Connect with us

Press Release

You become infected with RedLine malware through fake Windows 11 upgrade installers.

Published

on

You become infected with RedLine malware through fake Windows 11 upgrade installers.

Users of Windows 10 have begun to get phoney Windows 11 upgrade installers, tricking them into downloading and running RedLine stealer software.

The attacks took place at the same time that Microsoft announced the broad deployment phase for Windows 11. As a result, the attackers were well-prepared for this move and waited for the ideal time to maximise the effectiveness of their operation.

As the most extensively used password, browser cookie, credit card, and cryptocurrency wallet information thief at the moment, RedLine stealer infections can have serious negative effects on the victims.

The initiative

The attackers exploited the “windows-upgraded.com” domain for the malware distribution portion of their campaign, according to HP experts who have detected this effort.

When a visitor selected the “Download Now” button on the website, a 1.5 MB ZIP archive with the name “Windows11InstallationAssistant.zip” was downloaded directly from a Discord CDN. The website looks to be an official Microsoft website.

Decompressing the file yields a folder with a size of 753MB and a remarkable compression ratio of 99.8%, which was made possible by the executable’s inclusion of padding.

An encoded parameter starts a PowerShell process when the victim runs the programme in the folder.

A.jpg file is then retrieved from a distant web server when a cmd.exe process with a 21-second timeout has finished running.

The DLL in this file is organised in reverse, maybe to avoid detection and analysis.

The first process then loads the DLL and swaps it out for the current thread context. That DLL is a RedLine stealer payload that uses a TCP connection to communicate with the command-and-control server to receive instructions on what malicious operations should be performed next on the recently compromised system.

Outlook
Nothing prevents the actors from registering a new domain and continuing their campaign even though the distribution site is currently unavailable. In fact, it’s quite likely that this is already taking place in nature.

Due to hardware compatibility issues, many Windows 10 customers are unable to download Windows 11 via the official distribution channels. Malware operators see this as a great opportunity to recruit new victims.

The strategies disclosed by HP are not surprising at this time, as threat actors are also use Windows’ legitimate update clients to execute malicious code on compromised Windows systems, as BleepingComputer discovered in January.

Remember that these risky websites are advertised through forum postings, posts on social media, and instant messages, so only rely on the official Windows upgrade system alerts.

Continue Reading

Press Release

Rajshree Game Play Result

Published

on

Rajshree Game Play Result

If you are searching to find Play Rajshree Video Game Outcome? After that, you can find several sites here that provide in-depth information.

Results Chart for the Playrajshree Lottery game online
RAJSHREE-J. 09:00 AM: 9033: 9123: 9272: 9389: 9452: 9503: 9671: 9722: 9827: 9948: It is completely forbidden to buy lottery tickets using this website in jurisdictions where lotteries are outlawed. To play the online lottery, you must be at least 18 years old.

http://www.playrajshree.com/QuickLink/ResultChart.aspx
DSDIR, Rajshri Play Game Result
Rajshree Lottery is a fun online game where you can view the results every 15 and 20 minutes as of Mar. 13, 2022. The age requirement to play this game is 18. Good luck today. Any adult can play the online game Rajshree Lottery.

Rajshri Play Game Result


Game Rajashri to play
Welcome to play the Rajashri Lottery at Draw Time: 10:00 AM on Draw Date: 10-03-2022: Golden (GA 60-69) ShubhLaxmi (SA 20-29). The current time is: 07:06:34 PM on 10-03-2022.

https://playrajashrilott.com/
Rajshree Result – DSDIR to play
Results Chart – PLAY ONLINE PLAYRAJSHREE LOTTERY GAME. RAJSHREE-J. Mar. 12, 2022. 09:00 AM: 9033: 9123: 9272: 9389: 9452: 9503: 9671: 9722: 9827: 9948: It is completely forbidden to buy lottery tickets using this website in jurisdictions where lotteries are outlawed.

