A typical person spends more than six hours each day online. The more time we spend online, however, the more our lives become exposed to the potential threats associated with the Web. With Opera 60 (codenamed Reborn 3), Opera seeks to improve the quality of people’s digital lives through increased privacy and security features, as well as a new design of the browser’s interface.
Opera becomes the first major computer browser to include a native Crypto Wallet and Web 3 explorer. The new feature lets people make transactions and interact with the blockchain-based Internet of the future, also known as Web 3. By also providing a free browser VPN, Opera wants to make sure users stay safe and in control of their browsing.
“The Web has transformed our lives. We are now continuously online. But the more time we spend online, the more we need tools that help us control the security and privacy of our digital lives,” said Krystian Kolondra, EVP at Opera, Head of Browsers. “With this major upgrade, we are taking the first step into Web 3, the new Web, where users are in control. We believe every browser in 2019 should be Web 3-ready.”
Web 3 is the blockchain-based Internet of the future. Starting today, users can type in the address of a Web 3 application into the address bar of the Opera computer browser and they will be able to explore Web 3. “Blockchain technologies bring the power and control back to the people,” said Krystian Kolondra. “They can securely sign transactions and identify themselves to websites, without unnecessarily oversharing their data.”
The Crypto Wallet in the Opera computer browser syncs with the Crypto Wallet in the Opera browser for Android. This means wallet keys never leave the users’ smartphones. In practice, whenever they need to identify themselves to a Web 3 website or sign a transaction on the blockchain, users get a notification on their smartphone. They can confirm it in the same way they unlock their system, using, for example, facial recognition or their fingerprint.
Krystian Kolondra says: “Blockchain technology has evolved from just storing funds or speculation into a technology which will shape the Internet of tomorrow. We decided to speed up the development of Web 3 by opening all our browsers across all operating systems to it. This makes Opera the first major browser developer to do so.”
The Crypto Wallet feature is planned to also be added to Opera’s iOS browser, Opera Touch, soon. The demand for VPN services keeps growing. Currently, one-third of VPN users around the globe use this solution with the intent to stay anonymous on the Web. Opera is the only browser maker to provide a fast and free browser VPN.
The unlimited browser VPN enhances users’ online privacy and improves their security when using public networks they don’t trust. The browser VPN establishes a secure, encrypted tunnel which protects users’ data from third parties and hides their geographical location from websites. The browser VPN service is also a no-log service, which means that the VPN servers do not log and retain any activity data, all to protect users privacy.
“With a quarter of our lives spent online, the quality of the applications we use plays a central role. People spend hours every day interacting with the Web through their browsers. Opera believes a browser should provide a perfect frame for the Web, the same way a picture frame enhances a viewer’s experience of a painting,” said the company in a statement.
In the new version of the Opera browser, the new borderless design without dividing lines between sections lets people browse calmly and unhindered by unnecessary distractions. The browser has also received two distinct themes, light and dark, which are inspired by high-key and low-key lighting photography, where the goals are to maximize or minimize the amount of light in a photo while still retaining contrast.
Depending on the mood, setting or the content they are viewing, people are in control of how they frame Web content. “By giving users a beautiful, distraction-free setting to experience the Web, an increased level of privacy, as well as access to the Internet of the future, Opera believes it is giving users the perfect tool to control and enjoy the digital aspect of their lives,” said the company.
Nvidia May Restart Cryptomining GPU Production
Nvidia is thinking about beginning production of crypto-mining specific Ampere graphics cards that come without display outputs, but first, it needs to find out whether there’s enough mining demand for the latest graphics processors.
“If crypto demand begins or if we see a meaningful amount, we can also use that opportunity to restart the CMP [mining-specific GPUs] product line to address ongoing mining demand,” said Colette Kress, chief financial officer at Nvidia, at the 19th Annual J.P. Morgan Tech/Auto Forum Conference.
Demand for gaming graphics cards, high-performance processors, and game consoles has exceeded supply for months as people spend more time at home and entertain themselves playing the latest game titles. Cryptocurrency valuations have skyrocketed recently, reactivating miners who rushed to get graphics cards, further increasing demand for GPUs. Nvidia has had a hard time understanding how demand from cryptominers affects its current sales, but it is mulling restarting the production of mining-specific graphics cards.
