Search This Blog

Powered by Blogger.

Blog Archive

Labels

Showing posts with label Piracy. Show all posts

Are YouTube Game Cracks Hiding Malware?


Recently, cybersecurity researchers have unearthed a disturbing trend: threat actors are exploiting YouTube to distribute malware disguised as video game cracks. This alarming course of action poses a significant risk to unsuspecting users, especially those seeking free software downloads.

According to findings by Proofpoint Emerging Threats, cybercriminals are leveraging popular video-sharing platforms to target home users, who often lack the robust defences of corporate networks. The plan of action involves creating deceptive videos offering free access to software and video game enhancements, but the links provided lead to malicious content.

The malware, including variants such as Vidar, StealC, and Lumma Stealer, is camouflaged within seemingly innocuous downloads, enticing users with promises of game cheats or software upgrades. What's particularly troubling is the deliberate targeting of younger audiences, with malicious content masquerading as enhancements for games popular among children.

The investigation uncovered several compromised YouTube accounts, with previously dormant channels suddenly flooded with English-language videos promoting cracked software. These videos, uploaded within a short timeframe, contained links to malware-infected files hosted on platforms like MediaFire and Discord.

One example highlighted by researchers featured a video claiming to enhance a popular game, accompanied by a MediaFire link leading to a password-protected file harbouring Vidar Stealer malware. Similarly, other videos promised clean files but included instructions on disabling antivirus software, further endangering unsuspecting users.

Moreover, cybercriminals exploited the identity of "Empress," a well-known entity within software piracy communities, to disseminate malware disguised as cracked game content. Visual cues provided within the videos streamlined the process of installing Vidar Stealer malware, presenting it as authentic game modifications.

Analysis of the malware revealed a common tactic of bloating file sizes to evade detection, with payloads expanding to approximately 800 MB. Furthermore, the malware utilised social media platforms like Telegram and Discord for command and control (C2) activities, complicating detection efforts.

Research into the matter has again enunciated the need for heightened awareness among users, particularly regarding suspicious online content promising free software or game cheats. While YouTube has been proactive in removing reported malicious accounts, the threat remains pervasive, targeting non-enterprise users vulnerable to deceptive tactics.

As cybercriminals continue to exacerbate their methods, it's imperative for individuals to exercise caution when downloading software from unverified sources. Staying informed about emerging threats and adopting cybersecurity best practices can help combat the risk of falling victim to such schemes.


Think Twice Before Using Pirated Software

 

Everyone has at some point in their lives dabbled in the realm of pirated software. Getting free software appeals to a wide range of users, most of whom are unaware of the risks involved. Many customers choose to install unauthorised or pirated copies of software as its price rises. We'll go over the dangers using unauthorised copies might cause. 

Your computer becoming infected is the first threat you encounter. It's conceivable that the crack is malware that has been poorly disseminated. It's possible that some of you think this is just a false positive from an antivirus programme. That, however, is not completely accurate. Malware's negative effects are well known to everyone: it slows down your computer, sends out your personal information, invites friends in, corrupts your data, and so forth. This includes passwords, address books, and information about credit cards and bank accounts that might all be immediately utilised by identity thieves. 

In this article, we will explain why downloading such illegitimate software is risky. 

What Exactly Is Software Piracy? 

Software that has been illegally copied, disseminated, and used is referred to as pirated software. A person who makes several copies of a programme and sells them is the basic example of software piracy, which can include a range of actions. Software piracy is frequently criminalised under copyright infringement laws on the grounds that it violates the copyrights of the developer. 

Software cracking methods

Crackers employ a variety of techniques to circumvent licence keys and software security protections.

Keygen cracking 

Keygen cracking is the process of creating legitimate software licensing keys using a key generating application. This kind of software, also referred to as a "keygen," examines the technique used by the underlying application to produce genuine licence keys for customers who buy software licences. Keygens are used by crackers to get around software activation restrictions and gain access to premium services that are only available to customers who pay. In order for the software to be utilised on numerous computers, the keygen tool is typically supplied along with the cracked version of the software. 

Cracking a patch 

By using this technique, crackers examine the software's source code and produce a programme (referred to as a "patch") that alters it. First, crackers analyze the software's source code to locate the algorithms in charge of enforcing its security measures. The code is then modified by the cracker, who entirely removes these safety precautions. The patch, a brief programme that makes the modifications when applied to the software, is created by crackers after modification. This patch is provided with the cracked software, making it possible to use it with numerous copies of the same programme without having to pay for the licence. 

