SoylentNews

Arthur T Knackerbracket has processed the following story:

Cyber cops in Ukraine carried out an arrest and several raids last week in connection with the author of a U-Admin, a software package used to administer what’s being called “one of the world’s largest phishing services.” The operation was carried out in coordination with the FBI and authorities in Australia, which was particularly hard hit by phishing scams perpetrated by U-Admin customers.

The Ukrainian attorney general’s office said it worked with the nation’s police force to identify a 39-year-old man from the Ternopil region who developed a phishing package and special administrative panel for the product.

“According to the analysis of foreign law enforcement agencies, more than 50% of all phishing attacks in 2019 in Australia were carried out thanks to the development of the Ternopil hacker,” the attorney general’s office said, noting that investigators had identified hundreds of U-Admin customers.

[...] Cybersecurity threat intelligence firm Intel 471 describes U-Admin as an information stealing framework that uses several plug-ins in one location to help users pilfer victim credentials more efficiently. Those plug-ins include a phishing page generator, a victim tracker, and even a component to help manage money mules (for automatic transfers from victim accounts to people who were hired in advance to receive and launder stolen funds).

Perhaps the biggest selling point for U-Admin is a module that helps phishers intercept multi-factor authentication codes. This core functionality is what’s known as a “web inject,” because it allows phishers to dynamically interact with victims in real-time by injecting content into the phishing page that prompts the victim to enter additional information. The video below, produced by the U-Admin developer, shows a few examples (click to enlarge).

Original Submission

upstart writes in with an IRC submission:

Billions of Passwords Offered for $2 in Cyber-Underground:

About 3.27 billion stolen account logins have been posted to the RaidForums English-language cybercrime community in a 'COMB' collection.

A "compilation of many breaches" – COMB for short – has been leaked on the cyber-underground, according to researchers. The so-called COMB contains a staggering 3.27 billion unique combinations of cleartext email addresses and passwords.

The trove is an aggregate database that brings together older stolen data from breaches past – including credentials from Netflix, LinkedIn, Exploit and others. COMB – which was given that name by the person who posted it online – was first made public on Feb. 2 by a user dubbed "Singularity0x01," a researcher told Threatpost.

[...] In order to view the download link for the password-protected .ZIP file containing the data, forum users were asked to spend 8 RaidForums credits (about $2), he added. Then, they can use the database's built-in tool for querying and sorting the information to slice and dice the data.

[...] The data itself was not that well-received by underground denizens, Righi noted.

"Some users claimed that files were corrupted, files were missing, the total number of credentials was smaller than advertised, and the data was of low quality," he explained – all of which led to Singularity0x01 gaining a negative reputation rating on the criminal forum.

[...] The data may be old, but it's not without value. Thanks to password reuse, hackers can use the data to mount brute-force or credential-stuffing attacks in an effort to hijack any number of types of accounts. And from there, the potential fallout becomes notable.

Original Submission

aristarchus writes:

Coverage from How does a glacier burst? Flooding in India leaves at least 31 dead and 165 missing:

At least 31 people are dead and 165 are missing after a flood hit northern India on Sunday. The flood was caused when part of a Himalayan glacier broke off and sent a wall of water and debris down a mountain, sweeping away everything in its path.

Rescuers on Monday were trying to rescue 37 power plant workers who remained trapped in a tunnel.

More than 2,000 members of the military, paramilitary groups and police have been taking part in search-and-rescue operations in the northern state of Uttarakhand.

The flood was caused when a portion of the Nanda Devi glacier snapped off Sunday morning, releasing water trapped behind it.

"Everything was swept away, people, cattle and trees," Sangram Singh Rawat, a former village council member of Raini, the site closest to the glacier, told local media, according to Reuters.

Here is one and another of many video reports on YouTube.

Original Submission

Cryptomining Causes Power Outages in Tehran

takyon writes:

Tehran Faces Power Outages Due To Massive Crypto Mining Operations Consuming Up To 450 Megawatts, That Much Power Can Power A City Of 100K People

Everyone already knows that crypto miners are causing a shortage of the newest graphics cards on top of the preexisting shortages, but now large scale mining farms are causing power outages. In Iran, authorities investigated the cause of power outages and found out the root cause was GPU mining farms taking huge amounts of power.

