Police hijack a botnet and remotely kill 850,000 malware infections – gpgmail


In a rare feat, French police have hijacked and neutralized a massive cryptocurrency mining botnet controlling close to a million infected computers.

The notorious Retadup malware infects computers and starts mining cryptocurrency by sapping power from a computer’s processor. Although the malware was used to generate money, the malware operators easily could have run other malicious code, like spyware or ransomware. The malware also has wormable properties, allowing it to spread from computer to computer.

Since its first appearance, the cryptocurrency mining malware has spread across the world, including the U.S., Russia, and Central and South America.

According to a blog post announcing the bust, security firm Avast confirmed the operation was successful.

The security firm got involved after it discovered a design flaw in the malware’s command and control server. That flaw, if properly exploited, would have “allowed us to remove the malware from its victims’ computers” without pushing any code to victims’ computers, the researchers said.

The exploit would have dismantled the operation, but the researchers lacked the legal authority to push ahead. Because most of the malware’s infrastructure was located in France, Avast contacted French police. After receiving the go-ahead from prosecutors in July, the police went ahead with the operation to take control of the server and disinfect affected computers.

The French police called the botnet “one of the largest networks” of hijacked computers in the world.

The operation worked by secretly obtaining a snapshot of the malware’s command and control server with cooperation from its web host. The researchers said they had to work carefully as to not be noticed by the malware operators, fearing the malware operators could retaliate.

“The malware authors were mostly distributing cryptocurrency miners, making for a very good passive income,” the security company said. “But if they realized that we were about to take down Retadup in its entirety, they might’ve pushed ransomware to hundreds of thousands of computers while trying to milk their malware for some last profits.”

With a copy of the malicious command and control server in hand, the researchers built their own replica, which disinfected victim computers instead of causing infections.

“[The police] replaced the malicious [command and control] server with a prepared disinfection server that made connected instances of Retadup self-destruct,” said Avast in a blog post. “In the very first second of its activity, several thousand bots connected to it in order to fetch commands from the server. The disinfection server responded to them and disinfected them, abusing the protocol design flaw.”

In doing so, the company was able to stop the malware from operating and remove the malicious code to over 850,000 infected computers.

Jean-Dominique Nollet, head of the French police’s cyber unit, said the malware operators generated several million euros worth of cryptocurrency.

Remotely shutting down a malware botnet is a rare achievement — but difficult to carry out.

Several years ago the U.S. government revoked Rule 41, which now allows judges to issue search and seizure warrants outside of their jurisdiction. Many saw the move as an effort by the FBI to conduct remote hacking operations without being hindered by the locality of a judge’s jurisdiction. Critics argued it would set a dangerous precedent to hack into countless number of computers on a single warrant from a friendly judge.

Since then the amended rule has been used to dismantle at least one major malware operation, the so-called Joanap botnet, linked to hackers working for the North Korean regime.


10 minutes mail – Also known by names like : 10minemail, 10minutemail, 10mins email, mail 10 minutes, 10 minute e-mail, 10min mail, 10minute email or 10 minute temporary email. 10 minute email address is a disposable temporary email that self-destructed after a 10 minutes. https://tempemail.co/– is most advanced throwaway email service that helps you avoid spam and stay safe. Try tempemail and you can view content, post comments or download something

Huawei Talking to Russia About Using Aurora OS in Place of Android


This site may earn affiliate commissions from the links on this page. Terms of use.

Huawei became one of the largest telecommunication companies in the world thanks in large part to Android. It was an early supporter of the open-source platform, selling phones in its native China without Google services before expanding internationally. Huawei peaked as the second-largest smartphone maker in the world this year, but a US trade ban threatens to sink the firm. Huawei has toyed with replacing Android on its phones, and it’s reportedly talking to Russia about making some devices with its Aurora OS. 

