In a Remarkable Turn of Events, Hackers -- Not Users -- Lost Money in Attempted Cryptocurrency Exchange Heist ( 56

The hackers who attempted to hack Binance, one of the largest cryptocurrency exchanges on the Internet, have ended up losing money in a remarkable turn of events. It all began on Thursday, when thousands of user accounts started selling their Bitcoin and buying an altcoin named Viacoin (VIA). The incident, BleepingComputer reports, looked like a hack, and users reacted accordingly. But this wasn't a hack, or at least not your ordinary hack. The report adds: According to an incident report published by the Binance team, in preparation for yesterday's attack, the hackers ran a two-month phishing scheme to collect Binance user account credentials. Hackers used a homograph attack by registering a domain identical to, but spelled with Latin-lookalike Unicode characters. More particularly, hackers registered the [redacted].com domain -- notice the tiny dots under the "i" and "a" characters.

Phishing attacks started in early January, but the Binance team says it detected evidence that operations ramped up around February 22, when the campaign reached its peak. Binance tracked down this phishing campaign because the phishing pages would immediately redirect phished users to the real Binance login page. This left a forensic trail in referral logs that Binance developers detected. After getting access to several accounts, instead of using the login credentials to empty out wallets, hackers created "trading API keys" for each account. With the API keys in hand, hackers sprung their main attack yesterday. Crooks used the API keys to automate transactions that sold Bitcoin held in compromised Binance accounts and automatically bought Viacoin from 31 other Binance accounts that hackers created beforehand, and where they deposited Viacoin, ready to be bought. But hackers didn't know one thing -- Binance's secret weapon -- an internal risk management system that detected the abnormal amount of Bitcoin-Viacoin sale orders within the span of two minutes and blocked all transactions on the platform. Hackers tried to cash out the 31 Binance accounts, but by that point, Binance had blocked all withdrawals.


Downloads of Popular Apps Were Silently Swapped For Spyware in Turkey: Citizen Lab ( 29

Matthew Braga, reporting for CBC: Since last fall, Turkish internet users attempting to download one of a handful of popular apps may have been the unwitting targets of a wide-reaching computer surveillance campaign. And in Egypt, users across the country have, seemingly at random, had their browsing activity mysteriously redirected to online money-making schemes. Internet filtering equipment sold by technology company Sandvine -- founded in Waterloo, Ont. -- is believed to have played a significant part in both.

That's according to new research from the University of Toronto's Citizen Lab, which has examined misuse of similar equipment from other companies in the past. The researchers say it's likely that Sandvine devices are not only being used to block the websites of news, political and human rights organizations, but are also surreptitiously redirecting users toward spyware and unwanted ads. Using network-filtering devices to sneak spyware onto targets' computers "has long been the stuff of legends" according to the report -- a practice previously documented in leaked NSA documents and spyware company brochures, the researchers say, but never before publicly observed.
Citizen Lab notes that targeted users in Turkey and Syria who attempted to download Windows applications from official vendor websites including Avast Antivirus, CCleaner, Opera, and 7-Zip were silently redirected to malicious versions by way of injected HTTP redirects. It adds: This redirection was possible because official websites for these programs, even though they might have supported HTTPS, directed users to non-HTTPS downloads by default. Additionally, targeted users in Turkey and Syria who downloaded a wide range of applications from CBS Interactive's (a platform featured by CNET to download software) were instead redirected to versions containing spyware. does not appear to support HTTPS despite purporting to offer "secure download" links.
United States

Researchers Provide Likely Explanation For the 'Sonic Weapon' Used At the US Embassy In Cuba ( 112

