Feed aggregator

Enlarge / Artist's conception of NetEase using a legal contract to try to stop a wave of negative reviews of its closed alpha. (credit: NetEase)

The developers of team-based shooter Marvel Rivals have apologized for a contract clause that made creators promise not to provide "subjective negative reviews of the game" in exchange for early access to a closed alpha test.

The controversial early access contract gained widespread attention over the weekend when streamer Brandon Larned shared a portion on social media. In the "non-disparagement" clause shared by Larned, creators who are provided with an early download code are asked not to "make any public statements or engage in discussions that are detrimental to the reputation of the game." In addition to the "subjective negative review" example above, the clause also specifically prohibits "making disparaging or satirical comments about any game-related material" and "engaging in malicious comparisons with competitors or belittling the gameplay or differences of Marvel Rivals."

Extremely disappointed in @MarvelRivals.

Multiple creators asked for key codes to gain access to the playtest and are asked to sign a contract.

The contract signs away your right to negatively review the game.

Many streamers have signed without reading just to play

Insanity. pic.twitter.com/c11BUDyka9

— Brandon Larned (@A_Seagull) May 12, 2024

In a Discord post noticed by PCGamesN over the weekend, Chinese developer NetEase apologized for what it called "inappropriate and misleading terms" in the contract. "Our stand is absolutely open for both suggestions and criticisms to improve our games, and... our mission is to make Marvel Rivals better [and] satisfy players by those constructive suggestions."

Read 6 remaining paragraphs | Comments

Enlarge / New energy vehicles are being loaded into containers for export at Taicang Port and Taicang International Terminal in Suzhou, Jiangsu Province, China, on April 26, 2024. (credit: Photo by Costfoto/NurPhoto via Getty Images)

President Joe Biden is expected to levy new 100 percent tariffs targeted at specific Chinese industries, including electric vehicles, on Tuesday. The announcement follows growing calls from automakers, unions, and bipartisan efforts in Congress to address the problem of China unfairly subsidizing its own industries to undermine foreign competitors.

Why are Chinese EVs so cheap?

The Chinese government has been giving its green industries heavy direct subsidies for some time now, far in excess of those handed out by US or European governments. For EV makers like BYD, this has meant billions of dollars a year, in addition to the consumer-facing tax benefit for car buyers, similar to how EV sales are incentivized in the US.

Brands like BYD have concentrated on making their cars cheaper to build—only using one windshield wiper instead of two, for example—but also through vertical integration. Other than Tesla, automakers in the US, Europe, Japan, and Korea instead rely heavily on multiple tiers of suppliers, most of whom supply parts to more than one automaker.

Read 9 remaining paragraphs | Comments

Apple last week refreshed its iPad lineup by upgrading the iPad Pro and iPad Air. The latter got its first hardware update in over two years. The latest iPad Air is powered by an M2 chipset and it ships on May 15. If you’re interested in picking one up and haven’t yet done so, you’re in luck. You’ll get a $30 discount on the M2 iPad Air if you preorder one at Amazon. The discount is available on select models such as several colorways of the base 11-inch iPad Air with 128GB of storage, which drops to $570. The purple 256GB variant of the 13-inch iPad Air is also $30 off at $870.

The M2 is one of the two major changes to the iPad Air this time around. The chipset is about 50 percent faster than the M1, according to Apple, so the latest model should be noticeably zipper than the previous generation. However, the iPad Pro is now significantly more powerful than the Air, as the high-end models arriving this week run on the new M4 chipsets, making them the first Apple devices to do so.

The screen is the other major change to the iPad Air. Not only is the base model’s display 0.1 inches larger, making it a tidier 11 inches, there’s a 13-inch variant of an iPad Air for the first time. That means the iPad Air has the same screen sizes as the iPad Pro (which is now somehow thinner and lighter than its mid-range sibling).

There’s one other immediately noticeable change to the iPad Air The front-facing camera is now positioned along the landscape edge. That should make video calls a bit more palatable for those who tend to have their iPad in that orientation, including those who use keyboard attachments.

Follow @EngadgetDeals on Twitter and subscribe to the Engadget Deals newsletter for the latest tech deals and buying advice.

This article originally appeared on Engadget at https://www.engadget.com/the-m2-ipad-air-is-30-off-if-you-preorder-at-amazon-153809896.html?src=rss

• The Pixel 8a and its speedy 120 Hz display. [credit: Ron Amadeo ]

SPECS AT A GLANCE: Pixel 8a SCREEN 6.1-inch, 120 Hz, 2400×1080 OLED OS Android 14 CPU Google Tensor G3

One 3.0 GHz Cortex-X3 core
Four 2.45 GHz Cortex-A715 cores
Four 2.15 GHz Cortex-A510 Cores

GPU ARM Mali-G715 RAM 8GB STORAGE 128GB, UFS 3.1 BATTERY 4492 mAh NETWORKING Wi-Fi 6E, Bluetooth 5.3, GPS, NFC PORTS USB Type-C 3.1 Gen 1 with 18 W USB-PD 3.0 charging CAMERA 64MP main camera, 13 MP Ultrawide, 13 MP front camera SIZE 152.1×72.7×8.9 mm WEIGHT 188 g STARTING PRICE $499.99 OTHER PERKS IP67 dust and water resistance, eSIM, in-screen fingerprint reader, 5 W wireless charging

Somehow, Google's midrange phone just keeps getting better. The Pixel 8a improves on many things over the Pixel 7a—it has a better display, a longer support cycle, and the usual yearly CPU upgrades, all at the same $499 price as last year. Who could complain? The Pixel A series was already the best bargain in smartphones, and there's now very little difference between it and a flagship-class device.