Things started to go south for Huawei in May of this year when the US Commerce Department added the firm to the “Entity List.” US companies can only export technology to entities if they have special licenses from the government, none of which have been granted in the case of Huawei. Many companies have already cut ties as well. The company currently enjoys a 90-day reprieve from the ban, the second such delay. When that expires, Huawei won’t be able to certify device updates through Google. It would only have access to the open-source parts of Android. 

To plan for this eventuality, Huawei has developed its own homegrown software called HarmonyOS. It claims it could switch to HarmonyOS in a matter of days if it loses access to the desirable parts of Android. That’s not the only avenue it’s pursuing, though. Huawei confirms it has been discussing the possibility of making devices running Aurora OS. 

Aurora OS is a version of Sailfish OS developed by Russian telecom firm Rostelecom. That company is controlled by the Russian government, making Aurora essentially state-sponsored software. It’s unclear what Huawei has in mind, but Rostelecom says it’s exploring “various options for collaboration” with the Chinese telecom giant. 

Sailfish OS is the base for Russia’s Aurora.

Sources claim that Rostelecom and Huawei are currently discussing installing Aurora OS on hundreds of thousands of tablets for use in Russia’s 2020 population census. Huawei is reportedly very interested and has already provided tablet samples running to OS. The original report cites individuals who see this as a pilot project that could lead to consumer Huawei devices running Aurora OS. 

It seems unlikely Huawei would give up on HarmonyOS, but Aurora could be a shortcut to wider distribution in Russia. Google services are less popular in Russia than in most countries, and that could make for an easier transition away from Android.

Now read:




10 minutes mail – Also known by names like : 10minemail, 10minutemail, 10mins email, mail 10 minutes, 10 minute e-mail, 10min mail, 10minute email or 10 minute temporary email. 10 minute email address is a disposable temporary email that self-destructed after a 10 minutes. https://tempemail.co/– is most advanced throwaway email service that helps you avoid spam and stay safe. Try tempemail and you can view content, post comments or download something

Russian humanoid robot makes its way to the International Space Station – gpgmail


A Russian Soyuz spacecraft docked with the International Space Station successfully late on Tuesday evening, after an initial attempt to do so didn’t end up working as planned on Saturday night. This second attempt went off without a hitch, however, and the capsule is now parked at a port on the Russian Zvezda module of the ISS. In the captain’s seat of the capsule, which is designed to carry human passengers, sat Skybot F-850, a humanoid robot built by Russia’s Rocsomos space agency.

The robot didn’t actually pilot the craft – it was on an automated trip with no humans aboard to take over manual control. This trip saw the Soyuz launched atop a new version of Russia’s Soyuz rocket, which it has used so far only to transfer cargo with uncrewed spacecraft. This mission was designed to test the updated rocket with a Soyuz without humans on board, in preparation of using the same model with crew on board starting next year.

The Skybot F-850 has a number of built-in sensors on board, and can measure things like G-forces exerted on passengers, as well as vibrations, temerparture readings and more, to provide an accurate idea of what a human would experience were they the ones sitting in the vehicle’s passenger seats instead of the robot.

This is the first use of a robot in this capacity by Rocosmos, and Skybot will remain at the ISS for around two weeks before it heads back to Earth. In addition to sensing conditions during launch, Skybot has some functions similar to your average Alexa speaker – it can answer questions, have short conversations and tell a few jokes. The plan however is to develop Skybot and its successors into more capable functional companions that can do activities in environments that are inhospitable to humans – including perhaps in the vacuum of outer space.


10 minutes mail – Also known by names like : 10minemail, 10minutemail, 10mins email, mail 10 minutes, 10 minute e-mail, 10min mail, 10minute email or 10 minute temporary email. 10 minute email address is a disposable temporary email that self-destructed after a 10 minutes. https://tempemail.co/– is most advanced throwaway email service that helps you avoid spam and stay safe. Try tempemail and you can view content, post comments or download something

Apple is under formal antitrust probe in Russia – gpgmail


Make way for another antitrust investigation into big tech. Step forward Russia’s Federal Antimonopoly Service (FAS), which has opened an official probe of Apple — following a complaint lodged in March by security company Kaspersky Labs.

