Online stored based on Magento hacked to steal card data, run cryptojacking scripts

Security researchers have identified 1000+ magento sites that have been hacked by hackers and infected them with malicious scripts which can be used to steal credit card data, deliver malware or run crypto mining scripts.

"The Magento sites are being compromised through brute-force attacks using common and known default Magento credentials," Flashpoint researchers say.

How the hacking took place ?

When users install magento they get a default credentials and in most of the cases brute force attack was sued to compromise the sites. Once attackers gain access to these sites, researchers say they've observed three main patterns of malicious activities.

The most common practice is to insert malicious code in Magento core files, code that logs payment card information entered inside the checkout process. Such malware is named a card scraper, and users should expect to find one on any e-commerce store that looks to have missed a few updates.

Second, attackers also deploy cryptojacking scripts that mine Monero on the computers of store visitors, a practice that has become quite common these days, across all sites, not just Magento stores.

Last but not least, hackers also use these compromised Magento stores to redirect some of the infected sites' visitors to malicious sites that attempt to trick users into downloading and installing malware on their computers. According to cases investigated by Flashpoint researchers, the most prevalent tactic was to redirect users to sites offering phony Adobe Flash Player update packages, which would infect users with the AZORult infostealers.

Everything we know about Samsung Galaxy S9

Samsung galaxy S series is one of the most awaited smartphone series every year. Samsung Galaxy S8 was a huge success for samsung and even after a year it stands strong. So the most exciting event of 2018 for samsung is happening on 25th February as they are going to launch Samsung Galaxy S9 and Galaxy S9+. Samsung Galaxy S9 and Galaxy S9+ will officially be unveiled on February 25 in Barcelona ahead of the Mobile World Congress (MWC) 2018. According to some reports, Samsung’s new Galaxy S9 and Galaxy S9+ are also expected to be priced higher than the previous year’s Galaxy S8 series.

The biggest change with the Samsung Galaxy S9 series is expected on the camera front and the company’s teasers have indicated this as well. The design will continue to remain the metal and glass one that we’ve seen on Samsung Galaxy S7, S8, Note8, etc. Samsung will also introduce a new version of the DeX Pad for the Galaxy S9 series, where a user can plug in the device and enjoy a desktop-like experience on the mobile itself. The DeX Pad was introduced last year with the Galaxy S8 series.

Just like any other phone, before the launch the internet is filled up with lots of leaks. Here are all the leaks of the Galaxy S9 as they happened

Specs: The US looks set to get a phone powered by the Qualcomm Snapdragon 845, and the rest of the world Samsung's own Exynos 9810 chipset. This means 30% improved power, albeit still with 4GB of RAM inside. This will be more than enough grunt, but those that lust after specs for the sake of them will be disappointed not to see 6GB,

Battery: While it looks like we're going to get a 3,000mAh power pack - the same as on the Galaxy S8 - the improved CPU inside will likely lead to a real boost in battery life. This means the Galaxy S9 should last easily over a day for more users than ever before.

Other key features: A recent promo conformed animated emoji, where faces are turned into cartoons, will be present on the Galaxy S9 as a response to Apple's Animoji.

Stereo speakers will also be a welcome addition for anyone tired of the mono-firing single outlet on previous phones - we don't expect this to be industry-leading in the same way as Sony and Apple, but at least using your phone to play music or movies will be more pleasant.

An improved iris scanner is rumored to be Samsung's play against Apple's Face ID too, but given the poor performance of the sensor last year we don't expect this to be a big feature.

5 Best External Hard Drives to Buy In 2018

Information is power and today everyone has increasingly important data that needs to be stored using safe and reliant devices. As the demands for the technology rises, new innovations that cater to every whim and fancy of the population are being created. The quest for the perfect hard disk ends only when you find one which is compatible with your device, fits your needs and falls within your estimates price range. Let’s take a look at top five must buy external hard drives that 2018 has given us till date.

1. Western Digital My Passport Wireless Pro:

The latest version of the Western Digital My Passport Pro does not compromise on quality, specifications or technology, even if it is a bit steeply priced at 25,490 INR. With a whopping 6400 mAh battery, the disk can be used completely free of wire, to do transfers. It has an on-board SD card slot, 2 TB capacities and a USB 3.0 support. However, the connections available for wired connectivity are type-A and B, the type-C port being very visibly absent.

