A Newly Discovered Malware Hijacks Facebook Business Accounts

An ongoing cybercriminal operation is targeting digital marketing and human resources professionals in an effort to hijack Facebook Business accounts using a newly discovered data-stealing malware. TechCrunch reports: Researchers at WithSecure, the enterprise spin-off of security giant F-Secure, discovered the ongoing campaign they dubbed Ducktail and found evidence to suggest that a Vietnamese threat actor has been developing and distributing the malware since the latter half of 2021. The firm added that the operations’ motives appear to be purely financially driven. The threat actor first scouts targets via LinkedIn where it selects employees likely to have high-level access to Facebook Business accounts, particularly those with the highest level of access. The threat actor then uses social engineering to convince the target to download a file hosted on a legitimate cloud host, like Dropbox or iCloud. While the file features keywords related to brands, products, and project planning in an attempt to appear legitimate, it contains data-stealing malware that WithSecure says is the first malware that they have seen specifically designed to hijack Facebook Business accounts.

Once installed on a victim’s system, the Ducktail malware steals browser cookies and hijacks authenticated Facebook sessions to steal information from the victim’s Facebook account, including account information, location data, and two-factor authentication codes. The malware also allows the threat actor to hijack any Facebook Business account that the victim has sufficient access to simply by adding their email address to the compromised account, which prompts Facebook to to send a link, via email, to the same email address. The recipient — in this case, the threat actor — then interacts with the emailed link to gain access to that Facebook Business. The threat actors then leverage their new privileges to replace the account’s set financial details in order to direct payments to their accounts or to run Facebook Ad campaigns using money from the victimized firms.

Read more of this story at Slashdot.

‘Ocean Cleanup’ Removes First 100,000 kg of Plastic From the Great Pacific Garbage Patch

The Ocean Cleanup, a nonprofit trying to rid the world’s oceans of plastic, announced that it’s “officially removed more than 100,000 kg of plastic from the Great Pacific Garbage Patch (GPGP).” The impressive milestone is almost 4x as much garbage it announced it removed last October. CEO Boyan Slat writes in a press release: Since deployment in August 2021, System 002 (or “Jenny”) has now collected 101,353 kg of plastic over 45 extractions, sweeping an area of ocean of over 3000km2 — comparable to the size of Luxembourg or Rhode Island. Added to the 7,173 kg of plastic captured by our previous prototype systems, The Ocean Cleanup has now collected 108,526 kg of plastic from the GPGP — more than the combined weight of two and a half Boeing 737-800s, or the dry weight of a space shuttle!

According to our 2018 study in which we mapped the patch, the total amount of accumulated plastic is 79,000,000 kg, or 100,000,000 kg if we include the Outer GPGP. Thus, if we repeat this 100,000 kg haul 1,000 times — the Great Pacific Garbage Patch will be gone.

I’m proud of The Ocean Cleanup team for crossing this milestone, which is all the more remarkable considering System 002 is still an experimental system. Now our technology is validated, we are ready to move on to our new and expanded System 03, which is expected to capture plastic at a rate potentially 10 times higher than System 002 through a combination of increased size, improved efficiency, and increased uptime. Our transition to System 03 is starting soon.

Read more of this story at Slashdot.

Coding Mistake Made Intel GPUs 100X Slower in Ray Tracing

Intel Linux GPU driver developers have released an update that results in a massive 100X boost in ray tracing performance. This is something to be celebrated, of course. However, on the flip side, the driver was 100X slower than it should have been because of a memory allocation oversight. Tom’s Hardware reports: Linux-centric news site Phoronix reports that a fix merged into the open-source Intel Mesa Vulkan driver was implemented by Intel Linux graphics driver engineering stalwart Lionel Landwerlin on Thursday. The developer wryly commented that the merge request, which already landed in Mesa 22.2, would deliver “Like a 100x (not joking) improvement.” Intel has been working on Vulkan raytracing support since late 2020, but this fix is better late than never.