Kaspersky’s complaint to FAS followed a change in Apple’s policy towards a parental control app it offers, called Kaspersky Safe Kids. Discussing the complaint in a blog post the security firm says Apple contacted it in 2017 to inform it that the use of configuration profiles is against App Store policy, even though the app had been on Apple’s store for nearly three years without it raising any objections. 

Apple told Kaspersky to remove configuration profiles from the app — which it says would require it to remove two key features that makes it useful to parents: Namely, app control and Safari browser blocking.

It also points out that the timing of Apple’s objection followed Apple announcing its Screen Time feature, in iOS 12 — which allows iOS users to monitor the amount of time they spend using certain apps or on certain websites and set time restrictions. Kaspersky argues Screen Time is “essentially Apple’s own app for parental control” — hence raising concerns about the potential for Apple to exert unfair market power over the store it also operates by restricting competition.

We’ve reached out to Apple for comment on the FAS investigation. The company referred Reuters to a statement it made in April about its policy towards parental control apps, following other complaints.

In the statement Apple says it removed several such apps from the App Store because they “put users’ privacy and security at risk” — calling out the use of what it described as “a highly invasive technology called Mobile Device Management” (MDM).

But Kaspersky claims its app does not, and never did, use MDM.

Following complaints and some press attention to Apple’s parental control apps crackdown), the company appears to have softened its stance on MDM for this specific use-case — updating the App Store Review Guidelines’ to allow using MDM for parental controls in limited cases.

Kaspersky also says that the Apple Developer Enterprise Program License Agreement “clarifies that the use of MDM-profiles and configuration profiles in applications for home users is only possible with the explicit written consent of Apple”.

However it argues that Apple’s updated rules and restrictions still “do not provide clear criteria allowing the usage of these profiles, as well as information on meeting the criteria, which is needed for obtaining written consent from Apple to use them”. Hence it’s not willing to drop its complaint yet.

It says it’s also continuing to prepare to file an antitrust complaint over the same issue in Europe — where a separate competition-related complaint was recently filed against Apple by the music service Spotify.

Kaspersky says now that only official written confirmation from Apple — of “the applicability of the new p.5.5. “App Store Review Guidelines” for Kaspersky Safe Kids for iOS” — will stay its complaint.

Russia’s FAS has shown itself to be relatively alacritous at handling big tech antitrust complaints — most notably slapping Google with an order against bundling its services with Android back in 2015, a few months after local search giant Yandex had filed a complaint.

It took the European Union’s competition regulator several more years before arriving at a similar conclusion vis-a-vis Google’s competition-blocking Android bundling.


10 minutes mail – Also known by names like : 10minemail, 10minutemail, 10mins email, mail 10 minutes, 10 minute e-mail, 10min mail, 10minute email or 10 minute temporary email. 10 minute email address is a disposable temporary email that self-destructed after a 10 minutes. https://tempemail.co/– is most advanced throwaway email service that helps you avoid spam and stay safe. Try tempemail and you can view content, post comments or download something

Microsoft: Russian Hackers Targeted Companies Through IoT Hardware


This site may earn affiliate commissions from the links on this page. Terms of use.

The ever-growing network of the internet of things (IoT) can make life more convenient by automating your home and delivering data wherever you are. However, all those internet-connected devices can also provide a massive attack surface for online criminals. We’ve already seen malware that targets IoT hardware, but now Microsoft says it has uncovered a coordinated hacking campaign focused on government, political groups, and charities via devices like printers and VoIP phones. 

