Uproar over a viral video in Russia

The heat and dust over corruption charges in Russia are no longer available in Instagram much to the major disappointment of an opposition party leader in the country.
Alexei Navalny, the prominent opposition party leader said under mounting pressure from the ruling side, the internet regulator has blocked the access to the striking evidence to substantiate the allegations.     
The crux of the stinging controversy is a 25 minute YouTube video showing Oleg Deripaska to have met deputy prime minister Sergei Prikhodko on a yacht triggering huge acrimony in many pockets of Russia giving sleepless nights to a section of the rulers forcing them to resort to such step.
Uploaded by Navalny's Anti-corruption Foundation, the upload struck the response of millions of visitors who got ready to take on the rulers even the YouTube has nothing to react.
The ruling side resorted to ISPs to block the access to the startling revelations since the local internet service providers were believed to have been unable to do it.    
The ruling giant in question has flatly denied the allegations and called it a fabricate and a figment of imagination.
According to Navalny, he was disallowed to take on Putin in the upcoming presidential polls acting on a politically motivated allegations of corruption. Now he has accused Instagram of resorting to an "illegal censorship request"
What has further aggravated the scene is the surface of female model, who herself was believed to have erased some of her materials connecting to corrupt practice.  
Without details, Facebook sources have already confirmed that if government observes something is violated on the internet, they are free to contact seeking restriction in the relevant territory in the name of transparency.
The internet regulator is understood to have been waiting for YouTube to take action against the video which was running into a hail of acrimonious controversy.

Zero Day Telegram Vulnerability Exploited by Hackers for Cryptomining

Kaspersky Lab has revealed that in October 2017, they had discovered a flaw in Telegram Messenger’s Windows desktop client that was being exploited “in the wild”. According to Kaspersky, the flaw has allegedly been by Russian cybercriminals in a cryptomining campaign.

The Telegram vulnerability involves the use of an RLO (right-to-left override) attack when the user sends a file through the messenger.

RLO Unicode method is primarily used for coding languages that are written right-to-left, such as Hebrew or Arabic, but hackers can use it to trick users into downloading malicious files. When an app is vulnerable to attack, it will display a filename incompletely or in reverse.

Kaspersky has said that it seems that only Russian cybercriminals were aware of this flaw and were exploiting it — not to spread ransomware but cryptomining malware.

The attacks enabled cybercriminals to not just spread the cryptomining malware but also to install a backdoor to remotely control victims’ computers.

“We don’t have exact information about how long and which versions of the Telegram products were affected by the vulnerability. What we do know is that its exploitation in Windows clients began in March 2017,” read the report Kaspersky published on the flaw.

In the report, Alexey Firsh, cyberthreat researcher at Kaspersky, has outlined several scenarios that show cases of how the vulnerability was actually exploited.

He also wrote that Telegram was informed of this flaw and it no longer occurs in their products.

Tractor-Hacking Farmers giving Rise to the Right to Repair Movement

"I would say what I'm doing is hacking," says Kyle Schwarting who, is a farmer by profession and a hacker by need signalling to a Windows laptop and a USB-to-tractor link he made himself.

As of late Schwarting found a hacked version of John Deere's Service Advisor software on a torrent site, which he makes use of to diagnose problems with the agricultural equipment and ultimately repair it. Without this product, even minor repairs will cost him thousands of dollars from an authorized John Deere repair person, along with more importantly, time.

John Deere, Apple, Microsoft, Samsung, AT&T, Tesla, and most by far of enormous tech firms have spent the last decade controlling repair, these organizations themselves are the main ones who have access to new parts, apparatuses, and service manuals to settle broken machines; the main ones who have software that can evade encryption bolts that misleadingly keeps individuals like Schwarting from working on equipment.

Therefore clearly, individuals like Schwarting find industrious and intrepid courses around these locks by finding unapproved versions of the software or by hacking through firmware en masse.
Schwarting and different farmers across the nation over have wound up on the front line of the right to repair movement, the biggest people-versus-big-tech revolt in in recent times. So what began as hacking out of need has immediately changed into a bon fide political development.

The objective of this development is to eventually get a law passed that will permit agriculturists (farmers), autonomous repair individuals, and normal customers to reclaim responsibility for tractors, their tablets, their mobile phones, and their air conditioners.

A couple of farmers Nebraska who are leading this movement trust that there are currently 18 states which are considering their options on the "fair repair" bills. Which would require the makers to offer the repair parts and devices to the majority, and make repair manuals accessible to the general public, and furthermore to give circumvention instruments for software locks that are particularly intended to avoid any kind of outsider repair.

“The Fair Repair act gives an individual the ability—you’ve always had the right—to purchase the diagnostic tools or to take their equipment somewhere local, or to try and repair the equipment yourself,” says Lydia Brasch, a state senator who is sponsoring the bill in Nebraska.

