Malware May be Using Real GPS Data to Scam Speeders

There is a new malware scam hitting computers in Pennsylvania posing as an email containing a speeding ticket and containing a link that loads malicious software onto the user’s computer. The emails claim to be from the police department of Tredyffrin, Pennsylvania, and masquerading as an official body is nothing special for malware. What is interesting is that the data used in the tickets is said to be accurate, including the street names, their speed limits and the actual speed that the perpetrator drove at, according to the Tredyffrin Police Department.

Exactly where the data is coming from is unknown, but the current suspect is that the source is a phone app with access to the user’s GPS data and perhaps other personal information that provided the attackers with contact details. This source could be from either a legitimate app that has been compromised and hands over data to the attackers or a purpose-built malicious app that has been uploaded to the internet. It is common knowledge that GPS data can be used to determine speed as well as location, which would make GPS-using apps a good method for obtaining the data.

Thankfully for many, this malware scam seems to be highly localized to the Tredyffrin area, but it gives a good view of a new type of attack emerging. Possessing data that normally only legitimate sources would have makes a great way to deceive people into believing that they are the sources they claim to be. Despite this, this scam chooses not to offer a payment link for the fictional speeding ticking, in lieu of downloading malware, but other parties may make use of this method to different ends on a much larger scale in future.

Fake Hack gets Over 3,000 CS:GO Players VAC Banned

A mischievous gamer got over 3,000 Counter-Strike: Global Offensive players VAC banned by releasing a series of fake multihacks. Reddit user AndroidL posted his antics to the Global Offensive subreddit, revealing that his fake hacks garnered over 5,500 downloads, with more than 3,000 offending users subjected to Valve Anti-Cheat (VAC) bans.

“Over the course of two weeks I’ve released three different fake “multihacks”,” AndroidL wrote. “Essentially they edit your view angles to those that should be impossible to get and constantly gives infinite ammo/health. The hacks also do a few other things that ensure a VAC ban would be received.”

“The first two releases had a “timer” in them which meant the features that instantly VAC banned them would only be activated after a certain time (e.g. 10 PM on the day after the release)… the final hack (with over 3.5k downloads) just instantly VAC bans them as soon as they open the hack and join a game.”

“In total, my fake hacks received 26,000+ views and 5,500+ downloads!” he boasted.

AndroidL then posted a graph to show how his fake hacks affected ban statistics:

Hopefully, the removal of so many cheaters from CS:GO will protect the integrity of what is regarded to be the best online multiplayer first-person shooters ever made.

Otherland Developer Denies Claims Regarding “Hundreds of Fake Paid Reviews”

Otherland is an MMO by Drago Entertainment which launched via Steam’s early access programme and has a pretty dismal reputation among fans. Sadly, the game has suffered from bugs, and failed to live up to people’s expectations. Personally, I cannot comment on the game as I don’t own it, but the general consensus seems quite negative. Today, a number of strong allegations were targeted at the developer which claimed they had planted “hundreds of fake paid reviews” on Steam. This was allegedly done to falsely make the game seem more appealing throughout the community.

Specialist site, MMOs discussed the supposedly paid for reviews and their CEO said:

“Well it turns out that most of these user reviews are without a shred of a doubt fake. It doesn’t take a genius to realize these reviews are fake, as most of the positive reviews are left by users with “0.0 hours on record” and users that left no other reviews on Steam. What’s funny is that ALL of these fake positive reviews are in completely broken nonsensical English.”

The writer went onto analyze why they believe Drago Entertainment employed such unscrupulous tactics:

“It’s clear that the folks behind Otherland are disappointed with the game’s reception on Steam and are trying to boost sales in an incredibly shady way. As of this writing, the game only has 18 players online with a 30-day average of 8.2. The game is clearly a commercial flop and Drago Entertainment is trying anything and everything to get people to try the game. I mean, if you’re going to try to trick your customers into buying your game, you might as well spend a little bit more and get your fake reviews written by native English speakers. As is, these fake reviews are embarrassing for Drago Entertainment and won’t fool anyone who spends a couple of minutes checking out the reviews. More casual users though might be roped into buying the game if they only look at the “mostly positive” score on the game’s Steam page, which is unfortunate, as the game is pretty terrible.”

