Search This Blog

Powered by Blogger.

Blog Archive

Labels

Showing posts with label YouTuber. Show all posts

This Chinese PC Manufacturer Tailored its Own Devices to be Susceptible to Malware

 

Acemagic, a Chinese manufacturer of personal computers, has acknowledged that certain products were shipped with pre-installed malware.

The discovery was made by a YouTuber known as The Net Guy, who encountered malware on Acemagic mini PCs during testing in early February. The malware, identified as Bladabindi, was detected by Windows Defender shortly after booting the machine. Bladabindi is a well-known backdoor that can steal user information and facilitate the installation of other malicious software.

Recently, Acemagic confirmed that some of its PCs were indeed infected with Bladabindi and also raised concerns about the potential presence of another malware called Redline. Redline is capable of stealing information from web browsers, conducting system inventories, and even pilfering cryptocurrency.

Acemagic's explanation for the malware's presence was somewhat perplexing and inconsistent. Initially, the company attributed the issue to adjustments made by software developers to enhance user experience by reducing boot time, which inadvertently affected network settings and omitted digital signatures. However, in a subsequent statement to The Register, the company mentioned that the incident stemmed from similar software adjustments made by developers.

The company has pledged to bolster its use of digital certificates to prevent unauthorized modifications, hinting that external parties might have accessed its machines or its master copy of Windows to deliver the malware.

It remains uncertain whether the infections occurred at the factory or after the PCs were in the possession of their new owners. Acemagic has announced plans to refund the cost of machines manufactured between September and November 2023 and has advised owners to check the stickers affixed to their models for the date of manufacture.

Interestingly, just before The Register received Acemagic's acknowledgment of the malware issue, they received a review unit of one of its PCs. However, the labels on that unit did not contain information about the date of manufacture, nor did the QR codes provide such details.

Acemagic has provided clean system images for owners to disinfect their machines and is offering a 25 percent purchase price rebate for those who do so. Additionally, owners of infected machines can apply for a voucher providing a ten percent discount on any future Acemagic purchase, though it remains to be seen if customers will trust the brand after this incident.

PewDiePie fan releases ransomware to increase the YouTuber’s subscriber count

The existence of malware is hardly a new thing. In the last few years, however, the more malicious trend of ransomware has become more and more common.

PewDiePie, the famous Swedish Youtuber, is no stranger to controversy. This time he is in the news again for the wrong reason after a user, who claims to be his fan, released ransomware with a note that reads ‘Subscribe to PewDiePie’.

This is not the first time PewDiePie's fans have pulled an extreme stunt to keep the Swedish vlogger as the most popular YouTuber.

According to The Independent, the ransomware PewCrypt is designed in such a way that it locks people from accessing their data. The ransomware claims that users will not get back their data until PewDiePie gets 100 million subscribers on YouTube.

Rather than destroying a computer per-say, ransomware generally locks out the user's files via encryption. The only way to get them back is to pay a ‘ranson’ (usually in bitcoin) and even then, it’s hardly a guarantee.

In a report via TheStar, it seems that the latest ransomware trending has bizarre links to the current subscriber battle between Pewdiepie and T-Series. It is unclear how the ransomware is distributed or how many victims it has claimed so far.

“If T-Series beats PewDiePie the private key will be deleted and your files are gone forever!” the report said quoting the threat that appears on the ransomware.

This, in itself, is a questionable target. While the two have been swapping the top spot for about 2 months now, T-Series has taken a pretty strong (but not overwhelming lead).

The developer backtracked on their threat and released a decryption tool but not before posting the open-sourced ransomware on Twitter under the username JustMe – the account is disabled at the moment – potentially allowing others to modify and use PewCrypt freely.