Aggregator

"What happens when cybercriminals stop thinking small and start thinking like a Fortune 500 company?" asks a blog post from Koi Security. "You get GreedyBear, the attack group that just redefined industrial-scale crypto theft." "150 weaponized Firefox extensions [impersonating popular cryptocurrency wallets like MetaMask and TronLink]. Nearly 500 malicious executables. Dozens of phishing websites. One coordinated attack infrastructure. According to user reports, over $1 million stolen." They upload 5-7 innocuous-looking extensions like link sanitizers, YouTube downloaders, and other common utilities with no actual functionality... They post dozens of fake positive reviews for these generic extensions to build credibility. After establishing trust, they "hollow out" the extensions — changing names, icons, and injecting malicious code while keeping the positive review history. This approach allows GreedyBear to bypass marketplace security by appearing legitimate during the initial review process, then weaponizing established extensions that already have user trust and positive ratings. The weaponized extensions captures wallet credentials directly from user input fields within the extension's own popup interface, and exfiltrate them to a remote server controlled by the group... Alongside malware and extensions, the threat group has also launched a network of scam websites posing as crypto-related products and services. These aren't typical phishing pages mimicking login portals — instead, they appear as slick, fake product landing pages advertising digital wallets, hardware devices, or wallet repair services... While these sites vary in design, their purpose appears to be the same: to deceive users into entering personal information, wallet credentials, or payment details — possibly resulting in credential theft, credit card fraud, or both. Some of these domains are active and fully functional, while others may be staged for future activation or targeted scams... A striking aspect of the campaign is its infrastructure consolidation: Almost all domains — across extensions, EXE payloads, and phishing sites — resolve to a single IP address: 185.208.156.66 — this server acts as a central hub for command-and-control, credential collection, ransomware coordination, and scam websites, allowing the attackers to streamline operations across multiple channels... Our analysis of the campaign's code shows clear signs of AI-generated artifacts. This makes it faster and easier than ever for attackers to scale operations, diversify payloads, and evade detection. This isn't a passing trend — it's the new normal. The researchers believe the group "is likely testing or preparing parallel operations in other marketplaces."

Read more of this story at Slashdot.

Car buyers are being offered a cash incentive to purchase a new electric vehicle (EV) for the first time in three years. But the size of the discounts and the rules have left drivers confused.

I felt vindicated in particular by one Army officer who told me she'd postponed her toddler's birthday to make it to a meeting. I'm still cringing years after having done the same thing.

How bored are you of hearing about trainers? A bit, no doubt, because in the past 15 years, trainers have become the number one fashion forward footwear for all ages and both sexes.

The singer, 40, has not spoken to his sibling since he missed his wedding in 2009 to take part in The X Factor semi-finals.

An explorer who visited Japan's largest abandoned resort has shared fascinating footage of the decaying complex - including the remnants of what would have been a five-star, 1000-room hotel.

Linda Calvey, 77, known as 'The Black Widow', was one of East London's most terrifying and prolific gangsters, who earned an estimated £1million from armed robberies.

Many tourists take their mobile phone with them during their travels for a variety of reasons. However, a warning has been issued against bringing the common device to the beach.

Astonishing figures for the soft-justice programme suggest 45,000 could have their sentences cut in its first year.

South American cartels regularly smuggle drugs on container ships before jettisoning the packages overboard for UK-based gangs to retrieve and transport to land.

Donald Trump 's revamp of the White House 's famous Rose Garden is starting to look a lot like his Mar-a-Lago estate.

The real secret to staying young could be simply eating a handful of peanuts every day. Scientists have discovered it slows down cellular ageing.

Official documents are said to show the UK will pay some £35billion to hand the islands over to Mauritius - compared to the £3.4billion previously stated by Sir Keir Starmer.

Elon Musk's Tesla is preparing to move beyond vehicle sales by launching a household electricity supplier.

The researchers looked into the body's immune system - white blood cells - which produce a protein called heme oxygenase-1 (HO-1).

Donald Elsom, who says he has been a dedicated viewer of the brain-teasing letters and numbers show for decades, has already recorded the episode, which is due to be broadcast this afternoon.

More than 1,000 migrants have come to the UK since the Government's 'one in, one out' deal with France became operational last Wednesday.

Imagine this. Lightning sparks a wildfire, but "within seconds, a satellite dish swirling overhead picks up on the anomaly and triggers an alarm," writes the Los Angeles Times. "An autonomous helicopter takes flight and zooms toward the fire, using sensors to locate the blaze and AI to generate a plan of attack. It measures the wind speed and fire movement, communicating constantly with the unmanned helicopter behind it, and the one behind that. Once over the site, it drops a load of water and soon the flames are smoldering. Without deploying a single human, the fire never grows larger than 10 square feet. "This is the future of firefighting." On a recent morning in San Bernardino, state and local fire experts gathered for a demonstration of the early iterations of this new reality. An autonomous Sikorski Black Hawk helicopter, powered by technology from Lockheed Martin and a California-based software company called Rain, is on display on the tarmac of a logistics airport in Victorville — the word "EXPERIMENTAL" painted on its military green-black door. It's one of many new tools on the front lines of firefighting technology, which experts say is evolving rapidly as private industry and government agencies come face-to-face with a worsening global climate crisis... Scientific studies and climate research models have found that the number of extreme fires could increase by as much as 30% globally by 2050. By 2100, California alone could see a 50% increase in wildfire frequency and a 77% increase in average annual acres burned, according to the state's most recent climate report. That's largely because human-caused climate change is driving up temperatures and drying out the landscape, priming it to burn, according to Kate Dargan Marquis, a senior advisor with the Gordon and Betty Moore Foundation who served as California's state fire marshal from 2007 to 2010.... "[T]he policies of today and the technologies of today are not going to serve us tomorrow." Today, more than 1,100 mountaintop cameras positioned across California are already using artificial intelligence to scan the landscape for the first sign of flames and prompt crews to spring into action. NASA's Earth-observing satellites are studying landscape conditions to help better predict fires before they ignite, while a new global satellite constellation recently launched by Google is helping to detect fires faster than ever before. One 35-year fire service veteran who consults on fire service technologies even predicts fire-fighting robots will also be used in high-risk situations like the Colossus robot that battled flames searing through Notre-Dame Cathedral in Paris... And a bill moving through California's legislation "would direct the California Department of Forestry and Fire Protection to establish a pilot program to assess the viability of incorporating autonomous firefighting helicopters in the state."

Read more of this story at Slashdot.

Nicola Sturgeon has insisted that she is not 'rushing into a relationship with anyone' - including women.

A woman and two men lost their lives when the blasts ripped through the Black Sea resort area of Zatoka at around 11.30am today.