Search This Blog

Powered by Blogger.

Blog Archive

Labels

Showing posts with label Spotify. Show all posts

Necro Malware Attacks Google Play Store, Again. Infects 11 Million Devices

Necro Malware Attacks Google Play Store, Again. Infects 11 Million Devices

A new variant of Necro malware loader was found on 11 million Android devices through Google Play in infected SDK supply chain attacks. The re-appearance of Necro malware is a sign of persistent flaws in popular app stores like Google. 

A recent report by Kaspersky suggests the latest version of Necro Trojan was deployed via infected advertising software development kits (SDK) used by Android game mods, authentic apps, and mod variants of famous software, such as Minecraft, Spotify, and WhatsApp. The blog covers key findings from the Kaspersky report, the techniques used by threat actors, and the impact on cybersecurity. 

What is Necro Trojan 

Aka Necro Python, the Necro Trojan is an advanced malware strain active since it first appeared. Malware can perform various malicious activities such as cryptocurrency mining, data theft, and installation of additional payloads. The recent version is more advanced, making it difficult to track and eliminate. 

Distribution of Necro Trojan

Users sometimes want premium or customized options that official versions don't have. But these unofficial mods, such as GB WhatsApp, Spotify+, and Insta Pro can contain malware. Traditionally, threat actors used these mods because they are distributed on unofficial sites that lack moderation. 

However, in the recent trend, experts discovered actors targeting official app stores via infected apps

In the latest case, Trojan authors abused both distribution vectors, a new variant of multi-stage Necro loader compromised modified versions of Spotify, Minecraft, and other famous apps in unofficial sources, and apps in Google Play. "The modular architecture gives the Trojan’s creators a wide range of options for both mass and targeted delivery of loader updates or new malicious modules depending on the infected application,” said the report.

Key Findings

  • The downloaded payloads can display ads in invisible windows, and interact with them. They can also execute arbitrary DEX files, install download apps, open arbitrary links in invisible WebView windows and run JavaScript, run a tunnel via the victim's device, and subscribe to paid services. 
  • The new variant of the Necro loader uses obfuscation to escape detection. 
  • The loader deployed in the app uses steganography tactics to hide payloads 

Music Streaming Royalties To Be Examined by The UK Government

 


Since the early days of the music industry, musicians, writers, and other creatives have spoken out about the unfairness of royalty share payments. This is when their works are played on Spotify and Apple Music. There will be a discussion of these issues within the government after an investigation was conducted in 2019. 

To investigate suggestions that the music streaming industry is not remunerated fairly for artists, the government is investigating the streaming industry. Musicians and artists are worried that they are not receiving as much money as record labels when their tracks are played on streaming services like Spotify, as there are concerns that their tracks may be stolen. 

It is essential to provide high-quality metadata for a track in the era of digital music to ensure that the people who contributed to the creation of a track are accurately credited and compensated. This is the most effective way to ensure music makers are properly credited. The metadata for songwriters and their works, however, lacks precision and completeness. It is often out of date or incomplete, especially regarding specifics. In some cases, insufficient or incorrect metadata can cause a significant delay in creators' payment for the use of their work. In some cases, no payment to the creators at all. 

There have recently been meetings brought together by experts from across the UK music industry. These meetings were to develop positive steps for improving music metadata for everyone involved. 

Despite many aspects of metadata provision working well, and positive steps taken by several industry participants to improve it, there are still significant challenges to be overcome in several areas. To achieve this, it is essential that data is collected from creators promptly and that industry-standard identifiers are adopted and made accessible, particularly regarding metadata associated with work and songwriters. This is especially true of the links between sound recordings and musical works. 

The report has also stated that there have been reports that session musicians have not been paid for streams. This issue will be investigated by a working group of industry representatives tasked with looking into these concerns. There has been an investigation by the government into streaming music since 2019, and an imbalance in royalties was discussed in 2021 as the cause of the investigation. 

A member of the Digital, Culture, Media, and Sport (DCMS) Select Committee, who is investigating the music industry on behalf of the government, has said that she considers this a "welcome step towards understanding the frustrations of musicians and songwriters whose pay often falls below a fair level." 

Despite this, she added, the talk shop should produce concrete change and not just an opportunity for "talking heads to talk". Nile Rodgers, a guitarist, producer, and songwriter who helped create the music for the film Goodfellas, will be addressing the government in 2020. Among the royalties record labels receive as a result of streaming services, he said that they should keep up to 82% of the proceeds.