Must Read: 2TB Hard Disks

2. OWC Thunder Bay 4 Mini

Priced close to 50,000 INR, this hard drive offers a huge range of space options as well as lightning speed transfers. However, the drawback comes in the form that it can be used only for Apple systems. The drive comes with options of 1TB, 2TB, 4TB and 8 TB. Two Thunderbolt-2 ports ensure that the extremely “high read and write speed” is well maintained. However, this also means the disk cannot be used with non-thunderbolt devices.

3. Buffalo MiniStation Extreme NFC

At just 8663 INR, the Ministation Extreme is a very enticing product. A very appealing design compounded with NFC security is what makes it so much more desirable than its predecessors. Compatible with both MAC and Windows systems, the drive has USB 3.0 interface and offers a storage space of 2TB. Even though the drive may not be the fastest one available, it makes up for the pitfalls in speed by being extremely user-friendly. On the plus side, the case it comes with is dust and waterproof as well.

4. Western Digital My Passport

The 4TB MyPassport offered by Amazon at 9,390 INR has great data transfer speeds and storage space for that price. Added features enabling cloud storage are available with this model. The storage size options start from 1TB – 4TB. Based on HDD’s you will get a high level of performance from the drive.

5.  Adata SD700 External SSD

The Adata SD700 boasts IP68 Rating and very high transfer speed. The disk in and of itself is very sturdy and comes to a maximum capacity of 1TB, which is all you need from a drive using SSD. All your needs will be taken care of by this drive at a very much affordable price beginning from 11,258 INR on Amazon.

It is important to find the right hard disk. However, it becomes increasingly difficult for us to figure out one that hits all the right notes. Not only regarding the features, but also the price and durability.

Experty ICO hacked ! Hacker tricked participants and received $120k+ in less than 15 hours

I have been investing ( wasting ) a lot of time in understanding crypto currency and everything involved with it. Yes by now i know the meaning of HODL, FUD, FOMO etc. Also I ended up creating a facebook group called : TheCoinMill where we help people get started with crypto currency.

After getting involved in it for few months call i can say is that in 2018 ICOs ( Initial Coin Offerings )  will become the next big thing and why not ? its beneficial for companies to get started by getting crowd fund and also it is beneficial for investors too. Here in ICOs anyone can invest from as little as $10 to and amount that you can afford.

Here are the details of few ICOs which gave excellent Returns in 2017 :

1. WABI - almost 21 times reutns in about 1 month. Means if you would have invested Rs 10,000 you would have got Rs 2.1 lacs in 1 month

2. ICON - 100 times  returns in 3 months. Do the calculation yourself.

Now because of all these reasons a lot of people are getting into ICOs as it is quick money ( most of the time ). I agree there are lot of scams going on in the name of ICO but these days we have experts who help people choose the genuine one.

One such ICO was Experty ICO. Here is a video which explains what they are trying to do

Now this ICO is a genuine one with an excellent team and roadmap. They have their sale on 31st January and they have a goal to rise $10,000,000. They earned a good reputation in the market and got around 20,000 members in their official telegram group.

But something terrible happened last night. Hackers hacked their server and they got access to details of all the participants who whitelisted to their ICO. 

The Impact

Generally when we take part in ICOs we need to first whitelist our-self where we need to give our name, email ID, password, ETH address where we will receive the tokens, Passport copy etc

When experty's website got hacked hackers got all the above mentioned details of all participants. Today they started sending mails to all the registered participants where they asked them to send their ETH to a specific address in order to take part in ICO. This address belonged to the Hacker and not Experty. Most of the participants believed it as it looked genuine and everyone started sending ETH to this address.

email with ETH address sent by the hacker to participants

In the last 12 hours the address ( hacker's address ) received almost 108 ETH which is almost $120,000

Hacker's ETH address :

This is something we really need to worry about. As ICOs are getting popular, a lot of scammers and hackers are getting into it as it is easy to scam people here. The biggest problem is that all these transactions happens in cryptocurrencies so it is almost impossible to catch the hacker and this is the reason why many scams takes place.