Microsoft’s Threat Intelligence Center says a new wave of IoT hacks began in April of this year. It points the finger at a group known as Fancy Bear or Strontium, which is best known as the perpetrator of high-profile hacks supporting the Russian government. Naturally, Fancy Bear is linked to Russian military intelligence (GRU). Fancy Bear stole files from the Democratic National Committee in 2016 — those documents later appeared on Wikileaks, helping to damage Hilary Clinton’s presidential campaign. Later, it conducted the NotPetya ransomware attack on Ukraine and other countries. 

The new hacking operation takes aim at popular internet of things devices because they often escape normal security scrutiny. According to Microsoft, the hackers went after three popular devices: a VOIP phone, an office printer, and a video decoder. In many cases, these devices connect to the internet but have a default password or outdated security patches. That makes them an ideal entry point for an attacker to gain access to a larger network. From there, Fancy Bear used access to steal high-value data from other computers. 

Don’t pick up — it’s the hackers.

Microsoft only spotted this attack because it has insights into so many corporate networks via Windows software. It detected around 1,400 intrusions via IoT hardware. About 20 percent of the infiltrations have been at non-government organizations, think tanks, and other political organizations. The remaining 80 percent focused on government, military, technology firms, and other entities. The campaign even targeted Olympic organizing committees and anti-doping agencies, both of which have been problems for Russian interests. 

Microsoft offers a raft of suggestions for improving IoT security, which starts with securing approval before plugging in new IoT devices. Unauthorized hardware can circumvent many security measures on a network, as NASA found out recently. Microsoft also suggests setting up secure networks specifically for IoT hardware and monitoring the connections for unusual activity. You can see the full list in Microsoft’s blog post. 

Now read:




10 minutes mail – Also known by names like : 10minemail, 10minutemail, 10mins email, mail 10 minutes, 10 minute e-mail, 10min mail, 10minute email or 10 minute temporary email. 10 minute email address is a disposable temporary email that self-destructed after a 10 minutes. https://tempemail.co/– is most advanced throwaway email service that helps you avoid spam and stay safe. Try tempemail and you can view content, post comments or download something

With Y Combinator’s seal of approval, MyPetrolPump raises $1.6 million for its car refueling business – gpgmail


Even before pitching onstage at Y Combinator, Indian car refueling startup MyPetrolPump has managed to snag $1.6 million in seed financing.

The business, which is similar to startups in the U.S. like Filld, Yoshi and Booster Fuels, took 10 months to design and receive approval for its proprietary refueling trucks that can withstand the unique stresses of providing logistics services in India.

Together with co-founder Nabin Roy, a serial startup entrepreneur, MyPetrolPump co-founder and chief executive Ashish Gupta pooled $150,000 to build the company’s first two refuelers and launch the business.

MyPetrolPump began operating out of Bangalore in 2017 working with a manufacturing partner to make the 20-30 refuelers that the company expects it will need to roll out its initial services. However, demand is far outstripping supply, according to Gupta.

“We would need hundreds of them to fulfill the demand,” Gupta says. In fact the company is already developing a licensing strategy that would see it franchise out the construction of the refueling vehicles and regional management of the business across multiple geographies. 

Bootstrapped until this $1.6 million financing, MyPetrolPump already has five refueling vehicles in its fleet and counts 2,000 customers already on its ledger.

These are companies like Amazon and Zoomcar, which both have massive fleets of vehicles that need refueling. Already the company has delivered 5 million liters of fuel with drivers working daily 12-hour shifts, Gupta says.

While services like MyPetrolPump have cropped up in the U.S. as a matter of convenience, in the Indian context, the company’s offering is more of necessity, says Gupta.

“In the Indian context, there’s pilferage of fuel,” says Gupta. Bus drivers collude with gas station operators to skim money off the top of the order, charging for 50 liters of fuel but only getting 40 liters pumped in. Another problem that Gupta says is common is the adulteration of fuel with additives that can degrade the engine of a vehicle.

There’s also the environmental benefit of not having to go all over to refill a vehicle, saving fuel costs by filling up multiple vehicles with a single trip from a refueling vehicle out to a location with a fleet of existing vehicles.