Earlier this year, Sir John Whittingdale, the minister for creative industries, described the project as a way of offering the UK an "enriching career opportunity".

As he went on to say, "This exceptional agreement on streaming metadata is an important step forward in making sure the contributions and creativity of UK musicians in the digital age are considered and fairly compensated for their contributions and creativity." 

Former chief economist at Spotify, Will Page, said music business officials are at the moment debating the way the money is being allocated in the industry. According to Page, if artists get to receive even 1% of what is generated in the United Kingdom through streams, they are also entitled to receive any cash generated there. 

A certain amount is not paid to the artist every time a song is heard on Spotify, because the artist is not paid a certain amount per instance that the song is played. 

Depending on the way the music is streamed and the rights that are held by labels or distributors, royalties that artists receive may differ depending on the agreement they have with the label or distributor or the way their music is distributed. 

To conclude, the UK government's decision to investigate streaming royalties for music is a great step forward in the direction of resolving long-standing issues regarding the streaming of music. 

As a result of digital streaming platforms, how music is consumed has changed greatly in recent years. However, it has also brought forth several challenges, especially when it comes to fair compensation for songwriters and artists who work on those platforms. 

With the government's initiative to examine streaming royalties, the government recognizes that right now, in this rapidly evolving landscape, it is critical to ensure that revenues are distributed more equitably. Record labels and streaming platforms have been criticized for disproportionately benefitting from the current royalty model, which is described as a rip-off. A songwriter or artist who is creating a song may receive minimal compensation for their work, while the artists receive no compensation at all. 

Taking this action by the UK government is a strong statement that the government is listening to the concerns of artists, songwriters, and musicians. It also states that their concerns are addressed. Throughout the document, all parties involved in the music industry are urged to create an ecosystem that supports sustainable and fair business. This is where everyone can survive and thrive. 

As part of the investigation, existing legislation on music streaming royalties will likely be examined in detail. In addition, license agreements and the dynamics of power between stakeholders and the industry.

Furthermore, the company might also explore alternative models, such as user-centric payment systems. These systems aim to ensure that royalties are distributed directly based on an individual user's listening habits, rather than pooling their revenues and distributing them randomly to each user.

It is anticipated that the outcome of this investigation will ultimately lead to reshaping the music industry in a way that is more transparent and equitable for artists and songwriters while also creating a more competitive environment for them. If there were reforms to reflect the value of creative work and to provide artists with more sustainable income streams resulting from that, that would be of great benefit to all. 

No doubt finding a solution to this complex issue will not be easy, however, and that will prolong the issue. There will also be a need for careful deliberation and collaboration between the interests of artists, songwriters, streaming platforms, and consumers in balancing these interests. Although, it is a positive development to see the UK government take action to address these concerns, which may have a lasting impact on the global music industry in the long run. 

Having made this decision, the UK government has achieved a significant milestone in its ongoing efforts to transform the music ecosystem into a more sustainable and fairer one exemplified by its decision to examine music streaming royalties. In essence, it is a step towards ensuring that artists and songwriters receive their fair share of revenues in the digital age, and to foster and sustain an industry that is thriving both for creators and for consumers, benefiting both of them.

Fake Microsoft Store, Spotify Distribute Malware to Steal User Data

 

Attackers are promoting sites that imitate the Microsoft Store, Spotify, and an online document converter to spread malware that steals credit cards and passwords stored in web browsers. ESET, a cybersecurity company, detected the attack and posted an alert on Twitter to be on the lookout for the malicious campaign. 

On both desktops and mobile devices, Windows remains vulnerable to a significant number of malware threats, at least more than its peers and competitors. Despite having an official app store, it is almost too easy to infect a Windows PC by merely installing an app. Microsoft advises users to only download applications from the company's official networks, however, some hackers are taking advantage of this by posing as legitimate companies. Microsoft Store is an online store that sells Microsoft products. 

According to Jiri Kropac, ESET's Head of Threat Detection Labs learned that the attack is carried out by deceptive ads that promote what appear to be legitimate applications. One of the commercials used in this attack, for example, promotes an online Chess game. Users are taken to a fake Microsoft Store page for a fake 'xChess 3' online chess application, which is automatically downloaded from an Amazon AWS server when they click on the ad. 

