Category: Tech

Motive Sundays, Tech

Navigating Success: Overcoming Self-Doubt and Celebrating Wins

Always keep reaching.
Photo by Swapnil Sharma, please support by following @pexel.com

Motive Sundays

Have you ever dreamt big, felt the excitement of reaching for a goal, then suddenly slammed on the brakes? You’re not alone. The fear of success – yes, it’s a real thing – can be a surprising roadblock, holding you back from achieving amazing things.

This script dives into why this fear exists in its many forms, how to overcome it, and why embracing your full potential is absolutely worth it.

Why We Fear the Spotlight (and the Shadows)

The fear of success can manifest in many ways. Maybe it’s the worry that success will come too fast, leaving you feeling unprepared. Perhaps it’s the nagging voice that whispers you’re just a “fluke” and won’t be able to repeat your achievements (imposter syndrome). Some might fear the disruption success brings to their routines and relationships, while others might be anxious about taking on increased responsibility.

  • Fear of Change: Success can disrupt the comfortable rhythm of your life. Maybe you worry that reaching your goals will mean neglecting hobbies you love or straining relationships with loved ones. The key here is open communication. Talk to your support system about your goals and how you can navigate changes together. Building a strong support network will make the climb to success much smoother.
  • Fear of Failure After Success: Have you ever achieved something amazing, only to be plagued by the fear you can’t possibly repeat it? This is imposter syndrome, a sneaky trick of the fear of success. Remember, everyone makes mistakes. Focus on learning from them and celebrating your accomplishments, big and small.
  • Fear of Increased Responsibility: Success often comes with more responsibility, which can be daunting. Break down large tasks into manageable steps. Don’t be afraid to delegate! Building a strong team around you can help you shoulder the burden and leverage everyone’s strengths.
  • Fear of Losing Loved Ones: The fear that success might alienate friends or family is a real one. Here’s the truth: true friends will celebrate your achievements with you. Maintain open communication and healthy boundaries. Share your success stories with loved ones and invite them to be part of your journey.
Believe in the better half of you.
Photo by Gantas Vaiciulenas, please support by following @pexel.com

Believe in Yourself: You Are Enough

The good news? You are capable of more than you think. Self-doubt is a natural human emotion, but it doesn’t have to be your final word. Here’s the key: be your own cheerleader. Acknowledge those doubts, but don’t let them define you. Remember all the times you’ve overcome challenges in the past. You have the strength and resilience to keep moving forward.

Success is a Journey, Not a Finish Line

Think of success not as a mountain peak you conquer, but as a breathtaking hike. There will be moments of incredible views, and there will be stretches that test your endurance. But the journey itself is where the growth happens. Embrace the learning experiences, celebrate the small wins, and keep your eyes on the horizon.

Embrace your success with others no matter how small it may be.
Photo by Min An, please support by following @pexel.com

Your Story Matters: Share and Inspire

Have you ever battled the fear of success? Did you overcome it? We all have stories to share, and yours could be the spark that ignites someone else’s journey. Leave a comment below and share your experiences. Let’s create a supportive community where we celebrate each other’s wins and push each other to reach our full potential. Remember, you are capable of amazing things. Now go out there and unleash your inner power!

Love learning tech? Join our community of passionate minds! Share your knowledge, ask questions, and grow together. Like, comment, and subscribe to fuel the movement!

Security, Tech

Dev’s Gain a Job Loss…

For many, this feeling doesn’t come from holding regular jobs.
Photo by Nina Uhlikova, please support by following @pexel.com

Love Gained, Job loss

Do you have a job that you love? A job that you can’t go one day thinking about. A job so perfect that you can’t see how you would live the rest of your life without it. If you’re like most people, then your answer is moreover going to be a deafening “no”.

Not surprisingly, most people grew up and found the old saying, “Do what you love, and you’ll never work a day in your life,” to be a load of …cow dung. At least the grass looks nice.

Given not being satisfied with your current job or not having one depending on the situation you’re in, you are more likely to have been advised to seek work from job posting boards/sites like LinkedIn, indeed, and Monster. Seeing the amount of job postings on these job sites could have you scratching your head and checking your skillset.

This isn’t bad, you are trying to find your “dream job” after all, and you may land on one to apply. However, can we tell you that not every job posting is a real one? Don’t know what we mean?

