Month: September 2020

Enlarge / Rampant Kitty has been targeting Telegram like a feline to twine. (credit: Check Point)

Researchers said they have uncovered an ongoing surveillance campaign that for years has been stealing a wide range of data on Windows and Android devices used by Iranian expatriates and dissidents.

The campaign, which security firm Check Point has named Rampant Kitten, comprises two main components, one for Windows and the other for Android. Rampant Kitten’s objective is to steal Telegram messages, passwords, and two-factor authentication codes sent by SMS and then also take screenshots and record sounds within earshot of an infected phone, the researchers said in a post published on Friday.

The Windows infostealer is installed through a Microsoft Office document with a title that roughly translates to “The Regime Fears the Spread of the Revolutionary Cannons.docx.” Once opened, it urges readers to enable macros. If a user complies, a malicious macro downloads and installs the malware. The Android infostealer is installed through an app that masquerades as a service to help Persian-language speakers in Sweden get their driver’s license.

Enlarge / The Tesla Gigafactory under construction in 2016. Tripp would start work there the following year. (credit: Troy Harvey/Bloomberg via Getty Images)

A federal judge in Nevada has thrown out a defamation case by former Tesla employee Martin Tripp against his former employer. At the same time, Judge Miranda Du refused to dismiss Tesla's charge that Tripp had violated Nevada's computer crime law when he provided confidential Tesla information to a reporter.

Tripp came to public attention in the spring of 2018 when he told several news organizations—including Ars Technica—that he had evidence that Tesla was wasting raw materials and exaggerating its progress toward producing 5,000 Model 3 cars per week. When a friend of Tripp's called Tesla to warn that Tripp was heavily armed and might "come back and shoot people," Tesla repeated the claim to news organizations. The accusation proved unfounded.

Tesla sued Tripp for violating trade secret and computer crime laws. Tripp counter-sued for defamation over the shooting claims. In a Thursday ruling, Du dismissed Tripp's defamation claims but let some of Tesla's claims move forward to trial.

Enlarge / Amazon boxes. (credit: Getty Images | Julie Clopper)

Six people were indicted on allegations of paying over $100,000 in bribes to Amazon employees and contractors as part of a scheme to give third-party sellers unfair advantages on the Amazon marketplace. Among other things, the indictment says that Amazon workers who accepted bribes reinstated sellers whose accounts had been suspended for offering dangerous products, and these workers suspended the seller accounts of fraudulent sellers' competitors.

The US Department of Justice today announced the indictment handed down by a grand jury in the Western District of Washington. The "defendants paid bribes to at least ten different Amazon employees and contractors," the DOJ said. In one case, a 31-year-old defendant named Nishad Kunju "accepted bribes as a seller-support associate in Hyderabad, India, before becoming an outside consultant who recruited and paid bribes to his former colleagues," the DOJ said.

In exchange for bribes, Amazon workers "baselessly and fraudulently conferred tens of millions of dollars of competitive benefits upon hundreds of [third-party] seller accounts that the Defendants purported to represent," the indictment said. The DOJ said that workers "helped reinstate products and merchant accounts that Amazon had suspended or blocked entirely from doing business on the Amazon Marketplace," and that "the fraudulently reinstated products included dietary supplements that had been suspended because of customer-safety complaints, household electronics that had been flagged as flammable, consumer goods that had been flagged for intellectual-property violations, and other goods." These fraudulently reinstated seller accounts included ones Amazon had "suspended for manipulating product reviews to deceive consumers, making improper contact with consumers, and other violations of Amazon's seller policies and codes of conduct," the DOJ said.

Enlarge / The Centers for Disease Control and Prevention (CDC) headquarters stands in Atlanta, Georgia, US, on Saturday, March 14, 2020. As the novel coronavirus has spread in the US, the CDC is under increasing heat to defend a shaky rollout of crucial testing kits. Photographer: Elijah Nouvelage/Bloomberg via Getty Images (credit: Getty | Bloomberg)

In a dramatic move, the Centers for Disease Control and Prevention on Friday restored its recommendation to test people who have been exposed to the pandemic coronavirus, SARS-CoV-2, but don’t have symptoms—erasing politically motivated changes made by members of the Trump administration without the support or input of CDC scientists.

The CDC had—until August 24—always recommended testing for all people who have had close contact (within 6 feet for 15 minutes or more) with someone infected with SARS-CoV-2, regardless of symptoms. The CDC stated clearly that this is “important” and should be done quickly “because of the potential for asymptomatic and pre-symptomatic transmission,” which is largely thought to drive the pandemic.

But the guidance was abruptly and quietly changed August 24 to say that exposed people who do not have symptoms “do not necessarily need a test.”

Enlarge / The Centers for Disease Control and Prevention (CDC) headquarters stands in Atlanta, Georgia, US, on Saturday, March 14, 2020. As the novel coronavirus has spread in the US, the CDC is under increasing heat to defend a shaky rollout of crucial testing kits. Photographer: Elijah Nouvelage/Bloomberg via Getty Images (credit: Getty | Bloomberg)

In a dramatic move, the Centers for Disease Control and Prevention on Friday restored its recommendation to test people who have been exposed to the pandemic coronavirus, SARS-CoV-2, but don’t have symptoms—erasing politically motivated changes made by members of the Trump administration without the support or input of CDC scientists.

The CDC had—until August 24—always recommended testing for all people who have had close contact (within 6 feet for 15 minutes or more) with someone infected with SARS-CoV-2, regardless of symptoms. The CDC stated clearly that this is “important” and should be done quickly “because of the potential for asymptomatic and pre-symptomatic transmission,” which is largely thought to drive the pandemic.

But the guidance was abruptly and quietly changed August 24 to say that exposed people who do not have symptoms “do not necessarily need a test.”

• 

  Across the country, GameStop locations had many more $499 Standard Edition PS5 systems for preorder than the $399 Digital Edition

The $399, disc-drive-free Digital Edition of the PlayStation 5 may be in much shorter supply at US retailers this holiday season than the $499 version with a standard disc drive. That's based on an Ars Technica analysis of PS5 preorder hardware allocations this week at GameStop locations across the country.

Ars was able to confirm the initial PS5 preorder allocations for nine separate GameStop locations. All told, roughly 24 percent of the stock available at these locations was taken up by the Digital Edition, with the remaining 76 percent for the Standard Edition.

The Digital Edition ratios at individual locations ranged from 13 to 33 percent of all the available PS5 preorders, with 20 percent being the most common ratio. Each individual GameStop location in our sample received anywhere from 15 to 30 PS5 units total, with 20 being the most common number.

Enlarge / Screenshot of the Internet Archive's home page, including the WayBack Machine's search box. (credit: Internet Archive)

The Internet Archive and Cloudflare have teamed up to archive the content of websites that use Cloudflare's Always Online service, increasing the odds that users will be able to view a recent version of a website during outages. The partnership will increase the number of webpages scanned by the Internet Archive, making the organization's Wayback Machine more useful to Internet users in general.

"Websites that enable Cloudflare's Always Online service will now have their content automatically archived, and if by chance the original host is not available to Cloudflare, then the Internet Archive will step in to make sure the pages get through to users," said an announcement by Mark Graham, director of the Internet Archive's Wayback Machine.

Cloudflare says its Always Online feature saves "a limited copy of your cached website to keep it online for your visitors" when the origin server is unavailable, ensuring that a website's "most popular pages are represented." Using the Wayback Machine will improve the Always Online service, Cloudflare CEO Matthew Prince said.