Year over year, the 6.1-inch, 2400×1080 display is being upgraded from 90 Hz to 120 Hz, giving you essentially the same experience you'd get on the "flagship" Pixels. The SoC is the same processor you'd get in the Pixel 9, a Google Tensor G3. That's a 4 nm chip with one Arm Cortex X3, four Cortex A715 cores, four Cortex A510 cores, and a Mali G715 GPU.

Previously, the 120 Hz display was the primary thing A-series owners were missing out on compared to the more expensive Pixels, so its addition is a huge deal. Any comparison between the "midrange" Pixel 8a and the "flagship" 6.2-inch Pixel 8 will now just be splitting hairs. The flagship gets an extra 0.1 inches of display, 2 percent more battery, and Wi-Fi 6E instead of Wi-Fi 7. The cameras are technically newer, but since they all run the same image-stacking software, the images look very similar. Are those things worth an extra $200? No, they are not.

Read 14 remaining paragraphs | Comments

One of Anker’s MagGo power banks is on sale for just $32 via Amazon. This is a discount of 21 percent, as the device is typically $40. For the price, you get a full-featured magnetic power bank that boasts a 10,000mAh capacity, which allows for around 22 extra hours of use with a modern smartphone.

The power bank features magnetic charging technology, like Apple’s MagSafe, and the device automatically attaches to the back of a smartphone via those same magnets. It’s also light and portable, so most pockets and handbags should be able to accommodate both the power bank and the attached smartphone.

On the downside, it’s not for every smartphone. It’s only for the iPhone 12 and up, as that’s when Apple introduced its MagSafe technology to the lineup. However, it can be used with other gadgets that allow for magnetic charging, like AirPod cases and the like. It’s also worth noting that, while cool, wireless magnetic charging is much slower than traditional wired charging.

We gave another Anker MagGo charger the top spot in our list of the best power banks. Anker makes good stuff. The primary difference between the one that topped our list and this one is that the former boasts Qi2 wireless charging technology, which is faster, and a nice LED display for data metrics. It’s also more than twice the price.

Follow @EngadgetDeals on Twitter and subscribe to the Engadget Deals newsletter for the latest tech deals and buying advice.

This article originally appeared on Engadget at https://www.engadget.com/pick-up-this-anker-10000mah-magnetic-power-bank-for-only-32-150230046.html?src=rss

Things are really changing over at Apple with the announcement of a new M4 iPad Pro and M2 iPad Air. The company has also discontinued the ninth-generation iPad and cut the price of its 10th-generation model to $349. While that was exciting on its own, Apple's 10th-gen iPad is now available for an even better deal on Amazon: $334. The discount brings Apple's 64GB base model to a new record-low price.

The 10th-gen iPad is becoming Apple's cheapest option on the market and it's a solid product. We gave it an 85 in our review when it debuted in 2022 thanks to updates like a USB-C charging port and a redesign that made it more comparable to the iPad Air. It also has a landscape-mode front-facing camera so you can join video calls without being awkwardly vertical on people's screens. 

Apple's most affordable iPad also has a 10-hour battery estimate but lasted 11 hours and 45 minutes for us when playing a movie pushed from iTunes — though gaming or other active use would shorten the amount of time it works between charges. This iPad also has a 10.9-inch screen, compared to it's predecessors 10.2-inches. Plus, it uses an A14 chip (the same one as in an iPhone 12). 

Follow @EngadgetDeals on Twitter and subscribe to the Engadget Deals newsletter for the latest tech deals and buying advice.

This article originally appeared on Engadget at https://www.engadget.com/apples-10th-gen-ipad-hits-a-new-low-of-334-141510163.html?src=rss

Enlarge (credit: Microsoft)

Brussels is set to issue new antitrust charges against Microsoft over concerns that the software giant is undermining rivals to its videoconferencing app Teams.

According to three people with knowledge of the move, the European Commission is pressing ahead with a formal charge sheet against the world’s most valuable listed tech company over concerns it is restricting competition in the sector.

Microsoft last month offered concessions as it sought to avoid regulatory action, including extending a plan to unbundle Teams from other software such as Office, not just in Europe but across the world.

Read 13 remaining paragraphs | Comments

The recipe for Google’s A-series Pixels is incredibly straightforward: Combine top-notch cameras with a vivid display and then cram all that in a tried and tested design for a reasonable price. But with the addition of a Tensor G3 chip, the Pixel 8a now supports the same powerful AI features as Google’s flagship phones. So when you consider that all this comes for just $499, you’re looking at not just the top midrange Android handset on the market but possibly one of the best values of any phone on sale today.

Design and display

Aside from a new aloe color option – which in my opinion is the best of the bunch – the Pixel 8a is nearly identical to the standard Pixel 8. However, there are a few subtle differences that become more noticeable when the two are viewed side-by-side. The most obvious is slightly larger bezels, which also has an impact on the Pixel 8’s screen size. Instead of a 6.2-inch display like on its pricier sibling, the Pixel 8a tops out at 6.1 inches. That said, you still get a vibrant OLED panel that produces deep blacks and rich colors, plus a slightly faster 120Hz refresh rate compared to the 90Hz on last year’s Pixel 7a.

