Tag Archive for: run’

WoofLocker Toolkit Hides Malicious Codes in Images to Run Tech Support Scams

/in


Aug 19, 2023THNMalvertising / Website Security

Cybersecurity researchers have detailed an updated version of an advanced fingerprinting and redirection toolkit called WoofLocker that’s engineered to conduct tech support scams.

The sophisticated traffic redirection scheme was first documented by Malwarebytes in January 2020, leveraging JavaScript embedded in compromised websites to perform anti-bot and web traffic filtering checks to serve next-stage JavaScript that redirects users to a browser locker (aka browlock).

This redirection mechanism, in turn, makes use of steganographic tricks to conceal the JavaScript code within a PNG image that’s served only when the validation phase is successful. Should a user be detected as a bot or not interesting traffic, a decoy PNG file without the malicious code is used.

WoofLocker is also known as 404Browlock due to the fact that visiting the browlock URL directly without the appropriate redirection or one-time session token results in a 404 error page.

The cybersecurity firm’s latest analysis shows that the campaign is still ongoing.

Cybersecurity

“The tactics and techniques are very similar, but the infrastructure is now more robust than before to defeat potential takedown attempts,” Jérôme Segura, director of threat intelligence at Malwarebytes, said.

“It is just as difficult to reproduce and study the redirection mechanism now as it was then, especially in light of new fingerprinting checks” to detect the presence of virtual machines, certain browser extensions, and security tools.

A majority of the sites loading WoofLocker are adult websites, with the infrastructure using hosting providers in Bulgaria and Ukraine that give the threat actors stronger protection against takedowns.

The primary goal of browser lockers is to get targeted victims to call for assistance to resolve (non-existent) computer problems and gain remote control over the computer to draft an invoice that recommends affected individuals to pay for a security solution to address the problem.

“This is handled by third-parties via fraudulent call centers,” Segura noted back in 2020. “The threat actor behind the traffic redirection and browlock will get paid for each successful…

Source…

This hacker used just 196 MB of RAM to run Windows 11!

/in


This user was able to run Microsoft’s operating system on a computer with a little amount of RAM by using Tiny11, a light version of Windows 11.

Officially, Windows 11 may only be used on devices that have highly rigorous requirements. Making it only available for newer devices. Microsoft demands that your computer have at least 4 GB of RAM among these requirements. As a result, many owners of somewhat old or modestly configured devices find themselves unable to use Microsoft’s most recent operating system.

Fortunately, developers have looked into the issue. And have discovered ways to get beyond the restrictions imposed by the Redmond company. Tiny11 is the most recent try in this field. PCs that don’t fulfill Microsoft’s requirements can install this lite version of Windows 11 Pro. Because this version of the OS only requires 2 GB of RAM to function in theory. While often requiring 20 GB of disk space once loaded. But that was without taking into account the tenacity of XenoPanther. It’s a user who tries to run this customized version of Windows 11 on an even more basic setup. And he was successful.

Gizchina News of the week


You can install Windows 11 on just a 196 MB of RAM computer

He used a virtual computer with only 196 MB of RAM, or around 5% of the total RAM needed by Microsoft to operate its operating system, to accomplish this. It is obvious that using Windows 11 was not easy with this little memory. He struggled with Blue screens of death (BSODs) for nearly two hours before he was able to boot the OS.

XenoPanther, a popular gamer, even had the chance to launch Windows Task Manager. After around thirty minutes of battling BSODs, to which we had to add another fifteen minutes for the task manager to eventually open, the challenge has once more been met.

A miracle that demonstrates that Windows optimization may be sufficient (in addition to the security requirements, of course). To allow the operating system to run on even the most basic hardware. Until then, if your computer isn’t officially compatible with Windows 11. You may always try to force its installation by choosing to install Tiny11 or…

Source…

Ontario claims $75M stolen in ‘kickback schemes’ run by alleged ringleader of COVID-19 fraud

/in


The Ontario government is alleging that as much as $75 million in taxpayers’ money was stolen as part of elaborate “kickback schemes” in the awarding of computer contracts.

In a dramatic expansion of the province’s civil case against the ex-bureaucrat accused in the alleged $11 million theft of COVID-19 relief funds, the Crown claims at least nine others are involved in a separate “conspiracy” dating back more than a decade.

“The plaintiff (the Ontario government) paid out approximately $40 million pursuant to FFSCs (fee-for-service contracts) resulting from the kickback schemes. The secret commissions totalled approximately $35 million,” government lawyers say in Ontario Superior Court civil filings.

“As a result of the conspiracy, the plaintiff suffered damages in the amount of $75 million,” the submission says.

That is over and above the $11 million allegedly taken from the Support for Families program, which gave Ontario parents $200 per child under age 12 and $250 per child and youth under 21 with special needs to offset online educational expenses early in the pandemic.

In court filings on that matter, the government alleges Sanjay Madan, spouse Shalini Madan, their adult sons Chinmaya and Ujjawal, and associate Vidhan Singh funneled cash to thousands of Bank of Montreal, Royal Bank of Canada, TD, Tangerine, and India’s ICICI bank accounts in 2020.

Sanjay and Shalini were then fired from their government information technology jobs and are currently on trial for criminal charges. Sanjay is charged with two counts of fraud and two counts of breach of trust.

He and Shalini are charged with possession of stolen property and laundering the proceeds of crime. Shalini, Chinmaya and Ujjawal have all denied any involvement in the alleged $11 million theft. Chinmaya and Ujjawal have not been charged criminally.

Singh was charged with money laundering, fraud, and possession of stolen property and Manish Gambhir was charged with possession of stolen property and possession of an identity document related — or purported to relate — to another person. In the criminal matter, Singh and Gambhir have denied any wrongdoing. Gambhir is not named in the civil action.

As the…

Source…

These 2 High-Growth Stocks Could Power the Bull Market’s Next Record Run

/in


When bear markets strike, it feels like they will never end, but investors that focus on buying stocks of companies that continue to post strong revenue growth will be poised to realize sizable gains in the next bull market.

One area to hunt for promising winners is cloud computing. Spending on cloud infrastructure has remained very resilient in 2022, up 30% year over year in the third quarter. Earlier this year, Amazon Web Services CEO Adam Selipsky mentioned that cloud computing is still in the early innings of adoption. 

While the big cloud service providers like Amazon have a bright future, there are even faster-growing companies addressing specific cloud needs that could lead the market higher over the next decade. Here are two of my favorites.

Snowflake

Snowflake (SNOW -2.52%) is seeing tremendous growth by offering companies a single platform for uploading and analyzing massive amounts of data using artificial intelligence. Over the last five years, annual revenue has increased fourfold to nearly $2 billion, and management believes the business can sustain an average annual growth rate of 30% for several more years. 

Snowflake has emerged as the leading data management solution. It integrates with all the major cloud service providers, such as Amazon Web Services and Microsoft Azure. Other cloud companies also offer data analysis tools, but one metric indicates Snowflake is doing it better. For several quarters, Snowflake has maintained a very high net dollar retention rate of over 170%. This means customers spend significantly more with Snowflake after their first year on the platform — a key indicator of its value proposition.

There is a risk that large cloud service providers with greater financial resources than Snowflake could acquire or partner with other data management services to grab a bigger piece of the market, but that’s unlikely for a few reasons. Snowflake already has relationships with many Fortune 500 companies. Most importantly, Snowflake is expanding its competitive lead the more it grows. A key advantage is its data marketplace that allows customers to share and exchange data. This creates a strong incentive for clients to stick with…

Source…