Also Companies doing ICOs should take these things seriously because it is seen that most of the time their sites are not that secure . They aim to get million dollars from ICOs but don't spend money in security and other stuffs. We have seen during TheKey ICO how they fail to handle traffic during the sale and their website was down for more than 10 hours during the sale. People give away their personal details like copy of passport, phone number etc so if these information are compromised then people might face a lot of trouble in future.

Redmi 5A, the best budget phone ?

MI is the most popular smartphone brand in India. Redmi 4 became the highest selling phone in India and why not ? it provides the best specifications in the cheapest price and have a really good after market service.

Today they launched their much awaited phone Redmi 5A, once again a pocket friendly smartphone. The successor to Redmi 4A, 5A comes with a starting price tag of Rs 5,999. Xiaomi Redmi 5A comes in two variants, 16GB storage and 2GB of RAM, for Rs 5,999 and the 32GB storage with 3GB of RAM for Rs 6,999.

As for its specifications, Redmi 5A sports a 5-inch HD display and is powered by the Qualcomm Snapdragon 425 quad-core processor. The phone comes with a 2+1 card slot that supports simultaneous use of two 4G nano-SIM cards and a microSD card up to 128GB. Redmi 5A houses a 3000mAh long-lasting battery and comes equipped with a 13-megapixel rear camera with Phase Detection Autofocus (PDAF) and a f/2.2 aperture. At the front, there is a 5-megapixel selfie shooter.

Key features of Redmi 5A:

- 5 inch HD display
- 5MP front camera
- f/2.0 aperture
- Smart and pro beautify
- 13MP rear camera
- f/2.2 aperture
- 5-element lens
- Qualcomm Snapdragon 425 (Quad-core, max 1.4GHz)
- 2GB RAM + 16GB internal storage and 3GB + 32GB internal storage variants
- Dual SIM + dedicated microSD card slot (expandable upto 128GB)
- 3000mAh high-capacity battery
- Dimensions: 140 × 70.1 × 8.35mm

The phone is durable and is great in terms of designs and battery backup but the camera performance is not so good. You can buy this phone in Offline, MI preferred stores as well.

3 Interesting Ways Screen Recording Can Be Used

Simply put screen recording will allow you to record videos that consist of whatever may be on your screen. More often than not they are associated with video guides, tutorials, or demonstrations involving digital products – but there are a lot of other interesting ways in which they can be used as well.

If you want to explore the potential of screen recording, here are a few things that you should start with:

  • ‘Download’ online streaming videos
Nowadays online streaming videos are practically everywhere from social media to websites, video sharing platform, and even video-on-demand services. Very few platforms provide a way for their videos to be ‘downloaded’ however, which means that you need to be online to watch them and can’t transfer the videos to other devices. By using screen recording, you can record any online streaming videos from your screen – then save it and do with it as you please.

  • Save video calls
Between Skype, Facebook Messenger, Google Hangouts and other platforms, video calling has grown in popularity. Unfortunately most platforms don’t let you ‘save’ your calls – so you can’t refer to them or use their content once the call is done. If you record the call while it is on your screen however, you can save it – which can be extremely useful particularly if you conduct business meetings over video calls.

  • Record live or temporary content
Two of the most popular new types of content to appear online are ‘live’ video streams as well as temporary content that vanishes after a fixed duration (normally 24 hours or less). Being able to record your screen will give you the means to record that content, so you don’t miss out and can save it to watch at any point.

If you would like to use screen recording in any of the ways listed above, you should try using Movavi Screen Recorder. Because it will let you record any videos that you want from your screen, allowing you to effectively ‘download’ online streaming videos, save video calls or record live or temporary content.

Although at first you might feel that learning how to download movies from Netflix or using Movavi Screen Recorder to perform any of the other tasks listed above is complicated, nothing could be further from the truth. Even if you’ve never used it or any other screen recorder in the past, you should be able to set up and start recording your movie in just a couple of minutes.

Not only should you be able to set it up Movavi Screen Recorder easily, but the fact of the matter is you can use its features to fully adjust the recording parameters – which will open up even more possibilities. In short you should definitely try it out and see for yourself how it can be used.