Connect with us


RotaJakiro: A Linux backdoor that has flown under the radar for years




A Linux backdoor recently discovered by researchers has avoided VirusTotal detection since 2018.

Dubbed RotaJakiro, the Linux malware has been described by the Qihoo 360 Netlab team as a backdoor targeting Linux 64-bit systems. 

RotaJakiro was first detected on March 25 when a Netlab distributed denial-of-service (DDoS) botnet C2 command tracking system, BotMon, flagged a suspicious file.

At the time of discovery, there were no malware detections on VirusTotal for the file, despite four samples having been uploaded — two in 2018, one in 2020, and another in 2021.   

Netlab researchers say the Linux malware changes its use of encryption to fly under the radar, including ZLIB compression and combinations of AES, XOR, and key rotation during its activities, such as the obfuscation of command-and-control (C2) server communication. 

At present, the team says that they do not know the malware’s “true purpose” beyond a focus on compromising Linux systems. 

There are 12 functions in total including exfiltrating and stealing data, file and plugin management — including query/download/delete — and reporting device information. 

However, the team cites a “lack of visibility” into the plugins that is preventing a more thorough examination of the malware’s overall capabilities. 

Netlab described the backdoor’s functions and encryption, as below:

“At the coding level, RotaJakiro uses techniques such as dynamic AES, double-layer encrypted communication protocols to counteract the binary & network traffic analysis.

At the functional level, RotaJakiro first determines whether the user is root or non-root at run time, with different execution policies for different accounts, then decrypts the relevant sensitive resources using AES & ROTATE for subsequent persistence, process guarding and single instance use, and finally establishes communication with C2 and waits for the execution of commands issued by C2.”

In addition, RotaJakiro will treat root and non-root users on compromised systems differently and will change its persistence methods depending on which accounts exist. 

For example, when running under a root account, a new process may be created to automatically respawn configuration files, whereas in a non-root scenario, two separate processes are created to monitor and, if necessary, restore each other. 

Netlab has also suggested links to the Torii botnet due to some coding similarities in commands and traffic management. 

At the time of writing, six out of 61 VT engines now detect the backdoor’s files as malicious. Further analysis can be found at Intezer

Previous and related coverage

Have a tip? Get in touch securely via WhatsApp | Signal at +447713 025 499, or over at Keybase: charlie0

Coinsmart. Beste Bitcoin-Börse in Europa


New York Attorney General declares top ISPs committed net neutrality fraud




When then-President Donald Trump’s Federal Communications Commission (FCC) tried to destroy net neutrality in 2017, everyone knew that millions of comments in favor of breaking net neutrality were bogus. 

As then-New York Attorney General Eric Schneiderman said at the time, two million net neutrality comments were fake. Schneiderman said: “Moving forward with this vote would make a mockery of our public comment process and reward those who perpetrated this fraud to advance their own hidden agenda.” Schneiderman was wrong. 

His successor, Letitia James, found after a multi-year investigation that there had been “18 million fake comments with the FCC,” including over 500,000 fake letters sent to Congress in support of the repeal.

Behind this vast majority of this astroturfing campaign was Broadband for America, a marketing group funded by the country’s top ISPs. In classic 1984 doublespeak, it claims to be in favor of net neutrality while, in reality, being a group of its greatest enemies. Its members include AT&T, CenturyLink, Charter, CTIA – The Wireless Association, Comcast, Cox, NCTA – The Internet & Television Association, Telecommunications Industry Association (TIA), and USTelecom-The Broadband Association.

James reported: “After a multi-year investigation, we found the nation’s largest broadband companies funded a secret campaign to influence the FCC’s repeal of net neutrality rules — resulting in millions of fake public comments impersonating Americans. These illegal schemes are unacceptable.”

Altogether, 80% of all public FCC comments filed on its net-neutrality proposal four years ago came from the scammers. There was never, as Ajit Pai, then-FCC chairman and a former Verizon attorney claimed at the time, any mass support for destroying net neutrality. Pai, after leaving office, was hired as a partner by private equity firm Searchlight Capital Partners, where he works on telecom and ISP acquisitions.  

James continued: “The broadband industry hired marketing companies that co-opted and created identities and filed nearly 18 million fake comments with the FCC and sent over half a million fake letters to Congress in support of the repeal. This practice was also used to influence other policies. Today, we stopped three of these marketing companies from continuing their illegal behavior and recommended reforms to stop this type of fraud in the future.”


