Connect with us

ZDNET

Go malware is now common, having been adopted by both APTs and e-crime groups

There’s been a 2,000% increase of new malware written in Go over the past few years.

Published

on

go-lang.png

The number of malware strains coded in the Go programming language has seen a sharp increase of around 2,000% over the last few years, since 2017, cybersecurity firm Intezer said in a report published this week.

The company’s findings highlight and confirm a general trend in the malware ecosystem, where malware authors have slowly moved away from C and C++ to Go, a programming language developed and launched by Google in 2007.

Intezer: Go malware, now a daily occurrence

While the first Go-based malware was detected in 2012, it took, however, a few years for Golang to catch on with the malware scene.

“Before 2019, spotting malware written in Go was more a rare occurrence and during 2019 it became a daily occurrence,” Intezer said in its report.

But today, Golang (as it’s often also referred to instead of Go) has broken through and has been widely adopted.

It is used by nation-state hacking groups (also known as APTs), cybercrime operators, and even security teams alike, who often used it to create penetration-testing toolkits.

There are three main reasons why Golang has seen this sudden sharp rise in popularity. The first is that Go supports an easy process for cross-platform compilation. This allows malware developers to write code once and compile binaries from the same codebase for multiple platforms, allowing them to target Windows, Mac, and Linux from the same codebase, a versatility that they don’t usually have with many other programming languages.

The second reason is that Go-based binaries are still hard to analyze and reverse engineer by security researchers, which has kept detection rates for Go-based malware very low.

The third reason is related to Go’s support for working with network packets and requests. Intezer explains:

“Go has a very well-written networking stack that is easy to to work with. Go has become one of the programming languages for the cloud with many cloud-native applications written in it. For example, Docker, Kubernetes, InfluxDB, Traefik, Terraform, CockroachDB, Prometheus and Consul are all written in Go. This makes sense given that one of the reasons behind the creation of Go was to invent a better language that could be used to replace the internal C++ network services used by Google.”

Since malware strains usually tamper, assemble, or send/receive network packets all the time, Go provides malware devs with all the tools they need in one place, and it’s easy to see why many malware coders are abandoning C and C++ for it. These three reasons are why we saw more Golang malware in 2020 than ever before.

“Many of these malware [families] are botnets targeting Linux and IoT devices to either install crypto miners or enroll the infected machine into DDoS botnets. Also, ransomware has been written in Go and appears to become more common,” Intezer said.

Examples of some of the biggest and most prevalent Go-based threats seen in 2020 include the likes of (per category):

Nation-state APT malware:

  • Zebrocy – Russian state-sponsored group APT28 created a Go-based version of their Zebrocy malware last year.
  • WellMess – Russian state-sponsored group APT29 deployed new upgraded versions of their Go-based WellMess malware last year.
  • Godlike12 – A Chinese state-sponsored group deployed Go-based backdoors for attacks on the Tibetan community last year.
  • Go Loader – The China-linked Mustang Panda APT deployed a new Go-based loader last year for their attacks.

E-crime malware:

  • GOSH – The infamous Carbanak group deployed a new RAT named GOSH written in Go last August.
  • Glupteba – New versions of the Glupteba loader were seen in 2020, more advanced than ever.
  • A new RAT targeting Linux servers running Oracle WebLogic was seen by Bitdefender.
  • CryptoStealer.Go – New and improved versions of the CryptoStealer.Go malware were seen in 2020. This malware targets cryptocurrency wallets and browser passwords.
  • Also, during 2020, a clipboard stealer written in Go was found.

New ransomware strains written in Go:

Naturally, in light of its recent discoveries, Intezer, along with others, expect Golang usage to continue to rise in the coming years and join C, C++, and Python, as a preferred programming language for coding malware going forward.

It is used by nation-state hacking groups (also known as APTs), cybercrime operators, and even security teams alike, who often used it to create penetration-testing toolkits.

Source: https://www.zdnet.com/article/go-malware-is-now-common-having-been-adopted-by-both-apts-and-e-crime-groups/

go-malware-is-now-common,-having-been-adopted-by-both-apts-and-e-crime-groups

ZDNET

Tencent Cloud pledges SEA expansion with launch of Indonesia data centre

Chinese internet giant launches its first data centre in Indonesia, with plans to open a second one in the Southeast Asian market as well as Thailand and South Korea within the year, as it looks to build out its cloud footprint across the region.