Server-based cracking 

In server-based cracking, the software's security features are bypassed by setting up a collection of servers. The cracked software is made downloadable from these servers. The servers are set up to go around the security precautions put in place by the software creators. Crackers accomplish this by either directly altering the software's code or by enhancing an already cracked version of the software. They do this by using a key generator to create licence keys for the software. Once this is done, the crackers typically offer a download link so users may access the cracked software on a website. 

Why Should You Stop Using Pirated Software? 

You become more open to assault because of it. Research shows that 34% of unlicensed software downloaded through P2P was malware-infected, which infects a machine after it is downloaded. Of the group, Trojans made up almost half. Malware is made available to you when you install illegal software. Your computer and the data it stores could be destroyed by ransomware, viruses, Trojan horses, and other malicious software. Malicious virus that can access your data is present in some pirated software items. Your gadget and webcam can be controlled using this. Utilising illegally obtained software puts you at risk for a denial of service attack.

The following are some of the risks you may encounter: 

Incompatibility: You might find that the pirated software isn't compatible with your device, meaning it won't function when you need it most. This is true since the software are pirated versions of the originals. The accuracy of your results may change if these software tools work as intended. Because some businesses check the registration of their software, it's possible that the application will function for a time before failing. 

Legal concerns: Everything that has an original will almost definitely be faked. When someone borrows your concept, claims ownership, and then markets it, it is unfair. Businesses should naturally wish to protect their assets. Because they don't adhere to the guidelines, purchasing counterfeit software is not a good idea. The copyright has been violated. 

A product upgrade is not feasible: As new patches or updates are released, you can enhance your programme experience by updating it. This cannot be played on the piracy version. So regardless of the limitations, you're stuck with it. Upgrade attempts to original packages may result in punishment. There is no way to upgrade the product.

Here is Another Powerful Case Against Using Pirated Software

Downloading unlicensed software can save you a few dollars, but you risk losing much more because researchers have found a cryptocurrency-targeting info stealer hiding within the cracks. "RisePro" is a brand-new piece of information-stealing malware that was discovered by two different cybersecurity companies, Flashpoint and Sekoia.

RisePro is disseminated via websites that also house cracked software, loaders, and other illegal content, and it infects endpoints using the pay-per-install (PPI) malware distribution tool PrivateLoader. 

Researchers found that RisePro and PrivateLoader are very similar, leading them to believe that the malware distribution platform now has its own info stealer. Furthermore, they determined that it makes use of the similar system of embedded DLL dependencies, suggesting that Vidar served as its likely foundation.

Google Chrome, Firefox (and 30 other browsers), Authenticator, MetaMask, and Coinbase are just a few of the many browsers, browser extensions, and cryptocurrency wallets that RisePro searches through for data (and 26 other browser extensions). Furthermore, it can scan filesystem directories for valuable data, such as those containing credit card information, and steal information from Discord, Battle.net, and Authy Desktop.

Flashpoint claims that in Russian dark web markets, criminals have already begun to sell RisePro logs containing sensitive, personally identifiable information. By communicating with their Telegram bot, threat actors who are interested in purchasing the logs or the tool itself can do so over the messaging app.

PrivateLoader is a pay-per-install malware distribution business, according to the researchers, that frequently masquerades as a software crack or keygen. RedLine Stealer or Raccoon, two extremely well-liked infostealers in the cybercrime community, were the only ones that PrivateLoader provided up to this point.

The best defense against such risks is to avoid downloading unauthorized stuff in the first place and to only obtain software from reliable, trustworthy sources. A powerful antivirus program is also suggested.

Software for hacking online cinemas is in open access

There was code repository published in Github for illegally downloading movies from Netflix, Amazon Video, Apple TV+, and other popular platforms. The published scripts allow you to bypass the protection technology used by Russian online cinemas, among others and download video content.

The authors of the TorrentFreak portal reported that on December 28, the software appeared on the international developer platform GitHub for free downloading content from major video services such as Netflix, Apple TV+, Amazon Video, Disney+ others. So, a user named Widevinedump published a code to bypass Widevine's DRM protection technology and posted 12 scripts that allow you to download paid content in resolution up to 720p from popular video services.

According to Karen Ghazaryan, Director General of the Internet Research Institute, almost every Internet browser has support for solutions that prevent illegal copying of files: Microsoft PlayReady or Adobe DRM. The DRM bypass technology, according to the expert, can also be applied to Russian online cinemas.

 “It will not be widely used, the mechanism requires special competencies, but professional pirates may well. So the number of movies and TV series uploaded to torrents will increase, which is very useful before the holidays, ”Mr. Ghazaryan believes.