“This kind of deceptive marketing / manipulation of user reviews shouldn’t be allowed. Steam needs to take action and take these downs, as no one should be tricked into buying this game. I think Steam should just boot this game off the platform for trying to trick their customers, but that’s just my opinion. What do you think? Do you know any other games that use paid reviews on Steam to boost their sales?”

Given the serious nature of these claims, the developer released an official response on the Steam Discussion forum:

Although the owner of MMOs wasn’t impressed with their response and remarked:

“Are they serious? Are they claiming that the users they gave free keys to left these nonsensical “reviews”? This isn’t a one/two review thing, there are over a HUNDRED of these obviously fake reviews all blindly praising the game IN BROKEN ENGLISH. I’m not buying their story. Did they only give beta keys to people who spoke broken English? I think they got caught and came up with a terrible excuse. It’s possible that a couple of individuals at the developer’s office thought this was a good idea and acted on their own, but the payment had to be approved. People don’t leave fake reviews for free.”

This is a tricky situation as no-one categorically knows if the reviews were paid for apart from the developer. However, making such wild accusations without consulting the developer is only going to end in tears. I honestly don’t know who is telling the truth here, but it emphasizes how untrustworthy many reviews can be. Evidently, the time played is minimal and looks suspicious. On the other hand, many community reviews quickly click to the approve button on launch to make themselves feel better about their purchase.

As an individual, it’s perfectly fine to criticize a developer and make claims. However, if you are a journalist or work for a published site, any comments can be seen as slander and result in legal action. I want to reiterate that I’m not holding the blame on anyone here, but sites have to be so careful when making assertions even if the evidence looks quite legit. This entire situation raises questions about Steam reviews, and how the media investigates developers who are apparently overstretching their ethical responsibilities.

Amazon is Suing 1114 ‘Fake Reviewers’

Amazon has filed a lawsuit in Seattle, Washington to tackle a number of “false, misleading and inauthentic” reviews. The reviews in question are paid for by sellers to make their products look more appetizing. According to Amazon, the 1,114 defendants, referred to as “John Does” provides a false review service for as little as $5 (£3.24) on the website Fiverr.com, Once payment has been made, products will receive fake 5 star ratings.

Clearly, this skews the genuine reception of each product and hurts the consumer. As a result, Amazon has made this their top priority and said:

“While small in number, these reviews can significantly undermine the trust that consumers and the vast majority of sellers and manufacturers place in Amazon, which in turn tarnishes Amazon’s brand,”

“Amazon is bringing this action to protect its customers from this misconduct, by stopping defendants and uprooting the ecosystem in which they participate,”

This kind of fraudulent activity could increase the sales of poor value products, and deceive customers. Therefore, once the item arrives and is of a disappointing quality, Amazon has to deal with the returns process. This can be a costly endeavor and also discourages people from purchasing items in the near future.

Have you encountered any problems when buying products from Amazon sellers?

Fake GTA6 Teaser Trailer Fails to Convince Us

A new game trailer is making its rounds, promising to show off the next generation engine and tease for Grand Theft Auto VI (GTA6), but we have to burst the bubble right away as it isn’t real. Well, the video is real in the way it exists and can be watched, but it isn’t GTA6.

The people behind it, whoever they might be, have put quite a bit of work into the video, but they blew it right away by uploading a version where they didn’t even spell Rockstar right. That has now been edited out, but not before people noticed and screenshotted it.

The video in itself is somewhat a mix of everything and nothing. The description for the video mentioned a trip back to Vice City, but there’s only a very short clip actually showing the city. Instead, we see a muscle car drifting along a desert road as well was clips from what appears to be random cities from around the world. The language is clearly not English, as it can be seen on street signs for example.

The video was uploaded by a YouTube account called RockstarGamesBETA, which in itself speaks for a fake. It was a nice try and quite a few people fell for it – but you need to do better to convince us. There is no doubt that Rockstar will make a GTA6 and there is a good chance that it will come in 2017, but they are far from done milking GTA5 and they surely wouldn’t announce it this way. That said, we can still enjoy the work that was put into this fake teaser trailer.

https://youtu.be/mW5HQt4Qr34

Thank You VG247 for providing us with this information

Redditor Believes His NZXT Chassis is Counterfeit – Hilarity Ensues

Building your brand new PC from scratch can create some headaches at times, especially if you haven’t done it so many times before. Sometimes it’s compatibility issues or not having the right connections in the right lengths and other times you just can’t figure out the orientation. At least the last part was an issue for a Redditor who thought he had been ripped off and sold a fake NZXT Phantom chassis. “It looks different than any other NXZT Phantom case, even on the pictures from the website I bought it from,” he noted.