The company estimates it can offset 1 million tons of carbon in a year — and provide more than 300 billion liters of fuel. The model has taken off in other geographies as well. There’s Toplivo v Bak in Russia (which was acquired by Yandex), Gaston in Paris and Indonesia’s everything mobility company, Gojek, whose offerings also include refueling services.

And Gupta is preparing for the future as well. If the world moves to electrification and electric vehicles, the entrepreneur says his company can handle that transition as well.

We are delivering a last-mile fuel delivery system,” says Gupta. “If tomorrow hydrogen becomes the dominant fuel we will do that… If there is electricity we will do that. What we are building is the convenience of last-mile delivery to energy at the doorstep.”


10 minutes mail – Also known by names like : 10minemail, 10minutemail, 10mins email, mail 10 minutes, 10 minute e-mail, 10min mail, 10minute email or 10 minute temporary email. 10 minute email address is a disposable temporary email that self-destructed after a 10 minutes. https://tempemail.co/– is most advanced throwaway email service that helps you avoid spam and stay safe. Try tempemail and you can view content, post comments or download something

Bellingcat journalists targeted by failed phishing attempt – gpgmail


Investigative news site Bellingcat has confirmed several of its staff were targeted by an attempted phishing attack on their ProtonMail accounts, which the journalists and the email provider say failed.

“Yet again, Bellingcat finds itself targeted by cyber attacks, almost certainly linked to our work on Russia,” wrote Eliot Higgins, founder of the investigative news site in a tweet. “I guess one way to measure our impact is how frequently agents of the Russian Federation try to attack it, be it their hackers, trolls, or media.”

News emerged that a small number of ProtonMail email accounts were targeted this week — several of which belonged to Bellingcat’s researchers who work on projects related to activities by the Russian government. A phishing email purportedly from ProtonMail itself asked users to change their email account passwords or generate new encryption keys through a similarly-named domain set up by the attackers. Records show the fake site was registered anonymously, according to an analysis by security researchers.

In a statement, ProtonMail said the phishing attacks “did not succeed” and denied that its systems or user accounts had been hacked or compromised.

“The most practical way to obtain email data from a ProtonMail user’s inbox is by compromising the user, as opposed to trying to compromise the service itself,” said ProtonMail’s chief executive Andy Yen. “For this reason, the attackers opted for a phishing campaign that targeted the journalists directly.”

Yen said the attackers tried to exploit an unpatched flaw in third-party software used by ProtonMail, which has yet to be fixed or disclosed by the software maker.

“This vulnerability, however, is not widely known and indicates a higher level of sophistication on the part of the attackers,” said Yen.

It’s not known conclusively who was behind the attack. However, both Bellingcat and ProtonMail said they believe certain tactics and indicators of the attack may point to hackers associated with the Russian government. For instance, the attack’s targets were Bellingcat’s researchers working on the ongoing investigation into the downing of flight MH17 by Russian forces and the use of a nerve agent in a targeted killing in the U.K.

Higgins said in a tweet that this week’s attempted attack likely targeted “in the tens” of people unlike earlier attacks attributed to the Russian government-backed hacker group, known as APT 28 or Fancy Bear.

Bellingcat in the past year has gained critical acclaim for its investigations into the Russian government, uncovering the names of the alleged Russian operatives behind the suspected missile attack that blew up Malaysian airliner MH17 in 2014. The research team also discovered the names of the Russian operatives who were since accused of poisoning former Russian intelligence agent Sergei Skripal and his daughter Yulia in a nerve agent attack in Salisbury, U.K. in 2018.

The researchers use open-source intelligence and information gathering where police, law enforcement and intelligence agencies often fail.

It’s not the first time that hackers have targeted Bellingcat. Its researchers were targeted several times in 2016 and 2017 following the breach on the Democratic National Committee which saw thousands of internal emails stolen and published online.

A phone call to the Russian consulate in New York requesting comment was not returned.




