AfricAryan's Posts
Nairaland Forum › AfricAryan's Profile › AfricAryan's Posts
stigmond: ![]() |
If you receive a link on (Facebook) Messenger to a video, no matter how exciting it seems, for your own safety, think again before clicking it. I got a warning from Trend Micro cybersecurity researchers about this new virus, dubbed FacexWorm, which comes in the form of a Chrome extension. It specifically aims to steal account credentials in cryptocurrency trading platforms. What is this FacexWorm Virus? First, note that the attackers designed FacexWorm to attack only users of Google Chrome. Let me give you a brief history of such viruses and Facebook Messenger. FacexWorm operates with a newly-revamped technique first noticed in August 2017. The virus now steals account details from cryptocurrency websites and other sites like Google; it redirects the victims to crypto scams while injecting cryptocurrency miners on the site where the victim is redirected to mine cryptocurrency. It then redirects the victims to the crypto-related referral link of the attacker. Note that Facebook Messenger has been exploited many, many times in the past, and they all spread like worms. Just like the FacexWorm, Trend Micro also found another similar cryptocurrency mining virus, which was called Digmine, which also spreads through the Messenger platform. However, while the FacexWorm targets cryptocurrency-related websites and Google chrome explicitly, Digmine also targeted Windows computers as well. After attacking the victims, FacexWorm and Digmine send links via Messenger from the victim’s account to friends of the victim. These links are usually phony versions of video streaming websites, such as YouTube. If the malware discovers that the victim is not on Google Chrome, the user is redirected to some seemingly harmless ad. FacexWorms targets the following cryptocurrencies: • Monero (XMR) • Bitcoin (BTC) • Bitcoin Gold (BTG) • Bitcoin Cash (BCH) • ETH • Dash (DASH) • Ethereum Classic (ETC) • Ripple (XRP) • Litecoin (LTC) • Zcash (ZEC) How Does FacexWorm Virus Operate? If a user clicks on the malicious link while browsing with Google Chrome, he or she gets redirected to a phony YouTube webpage, and then on the page, there are prompts to urge the victim to install their malicious Google Chrome extension to play the video. Once the user installs this extension, FacexWorm goes on to download additional modules to carry out its malicious attacks. According to the researchers, "FacexWorm is a clone of a normal Chrome extension but injected with shortcode containing its main routine. It downloads additional JavaScript code from the C&C server when the browser is opened. Every time a victim opens a new webpage, FacexWorm will query its C&C server to find and retrieve another JavaScript code (hosted on a GitHub repository) and execute its behaviors on that webpage." The malicious Google Chrome extension is granted all the permissions during installation; hence it can access and/or alter data for sites entered by the victim. Below is a highlight of things FacexWorm can perform: • Access victim’s friend list on Facebook and send the malicious video link to all of them. • Steal victim’s account details on Coinhive, MyMonero, and Google. • Uses victim’s computer CPU power for mining cryptocurrency for the criminals. • Takes over the victim’s crypto transactions. Replaces the victim’s address with that of the attacker. • Monitor’s victim's web searches, looking out for keywords like ‘eth,’ ‘bitcoin,’ ‘blockchain,’ etc., and redirects these searches to phony websites designed to steal digital currency. • Whenever the victim tries to access Google Chrome extension management page, FacexWorm force-closes the tab to avoid detection. • As a bonus, the criminal earns referral commissions each time a victim signs up on various targeted crypto platforms. Good news is that many of these malicious extensions have been deleted from the Chrome Web Store, but the attackers continue to upload them back. As said earlier, Facebook has been targeted often, so I advise you to be very careful about links you click on Facebook and other social networks. Reason Core Security anti-malware is an anti-malware software I use and highly recommend. Source: https://ilesecure.com/new-cryptocurrency-virus-spreading-on-facebook/
|
KratosCorp:Cookies are great because they enhance your browsing experience. This was stated is the article. |
Everyone who uses the internet for anything must, at one point, have come across the word ‘cookie.’ Some websites would alert us that they work better by saving cookies on our system. Other times, the savvier users, when clearing their browsing history, may see a ‘clear cookies’ option of their web browsers, but what exactly is this cookie? No, cookies, in tech are not made in the kitchen. What Do Cookies Really Do? Internet or web cookies are messages a web server sends to users’ internet browsers, and cookies are primarily used for recognizing users and saving some of their browsing data in order to customize their web browsing experience. When you visit a site that makes use of cookies, the website may require that you complete a form; on this form, you provide some information, such as your email address, name, address, and so on, depending on what the website or platform needs in order to enhance your browsing experience on your subsequent visits. Note that sites have no memory; this information is stored in the message sent to your web browser. The next time you visit that website, they retrieve this information from your browser, and so the site recalls who you are and your browsing preferences on navigating their site. So, you get customized web pages like a page with your name on it. Types of Internet Cookies Websites store two major types of cookies on users’ PCs. Internet cookies could either be session cookies or persistent cookies. The simple difference between these two types of cookies is that the session cookies (AKA transient cookies) are deleted when the user closes his internet browser, but the persistent cookies (AKA stored cookies) are not. Session cookies are stored temporarily on your computer, where the website can retrieve them at will until you