An anonymous reader quotes a report from IEEE Spectrum: Last August, reports emerged that U.S. and Canadian diplomats in Cuba had suffered a host of mysterious ailments. Speculation soon arose that a high-frequency sonic weapon was to blame. Acoustics experts, however, were quick to point out the unlikeliness of such an attack. Among other things, ultrasonic frequencies -- from 20 to 200 kilohertz -- don't propagate well in air and don't cause the ear pain, headache, dizziness, and other symptoms reported in Cuba. Also, some victims recalled hearing high-pitched sounds, whereas ultrasound is inaudible to humans. The mystery deepened in October, when the Associated Press (AP) released a 6-second audio clip, reportedly a recording of what U.S. embassy staff heard. The chirping tones, centered around 7 kHz, were indeed audible, but they didn't suggest any kind of weapon. Looking at a spectral plot of the clip on YouTube, Kevin Fu, a computer scientist at the University of Michigan, noted some unusual ripples. He thought he might know what they meant.

Fu's lab specializes in analyzing the cybersecurity of devices connected to the Internet of Things, such as sensors, pacemakers, RFIDs, and autonomous vehicles. To Fu, the ripples in the spectral readout suggested some kind of interference. He discussed the AP clip with his frequent collaborator, Wenyuan Xu, a professor at Zhejiang University, in Hangzhou, China, and her Ph.D. student Chen Yan. Yan and Xu started with a fast Fourier transform of the AP audio, which revealed the signal's exact frequencies and amplitudes. Then, through a series of simulations, Yan showed that an effect known as intermodulation distortion could have produced the AP sound. Intermodulation distortion occurs when two signals having different frequencies combine to produce synthetic signals at the difference, sum, or multiples of the original frequencies. Having reverse engineered the AP audio, Fu, Xu, and Yan then considered what combination of things might have caused the sound at the U.S. embassy in Cuba. "If ultrasound is to blame, then a likely cause was two ultrasonic signals that accidentally interfered with each other, creating an audible side effect," Fu says. "Maybe there was also an ultrasonic jammer in the room and an ultrasonic transmitter," he suggests. "Each device might have been placed there by a different party, completely unaware of the other."


Fake News Spreads Faster Than True News On Twitter -- Thanks To People, Not Bots ( 94

A new study shows that people are the prime culprits when it comes to the propagation of misinformation through social networks. Tweets containing falsehoods reach 1,500 people on Twitter six times faster than truthful tweets, the research reveals. Science Magazine reports: The lead author -- Soroush Vosoughi, a data scientist at the Massachusetts Institute of Technology in Cambridge -- and his colleagues collected 12 years of data from Twitter, starting from the social media platform's inception in 2006. Then they pulled out tweets related to news that had been investigated by six independent fact-checking organizations -- websites like PolitiFact, Snopes, and They ended up with a data set of 126,000 news items that were shared 4.5 million times by 3 million people, which they then used to compare the spread of news that had been verified as true with the spread of stories shown to be false. They found that whereas the truth rarely reached more than 1000 Twitter users, the most pernicious false news stories routinely reached well over 10,000 people. False news propagated faster and wider for all forms of news -- but the problem was particularly evident for political news, the team reports today in Science. At first the researchers thought that bots might be responsible, so they used sophisticated bot-detection technology to remove social media shares generated by bots. But the results didn't change: False news still spread at roughly the same rate and to the same number of people. By default, that meant that human beings were responsible for the virality of false news.

Trump Promises Copyright Crackdown As DoJ Takes Aim At Streaming Pirates ( 107

An anonymous reader quotes a report from TorrentFreak: Yesterday, a panel discussion on the challenges associated with piracy from streaming media boxes took place on Capitol Hill. Hosted by the Information Technology and Innovation Foundation (ITIF), "Unboxing the Piracy Threat of Streaming Media Boxes" (video) went ahead with some big name speakers in attendance, not least Neil Fried, Senior Vice President, Federal Advocacy and Regulatory Affairs at the MPAA. ITIF and various industry groups tweeted many interesting comments throughout the event. Kevin Madigan from Center for the Protection of Intellectual Property told the panel that torrent-based content "is becoming obsolete" in an on-demand digital environment that's switching to streaming-based piracy. "There's a criminal enterprise going on here that's stealing content and making a profit," Fried told those in attendance. "The piracy activity out there is bad, it's hurting a lot of economic activity & creators aren't being compensated for their work," he added.

