Tag: hackers

Programming, Security, Tech

Testing Beta Alert

Consider following on social media!

Quick note: if you’re viewing this via email, come to the site for better viewing. Enjoy!

What is it now, fam? Can we not get anything right?
Photo by Ketut Subiyanto, please support by following @pexel.com

We’re back in the Google Play Store and things haven’t gotten any better. It has been long-standing knowledge that if you want anything to work or see if it has any value, people need to test your product other than yourself.

By doing this, you can get all the good and bad feedback to create what seems to be your contribution to the world for the betterment of humanity.

All the great minds throughout history have gone through this, and you clearly see this being done today with us doing launches into space and claiming it’s for humanity just in case the Earth goes bad but in reality, they’re displaying their getaway plan which none of us will be able to afford. We’re looking at you Elon.

Being done with pointing fun at venture capitalism, back to the growing concern which is beta testing. Are you curious as to know how this is a problem when everyone is simply trying things out?

Let us explain. We’re going to go over what kind of attack this is, who is using it, the functionality, and effects upon release, and what are some ways you can keep yourself from being on the receiving end of testing a product that may be testing you.

Fun fact: having elder people play video games helps ward off mental conditions and improve memory.
Photo by Tima Miroshnichenko, please support by following @pexel.com

The Attack

If you’re not into computers or have very little knowledge of how software and games are developed, then you may be wondering what in the world is “beta testing”. It’s not what you think, there isn’t a group of people in a room sitting across from each other staring trying to establish who is alpha and who is beta.

Beta testing is the testing of a product that is almost ready to hit the market. This is done to get feedback as to what should stay in or be removed or what could be added to improve interactions.

How is this a problem we hear you ask? At its core, it isn’t but as of late threat actors have been releasing apps on the Google Play Store as betas to lure people into downloading onto their devices. Threat actors are testing the waters with this one.

Yes, all you have do is download the app and enter your bank information. It’s that simple.
Photo by cottonbro studio, please support by following @pexel.com

Who Can It Be Now

No one group or individual has been named for using this tactic, but rest assured the attackers are out there. Many incidents have involved phishing emails and romancing scams. No, this doesn’t involve the good old catfishing mail-order bride or husband.

In this kind of attack, the threat actor is building a false relationship with the victim in order to get the victim to perform a step-by-step process of downloading or jailbreaking their device.

Phishing emails and others of the like are sent with the promise of big returns on investment for trying the beta app. However, this is a bogus claim because the payment method is in cryptocurrency. Why do scammers like requesting gift cards, money orders, and cryptocurrency you ask?

If you think about it, obtaining these items requires no personal interaction, they’re difficult to trail back to the scammer, and you can gain access to them from anywhere. Also, the government and banks can’t monitor Bitcoin and other cryptocurrency platforms so that makes it even more alluring. 

Enjoy the read so far? Why don’t you consider subscribing so you can keep up to date?

I downloaded the beta version, but some weird stuff started happening after I entered my banking information.
Photo by Andrea Piacquadio, please support by following @pexel.com

That Sinking Feeling

Why not use real apps instead of beta? Well, real apps must undergo a rigorous code and review process where beta apps can somewhat fly under the radar because they’re not complete, it just has to look good surface level.

After making it pass review, threat actors change the URL by pointing the app to a malicious server, then the real fun begins.

Malicious code can perform a number of tasks ranging from collecting data from devices, gaining access and depleting online financial accounts, or seizing control of handheld devices.  

Yes, tell Scriptingthewhy that I’m interested in protecting my personal information.
Photo by Antoni Shkraba, please support by following @pexel.com

The Prevention

Are you interested in beta testing the ability to keep money in your bank account, and prevent your life from ending up in disarray? If you had said yes, then you have taken the first step into cybersecurity and if you didn’t then we’re going to tell you how to anyway.

When dealing with emails, especially from people who you may know and have a link attached, cross-check with them on another platform to verify if they indeed sent the email.

Carefully examine the email for misspellings and grammar errors as this could be a big tip-off that something is in the air. Exercise extreme caution when installing a new app and carefully examine the requested permissions for anything that may have you scratching your head.

The biggest clues suggesting that something is on your system are that your battery is draining faster than normal, higher data consumption, experiencing a sudden pop-up ads nightmare, the device running slower, and overheating.

Always remember when beta testing, the app should have developing issues, not your finances.

I’m in cybersecurity and I read Scriptingthewhy, so yeah. Trying to scam me is pretty hard.
Photo by Viktoria Slowikowska, please support by following @pexel.com

Made it this far and found this to be entertaining? Then a big thanks to you and please show your support by cracking a like, sharing this with whomever, scripting a comment, or plug-in to follow.

Would like to give sincere thanks to current followers and subscribers, your support and actions mean a lot and has a play in the creation of each script.