“We don’t have visibility on how much of the GeForce RTX 30-series end demand comes from mining,” said Kress. “So, we don’t believe it’s a big part of our business today. Gaming demand is very strong, and we think that’s larger than our current supply.”
It doesn’t always make a lot of sense to mine Bitcoins using Nvidia’s latest GPUs, which tend to be pretty expensive. There are special accelerators designed for Bitcoin mining, and those ASICs tend to be considerably more efficient than graphics processors. In contrast, GPUs are used to mine Ethereum, which has been gaining price in recent weeks, just like Bitcoin.
Since demand for Nvidia’s products has generally been high in recent months, it isn’t easy for Nvidia to understand how significantly cryptominers affect this demand, especially keeping in mind the fact that select makers of graphics boards have mined cryptocurrency at their own facilities before releasing these cards to the market.
It is beneficial for Nvidia to clearly understand how many of its GPUs are needed by cryptominers. Since miners only need compute capabilities of a GPU, they do not need display outputs, and they do not care if the GPU they use comes with disabled texture mapping units or lacks video processing capabilities. As a result, Nvidia can sell them graphics processors that would otherwise go to waste. Those come in the form of the aforementioned CMP GPUs.
But before making such chips available to add-in-board (AIB) manufacturers, GPU designers need to figure out the total available market that they are trying to address so they don’t bin chips that aren’t needed. Before that happens, GPU developers may just enjoy additional demand for their products.
Twitter Hack Targets High-Profile Accounts
Joe Biden, Elon Musk, Jeff Bezos and other high-profile Twitter account holders were the targets of a widespread hack to offer fake bitcoin deals on Wednesday in one of the most pronounced security breaches on a social media site. Accounts for former US president Barack Obama, Microsoft co-founder Bill Gates, musician Kanye West and both Uber and Apple also posted similar tweets, all instructing people to send cryptocurrency to the same bitcoin address. The tweets were removed throughout the afternoon, shortly after being posted.
“The hackers ask users to send anywhere between 0.1 BTC to 20 BTC to a designated Bitcoin address and that they’ll double victims’ money,” explained Satnam Narang, Staff Research Engineer, Tenable. “This is a common scam that has persisted for a few years now, where scammers will impersonate notable cryptocurrency figures or individuals. What makes this incident most notable, however, is that the scammers have managed to compromise the legitimate, notable Twitter accounts to launch their scams. Because the tweets originated from these verified accounts, the chances of users placing their trust in the CryptoForHealth website or the purported Bitcoin address is even greater.”
Narang further added that this is a fast moving target and so far over $50,000 has been received by the Bitcoin address featured on the CryptoForHealth website and in Elon and Bill Gates’ tweets. “We strongly advise users never to participate in so-called giveaways or opportunities that claim to double your cryptocurrency because they’re almost always guaranteed to be a scam,” Narang said.
There have been hacks of high-profile individual accounts on Twitter before, including Twitter chief executive Jack Dorsey last year. But the widespread nature of this attack suggested an unusually broad access to internal controls. While it was unclear how the attacks originated or why they went on for hours, some cybersecurity experts speculated that someone may have gained access to internal Twitter controls that allowed them to take over and post on the accounts.
“While the origins and scope of this pervasive attack are under investigation, the coordinated Bitcoin giveaway scam itself was designed to convince millions of Twitter followers to believe the fraudulent tweets, click the link, and pay Bitcoin,” said Loïc Guézo, Senior Director of Cybersecurity Strategy, EMEA at Proofpoint. “People are still a main focus for threat actors, even in scenarios where a system is possibly compromised. The social engineering featured in this scam demonstrates that the attackers targeted Twitter employees with access to internal tools and preyed on the trust associated with verified accounts and the attraction of doubling your money. To make the scam seem more authentic, they even set a time limit and an easy payment option to drive a swift response. Threat actors understand human nature and are unrelentingly focused on taking advantage of our society’s trust in digital channels.”
The attack also partially shut down the network. Twitter said in a tweet that some users weren’t able to tweet while it was addressing the incident. Users with the check mark indicating that their accounts were verified by Twitter reported that they weren’t able to tweet. Twitter started letting verified accounts tweet again yesterday night but warned the “functionality may come and go” as it worked on a fix to the breach. Later the same night, Dorsey tweeted that the company was “diagnosing and will share everything we can when we have a more complete understanding of exactly what happened.” He called it a “tough day” at Twitter.