Today, we’ll look into this trend of fake jobs—a little about why this method would be used, and how you can protect yourself from falling victim.

Like what you’re reading so far? Why not consider subscribing for more?

Always take a closer look when it comes to being online.
Photo by Andrea Piacquadio, please support by following @pexel.com

So, you’re on Indeed, and you’re looking around for a job that matches your skillset. You know the skills you went to college for, spent four to eight years of your time, only to meet the request of you having five years of experience for an entry-level job.

Math isn’t mathing, yea, we know, a quick shoutout to Human Resources. They found a way to job-block. Okay, moving along, you found your dream job, you want to be a developer and there’s an opening.

Great, you apply, get a date for an online interview. The day finally comes, the interviewer asks you to install something onto your computer so the interview can take place. To your surprise, however, you just fell victim to a new campaign called “Dev Popper”.

Yes, you have been hoodwinked. Threat actors are using job postings to trick people, mainly software developers, into installing a RAT (Remote Access Trojan). A trojan on its own is bad enough, but the remote access allows the threat actor to navigate around your machine.

How is this a problem? Well, think of it this way, you opened the door of your home to a robber along with giving them the key. They can do what they want.

Sometimes we give you too much information, but that’s okay. We’re nerds, it’s what we do.
Photo by cottonbro studio, please support by following @pexel.com

A quick fun fact, while this activity is illegal, there have been some questions if the use of RATs is legal. They are to a degree depending on the purpose. If someone from the IT help desk was trying to solve a problem on your computer, they would ask you to download something to give them access, and you would watch them as they were fixing the problem.

This use case is perfectly legal, now if they were to find a folder saying, “Bank Account” and copy information from there, then that steers to being illegal because this is being done with malicious intent.

Also, another issue with RATs is, that once they’re on your machine, a backdoor can be created for the threat actor to retrieve any data they didn’t take the first go around. So, word to the wise, pay attention to your downloads and keep your backdoor closed.

So, you may be wondering, “How would I be able to tell I have a RAT?” Some tell-tales are seeing unfamiliar programs, processing running, or if you find items have been deleted without your intervention. RATs tend to be installed with other programs or “PUPs” (Possible Unwanted Programs) and can eat up your CPU usage.

Other ways to tell something that may be on your machine are; that it’s taking longer than usual for a program to run, and the obvious one; your mouse is moving without your intervention. Unless your residence is possessed, the other logical answer is that you have a ghost in your machine. That ghost is a threat actor.

Enjoyed this reading and want to read more? Why not consider liking, sharing, and subscribing?

Programming, Security, Tech

Super Mario 3: The Spicy Meatball Edition

Consider following on social media!

Quick note: if you’re viewing this via email, come to the site for better viewing. Enjoy!

This might be the new mushroom kingdom if things don’t get better with Mario.
Photo by Russell Butcher, please support by following @pexel.com

All might not be so one up in the mushroom kingdom. Gamers who love playing as the tubby loveable plumber hopping in and out of pipes might want to opt for playing his other games until the sewage clears.

In a nutshell, if you have downloaded Super Mario 3: Mario Forever then the game isn’t the only thing that might be running on your computer. We’re going to look at what kind of attack this is, who used it, the functionality and effects upon its release, and what are some ways you can prevent this from being your computer’s last one up.

Subscribe today to Scriptingthewhy or Mario will beat you with a spicy meatball!
Photo by Pixabay, please support by following @pexel.com

The Attack

One-upping everyone to speed who is unfamiliar with the loveable plumber, his brother Luigi, the Princess Peach, and everyone in the mushroom kingdom, Mario is a popular platformer game that was released in 1985 on the home console Nintendo Entertainment System or widely known as NES under the title “Super Mario Bros.”

The objective of the game was to rescue the chronically kidnapped Princess Peach from the overgrown-I-don’t-know-how-this-relationship-would-work-because-his-a-lizard-and-she’s-a-human King Bowser. Just know a long story short there are some questionable motives on all parties, but Mario goes on a massive trip to rescue her time and time again. And one of those times was the Super Mario 3: Mario Forever game.

For those who may not know, Mario Forever is a fan-made game that was released in 2003 with the old-school NES side-scrolling and art style with an updated look and some new features.

