news.buyenne.com

In zwei Jahren ist Dell intern um 50 Prozent unbeliebter geworden. Das liegt auch an strikten Homeoffice-Regeln und Massenentlassungen. (Dell, Computer)

In 2023, Google and its cybersecurity partners teamed up with German law enforcement agencies after discovering BadBox, a botnet comprised of 74,000 Android devices infected with malware.

After deploying a range of measures to suppress BadBox, a much larger threat quickly arrived.

BadBox 2.0

BadBox 2.0 was discovered by HUMAN’s Satori Threat Intelligence and Research team. Their initial report published in March revealed how infected devices were able to request and click on ads without the user being aware, committing ad fraud and laundering.

As part of a botnet able to act as a residential proxy network, devices were also being used for account takeovers, DDoS attacks, and spreading malware. Since infected devices are also capable of executing new code delivered over the internet, without any user interaction, the potential for harm was unusually high.

One million infected devices…

At the time the impact of BadBox 2.0 was described as global, with more than one million devices infected in 222 countries and territories. To prevent the spread, users were advised to only download apps from official marketplaces such as Google Play while avoiding off-brand devices.

A list of device model numbers made available since reveals that cheap set-top boxes manufactured in China appear to account for the majority of infected devices. However, laptop and desktop computers, smartphones, tablets, in-car entertainment devices and digital projectors have all been compromised too.

In an announcement late last week, Google revealed that in partnership with HUMAN Security and Trend Micro, its researchers are now battling a botnet comprised of 10 million uncertified and infected devices, running Android’s open-source software (Android Open Source Project), “which lacks Google’s security protections.”

Lawsuit Filed in New York

Google’s actions include a lawsuit filed at a federal court in New York which began in May but with most documents sealed until recently. In addition to a temporary restraining order issued on May 30, on July 1 Google was awarded a preliminary injunction to mitigate the ongoing spread of malware, infection of new devices, and other “criminal schemes”.

The identities of the defendants – Does 1-25 – are reportedly unknown but with some confidence Google’s recently unsealed complaint places the blame firmly on bad actors in China who it believes would not comply with a judgment for money damages.

• The Infrastructure Group: Established and manages the “command-and-control” C2 infrastructure (C2 Servers and domains) for BadBox 2.0.
• The Backdoor Malware Group: Developed and preinstalls malware on the infected devices and uses that malware to operate a botnet composed of a subset of BadBox 2.0-infected devices to carry out a variety of ad fraud campaigns.
• The Evil Twin Group: Develops apps that the BadBox 2.0 Enterprise uses to commit ad fraud via hidden ads.
• The Ad Games Group: Connected to an ad fraud campaign conducted through BadBox 2.0-infected devices that uses fraudulent “games” to generate ads in hidden web browsers

Google Obtains Permission to Take Significant Action

Specific details are currently withheld, but it appears that Google has been granted broad permission based on claims under the Computer Fraud and Abuse Act (CFAA) and the Corrupt Organizations Act (RICO), to block (and require other entities to block) traffic to and/or from IP addresses and certain domains.

Other reasonable measures, including seizing control of domain names through registrars and registries, are also at Google’s disposal, to limit the botnet’s ability to operate.

Blocking Measures on Steroids

The FBI’s advice is for users to “avoid downloading apps from unofficial marketplaces advertising free streaming content” and “assess all IoT devices connected to home networks for suspicious activity.”

While avoiding unofficial marketplaces is straightforward, those looking for the latest movies and TV shows are unlikely to find suitable apps offering that content for free anywhere else. Monitoring home networks is likely to prove prohibitively difficult too.

There may be a very good argument for physically destroying these devices. The complaint states that the entire supply chain is compromised. “They are devices manufactured by the BadBox 2.0 Enterprise,” it reads.

But even if malware isn’t preinstalled, it can be installed remotely when devices are switched on by the user or when users download apps designed to look attractive but carry a similarly malicious payload.

The preliminary injunction obtained by Google is available here (pdf)

From: TF, for the latest news on copyright battles, piracy and more.

Wer einen Sharepoint-Server betreibt, sollte dringend handeln. Hacker hebeln derzeit aktiv einen Patch für eine kritische Sicherheitslücke aus. (Sicherheitslücke, Microsoft)

Netflix, Amazon und Disney sollen mehr in deutsche Produktionen investieren. Kulturstaatsminister Weimer will entsprechende Regelungen. (Netflix, Amazon)

Mit einem Preis von 22,22 Euro positioniert sich die Manba Slush Eismaschine als preiswerte Option im Vergleich zur beliebten Ninja Slushi. (Technik/Hardware, Unterhaltung & Hobby)

Der KI-Chatbot Grok von Elon Musk soll in einer speziellen Variante für Kinder erscheinen. Zuletzt gab es Kritik an Grok. (Chatbots, KI)

Bis 21. September 2025 bietet die Golem Karrierewelt bis zu 25 Prozent Rabatt auf eine breite Auswahl an E-Learning-Kursen und -Paketen, ideal für die gezielte Weiterbildung in IT- und Sicherheitsbereichen. (Golem Karrierewelt, Software)

Twenty-five years ago, X-Men became a summer blockbuster and effectively re-energized a then-flagging market for superhero movies, which have dominated the industry (for better and worse) ever since. It's still a vastly entertaining film, with great characters, a zippy pace, and plenty of action. And its broader themes still strongly resonate with viewers today.