The phone’s frame is still made out of aluminum, which feels great, while the metal camera bar in the back is actually a millimeter or two thinner, resulting in an ever so slightly sleeker device. Google also switched out the Pixel 8’s rear glass panel for plastic. But thanks to a new matte finish that’s supposed to mimic the texture of cashmere, it definitely doesn’t feel cheap. And while its IP67 rating for dust and water resistance is one step down from what’s on the mainline Pixel 8, that’s still enough to withstand dunks of up to 1 meter for 30 minutes. Not bad.

Performance

One of the biggest knocks against Google’s Tensor chips is that they don’t offer the same level of raw performance you get from rival Apple or Qualcomm silicon. And while that’s still true of the G3, when we’re talking about it powering a phone that costs $499, I’m much less bothered. In normal use, the Pixel 8a feels swift and snappy and even when gaming. Titles like Marvel Snap and TMNT: Shredder’s Revenge looked smooth. The only time I noticed significant hiccups or lag was when playing more demanding shooters like Call of Duty: Mobile.

While both sport very similar designs, the Pixel 8a (left) has a slightly smaller 6.1-inch screen with larger bezels than the standard Pixel 8 (right). Photo by Sam Rutherford/Engadget

Of course, the other part of the performance equation is all the on-device AI features that the Tensor G3 unlocks such as Audio Magic Eraser, Best Take and the Magic Editor, which you can use as much as you want instead of the 10-picture cap that free users are subject to in Google Photos.

Cameras

The Pixel 8a features the same 64MP main and 13MP ultra-wide sensors used in last year’s P7a. But that’s OK, because Google’s affordable phones punch way above their weight. So instead of comparing it with a similarly priced rival, I decided to really challenge the Pixel 8a by putting it up against the Samsung 24 Ultra. And even then, it still largely kept up.

In bright light, I’d argue the Pixel 8a might be the superior shooter, as it captured more accurate colors and excellent details compared to the warmer tones and often oversaturated hues from Samsung. This was especially noticeable when shooting a single yellow rose. The S24 Ultra made the middle of the flower appear orange and super contrasty, which looks great in a vacuum but doesn’t reflect what I saw in real life.

However, at night the S24 Ultra’s massive 200MP main sensor pulled back in front, producing images that were generally sharper and more well-exposed. That said, thanks to Google’s powerful Night Sight mode, the Pixel 8a wasn’t far behind, an impressive feat for a phone that costs $800 less.

Finally, while the Pixel 8a doesn’t have any other hardware tricks besides a solid 13MP selfie cam, Google’s AI is here to take your photos even further. Best Take allows you to capture multiple group shots and then swap in people’s reactions from various options. It’s easy to use and lets you create a composite where everyone is smiling, which feels like a win-win scenario. Then there’s the Magic Editor, a fun and powerful way to eliminate distracting elements or move subjects around as you please. It’s the kind of thing you might not use every day, but now and then it will salvage a shot you might have otherwise deleted. So even if you don’t care about AI or how it works, Google is finding a way to add value with machine learning.

Battery life and charging Photo by Sam Rutherford/Engadget

While the Pixel 8a’s 4,492 mAh battery is a touch smaller than what you get on the standard model (4,575 mAh), it actually boasts slightly better battery life, possibly due to its more petite screen. On our video rundown test, the 8a lasted a solid 20 hours and 29 minutes, barely beating the regular Pixel 8’s time of 20:16.

Meanwhile, when it comes to recharging, both wired and Qi wireless speeds have stayed the same. This means you get up to 18 watts when using a cable, but a rather lethargic rate of 7.5 watts if you slap it on an induction pad. That might not be a big deal if you only use wireless charging overnight or to conveniently top up the phone while you’re doing something else. But if you need some juice in a jiffy, you better grab a cord.

Wrap-up

Google isn’t breaking new ground with the Pixel 8a. But the simple formula of class-leading cameras, a great display, strong battery life and a slick design will never go out of style – especially when you get all this for just $499. And with the addition of AI features that were previously only available on Google’s flagship phones, the Pixel 8a is a midrange smartphone that really is smarter than all of its rivals. To top everything off, there’s a configuration with 256GB of storage for the first time on any A-series handset (though only on the Obsidian model), plus even better support with a whopping seven years of Android and security updates.

Photo by Sam Rutherford/Engadget

The one wrinkle to this is that the deciding factor comes down to how much its siblings cost. If you go by their default pricing, the $499 Pixel 8a offers incredible savings compared to the standard $799 Pixel 8. However, prior to the 8a’s announcement, we saw deals that brought the Pixel 8 down to as low as $549, at which point you might as well spend an extra $50 to get the full flagship experience.

But for those who don’t feel like waiting for a discount or might not care about details like slower wireless charging speeds, in addition to being the best midrange Android phone, the Pixel 8a is just a damn good deal.

This article originally appeared on Engadget at https://www.engadget.com/google-pixel-8a-review-the-best-midrange-android-phone-gets-flagship-ai-features-140046032.html?src=rss

It’s grill season, y’all. Time to clean those outdoor cook stations, or invest in a new one and make sure you have all the tools you need for the ultimate backyard culinary setup. To help you with the selection process, I’ve compiled a list of the best grills and accessories for cooking on the porch, deck, patio or anywhere else outside when you’re at home. Our reviews lineup includes a wide range of grills and other smart-grilling devices, all of which can help you elevate your BBQ game. I have some recommendations on other items too, including the ways to keep your beverages cold and the best oven for backyard pizza parties.