Within the Super Mario game, trojan malware has been released for unsuspecting gamers with the intent to do some mining. And before you make the joke, it’s not mining with Minecraft. Minecraft has its own problems to dig through.

We may have to take a closer look when downloading files.
Photo by cottonbro studio, please support by following @pexel.com

Who Can It Be Now

Digging through research, threat actors were discovered by Cyble—a cyber threat intelligence and research company, that has spotted threat actors distributing a slightly different sample of Super Mario 3 installer.

It has been known that threat actors frequently hide malware in-game installers and since Mario is a highly popular gaming franchise this makes the perfect attack vector for threat actors.

Just when you thought Mario couldn’t plunge himself deeper into your wallet. Thanks a lot Nintendo.

Enjoy the read so far? Why don’t you consider subscribing so you can keep up to date?

Derek: Z-Daddy, you mean like the malware piggy backs like this?
Z-Daddy: That Derek but in this version there’s two spicy meatballs.
Photo by Pexels User, please support by following @pexel.com

The Sinking Feeling

Appearances of Mario Forever, the trojan edition, have been thought to be seen circulating on gaming forums, and social media outlets, and appearing high up on search results. In this attack, there are three portions.

The first installs the Mario game and the other two secretly creep into the victim’s AppData directory during the installation. Once this process is complete, the installer fires up the XMR and the SupremeBot mining client. All the information about the victim’s machine is collected and sent to a mining server to begin the mining process.

A quick thing to note, XMR which is better known as Monero, is a mining program used by cybercriminals for crypto-jacking. In short, it makes use of the CPU (Central Processing Unit) to mine for Monero coins, the irony. The file for Monero will appear as “java.exe”. While this happens, SupremeBot, which will appear as a file named “atom.exe”, creates a copy of itself and places it in a hidden folder of the game’s installation directory.

Afterward, hiding under the name of a legitimate process, a scheduled task is created to run the copy every 15 minutes indefinitely. The first process is stopped, and the original file is deleted, this is done to avoid detection. Once that is completed, the malware sets up a connection with the C2 (Command and Control) server, here is where the collected data is transmitted, information about the client is registered, and the configuration for mining Monero is run.

SupremeBot then receives the payload from the C2 server in the form of a file named ‘wime.exe.’ This final file is called Umbral Stealer (UmS)—an information stealer programmed in C# designed to steal from infected Windows devices. All the information stored in web browsers such as, but not limited to, stored passwords, cookies, session tokens, crypto wallets, credentials, and authentication tokens for Discord, Minecraft, Roblox, and Telegram.

UmS can also create screenshots of the desktop, gain control of the webcam, and other media devices and collect local data before exiting to the C2 server. If that wasn’t enough, UmS can bypass the Windows Defender if tamper protection isn’t enabled.

If not enabled, UmS will add itself to Defender’s exclusion list, this means if it wasn’t on the welcome list before, it is now. UmS will also configure Windows host files to hinder communication with antivirus products rendering them ineffective. Just when you thought having a little security couldn’t get any smaller.

So, do I… squat to get into the pipe or…what? How do I protect Mario anyway?
Photo by cottonbro studio, please support by following @pexel.com

The Prevention

Any gamer will tell you that it’s hard to keep Mario completely safe while traversing Mushroom World on his never-ending quest to rescue Princess Peach. Many know it takes a couple of hits to cost Mario a life, but it only takes one for your computer.

A few ways to defend are downloading from official sources as third-party sources could have malware. It is best to frequently scan any downloads before running them on your computer.

Always make sure your antivirus software is up to date. If you feel as though you may have downloaded an infected version of Mario Forever, then you should scan your computer and remove anything detected.

If found, you should prioritize what is most important and change all passwords to any logins such as personal, banking, emails, and financial immediately. Keep your information safe and let Mario be the one running around in a panic.

Yea, I’ll just wait until this whole thing blows over. I’ll help Mario with his mushroom addiction later.
Photo by Anurag Sharma, please support by following @pexel.com

Made it this far and found this to be entertaining? Then a big thanks to you and please show your support by cracking a like, sharing this with whomever, scripting a comment, or plug-in to follow.

Would like to give sincere thanks to current followers and subscribers, your support and actions mean a lot and has a play in the creation of each script.

Do you feel like there is something I may have missed on Monero, SupremeBot, or Umbral Stealer? Script a comment below.