And then, of course, we come to President Trump. Not usually that vocal on matters of intellectual property and piracy, yesterday -- perhaps coincidentally, perhaps not -- he suddenly delivered one of his "something is coming" tweets. "The U.S. is acting swiftly on Intellectual Property theft," Trump tweeted. "We cannot allow this to happen as it has for many years!" Given Trump's tendency to focus on problems overseas causing issues for companies back home, a comment by Kevin Madigan during the panel yesterday immediately comes to mind. "To combat piracy abroad, USTR needs to work with the creative industries to improve enforcement and target the source of pirated material," Madigan said.


Comcast's Protected Browsing Is Blocking PayPal, Steam and TorrentFreak, Customers Say ( 82

Comcast's Xfinity internet customers have been reporting multiple websites, including PayPal, Steam, and TorrentFreak have been getting blocked by the ISP's "protected browsing" setting. From a report: The "protected browsing" setting is designed to "reduce the risk of accessing known sources of malware, spyware, and phishing for all devices connected to your home network." This, in general, isn't a bad thing. It's similar to Google Chrome's security settings that warn you when you have an insecure connection. But it's odd that Xfinity's security setting would be blocking perfectly harmless sites like PayPal. Multiple consumers have been reporting on Comcast's forums and elsewhere that they've been blocked while trying to access sites that many people use every day. After posting about it on the forums, one user who said they couldn't access PayPal said the problem with that particular site had been fixed. Further reading: Comcast's Protected Browsing Blocks TorrentFreak as "Suspicious" Site (TorrentFreak).

Can the Most Contentious Piece of the Web Form the Basis of a New Standard? Inside Google's Plan To Make the Whole Web as Fast as AMP ( 59

Dieter Bohn, writing for The Verge: In a blog post today, Google is announcing that it's formally embarking on a project to convince the group in charge of web standards to adopt technology inspired by its Accelerated Mobile Pages (AMP) framework. In theory, it would mean that virtually any webpage could gain the same benefits as AMP: near-instantaneous loading, distribution on multiple platforms, and (critically) more prominent placement on Google properties. This is important, a little tricky to understand, and critical to how the web and Google interact in the future. In many ways, Google's success or failure in this endeavor will play a major role in shaping how the web works on your phone.

[...] By creating AMP, Google blithely walked right into the center of a thicket comprised of developers concerned about the future of the web. Publishers are worried about ceding too much control of their distribution to gigantic tech companies, and all of the above are worried that Google is not so much a steward of the web but rather its nefarious puppet master. The whole situation is slightly frustrating to David Besbris, VP of search engineering at Google. Earlier this week, I went to Mountain View to talk with Besbris and Malte Ubl, engineering lead for AMP. "This is honestly a fairly altruistic project from our perspective," says Besbris. "It wasn't like we invented AMP because we wanted to control everything, like people assume," he says. Instead, he argues, go back and look at how dire the state of the mobile web was a few years ago, before AMP's inception.


Amazon Launches a Low-Cost Version of Prime For Medicaid Recipients ( 88

An anonymous reader quotes a report from TechCrunch: Amazon announced this morning it will offer a low-cost version of its Prime membership program to qualifying recipients of Medicaid. The program will bring the cost of Prime down from the usual $12.99 per month to about half that, at $5.99 per month, while still offering the full range of Prime perks, including free, two-day shipping on millions of products, Prime Video, Prime Music, Prime Photos, Prime Reading, Prime Now, Audible Channels, and more. The new program is an expansion on Amazon's discounted Prime service for customers on government assistance, launched in June 2017. For the same price of $5.99 per month, Amazon offers Prime memberships to any U.S. customer with a valid EBT card -- the card that's used to disburse funds for assistance programs like Temporary Assistance for Needy Families (TANF), Supplemental Nutrition Assistance Program (SNAP), and Women, Infants, and Children Nutrition Program (WIC). Now that same benefit is arriving for recipients of Medicaid, the public assistance program providing medical coverage to low-income Americans. To qualify for the discount, customers must have a valid EBT or Medicaid card, the retailer says.