These three companies are Fluent, React2Media and Opt-Intelligence. They all settled with the attorney general’s office and agreed to pay fines. They did not, however, admit to any wrongdoing. They did agree to get permission from anyone they quote in the future in comments purporting to represent public opinion. These businesses and at least three other companies were paid $4.2 million by Broadband for America. The investigation into this hack of democracy is still ongoing. 

Where did the fake comments come from? The Office of the New York Attorney General (OAG) found that Broadband for America couldn’t rely on real grassroots support since the public overwhelmingly supported robust net neutrality. So, it created them via co-registration lead generation. In coregistration, consumers are offered rewards, such as gift cards, sweepstakes entries, or an e-book, for providing personal information and responding to advertisements. These include everything from discounted children’s movies to free trials of products. 

To conceal the comments’ true source, Broadband for America’s contractors also created web pages for the conservative-leaning advocacy groups. Few comments, however, were submitted via these web pages. But they gave the impression that comments the FCC received came from Trump supporters. 

In fairness, it wasn’t just the anti-net neutrality forces that generated fake comments. A 19-year-old college student who supported net neutrality filed over 7.7 million pro-neutrality comments with the FCC. Unlike Broadband for America, he didn’t use the names and addresses of real people without their consent. Instead, he automatically created comments using software-generated fake names and addresses. 

The FCC, in theory, should have been able to spot this activity. In practice, it was clueless and didn’t detect that millions of submissions were coming from a single IP address. The OAG also identified another group of 1.6 million pro-neutrality comments that were submitted using fictitious identities but hasn’t been able to find out where they came from. 

In the course of the investigation, the OAG found the FCC wasn’t the only one being targeted by big business. The OAG found that fraudulent comment campaigns had also targeted policy decisions at the Environmental Protection Agency and the Bureau of Energy Management at the US Department of the Interior. 

Looking ahead, the OAG recommends several reforms to root out the deception and fraud that have infected public policy-making. These are

  • Advocacy groups to take steps to ensure they have obtained valid consent from an individual before submitting a comment or message to the government on their behalf
  • Agencies and legislatures that manage electronic systems that receive comments and messages to hold advocacy groups and their vendors more accountable for the comments they submit on behalf of individuals
  • Lawmakers to strengthen laws to deter the submission of deceptive and unauthorized comments to the government
  • Agencies to adopt technical safeguards to protect against unauthorized bulk submissions using automation.

Hopefully, all these changes will happen sooner than later. Democracy has enough trouble as it without businesses pretending to be millions of citizens. 

Related Stories:

Checkout PrimeXBT
Trade with the Official CFD Partners of AC Milan

Continue Reading


Would you install iPhone apps from a third-party iOS store?




There’s pressure — both legal and otherwise — on Apple to open up iOS and iPadOS to third-party app stores, freeing both customers and developers from Apple’s iron grip.

But would you buy apps from a third-party app store?

As I see it, there are pros and cons, and when it comes to the end user, it’s mostly cons.

Must read: This is what happens when you lose an Apple AirTag

A lot of potential pros are being suggested, from more choice to cheaper apps to an ethereal sense of “freedom” from Apples rules and regulations.

On the downside, there wouldn’t be the curation that Apple carries out, and a rejection of apps that break the rules. Also, I suspect that moves such as making developers come clean about what they do with your data, or preventing them from tracking you across the web would likely get the chop.

What wouldn’t change is what developers can do, since most of the safeguards as to what apps can and can’t do are built into iOS.

Personally, I’m skeptical that a third-party app store would be good for end users. Sure, giving developers more flexibility over pricing would help them, but unless the new app store was curated to the same standards that Apple curates its App Store, I can’t help but see it degrade into a cesspit of fart apps and nonsense.

Also, now that Apple is putting pressure on privacy and tracking, any third-party app store that didn’t follow similar rules would become inundated by badware.

I can see why developers and advertisers — and bad guys — love the idea of an app store separate to Apple, but I’m having a tough time coming up with much in the way of end-user benefits, beyond promises of cheaper apps and a sense of not being tied to Apple.

I’m also having a hard time seeing the corporate world embrace third-party app stores on the iPhone, and I see them getting the same treatment that alternative app stores get on Android — they get blocked.

But, at the end of the day, it doesn’t matter if Apple opens up the iPhone to third-party app stores, the real question is whether users will use them.

