ESET researchers have recently discovered a previously undocumented botnet named VictoryGate. It has been active since at least May 2019, and is composed mainly of devices in Peru, where over 90% of the infected devices are located. The main activity of the botnet is mining Monero cryptocurrency. The victims include organizations in both public and private sectors, including financial institutions. Thanks to data obtained during this research and shared with the nonprofit Shadowserver Foundation, at least a portion of the botnet operation has been disrupted.
ESET researchers have been “sinkholing” several domain names that control the botnet’s actions, replacing them with machines that do not send the botnet’s slave computers the commands they expect, but simply monitor botnet activity. Based on this data and ESET telemetry, ESET estimates that at least 35,000 devices became infected with VictoryGate at one point or another during this campaign.
The only infection vector used for spreading VictoryGate is via removable devices. “The victim receives a USB drive that at some point was connected to an infected machine. It seemingly has all the files with the same names and icons that it contained before being infected. Because of this, the content will look almost identical at first glance. However, all the original files were replaced by a copy of the malware,” says ESET researcher Alan Warburton, who investigated the botnet. “When an unsuspecting user attempts to open one of these files, the script will open both the file that was intended and the malicious payload.”
Warburton also warns about the impact on victims’ machines: “There is very high resource usage by the botnet, resulting in a constant 90% to 99% CPU load. This slows down the device and can cause overheating and possible damage.”
According to ESET research, VictoryGate has made a much greater effort to avoid detection than in previous, similar campaigns observed in the Latam region. And, given the fact that the botmaster can update functionality of the payloads that are downloaded and executed on the infected devices from cryptomining to any other malicious activities at any given time, this poses a considerable risk. This is particularly true since many of the victims identified were in either the public sector or in financial institutions.
Donald Trump Launches $99 Digital Trading Card NFTs
Former US President Donald Trump announced on Thursday that he has released a collection of 45,000 non-fungible tokens (NFTs), called the Trump Digital Trading Cards, on Truth Social, the social media site he founded last year. The tokens, which are similar to collectible baseball cards and are minted on Polygon, cost $99 each and can be purchased with ether (ETH) or in fiat currency. At the end of the checkout process, customers are given the option to purchase multiple trading cards.
There is also a promotion offering a guaranteed ticket to a gala dinner with Trump for purchasing 45 NFTs at once, which would cost $4455. Collectors who purchase a Trump Digital Trading Card will be entered into a “sweepstakes” to win experiences with the former president, including a zoom call, a dinner in Miami, or a cocktail hour at Mar-a-Lago. The trading cards have rarity traits ranging from one-of-a-kind to a maximum of 20 copies, according to the collection’s website. Despite previously stating that he was “not a fan” of cryptocurrency in July 2019, Trump appears to be enthusiastic about promoting his new NFT collection.
“GET YOUR CARDS NOW! Only $99 each! Would make a great Christmas gift. Don’t Wait. They will be gone, I believe, very quickly!” he wrote in a post on his platform. The collection’s website also features a promotional video from Trump, in which he says, “Each card comes with an automatic chance to win amazing prizes like dinner with me. I don’t know if it’s an amazing prize but it’s what we have.”
The project initially received criticism on Twitter, with some labeling the collection a “scam.” Others noted previous reports of his questionable 2020 campaign fundraising efforts and allegations of murky spending. Shares of Digital World Acquisition Corp (DWAC), a special purpose acquisition company (SPAC) that entered into a proposed merger deal with Trump’s social media company, dropped by about 7% after the announcement of his NFT collection. This is President Trump’s first official NFT project, but his wife, Melania Trump, launched her own NFT collection called “Cobalt Blue Eyes” almost exactly a year ago.
Ledger Launches the Ledger Stax
Ledger has teamed up with Tony Fadell, builder of the iPod1, to bring clarity and confidence to owning digital value. Ledger StaxTM is a usable way for you to take control of cryptocurrency and digital collectibles. It’s built on uncompromisingly secure architecture and introduces a unique form designed for unprecedented accessibility and interactivity.
Ledger Stax has a new E-Ink display, which covers the front and curves around the spine—you can view complete transaction details at a glance. E Ink is always viewable: your favorite art appears on the Ledger Stax screen, even when it is off. It also provides unmatched energy efficiency, so the battery can last for weeks or even months on one battery charge.
“With the Ledger NanoTM series, we created the most successful digital asset security hardware of all time—with more than 5 million sold and none ever hacked,” says Pascal Gauthier, CEO, and Chairman of Ledger. “Digital assets are increasingly about identity and digital ownership, not just crypto like Bitcoin. The time is now for a device for more mainstream users. At the same time, we must not compromise on security. This is Ledger Stax—secure and accessible.”
