This phishing malware steals sensitive data easily
Security experts are warning users about a recent spike in phishing campaigns. Malware called RedLine Stealer is stealing sensitive data like credit card numbers, usernames, passwords, and cryptocurrency from Windows PCs, particularly Internet Explorer users, in Europe and North America.
ZDNet reports that this most recent mass phishing campaign occurred in April 2022, but the malware has been around since 2020. Before the April campaign, HP’s threat research blog discussed how they discovered hackers disguising RedLine Stealer as a fake Windows 11 upgrade in February this year.
RedLine Stealer uses relatively simple code, but it can steal vast amounts of data. It works by utilizing CVE-2021-26411 exploits found in Internet Explorer. CVE-2021-26411 is a memory corruption vulnerability that can give attackers the same operating systems permissions as the attacked user. Although the exploit was revealed and patched last year, users that have yet to update Internet Explorer are still at risk. Once deployed on a victim’s OS, the malware checks for usernames, installed browsers, and if the system is running antivirus software. After that it steals whatever information it can, such as crypto wallets, chat logs, and text from files, as well as cookies, passwords, and credit card details saved in browsers.
One of the most worrying things about RedLine Stealer is how readily available it is. Cybersecurity researchers at Bitdefender have revealed that hackers can purchase RedLine Stealer as part of a malware-as-a-service (MaaS) scheme in underground marketplaces. MaaS is much like Software-as-a-Service in that it allows users to subscribe to cloud-based tools and solutions, albeit for nefarious purposes. Several tier levels are available for RedLine Stealer subscribers, the highest being a ‘lifetime’ subscription for $800 and the lowest a $100 software lease. This accessibility allows even low-level cybercriminals with little technical expertise to deploy the malware and reap the benefits with relative ease.
Experts are urging users to avoid becoming phishing victims by updating software like computer operating systems, antivirus programs, and other applications as soon as security patches are released. You can also follow these best practices.
In other news
- Russia receives a record level of DDoS attacks. According to Wired, Russia has been hit by an unprecedented amount of cyberattacks, most of which are distributed denial of service attacks (DDoS) that are bringing disruption to everyday life in the country. Attacks have been launched by both an “IT Army” of Ukrainian hackers and politically motivated “hacktivists” from around the world. The Russian cybersecurity company Kaspersky recorded record levels of DDoS attacks in the first three months of 2022. However, Ukraine has also been targeted in cyberattacks, and Bleeping Computer reports that DDoS attacks on pro-Ukraine sites have been common, especially on WordPress sites.
- Zoom may be making people less creative. Having trouble innovating with remote workers? A new study reported in The Guardian suggests blaming Zoom meetings. When Stanford University researchers Melanie Brucks and Jonathan Levav paired up 600 volunteers and had them tackle a creative task either virtually or in the same room as each other, the researchers discovered that the virtual brainstormers were 20% less creative. To be certain of their results, they then tested 1490 engineers who worked remotely in a global company that was concerned about innovation among remote workers. The team found this group was also more creative in person-to-person meetings. All engineers scored highly in creativity, apart from one Polish team who met in a hotel room instead of the office and demonstrated “a notable preoccupation with the hotel catering’s coffee and cookie station” according to Brucks.
- Global chip shortage to last a few more years. Intel CEO Pat Gelsinger announced that semiconductor chips will remain in short supply until 2024, according to ZDNet. Last year Intel reported that it would open a new plant for producing chips in Europe, but the CEO identified recent lockdowns in China and the war in Ukraine as continuing challenges to semiconductor manufacturing. The new US law called the Creating Helpful Incentives to Produce Semiconductors (CHIPS) Act, which is part of the wider Innovation and Competition Act, will bring $52 billion to semiconductor production in the US.
- Eye-scanning app to screen for Alzheimer’s. According to Global News, a team at the University of California San Diego has created a mobile app that will use built-in near-infrared cameras to track changes in pupil size. This will make it possible for people to screen themselves for neurological conditions. These user-friendly pupil measurements can give neurological information on the person screened, making clinical trials much easier to carry out. Eric Granholm, a UCSD psychology professor, says that the app will “aid in the detection and understanding of diseases like Alzheimer’s” as well as ADHD.
- Singaporean wins prize for detecting deepfakes. The relatively new phenomenon of deepfakes has been a growing concern. This is why AI Singapore offered the cash prize of S$100,000 for the best deepfake-busting AI model created in a five-month challenge, according to The Straits Times. The prize was claimed by Singaporean Wang Weimin, who single-handedly created a model with an accuracy rate of 98.53%, beating 469 teams from across the globe. Although Wang has been offered funds to market his model, he has instead chosen to make it exclusively available to his employer, ByteDance, which is the owner of TikTok.
Tip of the week
Creativity and imagination can be tricky things to harness, whether in a Zoom meeting or not. Everyone has moments when they feel like they could come up with something different — something fresh. But when faced with a blank page, or a blank screen, inspiration can be hard to come by.
If you want to be more creative on Zoom (or anywhere else), the most important thing is that you have a healthy mental state. Get a good night’s sleep before the meeting, and take five minutes to do something you love just before you log in. Make the environment around your desk more visually inspiring, and don’t be afraid to incorporate play. Yes, have something at your desk to play with: a fidget toy, Legos, or silly putty.
Play allows you to relax and let go of your inhibitions. On a deeper level, play is about letting your imagination take flight. So the next time you’re on a call, and the brainstorming session starts, grab that stress ball or clicky pen and let your brain relax until the ideas start flowing.