Published

on

Tencent has opened its first data centre in Indonesia, with plans to open a second within months alongside new sites in other Asian markets including Thailand and South Korea. The Chinese technology giant says the investment is part of an “aggressive” plan to build out its infrastructure in the region and tap growing cloud demand.

Located in Jakarta’s central business district, the data centre boasts two utility power lines and 2N redundant transformers as well as N+1 redundant diesel generator with capacity to support up to 72 hours at full load. Tencent’s cloud coverage currently encompasses 27 regions and 61 availability zones, most of which are located in China and the Asia-Pacific, and includes markets such as Singapore, Tokyo, Mumbai, Seoul, Moscow, Toronto, and Frankfurt.

The tech vendor operates more than 40 data centres in China alone, where its cloud business debut was a decade ago. Its international business was launched some three years ago across various regions and currently operates 19 to 20 data centres outside its domestic market.

It added a second data centre in South Korea early this year and, last month, announced plans to launch its first such facility in Bahrain by year-end to support the Middle East and North Africa region.

The latest site in Jakarta would better facilitate access to data and applications for customers in the region and support Indonesian organisations in their digital transformation efforts, said Poshu Yeung, Tencent Cloud International’s senior vice president, in a call with ZDNet. He added that there had been strong online demand across various verticals including financial services, e-commerce, games, education, and media and entertainment.

Tencent itself had seen significant growth for its online services in Indonesia, where its JOOX music streaming app was the second most popular in the country, Yeung said. It also launched WeTV last year, with plans to create more local production this year, and would soon introduce more games for the local market.

Strong demand for its consumer services had further underscored the need for Tencent to build its own data centres in Indonesia, he said, adding that a second data centre would be operational in the country likely in August. This marked the first time the company was launching two sites in the same market in the same year, he noted.

It also should signal how “aggressive and invested” Tencent was bolstering its presence in Indonesia, which he said was one of the leading growth markets for cloud in Southeast Asia. This demand was also evidence in other markets in the region as well as the wider Asia-Pacific, where it saw significant growth last year, he added.

This was despite the fact that the vendor last November had reported “lingering impact” of the global pandemic on its cloud revenue during its third quarter earnings. Tencent then had pointed to delays in project deployment and new customer signups as well as “non-recurring adjustments” to some IaaS (infrastructure-as-a-service) contracts, which led to a lower growth from its cloud and other business revenue.

Asked to elaborate, Yeung said 2020 was a tough year for many businesses but the cloud market was one of few to see robust growth–fuelled by accelerated digital transformation initiatives–not just for global players, but also Tencent. The vendor’s international cloud business last year had clocked triple-digit growth, he said, noting that this upward momentum was expected to continue this year.

He revealed that Tencent would soon launch a second data centre in Thailand as well as in Japan in June.

Apart from supporting its own business and local enterprise customers, its data centre buildout across the region would tap growth potential from Chinese enterprises looking to expand overseas as well as international companies investing in the local markets.

ZDNet asked if he saw fellow Chinese cloud vendors such as Huawei and Alibaba Cloud, which also were eyeing growth in Southeast Asia, as bigger rivals than global cloud players such as Google, Amazon Web Services, and Microsoft. Yeung noted that the cloud business remained sizeable and there was room for several major players.

He added that cloud providers also often worked together, since enterprise customers increasingly were looking to adopt multi-cloud deployments as part of efforts to avoid being locked into one cloud vendor.

“So there are clear opportunities for everyone,” he said, noting that Tencent aimed to offer added value with SaaS products developed for verticals, such as financial and fintech, media, retail, and healthcare.

The vendor also had a wide ecosystem backing its cloud infrastructure and services, including its WeChat platform, he added.

RELATED COVERAGE

Source: https://www.zdnet.com/article/tencent-cloud-pledges-sea-expansion-with-launch-of-indonesia-data-centre/

tencent-cloud-pledges-sea-expansion-with-launch-of-indonesia-data-centre

Continue Reading

ZDNET

Blockchain-based Odysee keeps your social media content online

Upload whatever content you want without threat of removal and makes sure it stays online. But you will never be able to remove it – ever.