I couldn’t see myself using them. I played with the Cydia app store many moons ago, but as the functionality built into iOS apps has increased, that became unnecessary for me a long time ago.

But the masses are easily swayed, and I can see the players who are upset by Apple’s privacy measures or fee structure making a hefty push to get users to make the switch. And some certainly have the ability push such a store hard.

Would you download iPhone apps from a third-party store? Why/why not? Let me know in the comments below!

Coinsmart. Beste Bitcoin-Börse in Europa

Continue Reading


Cybersecurity warning: Russian hackers are targeting these vulnerabilities, so patch now




Russian cyber attacks are being deployed with new techniques – including exploiting vulnerabilities like the recent Microsoft Exchange zero-days – as its hackers continue to target governments, organisations and energy providers around the world.

A joint advisory by, the US Department for Homeland Security’s Cybersecurity Infrastructure Security Agency (CISA), FBI and the National Security Agency (NSA),as well as the UK National Cyber Security Centre looks to warn organisations about updated Tactics, Techniques and Procedures (TTPs) used by Russia’s foreign intelligence service, the SVR – a group also known by cybersecurity researchers as APT29, Cozy Bear, and The Dukes

It comes after cybersecurity agencies in the US and the UK attributed the SolarWinds attack to Russia’s civilian foreign intelligence service, as well as several campaigns targeting Covid-19 vaccine developers.

“The SVR is a technologically sophisticated and highly capable cyber actor. It has developed capabilities to target organisations globally, including in the UK, US, Europe, NATO member states and Russia’s neighbours,” said the alert.

The advisory warns that Russian cyber attackers have updated their techniques and procedures in an effort to infiltrate networks and avoid detection, especially when some organisations have attempted to adjust their defences after previous alerts about cyber threats.

This includes the attackers using open source tool Sliver as a means of maintaining access to compromised networks and making use of numerous vulnerabilities, including vulnerabilities in Microsoft Exchange.

Sliver is an open source red team tool, a tool used by penetration testers when legally and legitimately testing network security, but in this case is being abused to consolidate access to networks compromised with WellMess and WellMail, custom malware associated with SVR attacks.

SEE: Network security policy (TechRepublic Premium)

Although the paper warns that this isn’t necessarily a full list, other vulnerabilities – all of which have security patches available – used by Russian attackers, include: 

  • CVE-2018-13379 FortiGate
  • CVE-2019-1653 Cisco router
  • CVE-2019-2725 Oracle WebLogic Server
  • CVE-2019-9670 Zimbra
  • CVE-2019-11510 Pulse Secure
  • CVE-2019-19781 Citrix
  • CVE-2019-7609 Kibana
  • CVE-2020-4006 VMWare
  • CVE-2020-5902 F5 Big-IP
  • CVE-2020-14882 Oracle WebLogic
  • CVE-2021-21972 VMWare vSphere 

The attackers are also targeting mail servers as part of their attacks as they’re useful staging posts to acquire administrator rights and the ability to further network information and access, be it for gaining a better understanding of the network, or a direct effort to steal information.

But despite the often advanced nature of the attacks, the paper by US and UK cybersecurity authorities says that “following basic cyber security principles will make it harder for even sophisticated actors to compromise target networks”.

This includes applying security patches promptly so no cyber attackers – cyber criminal or nation-state backed operative – can exploit known vulnerabilities as a means of entering or maintaining persistence on the network.

Guidance by the NCSC also suggests using multi-factor authentication to help protect the network from attack, particularly if passwords have been compromised.


Coinsmart. Beste Bitcoin-Börse in Europa

Continue Reading


Best place to sell or trade-in your old phone, computer and tech gear




Looking to get some cash to finance your next smartphone, tablet, laptop, or video game console purchase? Many websites specialize in cashing in or provide trade-in value for your consumer electronics, including exchange/listing services, buyback services, and manufacturer trade-in programs.

In most of these cases, you can sell your old gear without having to visit a single location. You just need to drop it in the mail, and depending on which place you are working with, you will be provided with return packaging or a shipping label to print out. Some will even pick up your equipment using a courier.