These aren't just some average mining farms run by a miner, these are full industrial level operations that have moved from China to Iran. In Iran, power is produced at a cost of 1.8 cents per kilowatt-hour and sold at over 10 times that to the public, but the miners are able to get it for 2.2 cents per kilowatt-hour. Not even China can match those prices, so miners have moved their operations to Tehran because it's the most cost-effective.

After investigations, Iranian authorities concluded that there are 14 huge crypto mining operations in Iran that consumed 300 megawatts, but at full capacity could consume up to 450 megawatts. For reference, that much power can provide for a city with a population of 100,000 people. All of this makes Iran the 6th most popular destination for crypto mining in the world.

Also at Radio Free Europe, Washington Post, and Business Insider.

A German man is keeping $60 million in bitcoin from police by never revealing his password

An Anonymous Coward writes:

https://www.theverge.com/tldr/2021/2/5/22268646/german-police-bitcoin-digital-wallet-missing-password

The wonderful thing about bitcoin is many of its apparent benefits, like the ability to be anonymously owned and securely transferred, are also the things that often create situations like this: police in Germany have seized more than €50 million ($60 million) in bitcoin, but they can't access any of it because, as Reuters reports, the person they took it from won't tell them his password.

The man in question was sentenced and has served his time in jail for covertly installing bitcoin mining software on people's computers, but throughout the entire process, he never shared a peep about how German authorities should get in. "We asked him but he didn't say" is the explanation Reuters was offered by a prosecutor. It presents a big, and probably obvious, question: can you really seize something, particularly money, that you can't access or use?

Original Submission #1  Original Submission #2 

mhajicek writes:

https://www.teslarati.com/spacex-opens-starlink-internet-preorders-worldwide/:

SpaceX has quietly opened up preorders around the world for its Starlink internet service, with confirmations already rolling in from across the US, as well as Australia, New Zealand, Canada, and others.

People who are outside the current area of availability for the #Starlink Beta can place a $99 deposit to acquire the service once it becomes available in your region – NET mid-to-late 2021, for example.

"Orders will be fulfilled on a first-come, first-served basis." pic.twitter.com/lgEKFTd0V8

— Tyler Gray (@TylerG1998) February 9, 2021

[...] Crucially, Starlink's international rollout is entirely contingent upon a complex, bureaucratic process of regulatory approvals in every single country SpaceX wants to operate in. As of 2021, SpaceX has managed to secure licenses to distribute Starlink internet service in the US, Canada, and United Kingdom, with beta customers already widespread in all three countries.

Work to secure licenses is well underway in Mexico, Germany, Greece, France, Australia, Argentina, and Chile. The process is also in the earlier stages – but already underway – in the Caribbean, Austria, Spain, Ireland, Italy, New Zealand, The Philippines, India, Japan, South Africa, Brazil, and Columbia. Many additional countries are likely in work, as well, but have yet to be confirmed via government filings or officials.

I threw my money at them for a place in line. I'm currently using Hughesnet, which is incredibly slow and unreliable, in preference to my only other option, Comcast, which kept raising our bill $20 per month, per month, to well over $200/mo for basic internet, despite promising every month to fix it on the next bill. They will never get another penny of mine.

Original Submission

takyon writes:

Hacker tries to poison water supply of Florida city

A computer hacker gained access to the water system of a city in Florida and tried to pump in a "dangerous" amount of a chemical, officials say.

The hacker briefly increased the amount of sodium hydroxide (lye) in Oldsmar's water treatment system, but a worker spotted it and reversed the action. Lye is used in small amounts to control acidity but a large amount could have caused major problems in the water.

Oldsmar Mayor Eric Seidel said: "There's a bad actor out there." No arrests have yet been made and it is not known if the hack was done from within the US or outside.

A computer controlling Oldsmar's water treatment system was remotely accessed on Friday. A plant operator saw an attempt to access the system in the morning but assumed it was his supervisor, the Tampa Bay Times reported. But another attempt was made early in the afternoon and this time the hacker accessed the treatment software and increased the sodium hydroxide content from 100 parts per million to 11,100 ppm. The operator immediately reduced the level to normal.

Also at CNN, Ars Technica, and WWSB.

Original Submission

Freeman writes:

Terraria developer cancels Google Stadia port after YouTube account ban

Google is in hot water after banning the Google account of Andrew Spinks, the lead developer of the hit indie game Terraria. The YouTube account of Spinks' game dev company, Re-Logic, was hit with some kind of terms-of-service violation, resulting in Google banning Spinks' entire Google account, greatly disrupting his company's ability to do business. After three fruitless weeks of trying to get the situation fixed, Spinks announced that his company will no longer do business with Google and that the upcoming Stadia version of Terraria is canceled. "I will not be involved with a corporation that values their customers and partners so little," Spinks said. "Doing business with you is a liability."