Play Rajshree Result


Goa Lottery Rajshree Results – Lottery Results
Mar. 11, 2022 The Rajshree Lottery is held daily in Goa, and the results are reported below in the table. The top prize-winning ticket and the sum earned are displayed. You can check your tickets here to see if you won the top prize in the Rajshree lottery or any of the other levels. You can also check the top reward for previous drawings.

https://www.lotto.in/goa/rajshree-results
Findings – GOA Star
Summary of the results: Golden A Game, Subhlaxmi A Game, and Rajshree A Game.

https://playrajshreegoa.com/
Results Sheet for Rajshri’s Victory
In the states where lotteries are illegal, buying lottery tickets through our website is strictly forbidden. To play the online lottery, you must be at least 18 years old.

http://playrajshriwin.com/result.php
Results from the Rajshree Lottery
Rajshree Lottery is an online game that you can play for entertainment purposes; the results are updated every 15 and 20 minutes. The age requirement to play this game is 18. Good luck today. Rajshree Lottery is an internet game that any adult can play for free. No upfront payment is necessary.

https://www.rajshreelottery.co.in/
Application Rajshree Lottery Results – Google Play
This Rajshree Lottery Sambad is unofficial and has no affiliation with any State Lottery Result Board as of October 29, 2021. We simply gathered these findings from open-source third-party websites, and we urge you to double-check them against officially released data.

https://play.google.com/store/apps/details?

id=loteryresulraj
Rajshree Outcome
Play the Rajshree lottery, Rajshree lottery, best lottery, lottery, play the Rajshree lottery result, and Rajshree lottery result. Draw time for the Rajshree Sikkim Lottery is today at 3:00 AM.

https://www.rajshree10.com/current-draw.php
The sources mentioned above should be able to provide you with information on the Play Rajshree Game Result. If not, you can contact me through the comments.

Continue Reading

Press Release

Two million Android malware apps have been discovered on Google Play.

Published

on

Two million Android malware apps have been discovered on Google Play.

Over two million individuals have been duped into installing new Android malware, phishing, and adware apps that have penetrated the Google Play store.

The programmes, which appear to be helpful utilities and system optimizers but are actually the causes of performance glitches, advertisements, and a degraded user experience, were found by Dr. Web antivirus.

One Dr. Web-illustrated app that has one million downloads is TubeBox, which is still accessible on Google Play as of this writing.

When trying to redeem the collected prizes, TubeBox consistently presents problems, despite promising users money for watching movies and advertisements on the app.

Even customers who successfully complete the final withdrawal stage never actually receive the money, according to the researchers, as the whole thing is just a ploy to keep users on the app as long as possible so they may view adverts and bring in money for the makers.

The following adware applications also showed up on Google Play in October 2022 but were later taken down:

One million downloads of the Bluetooth device auto connect (bt autoconnect group)
USB, Wi-Fi, and Bluetooth drivers (simple things for everyone) Over 100,000 downloads
Bt Autoconnect Group’s Volume, Music Equalizer: 50,000 downloads
(Hippo VPN LLC) Fast Cleaner & Cooling Master – 500 downloads

The aforementioned apps take instructions from Firebase Cloud Messaging and load the websites listed in them, which results in the fraudulent display of advertisements on the affected devices.

The remote operators might also set up an infected device to function as a proxy server in the instance of Fast Cleaner & Cooling Master, which had a low download volume. The threat actors could route their own traffic through the infected device using this proxy server.

Last but not least, Dr. Web came across a number of loan scam apps with an average of 10,000 downloads on Google Play that claimed to have a direct connection to Russian banks and investment companies.

Through malicious advertising on other apps, these apps were marketed as offering assured investment returns. Actually, the apps direct users to phishing websites where their personal data is gathered.

You should always look for bad reviews, carefully read the privacy statement, and visit the developer’s website to verify the legitimacy of an app before downloading it from Google Play.

Generally speaking, try to limit the number of installed apps on your smartphone and occasionally check to make sure Google Play Protect is turned on.

Continue Reading

Press Release

THE ANALYSIS RESULTS THAT THE OPENCV-BASED FACIAL RECOGNITION MODEL AS USED BY EXAM MONITORIO FAILS TO RECOGNIZE BLACK FACES MOST OF THE TIME (TODD FEATHERS/VICE).

Published

on

THE OPENCV-BASED FACIAL RECOGNITION MODEL

Analysis finds that an OpenCV-based facial recognition model used by exam monitoring software Proctorio fails to recognize Black faces more than 50% of the time — A student researcher has reverse-engineered the controversial exam software—and discovered a tool infamous for failing to recognize non-white faces.

Continue Reading

Trending