Exchanges/listing services

An exchange or listing service is the most conventional of options for those who want to be directly involved in negotiating the sale and have the most control over the sale process to offer items up for bid or “buy it now” pricing. The benefit of this is that you can negotiate the highest price for your merchandise possible, but the negative is that there’s the highest amount of touch required, so it is the most hassle-intense of all the options. It may take longer to find the right buyer for your item on one of these services, and aborted sales are widespread.


eBay is the largest internet exchange for selling any product, merchant to merchant, merchant to buyer, or independent seller to buyer in the entire world. Its smartphone and consumer electronics section is probably the most active for secondary market sales of any consumer site. Single item sellers exist, but it is more oriented towards volume sellers who have made a business out of selling refurbished or used merchandise.

Payment: Direct bank transfer
Turnaround: Varies

View Now at eBay


Open exchange for buying and selling used phones, tablets, video games, cameras, and home tech — seller to buyer listings, with back and forth negotiation.

Payment: Paypal. No seller fees, but buyers pay a small fee that is included in the sale price.
Turnaround: Varies

View Now at Swappa


Facebook For Sale groups are available in every town for any kind of new and used merchandise available. These are internet versions of classified ads, with no listing fees and no transaction fees. The burden of creating the listing and entering all product details, and interacting with the buyer is all the seller’s responsibility. No merchandise guarantees, risky. Negotiation can occur in public on Facebook posts or in Messenger, also offline/text/email.

Payment: Anything goes. Cash, arranged electronic payment, trades.
Turnaround: Varies

View Now at Facebook

Buyback services

A buyback service is a website that has pre-negotiated pricing for listed categories and models of devices based on their stated condition, such as good, excellent, pristine, or even cracked or damaged. Provided the item received during inspection meets the pre-negotiated condition, you’ll receive that price for the item. If it doesn’t meet the negotiated condition, these services typically will offer you a reduced price, or they will offer to return the item to you.


This service distinguishes itself by having a flexible payment system as it includes direct bank transfers via Zelle, PayPal, or regular bank checks. 

Payment: Paypal, Zelle, or check
Turnaround: 72 hours after receipt of item using standard shipping, accelerated turnaround available for additional $15 fee via two-day shipping option. Processing can take up to five business days.

View Now at Itsworthmore


Similar service to Itsworthmore, with a large variety of devices and products available to buy and sell, including custom quotes for unlisted items. 

Payment: PayPal, direct deposit, BuyBackWorld gift card, prepaid debit card, and check
Turnaround: 48 hours after passing inspection

View Now at Buybackworld


UPS Integrated Logistics (CAMS) partner specializing in buying and reselling used Apple, Samsung, and Google smartphones and tablets, as well as video game systems and home automation products

All inspection and packaging occur either with a UPS courier that visits your home or business or at a UPS store. Payment occurs within 24 hours of receipt of the package. The full insured value of the assessed item occurs during transfer to UPS. The company commits to selling or sustainably disposing of all received products.

Payment: Direct deposit or Amazon gift card
Turnaround: 24 hours after receipt of the item

View Now at Backflip


Trade-in for credit service on many forms of consumer electronics. Many kinds of devices are listed, but not consistently the most aggressive on offers and frequently not up to date on the most current devices on the market. The trade-in process is fair and generally fast — ideal for people who heavily use Amazon.

Payment: Amazon gift card
Turnaround: 48 hours after receipt of the item

View Now at Amazon Trade-In


Similar to Amazon’s trade-in service, you pick a product category, manufacturer, model, and condition, and the system will provide you a quote. The accepted offer is awarded as a store credit in the form of a Best Buy gift card.

Payment: Best Buy gift card
Turnaround: Instant if done in person at a retail store. Seven to nine business days if mailed

View Now at Best Buy Trade-In

Manufacturer trade-in

If you don’t need to liquidate your device for cash, but instead, simply want to trade up to a newer model, it’s often the least path of resistance to take advantage of a manufacturer’s own trade-in programs, which will give you the cash value of your device with the purchase of a new device. 


If you’re looking to buy a new Apple device, using its own trade-in service is a good, hassle-free option, especially if you are looking to finance some of that purchase with your existing phone, tablet, or computer. 

The company will take other manufacturers’ products but gives the best prices on its own. This isn’t the best service to use if you want a quick turnaround on payment, as it can take two or three weeks to process unless you do the trade-in at an actual Apple Store retail location. 

However, the company will send you packaging with prepaid shipping customized to the device you are sending back, making the entire process very easy to deal with. To use this option, either go to Apple’s trade-in site directly or choose “I have a device to trade-in” when purchasing a new device from the Apple Store.

