Beware of Stalkerware
Stalkerware often masquerades as legitimate anti-theft or parental control applications on smartphones, tablets, and computers. However, their true nature is much different than it seems.
Stalkerware often masquerades as legitimate anti-theft or parental control applications on smartphones, tablets, and computers. However, their true nature is much different than it seems.
These software, which are usually installed without the consent and notification of the person being monitored, allow the perpetrator who installs the software to have control over the life of the victim to whom the software is installed. stalkerware Software capabilities vary depending on the application.
It revealed that 31 thousand 31 unique people worldwide were affected by tracking software in 2023, and this number increased by 5.8% compared to 2022. The figures confirm that the downward trend in 2021 has reversed and digital harassment remains a global problem.
In 2023, Russia, Brazil and India were the top three countries most affected by this type of software in terms of the number of users. Iran, which was in the top five the previous year, is still in the top five.
Compared to 2021, the top 10 countries affected by this issue have changed little. While Germany dropped from 7th to 10th place, Saudi Arabia, which ranked 8th in 2022, is not among the most affected countries this year.
Stalking software and offline-online violence relationship
More than a third (39%) of respondents globally reported experiencing violence or abuse from a current or former partner.
Of those questioned for the report, 23% said they had recently experienced some form of online stalking from someone they were dating. Additionally, 40% of participants overall reported being followed or suspected of being followed.
On the other hand, 12% of respondents admitted to installing or setting parameters on their partner’s phone, and 9% admitted to pressuring their partner to install tracking apps.
However, the idea of unknowingly monitoring their partner was not approved by the majority of individuals (54%) and an attitude was expressed that they were against such behavior.
Regarding attitudes towards consensual monitoring of a partner’s online activities, 45% of respondents expressed disapproval, highlighting the importance of privacy rights.
In contrast, 27% supported full transparency in relationships and viewed consensual monitoring as appropriate, while 12% found it acceptable only when mutual agreement was reached.
Fighting Stalkerware
The use of stalkerware software is not prohibited in many countries of the world. However, installing such an application on another person’s smartphone without their consent can be punished as an illegal act.
However, the person who will be held responsible for the situation is not the developer of the application, but the user, that is, the perpetrator. Stalkerware, along with other related technologies, is an element of technology-assisted exploitation and is often used for abusive purposes in relationships.
First of all, Stalkerware is not a technical problem, but a problem that requires action from all segments of society.
Security
RedLine Catches Stealer Infamous 1 With Magnus
Following the seizure of RedLine Stealer by international authorities, security researchers published their research into the stealer’s undocumented backend modules, which aided law enforcement in the takeover effort.
Following the seizure of RedLine Stealer by international authorities, security researchers published their research into the stealer’s undocumented backend modules, which aided law enforcement in the takeover effort.
Security researchers, in collaboration with law enforcement, collected numerous modules used to run the infrastructure behind RedLine Stealer in 2023. The Dutch National police, together with the FBI, Eurojust and several other law enforcement agencies, dismantled the infamous RedLine Stealer operation and its clone called META Stealer on October 24, 2024.
This global effort, called Operation Magnus, resulted in the removal of three servers in the Netherlands, the seizure of two domain names, the detention of two people in Belgium, and the unsealing of charges against one of the alleged perpetrators in the United States.
Security researchers participated in a partial takedown of the RedLine malware in April 2023, enabling the removal of several GitHub repositories used as dead-drop analyzers for the malware’s control panel. At that time, previously undocumented backend modules of this malware family were investigated in collaboration with other researchers at Flare. These modules do not directly interact with the malware, but instead handle authentication and provide functionality for the control panel.
More than 1,000 unique IP addresses used to host RedLine control panels were identified. While there is some overlap, this puts the number of subscribers to RedLine MaaS at around 1,000. The 2023 versions of RedLine Stealer, reviewed in detail, use the Windows Communications Framework for communication between components, while the latest version in 2024 uses a REST API.
“Based on our analysis of source code and backend samples, we determined that RedLine Stealer and META Stealer share the same creator.” he said.
These unique IP addresses were used to host RedLine panels. Of these hosted panels, Russia, Germany, and the Netherlands each represent about 20 percent of the total, while Finland and the United States each represent about 10 percent. It was also able to detect multiple different backend servers. In terms of their geographical distribution, the servers are mostly located in Russia (about a third), while the UK, the Netherlands, and the Czech Republic each represent about 15 percent of the servers we detected.
First discovery in 2020
RedLine Stealer is an information-stealing malware first discovered in 2020, and rather than being operated centrally, it operates on a MaaS model where anyone can purchase a turnkey information-stealing solution from various online forums and Telegram channels.
Customers, whom we call affiliates, can receive monthly subscriptions or lifetime licenses; For their money, they get a control panel that generates malware samples and acts as a C&C server for them.
The examples created are local cryptocurrency wallets; cookies, saved ID information and saved credit card information from browsers; It can collect a wide variety of information, including saved data from Steam, Discord, Telegram, and various desktop VPN applications. Using an off-the-shelf solution makes it easier for affiliates to integrate RedLine Stealer into larger campaigns. Some notable examples include ChatGPT free download in 2023 and what appear to be video game cheats in the first half of 2024.
Magnus Before Operation RedLine was among the most common data-stealing malware, with a large number of affiliates using its control panel. But the malware-as-a-service initiative appears to be led by a small number of individuals, some of whom have now been identified by law enforcement.
Security
Introduced Scam Copilot 1 Powered by Al Technology
Bitdefender Announces AI-Powered Fraud Defense Platform Scam Copilot!
Bitdefender Announces AI-Powered Fraud Defense Platform Scam Copilot!