“Until we know exactly how these scam tweets were sent, it’s difficult to suggest what actions you might take, particularly given that access to services such as password changes (and presumably also changing details such as two-factor authnetication numbers) is being restricted,” explained Paul Ducklin, principal research scientist, Sophos. “However, these scammers will only succeed if people fall for their unlikely messages – which rely on people suspending their disbelief simply because the tweet comes from a celebrity or someone they are inclined to trust.”
Twitter said in a later tweet that it “detected a coordinated attack by people who successfully targeted some of our employees with access to internal systems and tools.” The hackers used that access to take over the accounts. The breach will create major optics challenges for Twitter, and it will make it more challenging moving forward to verify the authenticity of messages on the service, cybersecurity experts warned. That could have wide-reaching implications for politicians, celebrities and brands that use Twitter as an essential channel for communication.
Some of the people who were hacked indicated that they had turned on two-factor authentication and were using strong passwords, which typically makes unauthorized account access much more difficult. Meanwhile, Uber’s corporate account posted a tweet that read, “Due to Covid-19, we are giving back over $10,000,000 in Bitcoin! All payments sent to our address below will be sent back doubled.”
Uber confirmed in a tweet that its account had been hacked. “Like many others, our @Uber account was hit by a scammer today. The tweet has been deleted and we’re working directly with @Twitter to figure out what happened,” the company’s communication team tweeted. Then came a tweet from Amazon CEO and Washington Post owner Bezos’s account. “I have decided to give back to my community.” The tweet said it would be limited to $50 million.
Twitter said in tweets Wednesday night that it had “locked accounts that were compromised and will restore access to the original account owner only when we are certain we can do so securely.” Meanwhile, the company is internally limiting access to tools while it investigates what happened.
ESET Researchers Disrupt Cryptomining Botnet VictoryGate
ESET researchers have recently discovered a previously undocumented botnet named VictoryGate. It has been active since at least May 2019, and is composed mainly of devices in Peru, where over 90% of the infected devices are located. The main activity of the botnet is mining Monero cryptocurrency. The victims include organizations in both public and private sectors, including financial institutions. Thanks to data obtained during this research and shared with the nonprofit Shadowserver Foundation, at least a portion of the botnet operation has been disrupted.
ESET researchers have been “sinkholing” several domain names that control the botnet’s actions, replacing them with machines that do not send the botnet’s slave computers the commands they expect, but simply monitor botnet activity. Based on this data and ESET telemetry, ESET estimates that at least 35,000 devices became infected with VictoryGate at one point or another during this campaign.
The only infection vector used for spreading VictoryGate is via removable devices. “The victim receives a USB drive that at some point was connected to an infected machine. It seemingly has all the files with the same names and icons that it contained before being infected. Because of this, the content will look almost identical at first glance. However, all the original files were replaced by a copy of the malware,” says ESET researcher Alan Warburton, who investigated the botnet. “When an unsuspecting user attempts to open one of these files, the script will open both the file that was intended and the malicious payload.”
Warburton also warns about the impact on victims’ machines: “There is very high resource usage by the botnet, resulting in a constant 90% to 99% CPU load. This slows down the device and can cause overheating and possible damage.”
According to ESET research, VictoryGate has made a much greater effort to avoid detection than in previous, similar campaigns observed in the Latam region. And, given the fact that the botmaster can update functionality of the payloads that are downloaded and executed on the infected devices from cryptomining to any other malicious activities at any given time, this poses a considerable risk. This is particularly true since many of the victims identified were in either the public sector or in financial institutions.
Review: Corsair Sabre RGB Pro Wireless Mouse
As part of its Champion Series, Corsair announced its latest Sabre RGB Pro Wireless Mouse on the market today. The...
Review: EZVIZ C8C Outdoor Smart IP Security Camera
Ever since people started working from home, there has been an increased demand for home security solutions such as security...
Review: ASUS ROG Zephyrus G14 Alan Walker Edition
We reviewed the new ASUS ROG Zephyrus G14 (GA401Q) way back in June 2021. This is a 14-inch laptop that...
Review: Viewsonic ID1330 ViewBoard Pen Display
Over the past couple of years, a lot has changed about how we work and learn. With educational institutes being...
Review: ASUS Mini PC PB62
The new ASUS Mini PC PB62 is a powerful mini PC aimed at a wide range of business applications such...