FitGirl Pirate Repacker Warns Domain Name Could Be Lost, Perhaps Forever

FitGirl Repacks is currently one of the most popular torrent sites on the Internet but its operator is warning of turbulent times ahead. Site operator FitGirl says that due to a serious domain issue, the site's main domain could go offline temporarily or even forever.

In piracy circles, ‘FitGirl’ is a very well known brand, especially for gamers looking for the latest titles without the usual price tag.

Operating from the domain fitgirl-repacks.site, platform operator FitGirl is perhaps the most well-known ‘repacker’ online today due to her/his ability to compress full-size games into more manageable packages.

The resulting smaller file sizes are useful for people who want to download pirated games but don’t have (or don’t want to use up) lots of bandwidth. And according to traffic data, that’s a lot of people.

After FitGirl Repacks became one of the most-visited torrent sites last year, TorrentFreak was able to interview FitGirl who was happy to explain how the site began and more details about its rise to fame. Now, however, the site may be facing a more stormy period with its main domain under threat.

https://torrentfreak.com/fitgirl-pirate-repacker-warns-domain-name-could-be-lost-perhaps-forever-210830/

#fitgirl #pirates #games #repacker
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

Movie Companies Want VPNs to Log User Data and Disconnect Pirates

A group of movie companies continues its legal efforts to hold VPN services liable for pirating subscribers. A new lawsuit lists Surfshark, VPN Unlimited, Zenmate, and ExpressVPN as defendants. Besides damages, the filmmakers want the VPNs to block pirate sites and start logging user data. The accused companies have yet to respond in court.

Amidst growing concerns about online privacy and security, VPN services have become increasingly popular in recent years.

Millions of people use VPNs to stay secure and prevent outsiders from tracking their online activities. As with regular Internet providers, a subsection of these subscribers may be engaged in piracy activities.

Over the past years, we have seen copyright holders take several ISPs to court, accusing them of failing to disconnect repeat copyright infringers. These lawsuits have expanded recently, with VPN providers as the main targets.

The VPN lawsuits are filed by a group of independent movies companies that also go after piracy sites and apps. They include the makers of films such as The Hitman’s Bodyguard, Dallas Buyers Club, and London Has Fallen.

Last week, these companies filed a new lawsuit at a federal court in Virginia, targeting four VPN services. In their complaint, the filmmakers accuse Surfshark, VPN Unlimited, Zenmate and ExpressVPN of being involved in widespread copyright infringement.

https://torrentfreak.com/movie-companies-want-vpns-to-log-user-data-and-disconnect-pirates-210830/

#movie #pirates #vpn #copyright #lawsuits
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

Quad9: Breach of Duty of Care - New Legal Uncertainty for DNS Resolver

The non-commercial DNS service has initially lost in the dispute with Sony Music: The Hamburg Regional Court affirms "Stoererhaftung" (Breach of Duty of Care).

The legal dispute between Sony Music and the DNS resolver Quad9 goes into the next round. In June, the operator of a free, privacy-friendly DNS resolver, the Swiss-based Quad9 Foundation, became the target of a preliminary injunction issued by the Hamburg Regional Court. The order requires Quad9 to block access to a website operated by a third party, which in turn links to alleged copyright infringements on another website, for German users of the DNS resolver. The news triggered a wave of solidarity with the non-commercial, purely donation-funded service.

According to the Hamburg Regional Court, Quad9 is liable for copyright infringements by third parties according to the principles of "Stoererhaftung" (Breach of Duty of Care) and cannot invoke the exclusion of liability for Internet access services provided for in the German Telemedia Act. The Society for Freedom Rights (Gesellschaft für Freiheitsrechte e.V.), where I lead the control © project, is now supporting Quad9 in its appeal against the preliminary injunction, as the case is of great importance for the operation of non-profit IT infrastructure. DNS services must be exempt from "Stoererhaftung" (Breach of Duty of Care) just like Internet access providers, especially since they are even further away from third party infringements than Internet providers. The establishment of network blocks violates the fundamental rights of Internet users and imposes disproportionate obligations on Quad9.

https://netzpolitik.org/2021/edit-policy-quad9-in-stoererhaftung-neue-rechtsunsicherheit-fuer-dns-resolver/

#quad9 #dns #stoererhaftung #sony #copyright #infringements #germany
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

Iconic “Piracy Is a Crime” Domain Now Redirects to IT-Crowd Parody

The movie industry's "Piracy it's a crime" video is, without doubt, the most iconic anti-piracy PSA ever made. The video became the inspiration for countless memes and satire. The once-official piracyisacrime.com campaign site shut down years ago but, this week, the domain started linking to the IT Crowd parody.

https://torrentfreak.com/iconic-piracy-is-a-crime-domain-now-redirects-to-it-crowd-parody-210905/

#piracy #video
🎥 @cRyPtHoN_INFOSEC_FR
🎥 @cRyPtHoN_INFOSEC_EN
🎥 @cRyPtHoN_INFOSEC_DE
🎥 @BlackBox_Archiv

German police secretly bought NSO Pegasus spyware

Sources have confirmed media reports that federal criminal police purchased and used the controversial Israeli surveillance spyware despite lawyers' objections.