Tony Fadell designed Ledger Stax, in collaboration with Layer, as a credit card-sized device with integrated magnets, making them easily stackable, particularly for those who own multiple devices. The curved E Ink spine shows what’s inside, like a book on a shelf. Ledger Stax uses secure USB-C to connect to the comprehensive Ledger Live app on your laptop, and Bluetooth to connect to the Ledger Live Mobile app on your smartphone. It will utilize Ledger Connect, our upcoming crypto wallet extension, to connect to Web3 apps from anywhere. Ledger Stax also supports wireless Qi charging.
“Digging into Ledger’s proven security technology and trying all the ‘best’ hardware wallets out there convinced me to build a next-gen device with Pascal, Ian, and the amazing Ledger team,” says Tony Fadell, designer of Ledger Stax and Principal at Build Collective. “We need a user-friendly…no! A ‘user-delightful’ tool, to bring digital asset security to the rest of us, not just the geeks.”
The new user interface enables clear, intuitive interaction. Out of the box, Ledger Stax lets you manage your NFT collection and over 500 coins and assets. The touch interface empowers Ledger’s exceptional developer community to build innovative Web3 applications that are more accessible, with uncompromising security. Ledger Stax will be available in Q1 2023. You can pre-order today on Ledger.com. In the future, it will also be available from select retailers such as BestBuy in the United States.
Every Ledger Stax includes an Infinity Pass, providing a free NFT and future benefits. Furthermore, a Ledger Stax NFT is available to mint on Ledger Market to unlock access to an exclusive piece of NFT artwork from Ledger’s network of hand-picked artists, and also redeem a Ledger Stax device. Ledger Market Genesis Pass holders have special mint priority for this mint.
“Tony Fadell has both the circuit board and the billboard in mind when he builds a product,” says Ian Rogers, Chief Experience Officer at Ledger. “With Ledger Stax, we have made a device that is cool, beautiful, and fun. Together we have fused the uncompromising security and self-custody culture of Ledger, with the equally uncompromising user-experience-focused culture of Tony and his team. The result is the first true secure consumer hardware device for the revolution of value brought by blockchain technology.”
Dimensions: 85mm × 54mm × 6mm (credit card length and width)
Security: Ledger EAL 5+ certified secure element
Screen type: E Ink (up to 16 grays), customizable always-on lock screen, capacitive touch Screen resolution: 672 × 400 pixels
Connectivity: USB C, Bluetooth 5.2
Unique magnet array for easy stacking
Qi wireless charging
Cryptoland Just Lost its $12 Million Bid to Buy Fiji Island for Resort
Widely mocked plans to establish a tropical haven for cryptocurrency enthusiasts have run into trouble after a contract to buy an island in Fiji for US$12m fell through:
A group of crypto-evangelists, led by Max Olivier and Helena Lopez, outlined plans for the island, Nananu-i-cake, in a lavishly animated YouTube video, featuring a wide-eyed crypto bro named Christopher landing by helicopter and being given a guided tour by a talking coin called Connie.
The full YouTube clip has been taken down, but cached copies show it touted the island as “an international hub for the community to come live, work and have fun and enjoy a first-class crypto lifestyle”, boasting “a complete ecosystem that represents the blooming crypto space” that was “a paradise made by crypto enthusiasts for crypto enthusiasts”.
Areas planned included Cryptoland Bay, Crypto Beach, House of Dao – a reference to decentralised autonomous organisations, a form of non-corporate structure promoted by crypto enthusiasts as an alternative to companies – and the members-only Vladimir Club, another crypto in-joke that refers to people who hold 0.01% of a given cryptocurrency.
Also on offer were 60 plots of land on what the video describes as “the Blockchain Hills” (Nananu-i-cake has only one hill). These were to be sold to “Cryptolander Kings” via non-fungible tokens – unique tokens that use the same blockchain technology underpinning cryptocurrencies like bitcoin.
The project has been compared to the collapsed Fyre festival and the video was greeted with scoffing on social media.
Review: GameSir T4 Cyclone Pro Midnight Wireless Controller
The gaming peripherals market is inundated with a plethora of controllers, each vying for attention with unique features and design...
Review: Huawei MatePad 11-inch PaperMatte Edition
Huawei has long been a prominent player in the tech industry, consistently pushing the boundaries of innovation. The Huawei MatePad...
Review: Lexar Jumpdrive Fingerprint F35
In the fast-paced world of data storage, security is paramount. Lexar, a well-known player in the storage solutions market, has...
Review: Corsair MP700 Pro PCIe Gen5 X4 NVMe M.2 SSD with Cooler
Corsair has launched the new MP700 Pro PCIe Gen5 X4 NVMe M.2 SSD with a Cooler that stands out as...
Review: Razer Kishi V2 Pro
Many companies make mobile game controllers designed for both Android phones and iPhones, with Razer being one of the top...