[...] For many people, a Google account ban is an online death sentence, and it's also a punishment doled out without much recourse for the victim. How would you even begin to dispute a Google account ban when the first thing that happens is your Gmail stops working? If you happen to be a famous indie developer with a hit game in development for Google's streaming service, publicly canceling your game on Twitter is probably a good way to get your case heard.

Original Submission

AnonTechie writes:

Study of Supergiant Star Betelgeuse Unveils the Cause of its Pulsations; Recalibrated its Mass, Radius, and Distance:

Betelgeuse is normally one of the brightest, most recognizable stars of the winter sky, marking the left shoulder of the constellation Orion. But lately, it has been behaving strangely: an unprecedentedly large drop in its brightness has been observed in early 2020, which has prompted speculation that Betelgeuse may be about to explode.

To find out more, an international team of scientists, including Ken'ichi Nomoto at the Kavli Institute for the Physics and Mathematics of the Universe (Kavli IPMU), conducted a rigorous examination of Betelgeuse. They concluded that the star is in the early core helium-burning phase (which is more than 100,000 years before an explosion happens) and has smaller mass and radius—and is closer to Earth—than previously thought. They also showed that smaller brightness variations of Betelgeuse have been driven by stellar pulsations, and suggested that the recent large dimming event involved a dust cloud.

[...] Their results imply that Betelgeuse is not at all close to exploding, and that it is too far from Earth for the eventual explosion to have significant impact here, even though it is still a really big deal when a supernova goes off. And as Betelgeuse is the closest candidate for such an explosion, it gives us a rare opportunity to study what happens to stars like this before they explode.

That is a huge relief... what with COVID-19 and many other disasters, Betelgeuse exploding may have been the straw that broke the camel's back!

Also at: Phys.Org.

Journal Reference:
Meridith Joyce, Shing-Chi Leung, László Molnár, et al.Standing on the Shoulders of Giants: New Mass and Distance Estimates for Betelgeuse through Combined Evolutionary, Asteroseismic, and Hydrodynamic Simulations with MESA - IOPscience, The Astrophysical Journal (DOI: https://iopscience.iop.org/article/10.3847/1538-4357/abb8db)

Original Submission

Tesla Buys $1.5 Billion in Bitcoin, Plans to Accept It as Payment

takyon writes:

Musk's Tesla says it invested $1.5 billion in bitcoin, sending the cryptocurrency to record levels near $44,000

Elon Musk's Tesla Inc. said that it has acquired $1.5 billion in bitcoins in January and that it could accept the world's No. 1 digital asset for payment in the future.

Tesla revealed the purchase in a regulatory filing with the Securities and Exchange Commission on Monday, which helped to drive up bitcoin prices +11.50% to around $44,203, a gain of over 13% in early trade on CoinDesk.

"In January 2021, we updated our investment policy to provide us with more flexibility to further diversify and maximize returns on our cash that is not required to maintain adequate operating liquidity," Tesla said in a 10-K filing with the U.S. markets regulator.

"Moreover, we expect to begin accepting bitcoin as a form of payment for our products in the near future, subject to applicable laws and initially on a limited basis, which we may or may not liquidate upon receipt," the filing continued.

The move comes as Musk has recently been a more vocal champion of digital assets on his social platforms.

Also at Reuters and CNBC.

Tesla buys $1.5 billion in bitcoin, sending its price soaring

Freeman writes:

https://arstechnica.com/tech-policy/2021/02/tesla-buys-1-5-billion-in-bitcoin-sending-its-price-soaring/

The price of bitcoin rose to a new record above $43,000 on Monday after Tesla reported that it had purchased $1.5 billion of the world's most valuable cryptocurrency. In a regulatory filing, Tesla also announced that it expected to "begin accepting bitcoin as a form of payment for our products in the near future."

Original Submission #1  Original Submission #2 

upstart writes in with an IRC submission for Runaway1956:

Congo confirms new Ebola outbreak after death of woman:

Health officials in Congo confirmed another Ebola outbreak in the country's east on Sunday, the fourth in less than three years. On February 3, a woman died in Butembo town in North Kivu province, Minister of Health Eteni Longondo announced.