Sergey Nenakhov, head of the cybersecurity audit department at Infosecurity a Softline Company, explains that Russian online cinemas mainly use the same technologies — Widevine from Google and FairPlay from Apple, some additionally embed watermarks in the video to identify leaks.

"But pirates can also make changes to the video stream, adding their own noise and "spoiling" watermarks to confuse the tracks," he adds.

According to experts, given the current level of availability of pirated content in the Russian Federation, this is unlikely to significantly change the situation.

The Russian State Duma introduced a bill aimed at combating online pirates

A bill aimed at combating online piracy has been submitted to the State Duma of the Russian Federation. The document will allow copyright holders to independently enter links to sites with illegal content in a special register, after which these links will have to be removed from the search results on the Internet within six hours. Currently, this practice applies only to those companies that have signed the Anti-Piracy Memorandum.

"The fight against the spread of pirated content is extremely complex and requires the efforts of both the state, its supervisory and regulatory bodies, IT specialists, and the entire community of Internet users in general," said Andrey Trofimov, chairman of the Crimean Union of Journalists.

He added that it is necessary to fight not with ordinary users, but with distributors of pirated content, illegal file-sharing sites, and online cinemas.

Illegal online resources offering to watch any movie “for free” and “without registration” often contain malicious code.

Today, the level of viruses and targeted hacker attacks is extremely developed. Previously, in order to hack and penetrate, attackers offered the user something to download and install on a PC. Now it is enough, for example, to simply open the letter. This will trigger the launch of a program that encrypts data on your computer.

The Anti-Piracy memorandum has been in force in the country since 2018. The document was signed by the largest Russian Internet companies, including Rambler Group, Mail.ru Group and Yandex, as well as the copyright holders. According to the document, copyright holders submit links with pirated movies and TV series for consideration, and Internet sites remove them from search results. At the moment, its validity period is extended until August 1, 2021.

Recall, E Hacking News conducted an interview with one of the founders of a new startup Digital Witnessor (https://www.digitalwitnessor.com/) and lawyer Mr. Dhruv Bagri. He shared with us his knowledge about copyright, how to securely register it, quickly and easily, using Blockchain, and from a legal point of view.


The European Commission added VKontakte and Telegram to the list of pirate sites

VKontakte is surprised by the decision of the European Commission to include the social network in the list of resources that contribute to online piracy, the company has been interacting with copyright holders for many years and quickly restricts access to controversial content

The European Commission has published a new list of resources that promote piracy and can benefit from it. The list for the first time included the Telegram messenger and the social network VKontakte.

The list is formed on the basis of reports from groups of right holders. According to the European Commission, Telegram users, including using public channels, "exchange illegal content, in particular music, books, news publications, films and TV programs." In addition, subscribers share links to other sites that host pirated content.

The social network "VKontakte" is also included in the list due to many complaints from copyright holders. Users of the social network can have unauthorized access to books, as well as to movies and TV shows, in particular through the built-in video players.

Both Telegram and VKontakte objected to their inclusion in the"piracy watch list". Telegram told the European Commission that it "does not tolerate any malicious content on its platform" and removes it within 24 hours. VKontakte also noted that it is fighting piracy. In particular, the social network indicated that the copyright holder can complain about copyright infringement through an electronic form. According to VKontakte, its employees processed more than 1.36 million such complaints, most of which ended with the removal of content.

"We are surprised by the inclusion of VKontakte in this list, as for many years we have been actively interacting with copyright holders in various areas," said the press service of the social network.

According to them, the company signed agreements with the world's largest copyright holders of music products, including Universal Music, Sony Music, and Warner Music, The Orchard, Merlin Network, Believe Digital.

Russian experts warned about the dangers of watching movies on pirate sites

 

It is noted that hackers use streaming platforms, TV series and movies to distribute advertising and malware. They can add them to files with the names of popular shows, or use well-known brands to conduct phishing attacks, said Dmitry Galov, a cybersecurity expert at Kaspersky Lab.

"Among the malware there are various Trojans that allow, for example, to delete or block data, or steal passwords from online banking, as well as spyware that can be used to access information on the device,” said Mr. Galov.

Pirate sites may also request a person's social media data, passport, or Bankcard details under the pretext of completing a trial period. As a result, hackers will gain access to personal data, can steal money, and in other cases, start blackmailing the user.

According to the expert, in this regard, users need to watch movies through legal services, as well as install an antivirus on all devices.

If users need to download programs to watch a video, such as Flash Player, then they should leave these sites immediately.