This article originally appeared on Engadget at https://www.engadget.com/best-grilling-gear-143011296.html?src=rss

Last week, the United States joined the U.K. and Australia in sanctioning and charging a Russian man named Dmitry Yuryevich Khoroshev as the leader of the infamous LockBit ransomware group. LockBit’s leader “LockBitSupp” claims the feds named the wrong guy, saying the charges don’t explain how they connected him to Khoroshev. This post examines the activities of Khoroshev’s many alter egos on the cybercrime forums, and tracks the career of a gifted malware author who has written and sold malicious code for the past 14 years.

Dmitry Yuryevich Khoroshev. Image: treasury.gov.

On May 7, the U.S. Department of Justice indicted Khoroshev on 26 criminal counts, including extortion, wire fraud, and conspiracy. The government alleges Khoroshev created, sold and used the LockBit ransomware strain to personally extort more than $100 million from hundreds of victim organizations, and that LockBit as a group extorted roughly half a billion dollars over four years.

Federal investigators say Khoroshev ran LockBit as a “ransomware-as-a-service” operation, wherein he kept 20 percent of any ransom amount paid by a victim organization infected with his code, with the remaining 80 percent of the payment going to LockBit affiliates responsible for spreading the malware.

Financial sanctions levied against Khoroshev by the U.S. Department of the Treasury listed his known email and street address (in Voronezh, in southwest Russia), passport number, and even his tax ID number (hello, Russian tax authorities). The Treasury filing says Khoroshev used the emails sitedev5@yandex.ru, and khoroshev1@icloud.com.

According to DomainTools.com, the address sitedev5@yandex.ru was used to register at least six domains, including a Russian business registered in Khoroshev’s name called tkaner.com, which is a blog about clothing and fabrics.

A search at the breach-tracking service Constella Intelligence on the phone number in Tkaner’s registration records  — 7.9521020220 — brings up multiple official Russian government documents listing the number’s owner as Dmitri Yurievich Khoroshev.

Another domain registered to that phone number was stairwell[.]ru, which at one point advertised the sale of wooden staircases. Constella finds that the email addresses webmaster@stairwell.ru and admin@stairwell.ru used the password 225948.

DomainTools reports that stairwell.ru for several years included the registrant’s name as “Dmitrij Ju Horoshev,” and the email address pin@darktower.su. According to Constella, this email address was used in 2010 to register an account for a Dmitry Yurievich Khoroshev from Voronezh, Russia at the hosting provider firstvds.ru.

Image: Shutterstock.

Cyber intelligence firm Intel 471 finds that pin@darktower.ru was used by a Russian-speaking member called Pin on the English-language cybercrime forum Opensc. Pin was active on Opensc around March 2012, and authored 13 posts that mostly concerned data encryption issues, or how to fix bugs in code.

Other posts concerned custom code Pin claimed to have written that would bypass memory protections on Windows XP and Windows 7 systems, and inject malware into memory space normally allocated to trusted applications on a Windows machine.

Pin also was active at that same time on the Russian-language security forum Antichat, where they told fellow forum members to contact them at the ICQ instant messenger number 669316.

NEROWOLFE

A search on the ICQ number 669316 at Intel 471 shows that in April 2011, a user by the name NeroWolfe joined the Russian cybercrime forum Zloy using the email address d.horoshev@gmail.com, and from an Internet address in Voronezh, RU.

Constella finds the same password tied to webmaster@stairwell.ru (225948) was used by the email address 3k@xakep.ru, which Intel 471 says was registered to more than a dozen NeroWolfe accounts across just as many Russian cybercrime forums between 2011 and 2015.

NeroWolfe’s introductory post to the forum Verified in Oct. 2011 said he was a system administrator and C++ coder.

“Installing SpyEYE, ZeuS, any DDoS and spam admin panels,” NeroWolfe wrote. This user said they specialize in developing malware, creating computer worms, and crafting new ways to hijack Web browsers.

“I can provide my portfolio on request,” NeroWolfe wrote. “P.S. I don’t modify someone else’s code or work with someone else’s frameworks.”

In April 2013, NeroWolfe wrote in a private message to another Verified forum user that he was selling a malware “loader” program that could bypass all of the security protections on Windows XP and Windows 7.

“The access to the network is slightly restricted,” NeroWolfe said of the loader, which he was selling for $5,000. “You won’t manage to bind a port. However, it’s quite possible to send data. The code is written in C.”

In an October 2013 discussion on the cybercrime forum Exploit, NeroWolfe weighed in on the karmic ramifications of ransomware. At the time, ransomware-as-a-service didn’t exist yet, and many members of Exploit were still making good money from “lockers,” relatively crude programs that locked the user out of their system until they agreed to make a small payment (usually a few hundred dollars via prepaid Green Dot cards).

Lockers, which presaged the coming ransomware scourge, were generally viewed by the Russian-speaking cybercrime forums as harmless moneymaking opportunities, because they usually didn’t seek to harm the host computer or endanger files on the system. Also, there were still plenty of locker programs that aspiring cybercriminals could either buy or rent to make a steady income.

NeroWolfe reminded forum denizens that they were just as vulnerable to ransomware attacks as their would-be victims, and that what goes around comes around.