Snap Is Laying Off Around 100 Engineers 64

An anonymous reader quotes a report from CNBC: Snap is laying off about 100 engineers -- nearly 10 percent of the team -- CNBC has learned. The company has seen smaller rounds of layoffs in recent months in its marketing, recruiting and content divisions. These layoffs would be Snap's largest yet and the first to hit the company's engineers. The company last month rolled out the redesign of its pioneering photo messaging app. The redesign separated publisher content from content posted by friends and connections. Snap reported roughly 3,000 employees as of the December quarter and said in its first annual filing that it expected "headcount growth to continue for the foreseeable future."

Leaked Files Show How the NSA Tracks Other Countries' Hackers ( 66

An analysis of leaked tools believed to have been developed by the U.S. National Security Agency (NSA) gives us a glimpse into the methods used by the organization to detect the presence of other state-sponsored actors on hacked devices, and it could also help the cybersecurity community discover previously unknown threats. The Intercept: When the mysterious entity known as the "Shadow Brokers" released a tranche of stolen NSA hacking tools to the internet a year ago, most experts who studied the material honed in on the most potent tools, so-called zero-day exploits that could be used to install malware and take over machines. But a group of Hungarian security researchers spotted something else in the data, a collection of scripts and scanning tools the National Security Agency uses to detect other nation-state hackers on the machines it infects. It turns out those scripts and tools are just as interesting as the exploits. They show that in 2013 -- the year the NSA tools were believed to have been stolen by the Shadow Brokers -- the agency was tracking at least 45 different nation-state operations, known in the security community as Advanced Persistent Threats, or APTs. Some of these appear to be operations known by the broader security community -- but some may be threat actors and operations currently unknown to researchers.

The scripts and scanning tools dumped by Shadow Brokers and studied by the Hungarians were created by an NSA team known as Territorial Dispute, or TeDi. Intelligence sources told The Intercept the NSA established the team after hackers, believed to be from China, stole designs for the military's Joint Strike Fighter plane, along with other sensitive data, from U.S. defense contractors in 2007; the team was supposed to detect and counter sophisticated nation-state attackers more quickly, when they first began to emerge online. "As opposed to the U.S. only finding out in five years that everything was stolen, their goal was to try to figure out when it was being stolen in real time," one intelligence source told The Intercept. But their mission evolved to also provide situational awareness for NSA hackers to help them know when other nation-state actors are in machines they're trying to hack.


Chrome 65 Arrives With Material Design Extensions Page, New Developer Features ( 34

An anonymous reader quotes a report from VentureBeat: Google today launched Chrome 65 for Windows, Mac, Linux, and Android. Additions in this release include Material Design changes and new developer features. You can update to the latest version now using the browser's built-in silent updater or download it directly from Chrome 65 comes with a few visual changes. The most obvious is related to Google's Material Design mantra. The extensions page has been completely revamped to follow it. Next up, Chrome 65 replaces the Email Page Location link in Chrome for Mac's File menu with a Share submenu. As you might expect, Mac users can use this submenu to share the URL of a current tab via installed macOS Share Extensions. Speaking of Macs, Chrome 65 is also the last release for OS X 10.9 users. Chrome 66 will require OS X 10.10 or later. Moving on to developer features, Chrome 65 includes the CSS Paint API, which allows developers to programmatically generate an image, and the Server Timing API, which allows web servers to provide performance timing information via HTTP headers.

