Skip to main content

Just reading about the China cybersecurity scare can get you hacked – here’s how

mandiant email attack
Image used with permission by copyright holder

China’s hacking the United States, according to an expose from Mandiant, which blew open the doors and tracked a network of hackers’ activities down to the very building. The report is an intriguing and straightforward read with few terms laymen would have to look up in a dictionary. If you’re trying to find the source of the report, here it is straight from Mandiant’s website. Otherwise do not, and we can’t stress this enough, do not open up suspicious emails.

Recommended Videos

There have been reports of phishing popping up in the news recently, what with Twitter, Pinterest, and Tumblr user’s email addresses . Phishing is an age old tactic since the dawn of email, but hackers have been getting increasingly clever with their tactics. Hackers don’t always need to be computer whizzes. Social engineers, who use social duping tactics, can use the right phrasing to sound like a legitimate entity, only to steal your information. Using both hacking skills and these social duping methods, someone is reportedly circulating a false Mandiant report that’s dropping Trojans onto victims’ computers.

Symantec says that the email sender claims to be from the press, who is recommending users to read the attached report. And by the looks of it, the report appears legitimate from a glance, thumbnail and all. The language of the email, based on the screen shot that Symantec displays, is in Japanese, and notes that the email may be sent in various languages. But here are a couple of pointers to ID the suspect email that Symantec points out: “Like in many targeted attacks, the email is sent from a free email account and the content of the email uses subpar language. It is obvious to a typical Japanese person reading the email that it was not written by a native speaker.”

Surprise, surprise, the delivery platform this hacker has decided to use is Adobe. When the victim opens up the attached PDF in the email, their computer is immediately infected. “The PDF file may drop Trojan.Swaylib and Trojan.Dropper, which drops Downloader,” Symantec researcher Joji Hamada writes. In some instances the Trojan masquerading as a PDF will drop malware.

Does this situation ring a bell? Just two weeks ago, Adobe had a zero-day exploit on their hands that would drop two DLLs (dynamic link library) onto the victim’s computer and would trick the computer into running malware. Well Adobe claimed to have patched that issue up, but with all of Adobe’s faults with Acrobat and Reader, it isn’t shocking that another vulnerability is being exploited. 

Francis Bea
Former Digital Trends Contributor
Francis got his first taste of the tech industry in a failed attempt at a startup during his time as a student at the…
Newegg wants your old GPU — here’s how much you could get
Three graphics cards on a gray background.

Upgrading to a new graphics card can be a hassle, and it has been even more difficult ever since the GPU shortage. Today, there are way too many models to choose from, and keeping track of prices is not easy. In an effort to make things a bit simpler, Newegg has announced a new trade-in program. The online retailer is offering customers a deal in which they send in their existing eligible GPU and receive a trade-in credit amount toward the purchase of a new qualifying graphics card.

According to Amir Asadibagheri, product manager of customer experience for Newegg, “the benefit of our trade-in program is the ease to send a used graphics card and buy a new one all within the same platform and avoiding the hassle of selling through a secondary market.” Newegg has given a list of all Nvidia and AMD graphics cards that are eligible, along with an estimated trade-in value. Notably, the trade-in is limited to Nvidia’s RTX series and AMD’s Radeon 5000 series and beyond.

Read more
Here’s how you can win this insane, custom Starfield PC
custom starfield pc giveaway

Gaming PC Modeled After Starfield Control Panel?! [Giveaway]

Modders always come out with some wild PC designs for new game releases, but this custom Starfield PC from Skytech Gaming might be one of the coolest I've ever seen. It's a machine that comes from a collaboration between Skytech Gaming, Intel, and SignalRGB, and you can enter for a chance to win it.

Read more
This GPT-powered Discord bot can teach you a new language — here’s how to use it
Memrise bot in the Discord app directory.

In some cases, the main hurdle to learning a new language is simply convenience. That's the issue Memrise is trying to tackle with its new Discord bot. If you're unfamiliar, Memrise is a language-learning app similar to Duolingo, but it uses GPT (the AI model behind ChatGPT) to engage the language-learning process.

The Discord bot allows you to have a natural conversation on your own Discord server in any of the 19 available languages. It's powered by the GPT-3 model, and Memrise includes a variety of conversation starters to get you practicing in your chosen language. Here's how to set up the app and use it.
How to use Memrise Discord bot

Read more