10 minutes mail – Also known by names like : 10minemail, 10minutemail, 10mins email, mail 10 minutes, 10 minute e-mail, 10min mail, 10minute email or 10 minute temporary email. 10 minute email address is a disposable temporary email that self-destructed after a 10 minutes. https://tempemail.co/– is most advanced throwaway email service that helps you avoid spam and stay safe. Try tempemail and you can view content, post comments or download something

Senate Intelligence Committee releases first volume of its investigation into Russian election hacking – TechCrunch


The Senate Select Committee on Intelligence today released the first volume of its bipartisan investigation into Russia’s attempts to interfere with the 2016 U.S. elections.

Helmed by Select Committee Chairman Richard Burr, the Republican from North Carolina, and Virginia Democratic Senator Mark Warner, who serves as vice chairman, the committee’s report, Russian Efforts Against Election Infrastructure,” details the unclassified summary findings on election security. 

Through two and a half years the committee has held 15 open hearings, interviewed more than 200 witnesses and reviewed nearly 400,000 documents, according to a statement, and will be publishing other volumes from its investigation over the next year. 

“In 2016, the U.S. was unprepared at all levels of government for a concerted attack from a determined foreign adversary on our election infrastructure. Since then, we have learned much more about the nature of Russia’s cyber activities and better understand the real and urgent threat they pose,” Committee Chairman Burr said in a statement. “The Department of Homeland Security and state and local elections officials have dramatically changed how they approach election security, working together to bridge gaps in information sharing and shore up vulnerabilities.”

Both Sen. Burr and Sen. Warner said that additional steps still needed to be taken.

“[There’s] still much more we can and must do to protect our elections. I hope the bipartisan findings and recommendations outlined in this report will underscore to the White House and all of our colleagues, regardless of political party, that this threat remains urgent, and we have a responsibility to defend our democracy against it.”

Among the Committee’s findings were that Russian hackers exploited the seams between federal and state authorities. State election officials, the report found, were not sufficiently warned or prepared to handle an attack from a state actor.

The warnings that were provided by the Federal Bureau of Investigation and the Department of Homeland Security weren’t detailed enough nor did they contain enough relevant information that would have encouraged the states to take threats more seriously, the report indicated.

More work still needs to be done, according to the Committee. DHS needs to coordinate its efforts with state officials much more closely. But states need to do more as well to ensure that new voting machines have a voter-verified paper trail. 

So does Congress. The committee report underscores that Congress needs to evaluate the results of the $380 million in state security grants which were issued under the Help America Vote Act and ensure that additional funding is available to address any security gaps in voting systems and technologies around the U.S.

Finally, the U.S. needs to create more appropriate deterrence mechanisms to enable the country to respond effectively to cyberattacks on elections.

The Committee’s support for greater spending on election security and refining electoral policy to ensure safe and secure access to the ballot comes as Senate majority leader Mitch McConnell of Kentucky has blocked two election security measures that were attempting to come before the Senate floor for a vote.

New York Democratic Senator Chuck Schumer tried to get consent to pass a House bill that requires the use of paper ballots and included new funding for the Election Assistance Commission.

In a statement explaining his rejection of the bill, McConnell told The Hill, “Clearly this request is not a serious effort to make a law. Clearly something so partisan that it only received one single solitary Republican vote in the House is not going to travel through the Senate by unanimous consent.”

McConnell also rejected a consent motion to pass legislation that would require candidates, campaign officials and family members reach out to the FBI if they received offers of assistance from foreign governments.



10 minutes mail – Also known by names like : 10minemail, 10minutemail, 10mins email, mail 10 minutes, 10 minute e-mail, 10min mail, 10minute email or 10 minute temporary email. 10 minute email address is a disposable temporary email that self-destructed after a 10 minutes. https://tempemail.co/– is most advanced throwaway email service that helps you avoid spam and stay safe. Try tempemail and you can view content, post comments or download something