Bitdefender, a global cybersecurity leader, announced Scam Copilot, an advanced technology platform powered by artificial intelligence (AI).
Scam Copilot, which detects and combats fraud attempts, stands out as an advanced platform designed for devices such as computers, tablets and mobile phones. Providing protection against malware, identity theft and data theft with a strong defense layer, Scam Copilot provides an integrated service in all Bitdefender’s cyber security products.
According to the report prepared by the Global Anti-Scam Alliance (GASA), it is stated that global losses due to fraud will exceed one trillion US dollars in 2023. Additionally, the report found that 78% of the nearly 50,000 people surveyed had experienced at least one scam within a 12-month period.
bitdefender The 2024 Consumer Cybersecurity Assessment Report revealed that scams delivered via text message were the most common security incident, affecting almost half of the seven thousand respondents.
Introduced to users by Bitdefender in response to the sharp increase in fraud-related cybercrimes, Scam Copilot was developed powered by Large Language Models (LLMs) and artificial intelligence.
These technologies prevent cybercriminals from creating and distributing highly persuasive phishing messages in any language, making it extremely easy for consumers to detect scams and fraud attempts on their own.
“A True Game Changer”
Scam Copilot combines fraud detection and prevention technologies under one roof. The application proactively monitors users during activities such as web browsing, sending e-mail, and chatting via messaging applications, and warns users of the threats it detects.
Leveraging Bitdefender’s real-time global threat intelligence and artificial intelligence, ScamCopilot constantly evolves and adapts seamlessly as new fraud methods emerge.
Main Features and Benefits
- Complete Fraud and Fraud Protection: Scam Copilot provides comprehensive protection in digital environments, including web browsing, email, messaging, chat applications, push notifications and calendar invitations.
- Intuitive AI-Powered Chatbot Assistance: Scam Copilot provides best practice guidance for users to stay informed about alerts and stay safe. It also includes an advanced chatbot that allows users to engage in natural conversations to get a trusted second opinion on potential scams.
- Geographically Specific Fraud Wave Alerts: Scam Copilot warns users about emerging or trending scam campaigns. Alerts provide detailed information about campaign type, distribution methods, key tactics and potential risks, providing users with timely information to prevent evolving threats.
- Protection for High Risk Groups: Scam Copilot provides strong protection for groups frequently targeted by scammers, including the elderly, children and teenagers. The platform adapts to user behavior and offers simple and personalized suggestions to take action.
- Strengthening Fraud Awareness: Scam Copilot not only protects against scams, it also offers contextual recommendations tailored to specific interactions. It aims to help consumers achieve fraud awareness and feel confident in navigating the digital world safely.
Security
Lazarus Exploited Chrome Zero-Day Vulnerability
GReAT has uncovered a sophisticated malware campaign by the Lazarus Advanced Persistent Threat (APT) group targeting cryptocurrency investors worldwide.
GReAT has uncovered a sophisticated malware campaign by the Lazarus Advanced Persistent Threat (APT) group targeting cryptocurrency investors worldwide.
An attack using the Manuscrypt malware, used by the Lazarus group and documented by GReAT in over 50 unique campaigns targeting various industries, has been detected.
Detailed analysis revealed a sophisticated malicious campaign that relied heavily on social engineering techniques and generative artificial intelligence to target cryptocurrency investors.
The Lazarus group is known for its highly sophisticated attacks on cryptocurrency platforms and has a bad track record of exploiting zero-day exploits. This newly revealed campaign followed the same pattern.
Security researchers found that the threat actor exploited two vulnerabilities, including a previously unknown bug, in V8, Google’s open-source JavaScript and WebAssembly engine.
The zero-day vulnerability in question was fixed with the code CVE-2024-4947 after it was reported to Google. This vulnerability allowed attackers to run arbitrary code, bypass security features, and perform various malicious activities. Another vulnerability was used to bypass Google Chrome’s V8 sandbox protection.
Attackers exploited this vulnerability by luring users to a carefully designed fake gaming website that invited users to compete globally with NFT tanks.
To maximize the effectiveness of the campaign, they focused on building trust and designed details that would make promotional activities appear as real as possible.
In this context, social media accounts were created on X (formerly Twitter) and LinkedIn to promote the game over several months, and artificial intelligence-generated images were used to increase credibility.
Lazarus has successfully integrated generative AI into its operations. Kaspersky experts predict that attackers will design even more sophisticated attacks using this technology.
The attackers also tried to engage cryptocurrency influencers for further promotion. They used their presence on social media to not only spread the threat but also directly target crypto accounts.
Security experts have discovered another legitimate game that appears to be a pioneering prototype of the attackers’ game. Shortly after the attackers launched a campaign to promote their game, real game developers claimed $20,000 worth of cryptocurrency was transferred from their wallets. claimed.
The fake game’s logo and design differed only in logo placement and visual quality, but otherwise mirrored the original. Given these similarities and overlaps in code, security experts emphasize that Lazarus members have gone to great lengths to lend credibility to their attacks.
-
Software2 weeks ago
Sony May Become the New Owner of From Software
-
Social Media2 weeks ago
HD Calling and Noise Canceling Features Come to Facebook Messenger
-
Artificial Intelligence1 week ago
Samsung and OpenAI in Talks for ChatGPT Integration with Galaxy AI
-
Mobile2 weeks ago
The Thickness of Apple iPhone 17 Air Will Be Only 6 mm
-
Life2 weeks ago
Sony Releases Its New Flagship Camera Alpha 1 II
-
Cinema and Art2 weeks ago
New Trailer of a Minecraft Movie Released!
-
Software2 weeks ago
Voice Message Conversion from WhatsApp: Now You Can Read Your Messages!
-
Software2 weeks ago
iOS 18.1.1 Update for iPhone Released What’s New?