Sri Lanka Blocks Facebook, Instagram To Prevent Spread of Hate Speech ( 123

Sri Lanka has blocked social media websites Facebook, Instagram and WhatsApp to avoid the spread of hate speech in the country, local media reported on Wednesday. From the report: Even though there is no official confirmation from the authorities, the Cabinet Spokesman Minister Rajitha Senaratne on Wednesday said the government has decided to block access to certain social media. Telecom Regulatory Commission (TRC) has started to monitor all social media platforms to curb hate speech related to communal riots escalated in Kandy district. Telecommunication service providers (ISPs) have also restricted internet access in Kandy district on the instructions of the TRC.

Google Is Selling Off Zagat ( 33

An anonymous reader quotes a report from TechCrunch: Seven years after picking up Zagat for $151 million, Google is selling off the perennial restaurant recommendation service. The New York Times is reporting this morning that the technology giant is selling off the company to The Infatuation, a review site founded nine years back by former music execs. The company had been rumored to be courting a buyer since early this year. As Reuters noted at the time, Zagat has increasingly become less of a focus for Google, as the company began growing its database of restaurant recommendations organically. Zagat, meanwhile, has lost much of the shine it had when Google purchased it nearly a decade ago. The Infatuation, which uses an in-house team of reviewers to write up restaurants in major cities like New York, San Francisco, Los Angeles and London, is picking up the service for an undisclosed amount. The site clearly believes there's value left in the Zagat brand, even as the business of online reviews has changed significantly in the seven years sinceGoogle picked it up.

The Slow Death of the Internet Cookie ( 97

Sara Fischer, writing for Axios: Over 60% of marketers believe they will no longer need to rely on tracking cookies, a 20-year-old desktop-based technology, for the majority of their digital marketing within the next two years, according to data from Viant Technology, an advertising cloud. Why it matters: Advertising and web-based services that were cookie-dependent are slowly being phased out of our mobile-first world, where more personalized data targeting is done without using cookies. Marketers are moving away from using cookies to track user data on the web to target ads now that people are moving away from desktop. 90% of marketers say they see improved performance from people-based marketing, compared with cookie-based campaigns.
The Internet

WordPress Now Powers 30% of Websites ( 64

WordPress now powers 30 percent of the web, according to data from web technology survey firm W3Techs. From a report: This represents a 5 percentage point increase in nearly two and a half years, after WordPress hit the 25 percent mark in November 2015. It's worth noting here that this figure relates to the entire Web, regardless of whether a website uses a content management system (CMS) or not. If we're looking at market share, WordPress actually claims 60.2 percent, up from 58.7 percent in November 2015. By comparison, its nearest CMS rival, Joomla, has seen its usage jump from 2.8 percent to 3.1 percent, while Drupal is up from 2.1 percent to 2.2 percent.

Rhode Island Bill Would Impose Fee For Accessing Online Porn ( 503

If a recently introduced bill passes the General Assembly this session, Rhode Island residents will have to pay a $20 fee to access sexually explicit content online. The bill, introduced by Sen. Frank Ciccone (D-Providence) and Sen. Hanna Gallo (D-Cranston), would require internet providers to digitally block "sexual content and patently offensive material." Consumers could then deactivate that block for a fee of $20. The Providence Journal reports: Each quarter the internet providers would give the money made from the deactivation fees to the state's general treasurer, who would forward the money to the attorney general to fund the operations of the Council on Human Trafficking, according to the bill's language. If online distributors of sexual content do not comply with the filter, the attorney general or a consumer could file a civil suit of up to $500 for each piece of content reported, but not blocked, according to the bill.

Six Tech Companies Filing Net Neutrality Lawsuit ( 31

An anonymous reader quotes a report from The Hill: Six technology companies, including Kickstarter, Foursquare and Etsy, have launched a lawsuit against the Federal Communications Commission (FCC) in an effort to preserve net neutrality rules. The companies, which also include Shutterstock, Expa and Automattic, on Monday filed their petition with the U.S. Court of Appeals for the District of Columbia Circuit. The companies join Vimeo and Mozilla, as well as several state attorneys general who have also filed lawsuits against the FCC in support of the net neutrality rules. Like the other lawsuits, their new case hinges on the Administrative Procedure Act, which they argue prevents the FCC from "arbitrary and capricious" redactions to already existing policy. "Already, over 30,000 Etsy sellers participated in the FCC's public comment process, and tens of thousands more reached out to Congress in support of net neutrality. Now we're bringing their stories and experiences to the courts," said Althea Erickson, head of advocacy and impact at Etsy.

