This MacOS Trojan stealthily lifts your data, says Microsoft

You might think that your Mac is invulnerable to viruses and other security threats, but you might want to think again. As part of its commitment to intelligence sharing and collaboration, Microsoft recently exposed the evolution of a MacOS Trojan that can stealthily lift your personal data.

First spotted in September 2020, Microsoft says this piece of malware, known as UpdateAgent,  has increasingly progressed to “sophisticated capabilities.” Though it also indicated that the latest two versions are still more “refined,” Microsoft does warn that the malware is again being developed, and more updates could come soon.

It is so bad, that Microsoft believes this malware can be leveraged to fetch more dangerous payloads beyond just the adware that it is already injecting into victim machines.

But how does it work? Per Microsoft, the UpdateAgent malware can impersonate real software, and then take Mac functionalities under its own control. It is usually first installed to victim Macs by automated downloads without a user’s consent, or advertisement pop-ups, which impersonate video applications and support agents. UpdateAgent can even bypass Gatekeeper, which usually makes sure that only trusted apps can run on Macs. The Malware then takes over a machine and performs malicious acts like injecting adware.

Microsoft worked with Amazon Web Services to pull the URLs used by UpdateAgent to inject adware, but the UpdateAgent campaign has steadily evolved. It went from basic information stealer in December 2020, to the ability to fetch and deliver .DMG files in February 2021, to being able to fetch and deliver .ZIP files in March 2021.

Later in August, the malware expanded its reconnaissance function to scan and collect System_profile and SPHardwaretype information from victim machines. At its worst point in August, the malware even used permissions and wrote its own code to trick Gatekeeper into thinking it’s not even there.

“UpdateAgent is uniquely characterized by its gradual upgrading of persistence techniques, a key feature that indicates this trojan will likely continue to use more sophisticated techniques in future campaigns,” Microsoft said Microsoft.

Microsoft wasn’t clear which versions of MacOS are impacted by UpdateAgent, but it did have some advice that goes beyond using antivirus software. It pointed to using the Microsoft Edge browser, which can block and scan for malicious websites. Other tips include restricting access to privileged resources, installing apps only from the app store, and running the latest versions of MacOS and other applications.

Editors’ Choice

Repost: Original Source and Author Link


GPUs Could Become Trojan Horses for Future Cyberattacks


The graphics card inside your computer is a powerful tool for gaming and creative work, but it can also potentially serve as a Trojan horse for malware. Cybercriminals are finding ways to exploit graphics cards and their VRAM to inject malicious code into your system. The approach is claimed to have worked during a proof-of-concept hack on both discrete and integrated GPUs from AMD, Intel, and Nvidia.

Because antivirus software today cannot scan the graphics card’s own video RAM, known as VRAM, hackers are now targeting GPUs to carry out their dirty work. On the other hand, conventional methods used today that target the system’s main memory would trigger the antivirus software.

According to Bleeping Computer, a brief description of the hack was posted on a hacker forum, where one seller was trying to sell his proof-of-concept method to exploit the VRAM on GPUs. The seller stated that the method worked on Intel’s integrated UHD 620 and 630 graphics, as well as discrete solutions including the AMD Radeon RX 5700 and Nvidia GeForce GTX 1650. It’s unclear if the attack would also work on other GPUs, like the recent Radeon RX 6000 series from AMD and the Geforce RTX 3000 series from Nvidia, both of which have seen high demand and short supply.

The listing to sell the proof of concept was posted on August 8, and the method of exploit was sold on August 25, though details about the transactions were not revealed. It’s unknown who purchased the hack or how much was paid.

Though specifics about the exploit that was sold to other hackers are not known, cybersecurity researchers at VX-Underground stated that the method allowed the code to be run by the GPU and in the VRAM rather than by the CPU. The researchers said that they will be demonstrating the method of exploit soon.

While targeting the GPU for cyberattacks may be different from traditional hacks today, the method isn’t entirely novel. This latest exploit follows a similar proof of concept from six years ago known as JellyFish.

With the JellyFish proof of concept, researchers exploited the graphics card with a GPU-based keylogger. The seller of this latest GPU-based hack denied similarities behind his method and JellyFish, Bleeping Computer stated.

Given that your GPU could potentially be exploited by a malicious actor in the future to hide and execute malware, PC owners, gamers, and creators should stay vigilant of suspicious emails, links, files, and downloads. This is especially pertinent given that malware that sits in VRAM can be undetectable by antivirus software.

Editors’ Choice

Repost: Original Source and Author Link


‘Blankos Block Party’ is an NFT Trojan Horse for the video game industry

Mythical Games is proud of Blankos Block Party, sure. Co-founders John Linden and Rudy Koch are happy it’s found a substantial audience, and they’re pleased to partner with brands like Burberry and Deadmau5. They were super happy to receive an additional $75 million from investors this month, bringing their funding total to $120 million. But really, Blankos Block Party is more of a side hustle for Mythical Games. What Linden and Koch are actually selling is an ecosystem of NFT-driven gameplay and development.