The woman from the nearby village of Biena felt sick for a few days before being tested in a clinic there. She then went to a hospital in Butembo, but died before receiving the results. The government has begun tracing everyone who came in contact with her to try to "eradicate the epidemic as soon as possible," said Longondo.

This is the 12th outbreak in conflict-ridden Congo since the virus was first discovered in the country in 1976, and comes less than three months after an outbreak in the western province of Equateur, officially ended in November. The 2018 outbreak in Eastern Congo was the second deadliest in the world, killing 2,299 people before it ended in June. That outbreak lasted for nearly two years and was fought amid unprecedented challenges, including entrenched conflict between armed groups, the world's largest measles epidemic, and the spread of COVID-19.

Health officials worry a new Ebola outbreak could badly affect the nation's fragile health system, especially as it faces a resurgence of COVID-19.

"While there is hope that this early identification of an infection may help with quickly containing this outbreak, back-to-back Ebola outbreaks and COVID-19 has stretched Congo's health systems to the limit and this could put far greater strain on an already exasperated system," said Jason Kindrachuk, an assistant professor at the department of medical microbiology and infectious diseases at Canada's University of Manitoba.

Original Submission

chromas writes:

'Tis but a snippet; I recommend reading the whole article.

Wired:

One afternoon in the fall of 2019, in a grand old office building near the Arc de Triomphe, I was buzzed through an unmarked door into a showroom for the future of surveillance. The space on the other side was dark and sleek, with a look somewhere between an Apple Store and a doomsday bunker. Along one wall, a grid of electronic devices glinted in the moody downlighting—automated license plate readers, Wi-Fi-enabled locks, boxy data processing units. I was here to meet Giovanni Gaccione, who runs the public safety division of a security technology company called Genetec. Headquartered in Montreal, the firm operates four of these "Experience Centers" around the world, where it peddles intelligence products to government officials. Genetec's main sell here was software, and Gaccione had agreed to show me how it worked.

He led me first to a large monitor running a demo version of Citigraf, his division's flagship product. The screen displayed a map of the East Side of Chicago. Around the edges were thumbnail-size video streams from neighborhood CCTV cameras. In one feed, a woman appeared to be unloading luggage from a car to the sidewalk. An alert popped up above her head: "ILLEGAL PARKING." The map itself was scattered with color-coded icons—a house on fire, a gun, a pair of wrestling stick figures—each of which, Gaccione explained, corresponded to an unfolding emergency. He selected the stick figures, which denoted an assault, and a readout appeared onscreen with a few scant details drawn from the 911 dispatch center. At the bottom was a button marked "INVESTIGATE," just begging to be clicked.

Citigraf was conceived in 2016, when the Chicago Police Department hired Genetec to solve a surveillance conundrum. Like other large law enforcement organizations around the country, the department had built up such an impressive arsenal of technologies for keeping tabs on citizens that it had reached the point of surveillance overload. To get a clear picture of an emergency in progress, officers often had to bushwhack through dozens of byzantine databases and feeds from far-flung sensors, including gunshot detectors, license plate readers, and public and private security cameras. This process of braiding together strands of information—"multi-intelligence fusion" is the technical term—was becoming too difficult. As one Chicago official put it, echoing a well-worn aphorism in surveillance circles, the city was "data-rich but information-poor." What investigators needed was a tool that could cut a clean line through the labyrinth. What they needed was automated fusion.

upstart writes in with an IRC submission for c0lo:

Turbulence trouble:

"When I meet God," physicist Werner Heisenberg allegedly once said, "I'm going to ask him two questions: why relativity? And why turbulence? I really believe he'll have an answer for the first."

Although the quote is almost certainly fictional, it captures the sheer frustration many physicists feel about turbulence: the complex, chaotic, unpredictable flows in fluids.

This phenomenon surrounds us: swirling gases in the atmosphere disrupting our flights; the movement of rivers around rocks; the flow of blood through our arteries. We also see it on cosmic scales, explains quantum physicist Warwick Bowen from the University of Queensland (UQ), from gas flowing in galaxy clusters to the Great Red Spot – a massive cyclone on Jupiter.

"You could fit our planet within this one storm, and it's existed for many hundreds of years – for the whole time that we've been able to observe Jupiter," Bowen says.

[...] And we still don't know why. Turbulence has always been too complex to accurately analyse or even measure. Even after centuries of study, physicists have no general theoretical description of it – it's been described as the last great outstanding problem of classical physics.