According to this Any.Run report created by BleepingComputer, the downloaded zip file is called 'xChess v.709.zip' [VirusTotal], which is actually the 'Ficker', or 'FickerStealer,' information-stealing malware in disguise. Other ads from this malware campaign imitate Spotify or an online document converter. Their landing pages can also download a zip file containing the Ficker malware when you visit them. Instead of being greeted by a new online Chess program or the Spotify software when a user unzips the file and runs the executable, the Ficker malware would run and begin stealing the data stored on their device. 

Ficker is a data-stealing Trojan that was first posted on Russian-language hacker forums in January before the developer started renting it out to other threat actors. Threat actors will use this malware to steal passwords from web browsers, desktop messaging clients (Pidgin, Steam, Discord), and FTP clients. The malware can also steal over fifteen cryptocurrency wallets, steal documents, and take screenshots of active applications running on victims' computers, according to the developer.

Spotify Suffers Second Credential-Stuffing Cyberattack in 3 Months

 

Spotify, which has become a very popular online streaming music platform, is suffering from a second cyber credential attack after just three months of its previous one. The platform has reset the passwords of its affected customers. 

Threat actors have gained access to more than 100,000 subscribers of music streaming services and are taking advantage of those who use the same security password on multiple online service platforms. They simply build automated scripts that will systematically steal IDs and security passwords of many online accounts. 

Hackers have successfully managed to get access to various popular companies’ customers’ credentials, including big names like 'Donuts (it has been attacked twice in three months), The North Face, Dunkin, the popular chicken-dinner chain Nando And FC Barcelona's official Twitter account which was hacked last year. 

It was back in November 2020, when malicious actors hacked the information of thousands of Spotify subscribers, prompting the streaming music service to issue a password-reset notice. 

Researcher Bob Diachenko tweeted about the new Spotify attack on Thursday, “I have uncovered a malicious #Spotify logger database, with 100K+ account details (leaked elsewhere online) being misused and compromised as part of a credential stuffing attack.” 

Additionally, he has also uploaded a Spotify statement on the attack confirming the incident. 

“We recently protected some of our users against [a credential-stuffing attack], once we became aware of the situation, we issued password resets to all impacted users, which rendered the public credentials invalid,” the notice read. 

The organization has also stated that the hacks were carried out using an ill-gotten set of data: “We worked to have the fraudulent database taken down by the ISP hosting it,” the company added. 

This attack is very similar to the previous one, wherein the logged-in data also appeared in a public elasticsearch example. 

“There are similarities but this one looks different, like coming from a rival group. I suppose that login pairs came from previously reported breaches or collections of data, so they just re-use them against Spotify accounts to become part of this automated process,” Diachenko tweeted. 

“Originally this data was exposed inside a misconfigured (thus publicly reachable) Elasticsearch cluster – most likely operated by the malicious actors themselves,” he added. “It contained entire logs of their operations, plus email/password pairs they used [for the attack].”

Spotify app: Crashed down for users around the world







Spotify users around the world are having trouble logging in the app as well as while streaming the music.

Initially, the users in the UK and Europe reported about the app's crashing down, but after some time the users around the world reported the same problem.

The first report of app crashing came out at 11am GMT (7am ET).

However, Spotify tweeted a response to the influx of reports from its customers: 'Something's not quite right, and we're looking into it. Thanks for your reports!'

 According to the outrage monitoring site DownDetector, users are facing a problem as the website is not working properly. Around 63 percent of users reported that they are facing trouble in playing music.

Users have started making memes about the crashing of the popular music streaming website. 

Spotify to block account of users using ad blockers





The online music streaming platform, Spotify to terminate the accounts of users who use ad blockers - the company has updated its terms of service which will come into effect from March 1st.

According to the updated terms of service, “Circumventing or blocking advertisements in the Spotify Service, or creating or distributing tools designed to block advertisements in the Spotify Service,” is prohibited, the user guidelines read. Spotify also notes that breaking that rule or any other guideline “may result in immediate termination or suspension of your Spotify account.”

The company decided to change its terms of service after millions of its users were blocking advertisements by using ad blockers or were downloading modded versions of the app. They have sent a detailed email to notify every user about the new update.

Spotify has two versions- free and premium.

The user has to pay $9.99 per month for premium service, in which they have unlimited access to music without any ads, while in a free version, a user can listen on-demand to 15 popular playlists that are curated using an algorithm to match the user's taste.