“Guys, do you have a conscience?,” NeroWolfe wrote. “Okay, lockers, network gopstop aka business in Russian. The last thing was always squeezed out of the suckers. But encoders, no one is protected from them, including the local audience.”

If Khoroshev was ever worried that someone outside of Russia might be able to connect his early hacker handles to his real life persona, that’s not clear from reviewing his history online. In fact, the same email address tied to so many of NeroWolfe’s accounts on the forums — 3k@xakep.ru — was used in 2011 to create an account for a Dmitry Yurevich Khoroshev on the Russian social media network Vkontakte.

NeroWolfe seems to have abandoned all of his forum accounts sometime in 2016. In November 2016, an exploit[.]ru member filed an official complaint against NeroWolfe, saying NeroWolfe had been paid $2,000 to produce custom code but never finished the project and vanished.

It’s unclear what happened to NeroWolfe or to Khoroshev during this time. Maybe he got arrested, or some close associates did. Perhaps he just decided it was time to lay low and hit the reset on his operational security efforts, given his past failures in this regard. It’s also possible NeroWolfe landed a real job somewhere for a few years, fathered a child, and/or had to put his cybercrime career on hold.

PUTINKRAB

Or perhaps Khoroshev saw the coming ransomware industry for the endless pot of gold that it was about to become, and then dedicated himself to working on custom ransomware code. That’s what the government believes.

The indictment against Khoroshev says he used the hacker nickname Putinkrab, and Intel 471 says this corresponds to a username that was first registered across three major Russian cybercrime forums in early 2019.

KrebsOnSecurity could find no obvious connections between Putinkrab and any of Khoroshev’s older identities. However, if Putinkrab was Khoroshev, he would have learned from his past mistakes and started fresh with a new identity (which he did). But also, it is likely the government hasn’t shared all of the intelligence it has collected against him (more on that in a bit).

Putinkrab’s first posts on the Russian cybercrime forums XSS, Exploit and UFOLabs saw this user selling ransomware source code written in C.

A machine-translated ad for ransomware source code from Putinkrab on the Russian language cybercrime forum UFOlabs in 2019. Image: Ke-la.com.

In April 2019, Putkinkrab offered an affiliate program that would run on top of his custom-made ransomware code.

“I want to work for a share of the ransoms: 20/80,” Putinkrab wrote on Exploit. “20 percent is my percentage for the work, you get 80% of the ransoms. The percentage can be reduced up to 10/90 if the volumes are good. But now, temporarily, until the service is fully automated, we are working using a different algorithm.”

Throughout the summer of 2019, Putinkrab posted multiple updates to Exploit about new features being added to his ransomware strain, as well as novel evasion techniques to avoid detection by security tools. He also told forum members he was looking for investors for a new ransomware project based on his code.

In response to an Exploit member who complained that the security industry was making it harder to profit from ransomware, Putinkrab said that was because so many cybercriminals were relying on crappy ransomware code.

“The vast majority of top antiviruses have acquired behavioral analysis, which blocks 95% of crypto-lockers at their root,” Putinkrab wrote. “Cryptolockers made a lot of noise in the press, but lazy system administrators don’t make backups after that. The vast majority of cryptolockers are written by people who have little understanding of cryptography. Therefore, decryptors appear on the Internet, and with them the hope that files can be decrypted without paying a ransom. They just sit and wait. Contact with the owner of the key is lost over time.”

Putinkrab said he had every confidence his ransomware code was a game-changer, and a huge money machine.

“The game is just gaining momentum,” Putinkrab wrote. “Weak players lose and are eliminated.”

The rest of his response was structured like a poem:

“In this world, the strongest survive.
Our life is just a struggle.
The winner will be the smartest,
Who has his head on his shoulders.”

Putinkrab’s final post came on August 23, 2019. The Justice Department says the LockBit ransomware affiliate program was officially launched five months later. From there on out, the government says, Khoroshev adopted the persona of LockBitSupp. In his introductory post on Exploit, LockBit’s mastermind said the ransomware strain had been in development since September 2019.

The original LockBit malware was written in C (a language that NeroWolfe excelled at). Here’s the original description of LockBit, from its maker:

“The software is written in C and Assembler; encryption is performed through the I/O Completion Port; there is a port scanning local networks and an option to find all DFS, SMB, WebDAV network shares, an admin panel in Tor, automatic test decryption; a decryption tool is provided; there is a chat with Push notifications, a Jabber bot that forwards correspondence and an option to terminate services/processes in line which prevent the ransomware from opening files at a certain moment. The ransomware sets file permissions and removes blocking attributes, deletes shadow copies, clears logs and mounts hidden partitions; there is an option to drag-and-drop files/folders and a console/hidden mode. The ransomware encrypts files in parts in various places: the larger the file size, the more parts there are. The algorithms used are AES + RSA.

You are the one who determines the ransom amount after communicating with the victim. The ransom paid in any currency that suits you will be transferred to your wallets. The Jabber bot serves as an admin panel and is used for banning, providing decryption tools, chatting – Jabber is used for absolutely everything.”

CONCLUSION

Does the above timeline prove that NeroWolfe/Khoroshev is LockBitSupp? No. However, it does indicate Khoroshev was for many years deeply invested in countless schemes involving botnets, stolen data, and malware he wrote that others used to great effect. NeroWolfe’s many private messages from fellow forum members confirm this.