Do you feel like there is something I may have missed on beta testing scammers? Script a comment below.

Programming, Security, Tech

You won’t believe what this snake does…

Consider following on social media!

Quick note: if you’re viewing this via email, come to the site for better viewing. Enjoy!

I need to make some money and fast. I could get into the world of IT. Where to start?
Photo by Chinmay Singh, please support by following @pexel.com

There comes a time in one’s life where they may think to themselves and say “The big ole Information Technology world huh, meh, let me give it a shot. What could go wrong?” Foolish child, we’re here to tell you that a lot could go wrong. One’s reasons for choosing a path in Information Technology or IT for short, could range from making a butt load of money, being the next person to create the next big thing, or simply adding a new skill to their already growing list.

Or maybe it’s a combination of all three. It should be the last one primarily because you’re awesome and striving to better a version of yourself every day is on your to-do list, so go you. However, typically, it’s the first reason since we’re all driven by our finances.

If you’re not making money, then you’re not making sense. A narrow and closed-minded way of thinking but hey, people aren’t usually open-minded so, whatever. For one to get into the world of IT, or jailbreak into IT at this point, a process needs to occur aside from simply learning code, linking resources together, and understanding how packets are sent through a network. When in an interview or at some point in a professional setting, one could be asked if they have ever contributed to what is called “Open source”.

Open source, in a nutshell, let’s say you make an application or a small program, once you feel your program or application is complete, it can then be uploaded to a platform like GitHub where others can either add onto or make corrections to your code. This can also be done vice versa. All in all, whoever is asking about contributing to open source wants to gauge your depth in IT. So, say yes, yes you have contributed to open source.

We checked if you have ever contributed to open source, and you didn’t. Printing “Hello World” doesn’t count as a contribution.
Photo by cottonbro studio, please support by following @pexel.com

The Attack

While there is a chance to get your program to an audience for good intentions other than to make money, others have used that same platform for malicious means. Are you interested in knowing what could be on your computer and getting up all in your network’s guts? Look no further than SSH-Snake. For those who may not know what SSH stands for, again, this is an all-inclusive platform, so we’re just being mindful of the audience.

SSH is “Secure Shell Protocol”, it’s a network protocol for operating network services securely over what is mostly an unsecured network. If you have ever worked with the command line, you’re more likely to be aware of SSH. Just know; common people mess with the Graphical User Interface (GUI), nerds, geeks, and hackers mess with the command line interface (CLI). Don’t know why they called “SSH” and not “SSP”, don’t know where the “H” came from but hey, we don’t make the script, we just read them.

I’m not lonely but I could stand to use some company. Fine, you drive a hard bargain, I’ll click your link.
Photo by Andrea Piacquadio, please support by following @pexel.com

Who Can It Be Now

SSH-Snake is known as a “self-modifying worm”. Worms are already a nightmare provided that once they’re in your system, they begin making their way to anything attached to your network. Doesn’t sound like a fun time? Trust us, it’s not. Self-modifying, as the name implies, the malware can infect a device and make alterations to its code. The best way to think of it is; code that adapts to a given situation.

Would you like to know who is using SSH-Snake? Well, we would like to know the same thing. There are instances where researchers find the tool is being used and report it right away but without finding out who. Granted, it just may not be in their scope which we can respect. Do what the job asks of you and nothing more. Ah, that good old work/life balance.

Enjoy the read so far? Why don’t you consider subscribing so you can keep up to date?

Wait, how could a snake get into a computer?
Photo by Moose Photos, please support by following @pexel.com

That Sinking Feeling

Now, how does SSH-Snake work? The malware finds your system’s cornhole (a way in), this could be done by something simple like clicking on a naughty (it’s not always naughty links but most common) link which could trigger downloading of malicious files housing SSH-Snake. Once downloading is complete, like any other worm, code is executed and now it’s free to run rampant and wreak havoc.

S-Snake(SSH-Snake) will begin collecting information from libraries, look for private keys, and shell history files, and begin spreading once the network is mapped. Other problems included are C2C. This is where all the collected information makes its way back to the threat actor’s lair for later use. SSH-Snake and worm virus have most things in common but what separates them overall is Snake’s ability to self-modify.

This port is an exit only.
Photo by Josie Stephens, please support by following @pexel.com

The Prevention

Great, so now you’re wondering, “How do I protect my computer’s cornhole?” A good way to protect your system is by practicing the best security practices. Always be mindful of what you interact with on the internet as some things may not appear to be on the level. Frequently check for updates for your operating system and anti-virus software. Security is becoming more challenging because technology is getting more advanced but the more you learn, the more you can protect. That was a call for you to learn about cybersecurity in case you’re confused.

Your computer’s security starts with you.
Photo by Designecologist, please support by following @pexel.com

Made it this far and found this to be entertaining? Then a big thanks to you and please show your support by cracking a like, sharing this with whomever, scripting a comment, or plug-in to follow.