"Even pirated sites no longer require additional software to be installed on your computer, be it Java or Flash Player. In no case should any files, including application files, as well as files declared as videos or documents, be downloaded from such sites,” said Artem Gavrichenkov, Technical Director of Qrator Labs.

In addition, experts have recently warned about the dangers of visiting financial services, mailboxes and social networks, as well as making online purchases through public points with free Wi-Fi.

Hackers can intercept and analyze data in the current session using public Wi-Fi networks, and then use the information obtained. Experts do not advise users to register or log in to sites from free points, so as not to pass critical information about the user to scammers.

Tamil Rockers websites taken down after admins’ arrest

Over 19 websites owned by Tamil Rockers have been blocked by Google after five admins of these domains were taken into custody by Kerala police for piracy. The websites include tamilrockers.in, tamilrockers.me, tamilrockers.is, tamilrockers.ac, tamilrockers.co, and other similar domain names.

The websites were used for uploading new pirated South Indian movies and members made as much as ₹1 crore over the last few months.

The police had taken the five culprits into custody on Thursday after tracking an email sent by an advertisement company to one Akhil, which had reportedly mentioned having a connection with the piracy website.

“This ad company had sent a mail to Akhil, offering to publish ads on the website he was running. In that email, the company happened to mention that they have ties with Tamil Rockers. We got the information about Tamilrockers through this ad company,” said Anti-Piracy Cell SP B.K. Prasanthan Kani.

The Ad company was connected in a similar case back in 2016.

The accused — TNRockers owner Prabhu, DVD Rockers owner Johnson and his accomplice Maria John, and Karthi from Villupuram along with his accomplice, Suresh — were nabbed by the police by tracing their bank accounts.

Their laptops, mobiles, and such hardware were also confiscated.

“All the gang members were technically qualified. It even included M.Sc. and B.Sc. holders in computer science. They used to record movies in pieces from various parts of the world and join it. We are trying to trace more members of the gang including Karthi’s brothers,” Prasanthan told Deccan Chronicle.

Hackers run Linux on Nintendo Switch

Last week, hacker group fail0verflow shared a photo on Twitter, showing that they had managed to run Linux on the Nintendo Switch.


This tweet followed after a previous one in January where they explained that their Switch coldboot exploit is a boot ROM bug, which as suggested in the name, is a piece of code containing instructions about the booting process stored in a read-only memory.

They also revealed that it is not possible to fix the flaw using patches in the current Switches.


Earlier, they had also tweeted a scroller for the Switch.

While they have teased the exploit to the public, it may be a while before fail0verflow publicly release the details and code for their hack, as evidenced by the PS4 exploit that they demonstrated in 2016 and only revealed the details of over a year later.

Meanwhile, the Switch hacking community continues to make progress. After the 34C3 conference which left the console’s security wide open, it seems that it’s going to be easier for hackers to create homebrew software for the Switch and even pirate games, which could mean serious financial repercussions for Nintendo.

For those with technical knowledge who prefer the white hat route, however, Nintendo is still offering bounties on reports of vulnerabilities.


Facebook to bring “Video Matching Technology” to control Piracy


Here comes a good news for those video creator who are fed up with the video piracy especially on social networking sites as Facebook is planning to launch a “Video Matching Technology” which will inform the real video owners that those videos are uploaded by others. 

A news report published in ReCode, confirms that in order to control the video piracy on Facebook, the company has decided to come up with the technology.

“We’ve heard from some of our content partners that third parties too frequently misuse their content on Facebook,” Facebook posted in its blog. “It’s not fair to those who work hard to create amazing videos. We want creators to get credit for the videos that they own.”

It is said that the company and its partners have started testing the new technology, which requires content owners to upload the clips they want to protect into Facebook’s system.

“It is the first step to creating the equivalent of YouTube’s Content ID system, which the video giant built up over years as a response to its own copyright/piracy problems. After years of ignoring video, 
Facebook is now a major player, so this kind of effort was obvious and overdue,” the news report reads.

“Facebook’s response comes after video makers and distributors have grown increasingly vocal about pirated videos, which by one estimate accounted for more than 70 percent of Facebook’s most popular videos. In May, Jukin Media, a video licensing agency best known for “Fail” clips, described Facebook’s copyright problems as “massive.” In June, Fullscreen CEO George Strompolos, who runs one of the biggest YouTube video networks,tweeted that he was “getting very tired of seeing our videos ripped there with no way to monitor or monetize,” the news report reads.

Now Facebook says Jukin and Fullscreen are two of its initial launch partners for the new technology, along with Zefr, a service company that helps content owners track their clips on YouTube. Facebook says it is also working with major media companies on the effort, but won’t identify them.