NeroWolfe’s specialty was creating custom code that employed novel stealth and evasion techniques, and he was always quick to volunteer his services on the forums whenever anyone was looking help on a malware project that called for a strong C or C++ programmer.

Someone with those qualifications — as well as demonstrated mastery of data encryption and decryption techniques — would have been in great demand by the ransomware-as-a-service industry that took off at around the same time NeroWolfe vanished from the forums.

Someone like that who is near or at the top of their game vis-a-vis their peers does not simply walk away from that level of influence, community status, and potential income stream unless forced to do so by circumstances beyond their immediate control.

It’s important to note that Putinkrab didn’t just materialize out of thin air in 2019 — suddenly endowed with knowledge about how to write advanced, stealthy ransomware strains. That knowledge clearly came from someone who’d already had years of experience building and deploying ransomware strains against real-life victim organizations.

Thus, whoever Putinkrab was before they adopted that moniker, it’s a safe bet they were involved in the development and use of earlier, highly successful ransomware strains. One strong possible candidate is Cerber ransomware, the most popular and effective affiliate program operating between early 2016 and mid-2017. Cerber thrived because it emerged as an early mover in the market for ransomware-as-a-service offerings.

In February 2024, the FBI seized LockBit’s cybercrime infrastructure on the dark web, following an apparently lengthy infiltration of the group’s operations. The United States has already indicted and sanctioned at least five other alleged LockBit ringleaders or affiliates, so presumably the feds have been able to draw additional resources from those investigations.

Also, it seems likely that the three national intelligence agencies involved in bringing these charges are not showing all of their cards. For example, the Treasury documents on Khoroshev mention a single cryptocurrency address, and yet experts interviewed for this story say there are no obvious clues connecting this address to Khoroshev or Putinkrab.

But given that LockBitSupp has been actively involved in Lockbit ransomware attacks against organizations for four years now, the government almost certainly has an extensive list of the LockBit leader’s various cryptocurrency addresses — and probably even his bank accounts in Russia. And no doubt the money trail from some of those transactions was traceable to its ultimate beneficiary (or close enough).

Not long after Khoroshev was charged as the leader of LockBit, a number of open-source intelligence accounts on Telegram began extending the information released by the Treasury Department. Within hours, these sleuths had unearthed more than a dozen credit card accounts used by Khoroshev over the past decade, as well as his various bank account numbers in Russia.

The point is, this post is based on data that’s available to and verifiable by KrebsOnSecurity. Woodward & Bernstein’s source in the Watergate investigation — Deep Throat — famously told the two reporters to “follow the money.” This is always excellent advice. But these days, that can be a lot easier said than done — especially with people who a) do not wish to be found, and b) don’t exactly file annual reports.

Over the last few days, heightened solar activity (and those heady geomagnetic storms) led to outages in the GPS navigation systems that guide some modern tractors from John Deere and other brands. 404 Media reported farmers have been told to pause using high-tech tractors that use GPS systems to program and tightly farm their land. John Deere’s tractors’ Real-Time Kinematic (RTK) systems can apparently plant precisely, down to the centimeter. A bit of GPS noise could derail that.

REUTERS / Reuters

The weekend’s geomagnetic storm is the strongest in the last 20 years and reached G5 levels, considered “extreme,” on Friday and Saturday morning.

— Mat Smith

The biggest stories you might have missed

Doctor Who: The Devil’s Chord review: Is this madness?

What we’re listening to: Trail of Flowers, Hyperdrama, Science Fiction and more

Pre-orders for Ghost of Tsushima on PC are being canceled in countries without PSN access

​​You can get these reports delivered daily direct to your inbox. Subscribe right here!

Most Apple App Store developers aren’t trying outside payments Only 38 of a possible 65,000 have applied.

Apple’s recently added option for App Store developers to include links to external payment methods isn’t actually all that appealing. In a hearing on Friday, as part of the ongoing legal battle with Epic, Apple said only 38 developers have applied to add such links — out of roughly 65,000 that could. The changes were to satisfy an injunction ordered by US District Judge Yvonne Gonzalez Rogers in 2021. According to Bloomberg, Rogers said during the latest hearing: “It sounds to me as if the goal was to then maintain the business model and revenue you had in the past.”

Continue reading.

Alienware m16 R2 review When less power makes for a better laptop. Engadget

The Alienware m16 R2 is a rarity among modern laptops. Normally after a major revamp, gadget makers like to keep new models on the market for as long as possible to minimize manufacturing costs. However, after the freshly designed m16 launched last year, the company re-engineered it again. This time limiting the GPU. By doing that, Alienware could rework the m16 into a gaming laptop with a sleeker design, better battery life and a more approachable starting price — built for what customers were buying when the original launched. It’s a good approach. Check out our review.

Continue reading.

Waymo’s robotaxis are making 50,000 paid trips every week Across three cities.

The Alphabet-owned autonomous taxi company has announced it’s now serving more than 50,000 paid trips every week across Phoenix, San Francisco and Los Angeles. Waymo One operates 24/7 in parts of those cities, so if the company is getting 50,000 rides a week, that’s five bookings every minute.

Continue reading.

This article originally appeared on Engadget at https://www.engadget.com/the-morning-after-those-geomagnetic-storms-are-messing-with-farming-techs-gps-systems-111558939.html?src=rss

Apple's first unionized Store in Towson, Maryland has now authorized the first strike against the retail giant. That follows what the union called "over a year of negotiations with Apple management that yielded unsatisfactory outcomes," according to a press release from the International Association of Machinists and Aerospace Workers' retail coalition (IAM CORE). 