Would like to give sincere thanks to current followers and subscribers, your support and actions mean a lot and has a play in the creation of each script.

Do you feel like there is something I may have missed on SSH-Snake? Script a comment below.

Security, Tech

Theft Among JavaScript

Consider following on social media!

Quick note: if you’re viewing this via email, come to the site for better viewing. Enjoy!

I think I can take a break from hacking to look at some cat videos. That’s not weird.
Photo by Pavel Danilyuk, please support by following @pexel.com

The internet is a wide and, in some cases, unknown territory for many people to be on. Most of us simply surf the internet without a second thought as to how it works and let’s be honest some of us don’t really care to know how it does what it does.

We just want our cat videos and to be able to find that video where Gam Gam accidentally set her hair ablaze trying to blow out a candle. No matter what your reason for surfing online, you have to be aware that while surfing, many things lurk underneath or within.

Depending on who you ask. Small nerd fact, the web pages you view, including this one, have three main components. HTML (Hyper Text Markup Language) is what gives the page its layout that you see, the CSS (Cascading Style Sheets) gives the page its “pretty colors” and some effects, and finally, JS (JavaScript) gives the page the functionality to do certain things.

Within JS comes other languages like Node.js however, with more languages comes more problems. We’re going to be going over what the attack is, who is using it, the effects upon release, and what are some ways you can stay safe on your current webpage.

Fun fact: this may seem harmless, but never under any circumstances leave your computer unattended.
Photo by Flo Dahm, please support by following @pexel.com

The Attack

Now you may be wondering why Node.js is being put under the microscope and not JS, and we have your answer. We’re looking at all of them because each one plays a part in a threat actor’s plan.

It all starts with Node.js and NodeStealer, NodeStealer is a malware that is written in JS language and is executed in Node.js. Told you that we were going to be looking at all of them.

You can think of this as that Russian doll thing that houses another smaller version of the bigger one. Just know, your problems are coming from within.

Yup, there are too many breaches, and only one of me. Yup, I’m going to let this company tank.
Photo by olia danilevich, please support by following @pexel.com

Who Can It Be Now

Are you wondering as to who has been using this nasty little trick? Well, so are we. This malware has been out for some time, and no one has made a name for using it.

This just goes to show there are too many threat actors out in the world to keep track. In most cases, threat actors never get caught because there are too many and attacks from the same one are so infrequent.

With infrequent attacks, comes fewer chances of finding the malicious actors.

Enjoy the read so far? Why don’t you consider subscribing so you can keep up to date?

I’m not worried about no NodeStealer, I have 100% security here buddy.
Photo by Andrea Piacquadio, please support by following @pexel.com

That Sinking Feeling

Are you worried about how something like this could creep its way onto your computer? Don’t worry, Z-Daddy has you on that one. NodeStealer can be distributed by various means.

This could include but is not limited to phishing emails, malvertising, and bundling NodeStealer with software that is legitimate. Once NodeStealer is in, it disguises itself as a harmless document. This would be something like a PDF file which would have an appropriate icon and filename.

This is done with the intent to trick the victim into interacting with it. Once that happens the malware can execute and stay on the machine by establishing a persistence. This means even if you turn off your machine and boot it back up, the malware is still there.

The main objective is to obtain your collection of stored passwords, session information, and other possibly useful information.  A thing to note is that it was designed to go after certain web browsers such as Chrome, Opera, Microsoft Edge, and Brave. Before you think about it, no, this is not the movie “Brave.” Brave’s icon is a lion, not a little girl trying to break free from her father’s shadow.

Update our systems? Why would we do that? These babies work just fine.
Photo by Pixabay, please support by following @pexel.com

The Prevention

You’re interested in protecting yourself from this malware, you say. Good, there are some useful tips, however, keep in mind that there is no such thing as 100% protection. Even hand sanitizer says 99.9%, and that covers both hands.

Some basic security measures like being mindful of who sent you an email with links or attachments that were unwarranted. Keeping your operating system up to date and anti-virus software is a must as patches are released to close vulnerabilities.

On a small scale, this can be easily done, but on a larger scale such as with a company with 1,000 employees, this form of protection is easier said than done. This is due to going through the motions which end up with a lot of complacent workers.

It has been said that having one complacent employee is enough to compromise your whole system, a few more, and that could sink your whole company.

I have one more email to go. Oh, my computer is locked. Ransomware? Yeah, today is my last day at this company.
Photo by Jopwell, please support by following @pexel.com

Made it this far and found this to be entertaining? Then a big thanks to you and please show your support by cracking a like, sharing this with whomever, scripting a comment, or plug-in to follow.

Would like to give sincere thanks to current followers and subscribers, your support and actions mean a lot and has a play in the creation of each script.

Do you feel like there is something I may have missed on NodeStealer? Script a comment below.