Payment: Apple Store gift card or trade-in value during the purchase of Apple products
Turnaround: Instant at an Apple retail store, two to three weeks if done online

View Now at Apple


Google’s trade-in service is primarily used when looking to trade-in an older smartphone to the Google Pixel phones — it will not only take its own Pixel devices in trade, but also Apple, Samsung, LG, and Motorola phones. As with Apple, the turnaround time for credit on your purchase may take two to three weeks.

Payment: Trade-in value for credit on a new Pixel phone
Turnaround: Can take two to three weeks

View Now at Google


As with Google and Apple, Samsung generally runs promotions for trade-in on its latest model devices shortly after their introduction. For 2021, it is running it for the S21 5G series. The company accepts older models of their own devices and Apple, Google, LG, and Motorola.

Payment: Trade-in value during the purchase of S21 5G 

View Now at Samsung

Why and when to cash or trade-in

As with anything you buy, when you remove a product from its packaging, it immediately depreciates. Additionally, as soon as a new model of whatever product you are using is announced, the value depreciates even more. 

How do you get the highest price for my device?

If you are inclined to get the highest price for your item, you’ll want to trade it in before a newer model year is announced. Typically, most manufacturers will eliminate a product from a model line once a year. Still, some may retain products for sale from the previous model year. (Apple even offers the iPhone 11, XR, and the SE while the iPhone 12 is for sale.) In that case, the models that are eliminated from the line — such as the iPhone XS or the iPhone 8 from two generations prior — will become much more depreciated. 

When should you trade in your device?

There are times of the year that best align with the announcement of the sale of new models. In the case of Apple, there is usually a fall cadence, typically in mid-September, when iPhones, iPad Air, and entry-level iPad models are announced. iPad Pro models now tend to be announced in late spring, March, or April. Samsung Galaxy S series phones and tablets usually are announced in January, Note series are announced in August (although it is questionable the Note line will continue production now that the S series is virtually identical with pen support), and the last two flagship Google Pixel devices were announced in October and September, respectively.

Where should you trade in your device: Manufacturer or third-party listing service?

If you intend to trade in the device for another device at the same manufacturer, it may make sense to use the manufacturers’ own trade-in program rather than a buyback service, as their pricing tends to be more aggressive on their own products. You might be able to get a somewhat higher price at a listing service, but the much higher level of effort to get it for a minimal price difference of $20 to $50 might not be worth it.

ZDNet Recommends

Coinsmart. Beste Bitcoin-Börse in Europa

Continue Reading
Aviation4 days ago

American Airlines Passenger Arrested After Alleged Crew Attack

Blockchain3 days ago

The Reason for Ethereum’s Recent Rally to ATH According to Changpeng Zhao

Blockchain2 days ago

Chiliz Price Prediction 2021-2025: $1.76 By the End of 2025

Blockchain3 days ago

Mining Bitcoin: How to Mine Bitcoin

Blockchain3 days ago

Mining Bitcoin: How to Mine Bitcoin

Fintech4 days ago

Talking Fintech: Customer Experience and the Productivity Revolution

Blockchain5 days ago

Bitcoin Gains Bullish Momentum, Signals Another Major Rally

Blockchain5 days ago

Ruffer Investment Sold Bitcoin Holdings After Elon Musk’s Bullish Tweets

PR Newswire2 days ago

Teamsters Lead Historic Defeat of CEO Pay at Marathon Petroleum

Blockchain5 days ago

Ethereum Market Capital Overtakes Bank of America

Aviation5 days ago

Lufthansa To Equip Entire Boeing 777F Fleet With Sharkskin Technology

Blockchain3 days ago

Mining Bitcoin: How to Mine Bitcoin

Startups5 days ago

Equity Monday: TechCrunch goes Yahoo while welding robots raise $56M

Cyber Security4 days ago

Alaska Court System Temporarily Disconnected the Internet After a Cybersecurity Threat

Start Ups5 days ago

British events startup FIXR raises €7.4 million and prepares to welcome back nightlife

AR/VR1 day ago

Apple is giving a laser company that builds some of its AR tech $410 million

Blockchain5 days ago

Ripple Releases $1.6 Billion XRP from Escrow Account

Esports5 days ago

European Masters Spring Finals between BT Excel and Karmine Corp. hits peak of 377,000 viewers

Blockchain5 days ago

Indonesian lawmakers propose tax laws on cryptocurrency transactions.

Startups5 days ago

Top-5 Working Marketing Strategies on 2021 for Moving Company