Do Neural Nets Dream of Electric Sheep? ( 201

An anonymous reader shares a post: If you've been on the internet today, you've probably interacted with a neural network. They're a type of machine learning algorithm that's used for everything from language translation to finance modeling. One of their specialties is image recognition. Several companies -- including Google, Microsoft, IBM, and Facebook -- have their own algorithms for labeling photos. But image recognition algorithms can make really bizarre mistakes. Microsoft Azure's computer vision API added the above caption and tags. But there are no sheep in the image. None. I zoomed all the way in and inspected every speck. It also tagged sheep in this image. I happen to know there were sheep nearby. But none actually present. Here's one more example. In fact, the neural network hallucinated sheep every time it saw a landscape of this type. What's going on here?

Are neural networks just hyper-vigilant, finding sheep everywhere? No, as it turns out. They only see sheep where they expect to see them. They can find sheep easily in fields and mountainsides, but as soon as sheep start showing up in weird places, it becomes obvious how much the algorithms rely on guessing and probabilities. Bring sheep indoors, and they're labeled as cats. Pick up a sheep (or a goat) in your arms, and they're labeled as dogs.

The Internet

Google Fiber Is a Faint Echo of the Disruption We Were Promised ( 173

An anonymous reader quotes a report from Motherboard: Some eight years on and Google Fiber's ambitions are just a pale echo of the disruptive potential originally proclaimed by the company. While Google Fiber did make some impressive early headway in cities like Austin, the company ran into numerous deployment headaches. Fearing competition, incumbent ISPs like AT&T and Comcast began a concerted effort to block the company's access to essential utility poles, even going so far as to file lawsuits against cities like Nashville that tried to expedite the process. Even in launched markets, customer uptake wasn't quite what executives were expecting. Estimates peg Google Fiber TV subscribers at fewer than 100,000, thanks in large part to the cord cutting mindset embraced by early adopters. Broadband subscriber tallies (estimated as at least 500,000) were notably better, but still off from early company projections. Even without anti-competitive roadblocks, progress was slow. Digging up city streets and burying fiber was already a time-consuming and expensive process. And while Google has tried to accelerate these deployments via something called "microtrenching" (machines that bury fiber an inch below roadways), broadband deployment remains a rough business. It's a business made all the rougher by state and local regulators and lawmakers who've been in the pockets of entrenched providers like Comcast for the better part of a generation.

Thieves Steal 600 Powerful Bitcoin-Mining Computers In Iceland ( 88

The Associated Press reports of a Bitcoin heist in Iceland where thieves stole some 600 computers used to "mine" bitcoin and other virtual currencies. "Some 11 people were arrested, including a security guard, in what Icelandic media have dubbed the 'Big Bitcoin Heist,'" reports the Associated Press. From the report: The powerful computers, which have not yet been found, are worth almost $2 million. But if the stolen equipment is used for its original purpose -- to create new bitcoins -- the thieves could turn a massive profit in an untraceable currency without ever selling the items. Three of four burglaries took place in December and a fourth took place in January, but authorities did not make the news public earlier in hopes of tracking down the thieves. Police tracking the stolen computers are monitoring electric consumption across the country in hopes the thieves will show their hand, according to an industry source who spoke on condition of anonymity because he is not allowed to speak to the media. Unusually high energy usage might reveal the whereabouts of the illegal bitcoin mine. Authorities this week called on local internet providers, electricians and storage space units to report any unusual requests for power.

Slashdot Top Deals