(Many spoilers below.)

In the mid-1990s, the popularity of the animated X-Men TV series caught the attention of 20th Century Fox (now 20th Century Studios), who purchased the rights from a cash-strapped Marvel Comics and hired Bryan Singer (The Usual Suspects) to direct. At the time, the project was perceived by some as a bit risky, given waning Hollywood interest in the genre after 1997's disastrously campy Batman and Robin. But the gamble paid off: X-Men was a major hit, spawning its own franchise and ultimately the Marvel Cinematic Universe.

Read full article

Comments

Not long after winning the Oscar for Best Picture in 2010, the makers of the war action thriller ‘The Hurt Locker’ set their eyes on their next prize.

With a then-novel legal scheme, they planned to sue tens of thousands of Americans, who shared pirated copies of their film via BitTorrent, in a single lawsuit.

“We’re creating a revenue stream and monetizing the equivalent of an alternative distribution channel,” lawyer Jeffrey Weaver said at the time.

These types of business models, where lawyers and anti-piracy outfits also reap the financial benefits, were already well-known in the UK and Germany, but the United States opened the doors to millions of new targets.

Fifteen years later, these lawsuits are still prevalent, but the playing field has changed. Filing lawsuits against hundreds or thousands of defendants at once was ruled a no-go. This made these legal campaigns substantially more expensive, as every complaint comes with a filing fee and paperwork.

At the same time, some judges were showing increasing reluctance to take on this type of case. And with a ruling that an IP address alone is insufficient evidence, nearly all rights holders gave up on the practice.

Strike 3’s Unrelenting Anti-Piracy Campaign

Strike 3 Holdings is the only prolific litigant in BitTorrent piracy cases today. Known for brands including ‘Milfy,’ ‘Tushy,’ and ‘Vixen,’ the adult entertainment company isn’t scaling down either.

Thus far this year, the company has filed 2,277 lawsuits in U.S. courts, putting the firm on track to beat last year’s record of more than 3,900 lawsuits filed overall. All of these cases target IP addresses observed in public BitTorrent swarms, allegedly sharing adult videos.

Once a complaint is filed, Strike 3 obtains a subpoena through which it can compel the corresponding Internet provider to share the personal details of the account holder. This person can then be added as a named defendant in the case and summoned to appear in court.

These types of lawsuits seldom make it to trial. Strike 3 often reaches out to the defendant with a settlement offer and if both parties agree, that effectively ends the case. Lawsuits can also be dismissed for other reasons which are typically not made public. And in rare instances, defendants can claim a victory of sorts.

A Pirate’s Catch 22

Whether defendants are innocent or not, these cases typically have financial implications. Some defendants opt to proceed pro se, defending themselves; legal representation isn’t cheap, especially if many hours are spent on the case, let alone a full trial.

This leads to a catch-22 situation where defendants have to invest thousands of dollars to prove their innocence, without a guarantee of success or financial compensation. Ironically, it is often cheaper to settle the case, even for someone who did nothing wrong.

We are not lawyers, and the above is not legal advice, but it illustrates the conundrum some people find themselves in. For those defendants who really are innocent, there’s no easy way out. That’s simply how the system works.

Given this backdrop, some defendants choose to ignore a lawsuit completely, hoping that it will go away. That may be understandable, but it is arguably the worst option of all. And typically the most costly too.

Ignoring a Lawsuit Can Be a Costly Mistake

Most Strike 3 cases are dismissed, often after a settlement, but default judgments are also common. When defendants fail to respond to a lawsuit, the plaintiff’s arguments can be taken as written and with no defense, the alleged pirate literally loses by default.

We don’t report on most of these judgments because they have little news value in isolation. However, damages awards can be substantial and in the bigger picture, the numbers quickly add up.

Earlier this year, we highlighted three defendants who were ordered to pay $97,500, $86,250 and $26,250 respectively. But there are many more.

A quick glance at recent records reveals a $24,000 award for damages against a defendant in Texas last month. Strike 3 requested a $51,750 damages award at a California federal court last week, against a defendant who alleged shared 96 videos. And with thousands of cases still in the pipeline, these lawsuits are unlikely to end anytime soon.

For anyone involved in one of these cases, innocent or not, the defaults are a reminder that ignoring legal paperwork can be a costly mistake. And if defendants are innocent, history has shown that it can be worth putting up a serious defense. But of course, that will likely mean a substantial upfront legal bill.

From: TF, for the latest news on copyright battles, piracy and more.

The MeLE Overclock X2 is a compact desktop computer that’s barely larger than a smartphone, measuring 178 x 94 x 21mm (about 7″ x 3.7″ x 0.8″). But it’s a full-fledged PC with an Intel processor, a decent set of I/O options, and something you won’t find in any phone: support for user-replaceable memory and […]

The post MeLE Overclock X2 is an almost pocket-sized PC with Intel N150 and upgradeable RAM & storage appeared first on Liliputing.