Problem is, to the majority of Mythical’s audience, that sounds boring as hell. It’s much easier to sell Blankos, a colorful online world filled with user-created toys and cartoon vibes, than it is to push blockchain economics on a playerbase of kids and mainstream brands.

Blankos is obviously the proving ground,” Linden told Engadget. “We control all the levers in Blankos, which is great, so we can do a lot of testing and really see what’s hitting with the community. But the idea behind that is to tune it so that other games can use the same concepts.”

Blankos Block Party

Mythical Games

Blankos wasn’t originally meant to be a full game. It started off as a tech demo, a way for Mythical developers to demonstrate their NFT marketplace to potential corporate partners. Blankos operates on the premises of accessibility, ownership and scarcity — it’s a free title where players can build game worlds with no coding skills required, and also collect, customize or sell NFTs of characters and objects created by developers and major brands. The Blankos themselves are squashy, Funko-esque toys, driving home the idea that they’re collector’s items, even though they’re completely digital.

That NFT marketplace is the heart of Blankos, and it’s what Mythical is actually interested in building.

“What NFTs allow us to do is to bring the player into the economy so they can participate in the value that they bring to the game,” Koch said. “Through the items that they earn, through the levels that they build, through the customizations that they make — they own the NFTs. They own the items, for the first time. And they can play with them, they can sell them.”

The idea of selling in-game items for real money isn’t new, but the ownership that comes with blockchain technology is. There are existing marketplaces where players buy and sell game keys, digital weapons and rare cosmetic gear, though these operate on legally dicey ground. Players often don’t own the things they’re bartering — the game developer does. Counter-Strike: Global Offensive has a notoriously hot gray market, with players reportedly spending north of $100,000 for specific weapon skins.

“We’ve seen gray markets pop up around most popular games, almost every popular game,” Koch said. “Players clearly see the value, and they want to buy and sell things from each other… [but] it’s always been on the fringe, it’s always been illegitimate.”

Linden agreed and added, “When these gray markets pop up, they’re not safe. You don’t know if you’re going to get the assets, there’s a lot of fraud in these things, there’s a lot of laundering, there’s a lot of different things, and negative things have happened in these gray markets. And I think that’s what we want to try and legitimize. We want to make that part of the game, part of the ecosystem, so you can design with that.”

Blankos Block Party

Mythical Games

When Mythical was showing Blankos to big brands roughly three years ago, the NFT industry was an odd, little-known space. This was ages before the Great NFT Boom (and Bust) of 2021, back when most folks were just beginning to hear about blockchain technology, mainly from the perspective of Bitcoin. Today, NFT marketplaces are so trendy they’ve become tacky.

Overall, that’s good news for Mythical. Linden and Koch don’t have to spend time explaining blockchain-powered ownership or try to avoid saying “NFT” entirely anymore.

“There’s a new generation of collectors, right?” Linden said. “And the fact that they’re willing to pay this money for tokenized JPEGs, which — we’ll see what the value is, long-term, but I think what [the NFT craze] did show is it showed the mentality. It showed where consumer interest is heading, that they view digital assets as assets.”

To that end, Blankos Block Party doesn’t need to succeed. Mythical doesn’t even need to win over the Twitch chat, which was aggressively unimpressed by the Blankos presentation this week, during E3 2021. What really matters is major brands and players buy into Mythical’s in-game NFT ecosystem.

“The game doesn’t have to be a grand slam,” Linden said. “We’re not trying to necessarily take on Roblox, but what we’re seeing is the community loves it. The community really loves what we’re doing, the brands love where it’s doing, so we’re going to definitely invest heavily behind it, to really show this and show all these new concepts that we want to do. How does gameplay affect ownership? How can you play to earn? What does that mean in a game?”

Blankos Block Party

Mythical Games

Blankos entered Early Access this week, bringing along “several hundred thousand” players from a six-month beta. Brands and artists including Burberry, Deadmau5, Michael Lau and Quiccs have plans to release in-game items this year, and Mythical coordinated a Blanko NFT Twitch Drop for viewers of its E3 2021 show on Monday. More than 100,000 NFTs have been purchased in Blankos so far.

Long-term, Mythical is concerned with making sure its NFT economy is sustainable. Mythical isn’t the only studio attempting to make NFTs a thing in gaming, but they’ve been working on this issue for years and they’ve hired people with expertise in live events, ticketing and financial systems. Eventually, if all goes to plan, the studio will transition into a distribution role similar to Valve or Epic Games, licensing out its blockchain technology and overseeing other studios’ game economies.

“Our primary focus is going to be bringing this technology to a lot of other game developers, and we’re already in talks with quite a few to bring this into their worlds as well,” Linden said. “We’ll probably have a few announcements later this year, for sure.”

Blankos is certainly no Fortnite or Roblox, but it doesn’t need to be. It just needs to sneak Mythical’s NFT concept into the gaming industry.

All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission.

Repost: Original Source and Author Link