Journal Reference:
Guillaume Gauthier, Matthew T. Reeves, Xiaoquan Yu, et al. Giant vortex clusters in a two-dimensional quantum fluid [$], Science (DOI: 10.1126/science.aat5718)
Shaun P. Johnstone, Andrew J. Groszek, Philip T. Starkey, et al. Evolution of large-scale flow from turbulence in a two-dimensional superfluid [$], Science (DOI: 10.1126/science.aat5793)

Original Submission

upstart writes in with an IRC submission for c0lo:

Astronomers Think They've Found Another Trojan Asteroid Lurking in Earth's Orbit:

A recently discovered object sharing Earth's orbital path around the Sun could actually be a trojan asteroid, astronomers have found.

If confirmed, it will be only the second object of its type identified to date, suggesting that there could be more of these hidden asteroids lurking in Earth's gravitational pockets.

Trojan asteroids are space rocks that share the orbital path of larger planetary bodies in the Solar System, hanging out in gravitationally stable regions known as Lagrangian points.

These are pockets where the gravitational pulls of the planet and the Sun balance perfectly with the centripetal force of any small body in that region to basically hold it in place.

Original Submission

NASA's Perseverance, China's Tianwen-1 and UAE's Hope arrive at Mars this month

aristarchus and an anonymous submitter write:

Seems like the solar system is getting smaller all the time. Three nations are having Mars missions land (hopefully) this month, something that has never happened before. Detail at C|Net, and elsewhere.

July 2020 was a huge month for Mars. Taking advantage of its nearby position in orbit, three missions departed the Earth on a seven-month journey to the red planet. Now those spacecraft -- NASA's Perseverance rover, the Chinese space agency's Tianwen-1 and the United Arab Emirates' Hope -- are arriving at their destination. They're poised to uncover the secrets our celestial neighbor hides within its atmosphere and barren plains and may even reveal relics of ancient life on the planet's surface.

Although all three spacecraft will make it to orbit around Mars this month, NASA's Perseverance (or "Percy") gets to take center stage. It will be the only mission to land on the surface this month, with an expected arrival date of Feb. 18. Perseverance builds on an impressive history of interplanetary exploration, with its sibling rover Curiosity coming up on nine years on Mars, delivering breathtaking photographs and some puzzling data.

That's not to take anything away from the UAE's Hope, or Al Amal, and China's Tianwen-1. Both spacecraft are expected to perform Mars orbital insertion, or MOI, maneuvers within a day of each other on Feb. 9 and Feb. 10, respectively. Hope will remain in orbit and analyze the Martian atmosphere, but Tianwen-1 will attempt something only achieved by two other nations: landing on Mars' unfriendly surface. China is expected to release Tianwen-1's lander and rover duo sometime in May.

Here's a recap of the journey to Mars and what we can expect this month.

Previously:
China's Tianwen-1 Mars Probe Delivers its First Haunting Look at the Planet
Three Missions to Mars Happening this Month

Original Submission #1
Original Submission #2 

upstart writes in with an IRC submission for c0lo:

This $12 Billion Company Is Getting Rich Off Students Cheating Their Way Through Covid:

It's called "chegging." College students everywhere know what it means. "If I run out of time or I'm having problems on homework or an online quiz," says Matt, a 19-year-old sophomore at Arizona State, "I can chegg it."

He means he can use Chegg Study, the $14.95-a-month service he buys from Chegg, a tech company whose stock price has more than tripled during the pandemic. It takes him seconds to look up answers in Chegg's database of 46 million textbook and exam problems and turn them in as his own. In other words, to cheat. (Matt asked that his real name be withheld because he knows he's violating his school's honor code.)

Chegg is based in Santa Clara, California, but the heart of its operation is in India, where it employs more than 70,000 experts with advanced math, science, technology and engineering degrees. The experts, who work freelance, are online 24/7, supplying step-by-step answers to questions posted by subscribers (sometimes answered in less than 15 minutes). Chegg offers other services students find useful, including tools to create bibliographies, solve math problems and improve writing. But the main revenue driver, and the reason students subscribe, is Chegg Study.

[...] Forbes interviewed 52 students who use Chegg Study. Aside from the half dozen students Chegg provided for Forbes to talk to, all but 4 admitted they use the site to cheat. They include undergrads and grad students at 19 colleges, including large and small state schools and prestigious private universities like Columbia, Brown, Duke and NYU Abu Dhabi.