Talking points Feb. 3

Malwarebytes, another disappointing event

Saturday Jan. 27th, turned out to be quite the ordeal for a large number of PC users.

Malwarebytes pushed out a protection update that caused connection issues. Amongst problems with the web protection aspect, Malwarebytes caused a huge spike in memory usage, so much so the computers crashed.

I am personally a premium user of MBAM, and felt this thing hard. My computer started randomly spiking and crashing and kept on doing so for a couple of hours. I managed to finally get MBAM uninstalled and re-installed and I guess that happened around the time MBAM pushed out another protection update, which resolved the issue.

I have been a premium user for a few years, and even though I’ve experienced a number of troubles, I’ll continue to use the software after my renewal this upcoming May. I’m used to issues and I like this software enough to stick with it.

YouTube, changes to the partner program

Mid January, YouTube announced some pretty big changes to their partner program (YTPP). Since April 2017, the criteria to be eligible for the program, your channel had to have at least 10000 lifetime views. This changes to: a minimum of 1000 subscribers AND 4000 hours of watchtime in the past 12 months.

I am a YT partner (albeit a micro one) and my channel is one of those who will lose the privileges of the program. When I first received the notification, I was very disappointed, but as I’ve had time to think and also hear from other creators; I find it less of a problem and more of a kick in the backside, to get me to work harder on my content and channel.


Apple to delay iOS features. Shift in focus?

A number of websites, including macrumors.com, say Apple has shifted their focus on iOS 12. Instead of focusing on new features they’re focusing on addressing performance and quality issues. The quote is from Ina Fried, chief technology correspondent at Axios.

New features are said to be postponed to 2019, including a planned refresh of the iPhone home and also CarPlay interface. Including this shift, Apple is said to focus more on their work to make iPhone more responsive and better at not producing customer support cases.

Google testing new features to improve snippets function due to inaccurate and offensive results

According to theverge.com Google is said to be experimenting with new formats in order to help improve their snippets function. This comes as a result of some trouble last year, where when it was found to display wildly offensive and inaccurate search results.

In a blog post from Tuesday, they announced testing new options amongst others “near matches”, showing more than one snippet for some searches. Google also says they’re working on displaying more than one snippet in cases where your phrase of a question could produce contradictory results. The current working of the function favor content that’s strongly aligned with what was asked.

“There are often legitimate diverse perspectives offered by publishers, and we want to provide users visibility and access into those perspectives from multiple sources,” Matthew Gray, the software engineer who leads the featured snippets team, said in the blog post.

Malvertising leads 500k victims to ~90 bad Chrome Web Store extensions

In a document from Trend Micro, which you can read here: Trend Micro, there’s a list of questionable Chrome extensions. I’ve skimmed the list and my first thought was; Who downloads this??? The naming says it all, in my honest opinion. Basically the ext’s enables a feature called session replay, which can record and retype different user actions. This being mouse clicks, keystrokes as well as scrolling and what-not.

A group dubbed Droidclub is said to be the creator, and they’re known for hijaking browsers in order to mine Monero, display advertisements and now these extensions. Once installed and activated, done in a normal malicious way, the extension(s) calls and regularly checks in with the attacking groups control and command server.

Google states to Trend Micro that they had addressed the issue by removing the extension from the store and disabled them on devices of all affected Chrome installations.

Adobe Flash zero-day exploit in the wild

A group called Group 123, is thought to be behind an exploit of Adobe Flash that came to light on Wed. this week, when South Korea’s CERT issued an advisory warning. The warning states that attack code was circulating in the wild, exploiting the new zero-day flaw.

This is the first time Group 123 steps into the “major league”, deploying ROKRAT (a remote admin tool that’s been live since at least Jan. 2017) through an infected Excel document. Group 123 are thought to be mainly located in Korea as members speak perfect Korean as well as being well familiar with the Korean peninsula. North/South;it’s not specific, but a South Korean security researcher tweeted Thursday that the flash exploit was “made by North Korea” and not answering to questions of the statement.

Cryptocurrency botnets render some companies unable to operate

The Smominru botnet is thought to have infected over 520000 machines and generated as much as $3.6 million worth of the digital coin Monero in under a year. Because Bitcoin is so resource intensive to mine, unless you operate a huge mining farm, Monero interest is high. Monero mining is also no longer effective on normal desktop computers, however; A botnet like this is quite profitable.

Other mining botnets like Zealot and Adylkuzz also appropriate exploit code developed by the NSA, later put online by the group Shadow Brokers. Smominru uses other exploit techniques to infect computers, all though it can revert to NSA’s EternalBlue or even make use of Windows Management Interface. Botnets like these interrupt and punish performance on business networks, slowing down machines and drive up electricity usage.

Sources; MBAM, YT Creator Blog, Axios, TheVerge, CSO, ArsTechnica, ArsTechnica.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.