He took photos of the case and uploaded them to the internet in order to get to the root of the trouble; he even contacted NZXT support. After posting the trouble on Reddit and asking his “brothers” to help him out with identifying if it was a fake or not, the situation quickly got cleared up and there wasn’t anything wrong with the case at all! It was simply turned 90 degrees and was standing on the back instead of the bottom.

Most people would be ashamed and try to hide under a rock for a couple of years followed by a name and residence change, but Maxiimus1 as the Redditor calls himself takes it as it is and left the Reddit post online. “I feel like such an idiot,” he wrote in his edit. “You are allowed to downvote me to oblivion and make fun of me.” That’s the right way to deal with it and he deserves some respect for that and he surely deserves a thanks for one of the most entertaining post and replies in a while.

I also think that everyone who unpacked an NZXT Phantom case for the first time, stood there and looked at it for a couple of seconds before picking it up and turning it a couple of times to find the right way to place it; most of us usually notice it by the fact that the IO area doesn’t go into the ground.

SSL Bug Lets People Impersonate Anyone

So you’re browsing online, through Facebook, Ebay and even your bank and you notice that padlock at the start of your address bar. You see that symbol and you think, that means I’m secure. I’m safe and I can browse and send information without a worry. Seems like that might be a mistake according to a new bug report.

SSL is the system in which websites can be verified, this means you can be certain that the website you’re sending information to is actually the website you want and not someone pretending. It also means that you have to use a standard of encryption when communicating information across the web. OpenSSL is a standard used by a variety of websites in order to offer some security and reassurance to its users, and sadly is publicly available meaning that users are free to view and edit the code as they see fit.

From the log that’s available it appears that the code responsible for the problem was added all the way back in January, however, it was only released to the publicly used version last month. With this problem, it would be possible for fake websites to change and “appear” as if they were the legitimate version and due to how the system works, fake websites would also be able to provide “certificates” for other websites.

While it was in the public version it didn’t make its way into the mainstream versions used by a lot of people, meaning that it has since been removed and the damage limited (if there is any at all). This is in contrast to the Heartbleed virus that resided in OpenSSL for almost two whole years before being discovered.

Thank you ArsTechnica for the information.

Image courtesy of the BBC.

Recent Beats Teardown Used Counterfeit Headphones

We recently shared a detailed teardown of glorified fashion accessory (and sometimes headphone), Beats by Dre. Prototype engineer Avery Louie stripped down the Beats headphones down to the gaskets, commenting that he was surprised at how cheap some of the components were, which really should be expected for an accessory that costs only $14 to manufacture and boast substandard quality sound. Now, the source of that shock has been revealed: Louie’s stripdown was conducted on a counterfeit Beats by Dre model.

Industrial design blog Core77 has collected together a number of inconsistencies that pointed to the headphones being fake, the most noteworthy of which was the number of drivers found during the teardown. Though Louie doesn’t mention which model of Beats he dismantled, a process of elimination suggests that they could only be Solo HD versions. However, Solo HD headphones have four drivers, two for each ear, while the model Louie was using only had one per speaker. This can be clearly seen in a post by redditor Vantt1, who broke down the difference between genuine and fake Beats on Imgur.

The biggest unanswered question so far is, did Louie know? It’s conceivable that he didn’t – he made no reference to having previous experience with Beats, so it’s safe to assume that his teardown was the first time he’d seen the innards of the headphones. That does point to a lack of rigour in his preparatory research, though, since an industrial engineer should have found out, for example, how many drivers the device should have before he started.

To be fair, for the uninitiated, it’s bloody hard to tell the difference between real and fake Beats:

Thank you Core77 for providing us with this information.

Android Malware Fakes Power-off to Spy on You

The security company AVG has discovered a particular devious little piece of malware in the Android ecosystem, one that seemingly can spy on you while your phone is turned off.