The Maryland store located in a Baltimore mall represents around 100 employees and unionized in 2022, becoming the first Apple Store to do so. The vote concluded last weekend and allows workers to walk out at any time, but no date has been set yet. 

While the sides have agreed on principle in 25 areas, other key matters remain unresolved. "The issues at the forefront of this action include concerns over work-life balance, unpredictable scheduling practices disrupting personal lives and wages failing to align with the area’s cost of living," the union wrote. 

"We deeply value our team members and we’re proud to provide them with industry leading compensation and exceptional benefits. As always, we will engage with the union representing our team in Towson respectfully and in good faith," Apple said in a statement.

The union previously accused Apple of illegally withholding new benefits including healthcare and other perks from workers at the Towson Store. Last year, the National Labor Relations Board (NLRB) said Apple violated federal law with anti-union meetings in Atlanta. A New York judge also issued a cease-and-desist order against Apple for abusing employee's rights. 

Apple and IAM CORE will return to the negotiating table on May 21, according to the union. "This vote today is the first step in demonstrating our solidarity and sends a clear message to Apple," the union said in a statement. "As discussions with Apple management continue, we remain committed to securing tangible improvements that benefit all employees." 

This article originally appeared on Engadget at https://www.engadget.com/apple-store-workers-in-maryland-have-voted-to-authorize-a-strike-091428890.html?src=rss

Nintendo turned things around with the Switch. Before its launch, the Wii U was languishing well in third place in the console wars and, after considerable pressure, the company was making its first tentative steps into mobile gaming with Miitomo and Super Mario Run. Fast-forward to today and Nintendo continues to sell millions of Switch units each year, even with the console being nearly eight years old. This is likely due in part to the Switch’s unique hybrid format and an ever-growing game library with uncharacteristically strong third-party support. Whether you’ve had your Nintendo Switch for many years or you just bought one, there are plenty of great titles to try for the first time. We’ve collected our favorite Nintendo Switch games here, in a list we’re constantly reevaluating, and don’t worry if you have a Switch Lite — every game on the list is fully supported by the portable-only console.

This article originally appeared on Engadget at https://www.engadget.com/the-21-best-nintendo-switch-games-in-2024-183005073.html?src=rss

Enlarge / First revealed in 2017, the current Aston Martin Vantage has just had a styling and engineering overhaul. (credit: Aston Martin)

Aston Martin provided flights from London to Seville and accommodation so Ars could drive the Vantage. Ars does not accept paid editorial content.

It's high time Aston Martin had a winner on its hands. Last year it updated the DB12 with smart new face, plenty of power, and the sort of infotainment you'd hope for from a luxury GT. The Vantage, the firm's 'entry-level' car, has been given similar treatment in the hopes that it can peel a few more people away from Porsche dealerships.

Aston's looking not only to make better cars, but to shift its image—it's aiming to be seen as more luxurious than before, as well as throwing as much power at the cars as possible. At first glance, it looks like Aston's cooked up something truly delightful.

The new car is more than 150 hp (112 kW) more powerful than the one it replaces, with 656 hp (490 kW) and 590 lb-ft (800 Nm) from a wonderfully appointed turbocharged 4.0 L V8. 0-60 mph is quoted at 3.4 seconds, and Aston reckons that if you have enough space (and no speed limits) you'll see the far side of 200 mph (321 km/h). It is not slow.

Read 12 remaining paragraphs | Comments

It seems Apple’s recently added option for App Store developers to include links to external payment methods isn’t actually all that appealing. In a hearing on Friday as part of the ongoing legal battle with Epic, Apple said only 38 developers have applied to add such links — out of roughly 65,000 that could, according to Bloomberg. The new guidelines, introduced in January, require developers get Apple’s approval before they can add alternative payment options and stipulate that they’ll still have to pay a commission fee of up to 27 percent.

The changes were intended to satisfy an injunction ordered by U.S. District Judge Yvonne Gonzalez Rogers in 2021, but, per Reuters, Epic in March called Apple’s attempt at compliance “a sham” and filed a complaint with the court. At this point, Rogers doesn’t really seem impressed either. “It sounds to me as if the goal was to then maintain the business model and revenue you had in the past,” Rogers said of Apple's solution during the latest hearing, according to Bloomberg.

On top of Apple’s commission, developers also need to consider payment processing fees, which altogether could lead to them paying even more than they did before. “You’re telling me a thousand people were involved [in approving the new fee] and not one of them said maybe we should consider the cost [to developers]?” the judge reportedly said.

This article originally appeared on Engadget at https://www.engadget.com/most-app-store-developers-arent-taking-apple-up-on-its-new-outside-payments-option-210802382.html?src=rss

Space weather has been known to cause disruptions to GPS and communications systems, and perhaps no one is feeling those headaches more than farmers this weekend. 404 Media reports that the heightened solar activity over the last few days has led to outages in the GPS navigation systems that guide some modern tractors from John Deere and other brands. The technology has allowed farmers to plant more efficiently in ultra-tight, straight lines, but they’ve been advised to temporarily stop using it due to the potential for inaccuracies that could cause havoc down the line come harvesting time.

