Connect with us

Technology

Stealthy Linux backdoor malware spotted after three years of minding your business • The Register

Voice Of EU

Published

on

Chinese security outfit Qihoo 360 Netlab on Wednesday said it has identified Linux backdoor malware that has remained undetected for a number of years.

The firm said its bot monitoring system spotted on March 25 a suspicious ELF program that interacted with four command-and-control (C2) domains over the TCP HTTPS port 443 even though the protocol used isn’t actually TLS/SSL.

“A close look at the sample revealed it to be a backdoor targeting Linux X64 systems, a family that has been around for at least three years,” Netlab researchers Alex Turing and Hui Wang said in an advisory.

An MD5 signature for the file systemd-daemon first showed up in VirusTotal back on May 16, 2018 without the detection of any known malware. Two other files named systemd-daemon and gvfsd-helper were spotted over the next three years.

The association with systemd, a widely used system and session manager for Linux, may have been chosen by the malware authors to make the malicious code less likely to be noticed by administrators reviewing logs and process lists.

Netlab has dubbed the malware family RotaJakiro because it uses encryption with a rotate function and has different behavior depending on whether it’s running on a root or non-root account. Jakiro is a reference to a character from the game Dota 2.

Illustration of the Chinese flag with binary and code and a skull outline laid over the top

China broke into govt, defense, finance networks via zero-day in Pulse Secure VPN gateways? No way

READ MORE

The malware makes an effort to conceal itself by using multiple encryption algorithms. It relies on AES to protect its own resources and a combination of AES, XOR, and rotate encryption alongside ZLIB compression to obscure its server communication.

The C2 domains with which the malware communicates were registered through Web4Africa in December 2015 and rely on hosting provided by Deltahost PTR, in Kiev, Ukraine.

The malware is not an exploit; rather it’s a payload that opens a backdoor on the targeted machine. It might be installed by an unsuspecting user, an intruder, or through a dropper Trojan. How RotaJakiro has been distributed remains unanswered.

According to Netlab, RotaJakiro supports 12 commands, including “Steal Sensitive Info,” “Upload Device Info,” “Deliver File/Plugin,” and three “Run Plugin” variants. The security firm is presently unaware of what the malware’s plugins do.

The security firm sees some similarities between RotaJakiro and the Torii botnet spotted by Avast, another security company, in September, 2018. They two have some similar commands and traffic patterns, as well as functional similarities.

At least the malware is starting to get noticed by antivirus software. ®

Source link

Technology

London is the best European city for founders, Startup Genome report

Voice Of EU

Published

on

The UK capital was the only European city to make the top ten in Startup Genome’s ranking, tying with New York in second place for the second year in a row.

London is Europe’s number one start-up city, according to a recent report by Startup Genome. The research and advisory body which specialises in start-ups released its ‘Global Startup Ecosystem Report 2021’ report today (22 September).

The report identified London and New York as joint second-best cities in the world for start-ups. London was the only European location to make it into the top ten. The city is attractive to founders thanks to its educated workforce and tax incentives, the report found.

Silicon Valley in California took the top spot, unsurprisingly. This year’s global rankings were dominated by the US, with half of the top 30 ecosystems coming from this region, followed by Asia with 27pc and Europe with 17pc of the top performing ecosystems globally.

Silicon Valley, New York City, Boston, and Los Angeles alone contributed more than 70pc to the US’s total ecosystem value.

Paris made the top 20, coming in at number 12. The Amsterdam-Delta region followed in thirteenth place. Dublin improved its rank from the previous year’s report, coming in at number 36 this time.

Beijing, Boston, Los Angeles, Tel Aviv, Shanghai, Seattle and Stockholm also made the top ten best start-up cities.

The global start-up economy is currently worth more than $3.8trn in ecosystem value. There are 79 ecosystems generating over $4bn in value, which is more than double the number identified in 2017. This time last year, 91 ecosystems had achieved unicorn status.

Also in 2020, Startup Genome published a report indicating its concerns over the future of the start-ups ecosystem during Covid-19. The report suggested that 42pc of start-ups were in what it called ‘the red zone,’ meaning they had three months or fewer runway ahead of them.

Several countries  including the UK, France and Germany introduced special support packages for start-ups. Irish non-profit Scale Ireland also introduced a similar start-up scheme for Irish companies.