The malware digs into your phone and actually just fakes a power down. You’ll get the animation and the screen as well as LEDs will turn off – exactly the same as if you’d turn your phone off.

Now that you’re completely unaware that the phone is running, the malware can make phone calls, send messages, transfer your files as well as record you through the built-in cameras and microphone. That’s kinda creepy.

The good news is, this malware can only attack rooted phones, so the general public is safe. But even people with rooted phones can be safe from this attack, at least if they use AVG’s security solution. It can both detect and deal with this new threat dubbed the ‘Android/PowerOffHijack.A’ that can attack Android 5.0 and below.

The company spokesperson told that at least 10,000 devices were infected so far, but mostly in China where the malware was first introduced and offered through the local, official app stores.

Thanks to AVG for providing us with this information

Fake AMD Processors on Sale Through Amazon

There are reports that fake AMD processors are being sold though Amazon. The chips were sold as AMD A-Series A8-7600 but, upon examination of the underside, appear to be AM2 Athlon 64 X2 5200+ processors that have been falsely labelled.

The Amazon listing appears on the UK site, and two customers have already reported the chips they purchased as relabeled X2 5200+ processors in the product reviews, with further suggestion that some of the purchased chips don’t even work. But anyone buying an A8-7600 for an FM2+ motherboard who receives a relabeled X2 5200+ will find that the fake chip’s pin layout makes it incompatible, since that model, current between 2007 and 2009, is for an AM2 socket.

Amazon and AMD are yet to comment on the matter.

Source: WCCF Tech

Fake Apple Watch ‘Prototype’ Sells for $260

It seems that the Apple Watch is being ripped off long before you can buy the real thing – first we saw those fake watches being sold at CES and now this, the story of a supposed ‘prototype’ on eBay that actually sold to a gullible buyer for $260.

Just looking at the pictures, most people would tell straight away that this was not the real deal. The image on the screen looks like a sticker and the bezel is massive. There’s also the hilarious giant Apple logo on the back in the place of the biosensors that feature on the real thing.

It does get some aspects correct – its shape is about right and it does have a crown, like Apple’s ‘Digital Crown’. The strap however looks extraordinarily cheap as do the rest of the materials used on the ‘device’.

The real thing is due out in the next few months, with Apple hastily tweaking the software and battery life to ensure all goes well upon launch. The latest rumours have suggested a March launch date for you to get your Apple Watch fix.

Source: Variety Report

Fake Apple Watches Sold at CES

In what many are calling a sign of the ‘dumbing down’ of CES, a fake Apple Watch has been on sale at the trade show. The watch, made by Chinese company Hyperdon, is a complete rip off of the upcoming smart watch from Apple.

Mashable was first to share news of the watch online, calling it a “knockoff”.

“The watch’s screen only displays when it’s turned on, and many of its icons are blatant ripoffs of Apple designs. The pairing process took a few tries, but once connected to my iPhone 6, I was able to make phone calls and play music through the watch. It even vibrates when I get a call.”

They say that company is based in Shenzhen, a city in China famous for the large presence of Foxconn factories and other consumer technology manufacturers. Foxconn is notable as one of Apple’s largest manufacturing partners.

Source/Image: Mashable Via: MacRumors

People Fall for iOS 8 ‘Wave’ Hoax and Microwave Their Phones

Last year it was the ‘waterproof’ software update that clever, but evil, people over at 4chan thought up. Last time there were some that fell for it, and this time it’s no different. It isn’t the waterproof hoax that makes the rounds again, but rather the new iOS 8 Wave function. This time we heat it up a little bit instead of cooling it down.

In a clever made up, but fake, iOS 8 advertisement, people are told that they can charge their iPhones with their microwave after the update. It takes just about a minute. The fake advertising is being circulated via social networks, and some people are falling for it as it seems.

The mentioned information and function is utter non-sense, and the only thing that will happen is that your phone will burn and probably take your microwave with it to the afterlife. If unlucky you might even burn down your entire house. So don’t try this at home, or any place else for that matter.

There are always people who act first and think later, and as such you can find beautiful images on twitter, of fried iPhones with evil comments on the posters less intelligent actions.

Thank you ThatsNonsense for providing us with this information

Image courtesy of ThatsNonsense