Usually, the Vulkan driver would ensure temporary memory used for Vulkan raytracing work would be in local memory, i.e., the very fast graphics memory onboard the discrete GPU. A line of code was missing, so this memory allocation housekeeping task wasn’t set. Thus, the Vulkan driver would shift ray tracing data to slower offboard system memory and back. Think of the continued convoluted transfers to this slower memory taking place, slowing down the raytracing performance significantly. It turns out, as per our headline, that setting a flag for “ANV_BO_ALLOC_LOCAL_MEM” ensured that the VRAM would be used instead, and a 100X performance boost was the result. “Mesa 22.2, which includes the new code, is due to be branched in the coming days and will be included in a bundle of other driver refinements, which should reach end-users by the end of August,” adds the report.

Read more of this story at Slashdot.

Source Code For Rust-Based Info-Sealer Released On Hacker Forums

The source code for an information-stealing malware coded in Rust has been released for free on hacking forums, with security analysts already reporting that the malware is actively used in attacks. BleepingComputer reports: The malware, which the author claims to have developed in just six hours, is quite stealthy, with VirusTotal returning a detection rate of around 22%. As the info-stealer is written in Rust, a cross-platform language, it allows threat actors to target multiple operating systems. However, in its current form, the new info-stealer only targets Windows operating systems.

Analysts at cybersecurity firm Cyble, who sampled the new info-stealer and named it “Luca Stealer,” report that the malware comes with standard capabilities for this type of malware. When executed, the malware attempts to steal data from thirty Chromium-based web browsers, where it will steal stored credit cards, login credentials, and cookies. The stealer also targets a range of “cold” cryptocurrency and “hot” wallet browser addons, Steam accounts, Discord tokens, Ubisoft Play, and more. Where Luca Stealer stands out against other info-stealers is the focus on password manager browser addons, stealing the locally stored data for 17 applications of this kind. In addition to targeting applications, Luca also captures screenshots and saves them as a .png file, and performs a “whoami” to profile the host system and send the details to its operators.

Read more of this story at Slashdot.

Chinese-Made Huawei Equipment Could Disrupt US Nuclear Arsenal Communications, FBI Determines

There’s been “a dramatic escalation of Chinese espionage on US soil over the past decade,” sources in the U.S. counterintelligence community have told CNN this weekend.

But some dramatic new examples have been revealed. For example, in 2017 China’s government offered to build a $100 million pavilion in Washington D.C. with an ornate 70-foot pagoda. U.S. counterintelligence officials realized its location — two miles from the U.S. Capitol — appeared “strategically placed on one of the highest points in Washington DC…a perfect spot for signals intelligence collection.”
Also alarming was that Chinese officials wanted to build the pagoda with materials shipped to the US in diplomatic pouches, which US Customs officials are barred from examining, the sources said. Federal officials quietly killed the project before construction was underway…

Since at least 2017, federal officials have investigated Chinese land purchases near critical infrastructure, shut down a high-profile regional consulate believed by the US government to be a hotbed of Chinese spies and stonewalled what they saw as clear efforts to plant listening devices near sensitive military and government facilities.
Among the most alarming things the FBI uncovered pertains to Chinese-made Huawei equipment atop cell towers near US military bases in the rural Midwest. According to multiple sources familiar with the matter, the FBI determined the equipment was capable of capturing and disrupting highly restricted Defense Department communications, including those used by US Strategic Command, which oversees the country’s nuclear weapons…. It’s unclear if the intelligence community determined whether any data was actually intercepted and sent back to Beijing from these towers. Sources familiar with the issue say that from a technical standpoint, it’s incredibly difficult to prove a given package of data was stolen and sent overseas.

The Chinese government strongly denies any efforts to spy on the US…. But multiple sources familiar with the investigation tell CNN that there’s no question the Huawei equipment has the ability to intercept not only commercial cell traffic but also the highly restricted airwaves used by the military and disrupt critical US Strategic Command communications, giving the Chinese government a potential window into America’s nuclear arsenal…. As Huawei equipment began to proliferate near US military bases, federal investigators started taking notice, sources familiar with the matter told CNN. Of particular concern was that Huawei was routinely selling cheap equipment to rural providers in cases that appeared to be unprofitable for Huawei — but which placed its equipment near military assets.