Published

on

Odysee ensures your social media content will not be monitored–or removed zdnet Odysee

If you want to put whatever video content you want online and keep it there without risk of it being removed, the Odysee platform will keep your content on the blockchain permanently.

Created in July 2020, video platform Odysee has grown its user base since its launch in December 2020. The YouTube-like platform hosts video content on the LBRY network. Unlike YouTube there are no moderators, and no safety filters for younger viewers – and the content remains on the blockchain permanently.

People forget – or do not know that once data has been added to the blockchain it can not be changed or removed.

Odysee is built on blockchain technology and ensures that its creators’ channels can never be deleted. When a channel is created, it is recorded permanently in a distributed ledger on the blockchain.

While this seems like a great idea, it could have far-reaching consequences for some content creators years down the line – especially as attitudes change over time. Content creators might be saddled with stupid content that they very much regret as they get older.

Placing video content on the blockchain means that no one entity controls or can change it, making de-platforming impossible no matter how extreme, violent, or untrue the content might be.

Odyssee says that there are about 300,000 content creators on Odysee who upload a wide range of video content across topics ranging from informative to downright odd. Users can view any of the videos for free – unlike other video streaming platforms like Streamanity where the content creator sets the price to view videos.

Its press release in December says that the platform boasts 8,7 million monthly active users, however, Sitechecker reckons that Odysee.com gets less than 10,000 unique visitors per month to get a good result.

Odysee is built using the LBRY protocol which developers use to build apps to interact with content on the LBRY network. The platform’s predecessor LBRY.TV has now been retired in favour of Odysee.

When users upload a video, they deposit a minimum amount of LBC (LBRY Credits) starting from 0.01. 0.01 LBC is less than a cent.

Content creators can set an LBC price to watch the video if they choose. Fans of the video can also tip the content creator if they like the video. Each video shows indicate how many credits they have earned for the creator.

The deposit to upload ensures that the content is registered on the LBRY blockchain and will become discoverable by other users.

Users need to have an Odysee wallet associated with their account, which is viewable once they are logged in. They can also use third-party cryptocurrency wallets to store their cash.

Earnings vary for content influencers. Odysee says that the amount typical influencers make varies, and creators “earn $100 per month all the way up to $5,000 per month” for their uploads.

LBRY Credits are not tied to the price of Bitcoin (BTC), but can be purchased via the app. You can also sell LBC at an exchange for cash.

Users can upload any video they want – which could lead to discussions about what should and should not be allowed and regulated – especially as international conversation around social media regulation is growing.

There are concerns that far-right, or extremist content will find it has a permanent home on platforms such as Odysee, with little moderation or takedown.

Odysee does have some general community guidelines – but its comment “We don’t care what you post for the most part” could encourage posters to push the boundaries.

Guideline number 4 says “It’s the internet, we get it; try not to be overtly abusive and nasty toward other users. This extends to continuously harassing other users, encouraging the slander and defamation of other users, and threatening or bullying others in videos.”

Does this mean that users can occasionally harass other users? The guidelines seem to encourage people to step over the line.

Using blockchain gives users and creators more control over their content. Just like in a bar, users still have to adhere to some terms and conditions such as not inciting violence. They are otherwise are free to post and engage as they would in a public setting.

Odyssey’s alternative to demonetization and deplatforming is delisting, whereby a user’s channel and content remain, but cannot be discovered using search, browsing channels, or other tools. This allows the content to continue to be shared as desired.

Users can issue a command to delist their own content. Odysee itself retains the right to delist extremist or troublesome users. However, the content is not delisted from the LBRY network, but just from Odysee.

There is certainly a lot of interesting content on the platform – as well as the usual conspiracy theories and parody accounts.

Top accounts have hundreds of thousands of support credits, whereas other, less compelling, and downright dumb videos, have earned nothing. Will it become a refuge for extremists and nutjobs? Time will tell.

But for content creators, who want to earn LBC right now, and ultimately convert it into cash from their efforts – without a third party dictating how much they can earn – Odysee could be the platform for them.