John Deere’s tractors connect to what are known as Real-Time Kinematic (RTK) systems, 404 reports, which allow for precision planting down to the centimeter level. If farmers were to go ahead and plant without their usual accuracy, “we expect that the rows won't be where the AutoPath lines think they are” when it’s time to tend and harvest the crops, Landmark Implement, owner of some John Deere dealerships, told 404 Media.

The timing is terrible — it’s peak planting season for corn, and one Nebraska farmer, Kevin Kenney, told 404, “All the tractors are sitting at the ends of the field right now shut down because of the solar storm.” Many farms have had to pause planting, while others are carrying on and just hoping for the best.

The geomagnetic storm we’re currently experiencing is the strongest observed in the last 20 years, and reached G5 levels on Friday and Saturday morning, which is considered to be “extreme.” It later died down some to G4/G3, but is expected to surge again on Sunday evening when some intense but slower-moving coronal mass ejections (CMEs) from the sun reach Earth. That’s great if you want to see the northern lights, but not so much if your livelihood depends on the technology the storm is interfering with.

This article originally appeared on Engadget at https://www.engadget.com/the-geomagnetic-storm-is-a-nightmare-for-farmers-relying-on-precision-agriculture-tech-180252016.html?src=rss

People who pre-ordered the PC port of Ghost of Tsushima Director’s Cut in countries that don’t have access to PlayStation Network (PSN) were reportedly notified this weekend that their purchases have been canceled and auto-refunded. Steam, Green Man Gaming and the Epic Games Store have all been canceling these orders, Eurogamer reports. Developer Sucker Punch previously said that a PSN account would only be needed for the game’s multiplayer mode, and the single-player campaign would be playable without it. But, here we are — and just days after the Helldivers 2 mess that transpired last week.

According to Eurogamer, people in affected areas were sent an email letting them know their orders were being refunded, saying, “The publisher of this game is now requiring a secondary account to play portions of this game — and this account cannot be created from your country.” Prior to this, Ghost of Tsushima was delisted from Steam in the over 170 countries without PSN, PCGamer and other outlets have reported. Sony hasn’t said anything publicly about the whole debacle yet. Ghost of Tsushima Director’s Cut is slated to be released for PC on Thursday.

This article originally appeared on Engadget at https://www.engadget.com/pre-orders-for-ghost-of-tsushima-on-pc-are-being-canceled-in-countries-without-psn-access-155429366.html?src=rss

Secretary of State Antony Blinken joins Meet the Press to discuss his department’s report on Gaza — and whether Israel is violating international law. Sen. Bernie Sanders (I-Vt.) reacts to the White House’s pressure on Israel and talks about his re-election bid. Sen. Lindsey Graham talks to Kristen Welker about his “red lines” on Israel. NBC News White House Correspondent Monica Alba joins the roundtable to share her latest reporting on the Biden campaign.

Enlarge / An illustration depicts a NASA spacecraft approaching the metal-rich asteroid Psyche. Though there are no plans to mine Psyche, such asteroids are being eyed for their valuable resources (credit: NASA/JPL-Caltech/ASU)

In April 2023, a satellite the size of a microwave launched to space. Its goal: to get ready to mine asteroids. While the mission, courtesy of a company called AstroForge, ran into problems, it’s part of a new wave of would-be asteroid miners hoping to cash in on cosmic resources.

Potential applications of space-mined material abound: Asteroids contain metals like platinum and cobalt, which are used in electronics and electric vehicle batteries, respectively. Although there are plenty of these materials on Earth, they can be more concentrated on asteroids than mountainsides, making them easier to scrape out. And scraping in space, advocates say, could cut down on the damaging impacts that mining has on this planet. Space-resource advocates also want to explore the potential of other substances. What if space ice could be used for spacecraft and rocket propellant? Space dirt for housing structures for astronauts and radiation shielding?

Previous companies have rocketed toward similar goals before but went bust about a half-decade ago. In the years since that first cohort left the stage, though, “the field has exploded in interest,” said Angel Abbud-Madrid, director of the Center for Space Resources at the Colorado School of Mines.

Read 36 remaining paragraphs | Comments

Enlarge / The Velomobile Bülk, with its hood in place. Note the hood has an anti-fog covering on the visor (which is flipped up). The two bumps near the front of the hood are there to improve clearance for the cyclist's knees. (credit: JOHN TIMMER)

My brain registered that I was clearly cycling. My feet were clipped in to pedals, my legs were turning crank arms, and the arms were linked via a chain to one of the wheels. But pretty much everything else about the experience felt wrong on a fundamental, almost disturbing level.

I could produce a long list of everything my mind was struggling to deal with, but two things stand out as I think back on the experience. The first is that, with the exception of my face, I didn't feel the air flow over me as the machine surged forward down a slight slope. The second, related to the first, is that there was no indication that the surge would ever tail off if I didn't hit the brakes.

Living the dream

My visit with a velomobile was, in some ways, a chance to reconnect with a childhood dream. I've always had a fascination with vehicles that don't require fuel, like bicycles and sailboats. And during my childhood, the popular press was filled with stories about people setting human-powered speed records by putting aerodynamic fiberglass shells on recumbent bicycles. In the wake of the 1970s oil crises, I imagined a time when the roads might be filled with people cycling these pods for their commutes or covering long distances thanks to a cooler filled with drinks and snacks tucked in the back of the shell.

Read 23 remaining paragraphs | Comments