An exception to the Digital Millennium Copyright Act particularly makes it lawful to hack tractors for the purpose of repair. In any case, John Deere takes the farmers consent to permitting arrangements i.e. licensing agreements that limit the amount of repairing they are supposed to do on their equipment; as violating it could be thought as a breach of contract and farmers who do, are obligated to be sued.

In Nebraska, the legislation is borne out of sheer frustration and a sentiment of loss of agency from farmers whose families have invested decades repairing their own particular gear.

 “As tractors have become more high-tech, we do not have the ability to hook up a tractor to diagnose it, to repair it, or even to activate parts that we’ve already bought. There are used parts that are available, but if I put them on, the tractor won’t run”, Tom Schwarz, a fifth-generation farmer.

Prior to this month the Association of Equipment Manufacturers and the Equipment Dealers Association—two farming industry trade groups that represent John Deere and the other giants —reported that its producers and merchants bolster "common sense repair solutions" and will deliberately give a portion of the prerequisites delineated in the fair repair legislation.
The groups say that the manufacturers will provide or offer manuals and product guides and diagnostic software by model year 2021: (an extract from the model is given below)

This commitment ensures that farmers and ranchers
have the tools they need and have asked for
to perform basic service, maintenance and repairs.
Overly-broad “Right to Repair Ie’islaUon is not only
unnecessary it would risk the safety, durability
and environmental sustainability of equipment.

The group nevertheless, keeps on pushing hard against the enactment that would enable farmers to adjust their equipment according to their needs, which has turned out to be well known as technically knowledgeable farmers and mechanics have figured out how to make tractors all the more strong and powerful while figuring out how to repair them.

Lazarus Hacking Group back with new hacking campaign targeting banks and bitcoin users

The North Korean Lazarus Hacking Group, which was believed to be behind the WannaCry ransomware attack last year, has returned with a new campaign targeting financial institutions and bitcoin users.

The new campaign, as discovered by the McAfee Advanced Threat Research (ATR) analysts and dubbed as “HaoBao”, was termed by McAfee as an “aggressive Bitcoin-stealing phishing campaign” that uses “sophisticated malware with long-term impact.”

It resumes Lazarus’ phishing emails, posed as job recruiters, from before but now targets global banks and bitcoin users.

It works by sending malicious documents as attachments to unsuspecting targets, who open the malicious document and unknowingly allow the malware to scan for Bitcoin activity, after which it establishes an implant for long-term data gathering on being successful.

According to the firm, McAfee ATR first discovered of the malware on January 15th, when they spotted a malicious document passed off as a job recruitment for a Business Development Executive at a multi-national bank based in Hong Kong.

More information can be found in a blog by McAfee regarding the campaign.

While the form of attack seems nothing new, the two-stage attack malware has surprised researchers.

“This campaign deploys a one-time data gathering implant that relies upon downloading a second stage to gain persistence,” said McAfee analyst Ryan Sherstobitoff. “The implants contain a hardcoded word ‘haobao’ that is used as a switch when executing from the Visual Basic macro.”

According to Sherstobitoff, the dropped implants have “never been seen before in the wild” and were not used in the last campaign either.

He believes that, because of a lack of solid regulations in respect to cryptocurrencies and the fact that sanctions against North Korea are difficult to enforce with digital currencies than with hard currency, such attacks will only grow — which could spell bad news for bitcoin users.

Aside from the link to the WannaCry attack, Lazarus is also believed to be linked to the Sony hack in 2014 and the attack on South Korean cryptocurrency exchanges last year.

Cryptocurrency Miner Malware hits 60 million Android users

A new malware is attacking  Android users by sending them malicious domains to drive their devices to cryptocurrency mining campaign.

According to Malwarebytes blog,  malicious websites and apps are governing Android users to some of the websites are set up for mining the cryptocurrency, and it revealed that more than  60 million users have been affected by this malicious domains.

Researchers said that till now five cryptocurrency mining websites get more than of 800,000 hits a day. This malware has been active since November last year.

The research blog highlights that the malware only targets mobile users, and they have a great advantage in targeting them as mobile users generally don’t use any kind of security applications or web filtering.

"While Android users may be redirected from regular browsing, we believe that infected apps containing ad modules are loading similar chains leading to this crypto mining page. This is unfortunately common in the Android ecosystem, especially with so-called “free” apps,” blog post.

However, the malicious cryptocurrency mining informs the visitors that they are being redirected to the websites which are used to mine cryptocurrency which is then used to pay for server traffic. Same captcha code is being used for small servers.

The blog adds, “We identified several identical domains all using the same CAPTCHA code, and yet having different Coinhive site keys (see our indicators of compromise for the full details). The first one was registered in late November 2017, and new domains have been created sine then, always with the same template.”

The researchers concluded, “The threat landscape has changed dramatically over the past few months, with many actors jumping on the cryptocurrency bandwagon. Malware-based miners, as well as their web-based counterparts, are booming and offering online criminals new revenue sources.”