into neighborhoods that are supposed to offer all the amenities of city life within a five-minute walking distance,” reports The Verge.

“Vegetables will be ‘autonomously harvested and bundled’ from community farms; ‘a high-speed train will run under the mirrored buildings’; the Line will include a stadium ‘up to 1,000 feet above the ground,’ and there’ll be a marina for yachts under an arch between the buildings.” A report from the Wall Street Journal in 2019 also noted robots will outnumber humans and hologram teachers will education genetically-enhanced students.

Read more of this story at Slashdot.

Source Code For Rust-Based Info-Sealer Released On Hacker Forums

The source code for an information-stealing malware coded in Rust has been released for free on hacking forums, with security analysts already reporting that the malware is actively used in attacks. BleepingComputer reports: The malware, which the author claims to have developed in just six hours, is quite stealthy, with VirusTotal returning a detection rate of around 22%. As the info-stealer is written in Rust, a cross-platform language, it allows threat actors to target multiple operating systems. However, in its current form, the new info-stealer only targets Windows operating systems.

Analysts at cybersecurity firm Cyble, who sampled the new info-stealer and named it “Luca Stealer,” report that the malware comes with standard capabilities for this type of malware. When executed, the malware attempts to steal data from thirty Chromium-based web browsers, where it will steal stored credit cards, login credentials, and cookies. The stealer also targets a range of “cold” cryptocurrency and “hot” wallet browser addons, Steam accounts, Discord tokens, Ubisoft Play, and more. Where Luca Stealer stands out against other info-stealers is the focus on password manager browser addons, stealing the locally stored data for 17 applications of this kind. In addition to targeting applications, Luca also captures screenshots and saves them as a .png file, and performs a “whoami” to profile the host system and send the details to its operators.

Read more of this story at Slashdot.

Coding Mistake Made Intel GPUs 100X Slower in Ray Tracing

Intel Linux GPU driver developers have released an update that results in a massive 100X boost in ray tracing performance. This is something to be celebrated, of course. However, on the flip side, the driver was 100X slower than it should have been because of a memory allocation oversight. Tom’s Hardware reports: Linux-centric news site Phoronix reports that a fix merged into the open-source Intel Mesa Vulkan driver was implemented by Intel Linux graphics driver engineering stalwart Lionel Landwerlin on Thursday. The developer wryly commented that the merge request, which already landed in Mesa 22.2, would deliver “Like a 100x (not joking) improvement.” Intel has been working on Vulkan raytracing support since late 2020, but this fix is better late than never.

Usually, the Vulkan driver would ensure temporary memory used for Vulkan raytracing work would be in local memory, i.e., the very fast graphics memory onboard the discrete GPU. A line of code was missing, so this memory allocation housekeeping task wasn’t set. Thus, the Vulkan driver would shift ray tracing data to slower offboard system memory and back. Think of the continued convoluted transfers to this slower memory taking place, slowing down the raytracing performance significantly. It turns out, as per our headline, that setting a flag for “ANV_BO_ALLOC_LOCAL_MEM” ensured that the VRAM would be used instead, and a 100X performance boost was the result. “Mesa 22.2, which includes the new code, is due to be branched in the coming days and will be included in a bundle of other driver refinements, which should reach end-users by the end of August,” adds the report.

Read more of this story at Slashdot.

‘Ocean Cleanup’ Removes First 100,000 kg of Plastic From the Great Pacific Garbage Patch

The Ocean Cleanup, a nonprofit trying to rid the world’s oceans of plastic, announced that it’s “officially removed more than 100,000 kg of plastic from the Great Pacific Garbage Patch (GPGP).” The impressive milestone is almost 4x as much garbage it announced it removed last October. CEO Boyan Slat writes in a press release: Since deployment in August 2021, System 002 (or “Jenny”) has now collected 101,353 kg of plastic over 45 extractions, sweeping an area of ocean of over 3000km2 — comparable to the size of Luxembourg or Rhode Island. Added to the 7,173 kg of plastic captured by our previous prototype systems, The Ocean Cleanup has now collected 108,526 kg of plastic from the GPGP — more than the combined weight of two and a half Boeing 737-800s, or the dry weight of a space shuttle!

According to our 2018 study in which we mapped the patch, the total amount of accumulated plastic is 79,000,000 kg, or 100,000,000 kg if we include the Outer GPGP. Thus, if we repeat this 100,000 kg haul 1,000 times — the Great Pacific Garbage Patch will be gone.

I’m proud of The Ocean Cleanup team for crossing this milestone, which is all the more remarkable considering System 002 is still an experimental system. Now our technology is validated, we are ready to move on to our new and expanded System 03, which is expected to capture plastic at a rate potentially 10 times higher than System 002 through a combination of increased size, improved efficiency, and increased uptime. Our transition to System 03 is starting soon.

Read more of this story at Slashdot.

Chinese-Made Huawei Equipment Could Disrupt US Nuclear Arsenal Communications, FBI Determines

There’s been “a dramatic escalation of Chinese espionage on US soil over the past decade,” sources in the U.S. counterintelligence community have told CNN this weekend.

But some dramatic new examples have been revealed. For example, in 2017 China’s government offered to build a $100 million pavilion in Washington D.C. with an ornate 70-foot pagoda. U.S. counterintelligence officials realized its location — two miles from the U.S. Capitol — appeared “strategically placed on one of the highest points in Washington DC…a perfect spot for signals intelligence collection.”
Also alarming was that Chinese officials wanted to build the pagoda with materials shipped to the US in diplomatic pouches, which US Customs officials are barred from examining, the sources said. Federal officials quietly killed the project before construction was underway…

Since at least 2017, federal officials have investigated Chinese land purchases near critical infrastructure, shut down a high-profile regional consulate believed by the US government to be a hotbed of Chinese spies and stonewalled what they saw as clear efforts to plant listening devices near sensitive military and government facilities.
Among the most alarming things the FBI uncovered pertains to Chinese-made Huawei equipment atop cell towers near US military bases in the rural Midwest. According to multiple sources familiar with the matter, the FBI determined the equipment was capable of capturing and disrupting highly restricted Defense Department communications, including those used by US Strategic Command, which oversees the country’s nuclear weapons…. It’s unclear if the intelligence community determined whether any data was actually intercepted and sent back to Beijing from these towers. Sources familiar with the issue say that from a technical standpoint, it’s incredibly difficult to prove a given package of data was stolen and sent overseas.

The Chinese government strongly denies any efforts to spy on the US…. But multiple sources familiar with the investigation tell CNN that there’s no question the Huawei equipment has the ability to intercept not only commercial cell traffic but also the highly restricted airwaves used by the military and disrupt critical US Strategic Command communications, giving the Chinese government a potential window into America’s nuclear arsenal…. As Huawei equipment began to proliferate near US military bases, federal investigators started taking notice, sources familiar with the matter told CNN. Of particular concern was that Huawei was routinely selling cheap equipment to rural providers in cases that appeared to be unprofitable for Huawei — but which placed its equipment near military assets.

Read more of this story at Slashdot.