Source: https://www.zdnet.com/article/blockchain-based-odysee-keeps-your-social-media-content-online/

blockchain-based-odysee-keeps-your-social-media-content-online

Continue Reading

ZDNET

Optus believes telco customers want the ability to disconnect

Telco is adding functionality to its app for customers to pause connectivity to devices.

Published

on

optus-pause.png

Optus Pause: It starts with no

Image: Optus

Customers of Optus will soon have the ability to pause the very product they are paying for — telecommunications connectivity.

The telco has said the functionality available in its My Optus app will allow “our customers the freedom to ensure they enjoy the time that matters most”.

Switching off connectivity will be per device, with a timed period of unconnectedness.

“Optus is pioneering digital and customer innovation through a ‘one click’ solution that works across mobile and home WiFi connections; across Optus connected services and all devices connected via WiFi on Optus NBN plans with the latest Optus supplied modems, on the same account and household,” Optus vice president of TV, content, and product development Clive Dickens said.

“We’ve listened to our customers who’ve asked us to develop a product that gave them a right to disconnect.”

The telco said it would be rolling out the feature progressively to customers.

Customers of a certain supermarket-branded MVNO that uses the Optus network might feel like they have had a preview of the feature for years already.

On Wednesday, Optus claimed it reached a new 5G speed record with 10Gbps aggregated through a live 5G site.

Telstra retorted that it had hit 20Gbps over the weekend.

“Congratulations to Optus but, unfortunately, it’s not a new record,” a Telstra spokesperson said.

Related Coverage

Switching off connectivity will be per device, with a timed period of unconnectedness.

Source: https://www.zdnet.com/article/optus-believes-telco-customers-want-the-ability-to-disconnect/

optus-believes-telco-customers-want-the-ability-to-disconnect

Continue Reading

Title

Blockchain news10 mins ago

HSBC Prohibits Clients from Trading Bitcoin-Backed MicroStrategy Stock

HSBC has ramped up its anti-crypto policy, banning its clients from trading MicroStrategy stock as the banking institution deems it...

Cointelegraph16 hours ago

Binance Coin reaches 37% of Ethereum’s market cap: 3 reasons why BNB is soaring

Binance Coin (BNB), the native cryptocurrency of Binance Smart Chain, has been rallying after seeing an uptick in transaction volume.

Techcrunch19 hours ago

Cruise strikes deal to launch robotaxi service in Dubai – TechCrunch

Cruise has expanded its robotaxi ambitions beyond San Francisco. The autonomous vehicle subsidiary of GM that also has backing from...

ZDNET22 hours ago

Tencent Cloud pledges SEA expansion with launch of Indonesia data centre

Chinese internet giant launches its first data centre in Indonesia, with plans to open a second one in the Southeast...

Crunchbase1 day ago

The Briefing: Traveloka Eyes $5B SPAC Deal, SnackMagic Lands Series A, And More

Crunchbase News' top picks of the news to stay current in the VC and startup world.

Entrepreneur1 day ago

Stan Lee, superheroes and the weaknesses of the entrepreneur

He was the legendary creator of some of the most iconic characters in pop culture, including Spider-Man and the Hulk....

Business insider2 days ago

Elon Musk’s Neuralink scientists are not the first to get a monkey to control a computer with its mind

Elon Musk. Britta Pedersen-Pool/Getty Images Elon Musk's Neuralink showed off its technology allowing a monkey to play video games with...

Reuters2 days ago

Myanmar security forces with rifle grenades kill over 80 protesters – monitoring group

Myanmar security forces fired rifle grenades at protesters in a town near Yangon on Friday, killing more than 80 people,...

Blockchain news2 days ago

WWE Plans to Release the Undertaker NFTs Ahead of WrestleMania 37

The World Wrestling Entertainment (WWE) has announced that it will release non-fungible tokens (NFTs) featuring the Undertaker ahead of WrestleMania...

CNBC2 days ago

Biden has options beyond a corporate tax hike to pay for infrastructure, as negotiations get underway

As Biden tries to curry favor for a corporate tax hike, the administration has other ways it could fund a...

Review

    Select language

    Trending