close your browser. These cookies do not collect any data from your computer but will save information as a session indication that does not identify the user personally. Persistent cookies, on the other hand, have expiration dates and remain on your hard disk till they expire, or till the user removes them. These cookies are used to collect user data, identifying his or her internet browsing preferences and browsing behavior for a particular website. They are not necessarily bad, but the considerably improve your browsing experience. Why You Should Be Aware of Cookies In this day and age, data is a big deal; you cannot say you do not care because you should. Internet cookies usually contain a string of texts with information about your browser and information that you must have provided at some point. Now, this information should be encrypted to prevent third parties from getting their hands on them. Cookies do not usually compromise internet security. However, there are malicious cookies that the bad guys use in tracking and collecting your internet activity; these cookies are known as tracking cookies or simply malicious cookies. These cookies are the reason you should beware of cookies while on the net. These guys remain in your browser to spy on you. Malicious cookies are configured to monitor you, collect your information, and basically create a profile of your internet behavior. We call cookies developed for these kinds of activities adware or spyware. For example, a new trojan, named Stresspaint, discovered hidden inside a free Windows software called "Relieve Stress Paint," spread through аоӏ.net —a site that utilizes Unicode characters, which spell out ‘xn--80a2a18a.net,’ in Punycode. Why You Should Be Afraid of Malicious Cookies Even If You Have Nothing to Hide I mentioned that these malicious cookies build a profile about you; these profiles are often extremely valuable; enough for the proprietors to sell to advertising companies, who then use your profile information to target you with tailored advertisements. Tailored advertisements can kill you because it is not just ads. Let’s say, for instance; you have two health products; the product A is of very high quality, but product B is made by quacks and only out to get your money. Now, the owners of product B (who happen to be crooked businessmen) lay their hands on user’s browsing behavior and do some incredibly targeted advertising. The user then gets on the web and starts Googling about the products; the user will be shown adverts of the products he or she is searching for; with the adverts even containing similar keywords the user had searched with previously. The unsuspecting user will end up opting for the wrong products due to such intense targeted advertising. As they say, the possibilities are endless. Still not bothered? Some malware not only track your browsing behavior, but also your keystrokes. They monitor exactly everything you type including your passwords, bank account details, answers to security questions, and so on. Many antivirus programs detect malicious cookies on your computer when scanning for viruses. While most of these trusted antivirus programs will surely reduce your chances of getting spied on, you cannot completely rely on them for many reasons. I know big, reputable antivirus companies that develop and distribute viruses, while also marketing the antivirus programs that protect users from these viruses; funding both sides of the war. Reason Core Security anti-malware is an anti-malware software I use and highly recommend. Also, outdated versions or databases of antivirus programs make you more vulnerable to attacks, and some viruses are so well crafted that antiviruses can just not find them. Even if you had 100% protection from viruses and spyware (which is not possible, by the way), harm could be done before your next scan. So, prevention is definitely better than cure. In my next post, I will show you how to identify internet cookies, view them, and how to remove these internet cookies from your system. Source: www.ilesecure.com/why-you-should-bother-about-internet-cookies
|
Social betting is different from the regular betting, like nairabet and bet9ja, where you bet against the bookmakers’ odds. Social betting is betting against other people like friends and family. Highspirit.ng is just like your 'boardman'. Long Write-up ahead. Many, many times I have been in situations where I strongly believed something would happen. For instance, in football, or even during the last Grammys awards. I believed Kendrick Lamar’s album (DAMN.) would win the album awards. I was down to stake 5,000 naira on this prediction, but no one was down to counter it. Other times, I have had predictions and someone down to counter it, but he or she was far away; we were probably talking on Whatsapp or something. Some other times, the guy to counter me might be there but nobody to hold the stake (someone with a strong heart who wont request for the ‘board man fee”). On nairaland last December, I saw someone saying how he won 70,000 online by staking against someone. I was shocked, and I followed up. www.highspirit.ng is a very very cool place to stake. I predicted that 3 English football teams will get past the current round of 16in Europe (UCL and Europa) and staked 10,000 naira on the prediction. I closed the website, and within about 5 minutes, I got an email “your prediction has been challenged.” My eyes lit up! Just like that, one guy had challenged 3k out of my 5,000 naira stake (the possible challenging stake on my prediction then reduced to 2k. I was to win his 3k if my prediction was right). I took a while, I had to share my prediction to Facebook with the ‘share’ button on the prediction. That evening another person challenged the remaining 2k. Man city, Liverpool, and Arsenal did it for me, and I smiled. I withdrew my funds immediately. I will fund again and stake again on their site. One thing I noticed, however, was that though this platform is great as it is, it needs to be more social. I understand they disabled the commenting on predictions and inboxing between users due to the users' security concerns, but we want to see these features in future ( ). |

).