“Entrepreneurs, policymakers, and community leaders in Europe have been working hard to build inclusive innovation ecosystems that are engines of economic growth and job creation for all,” commented JF Gauthier, founder and CEO of Startup Genome on the report’s release.

“The Global Startup Ecosystem Report is the foundation of knowledge where we, as a global network, come together to identify what policies actually produce economic impact and in what context,” Gauthier added.

Don’t miss out on the knowledge you need to succeed. Sign up for the Daily Brief, Silicon Republic’s digest of need-to-know sci-tech news.

Source link

Continue Reading

Technology

Facebook oversight board to review system that exempts elite users | Facebook

Voice Of EU

Published

on

Facebook’s semi-independent oversight board says it will review the company’s “XCheck” system, an internal program that has exempted high-profile users from some or all of its rules.

The decision follows an investigation by the Wall Street Journal that revealed that reviews of posts by well-known users such as celebrities, politicians and journalists are steered into the separate system.

Under the program, some users are “whitelisted”, or not subject to enforcement action, while others are allowed to post material that violates Facebook rules pending content reviews that often do not take place. The Xcheck system, for example, allowed Brazilian footballer Neymar to post nude pictures of a woman who had accused him of rape, according to the report.

Users were identified for additional scrutiny based on criteria such as being “newsworthy”, “influential or popular” or “PR risky”, the Wall Street Journal found. By 2020 there were 5.8 million users on the XCheck list, according to the newspaper.

The oversight board said Tuesday that it expects to have a briefing with Facebook on the system and “will be reporting what we hear from this” as part of a report it will publish in October.

The board may also make other recommendations, although Facebook is not bound to follow these.

The Journal’s report, the board said, has drawn “renewed attention to the seemingly inconsistent way that the company makes decisions, and why greater transparency and independent oversight of Facebook matters so much for users”.

Facebook told the Journal in response to its investigation that the system “was designed for an important reason: to create an additional step so we can accurately enforce policies on content that could require more understanding”. The company added that criticism of it was “fair” and that it was working to fix it.

A representative for Facebook declined to comment to the Associated Press on the oversight board’s decision.

Source link

Continue Reading

Technology

Philippines imposes 12 per cent digital services tax • The Register

Voice Of EU

Published

on

The Philippines has become the latest nation to impose a digital services tax.

Such taxes require the likes of Netflix and Spotify to pay local sales taxes even though their services are delivered – legally, notionally, and physically – from beyond local jurisdiction.

The Philippines has chosen a rate of 12 per cent, mirroring local value added taxes.

“We have now clarified that digital services and the goods and services traded through digital service providers should generally be subject to VAT. This is just a matter of common tax sense,” said Joey Salceda, a member of the Philippines’ House of Representatives and a backer of the change to the nation’s tax code.

Salceda tied the change to post-pandemic economic recovery.

“If brick and mortar establishments, which are the hardest-hit by the pandemic, have to pay VAT, the giants of e-commerce shouldn’t be exempt,” he said.

However, local companies that are already exempt from VAT by virtue of low turnover won’t be caught by the extension of the tax into the virtual realm.

Salceda’s amendments are designed to catch content streamers, but also online software sales – including mobile apps – plus SaaS and hosted software. The Philippines’ News Agency’s report on the amendment’s passage into law even mentions firewalls as subject to VAT.

The Philippines is not alone in introducing a digital services tax to raise more revenue after the COVID-19 pandemic hurt government revenue – Indonesia used the same logic in 2020 .

But the taxes are controversial because they are seen as a unilateral response to the wider issue of multinational companies picking the jurisdictions in which they’ll pay tax – a practice that erodes national tax bases. The G7 group of nations, and the OECD, think that collaborations that shift tax liabilities to nations where goods and services are acquired and consumed are the most appropriate response, and that harmonising global tax laws to make big tech pay up wherever they do business is a better plan than digital services taxes.

The USA has backed that view of digital services taxes, by announcing it will impose tariffson nations that introduce them – but is yet to enact that plan.

Meanwhile, the process of creating a global approach to multinational tax shenanigans is taking years to agree and implement.

But The Philippines wants more cash in its coffers – and to demonstrate that local businesses aren’t being disadvantaged – ASAP. ®

Source link

Continue Reading

Trending

Subscribe To Our Newsletter

Join our mailing list to receive the latest news and updates 
directly on your inbox.

You have Successfully Subscribed!