Read more of this story at Slashdot.

Han Solo’s Blaster From the Original ‘Star Wars’ Is Going Up For Auction

William Shatner Criticizes New Star Trek Shows – and Star Wars – at Comic-Con

“William Shatner closed out the first night of San Diego Comic-Con in style — with plenty of cursing and a look back at his storied career,” writes the Hollywood Reporter:

In an hourlong chat with emcee Kevin Smith, the 91-year-old actor talked about aging, space travel (both real and fictional) and his place in the pop culture consciousness….

He took time to address the importance and power of fandom to his career, and specifically to Star Trek, which 56 years ago introduced the world to James T. Kirk, his most enduring character. When asked to address the fans of that other major sci-fi franchise, Shatner quipped, “fuck Star Wars…. But not Mark Hamill.”

“We love Mark Hamill,” Smith agreed.

When asked by a fan if there were any new Star Trek series he thought rivaled his own, Shatner replied, “none of them.”

“I got to know [creator] Gene Roddenberry in three years fairly well,” said Shatner, “he’d be turning in his grave at some of this stuff….”
The article also quotes Shatner’s more serious comments about his own recent trip into outer space courtesy of Jeff Bezos’ Blue Origin.
“I went, and I vowed that every moment that I spent in space, would not be playing around in weightlessness, but looking out the window and trying to get an impression.”

Read more of this story at Slashdot.

Chromebooks With Mobile Data To Act As Wi-Fi Hotspots

In an upcoming update, Chromebooks equipped with mobile data will be able to serve as a Wi-Fi hotspot for other devices, just like Android and iOS devices can today. 9to5Google reports: The work-in-progress feature has made its first appearance in ChromeOS code in the form of a new flag coming to chrome://flags. The details are quite slim at the moment, with little more than the flag description available today. That said, it’s easy to imagine how a mobile hotspot would work on ChromeOS, based on how the same feature works on Android phones today.

Presumably, you would be able to choose the name and password for your Chromebook’s hotspot through the Settings app in ChromeOS, where you can also toggle the hotspot on and off. If it truly follows the example of Android, there would also be an easy way to turn on your hotspot through a Quick Settings toggle.

Read more of this story at Slashdot.

Apple’s New Car Software Could Be a Trojan Horse Into the Automotive Industry

With Apple’s new CarPlay software announced in June, the company is “is diving deeper into its automotive ambitions, opening up the possibility to enter into a multibillion segment of the auto industry that’s growing quickly: The ability to sell additional services and features to car owners,” reports CNBC. From the report: The auto industry faces an unappealing choice: Offer CarPlay and give up potential revenue and the chance to ride a major industry shift, or spend heavily to develop their own infotainment software and cater to an potentially shrinking audience of car buyers who will purchase a new vehicle without CarPlay. […] Industry observers believe carmakers need to embrace software services — and look at Apple’s offering with skepticism — or risk getting left behind. “It’s a really difficult time in the industry, where the car companies think they’re still building cars. They’re not. They’re building software on wheels, and they don’t know it, and they’re trading it away,” said Conrad Layson, senior analyst at AutoForecast Solutions.

The new version of CarPlay could be a huge emerging revenue engine for Apple. First, if a user loves the iPhone’s CarPlay interface, then they’re less likely to switch to an Android phone. That’s a strategic priority for Apple, which generates the majority of its revenue through hardware sales. Second, while the company doesn’t yet charge a fee to automakers or suppliers, it could sell services for vehicles the same way it distributes iPhone software. In June, Apple revealed that it has explored features that integrate commerce into the car’s cockpit. One new feature announced this summer would allow CarPlay users to navigate to a gas pump and pay for the fuel from the dashboard of the car, according to Reuters. Apple already generates tens of billions from the App Store, and stands to boost that if it ever decides to charge for services in cars…

Read more of this story at Slashdot.