The German Federal Criminal Police Office (BKA) bought notorious Pegasus spyware from the Israeli firm NSO in 2019, it was revealed Tuesday.

The federal government informed the Interior Committee of the Bundestag of the purchase in a closed-doors session, parliament sources said. That confirmed earlier reports published in German newspaper Die Zeit.

The software was procured under "the utmost secrecy," according to Die Zeit, despite the hesitations of lawyers as the surveillance tool can do much more than German privacy laws permit.

https://www.dw.com/en/german-police-secretly-bought-nso-pegasus-spyware/a-59113197

#germany #bka #nso #pegasus #spyware
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

How Facebook Undermines Privacy Protections for Its 2 Billion WhatsApp Users

WhatsApp assures users that no one can see their messages — but the company has an extensive monitoring operation and regularly shares personal information with prosecutors.

When Mark Zuckerberg unveiled a new “privacy-focused vision” for Facebook in March 2019, he cited the company’s global messaging service, WhatsApp, as a model. Acknowledging that “we don’t currently have a strong reputation for building privacy protective services,” the Facebook CEO wrote that “I believe the future of communication will increasingly shift to private, encrypted services where people can be confident what they say to each other stays secure and their messages and content won’t stick around forever. This is the future I hope we will help bring about. We plan to build this the way we’ve developed WhatsApp.”

Zuckerberg’s vision centered on WhatsApp’s signature feature, which he said the company was planning to apply to Instagram and Facebook Messenger: end-to-end encryption, which converts all messages into an unreadable format that is only unlocked when they reach their intended destinations. WhatsApp messages are so secure, he said, that nobody else — not even the company — can read a word. As Zuckerberg had put it earlier, in testimony to the U.S. Senate in 2018, “We don’t see any of the content in WhatsApp.”

WhatsApp emphasizes this point so consistently that a flag with a similar assurance automatically appears on-screen before users send messages: “No one outside of this chat, not even WhatsApp, can read or listen to them.”

Those assurances are not true. WhatsApp has more than 1,000 contract workers filling floors of office buildings in Austin, Texas, Dublin and Singapore, where they examine millions of pieces of users’ content. Seated at computers in pods organized by work assignments, these hourly workers use special Facebook software to sift through streams of private messages, images and videos that have been reported by WhatsApp users as improper and then screened by the company’s artificial intelligence systems. These contractors pass judgment on whatever flashes on their screen — claims of everything from fraud or spam to child porn and potential terrorist plotting — typically in less than a minute.

https://www.propublica.org/article/how-facebook-undermines-privacy-protections-for-its-2-billion-whatsapp-users

#whatsapp #DeleteWhatsapp #privacy
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

We leaked the upcoming IPCC report!

We have leaked part III of the upcoming IPCC report. There’s no time to wait around, there’s no time for continued inaction – the people deserve to know NOW what our corporate owned politicians have done to them.

The greatest crime ever has already been carried out – the perpetrators are still at liberty, but the victims are starting to pile up.

https://scientistrebellion.com/we-leaked-the-upcoming-ipcc-report/

👉🏽 PDF (Part1)
https://files.shitpost.to/jfl2ssgv8xum82n2.pdf?key=s18a9Flb1I3RgebFIxGNc0Y8F4jMQ6Rc

👉🏽 PDF (Part2)
https://files.shitpost.to/ijohuebjziricbsf.pdf?key=XhYG5lAFZ7BgUSvVuJHY1g2Cxp6ePGia

#ipcc #leak #pdf
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

The disastrous voyage of Satoshi, the world’s first cryptocurrency cruise ship

Last year, three cryptocurrency enthusiasts bought a cruise ship. They named it the Satoshi, and dreamed of starting a floating libertarian utopia. It didn’t work out.

On the evening of 7 December 2010, in a hushed San Francisco auditorium, former Google engineer Patri Friedman sketched out the future of humanity. The event was hosted by the Thiel Foundation, established four years earlier by the arch-libertarian PayPal founder Peter Thiel to “defend and promote freedom in all its dimensions”. From behind a large lectern, Friedman – grandson of Milton Friedman, one of the most influential free-market economists of the last century – laid out his plan. He wanted to transform how and where we live, to abandon life on land and all our decrepit assumptions about the nature of society. He wanted, quite simply, to start a new city in the middle of the ocean.

https://www.theguardian.com/news/2021/sep/07/disastrous-voyage-satoshi-cryptocurrency-cruise-ship-seassteading

#satoshi #cryptocurrency #cruiseship
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

China said to suspend approval for new online games, heating up Beijing’s campaign against gaming addiction

Sources said the decision to freeze new video game approvals was revealed at a meeting between Chinese regulators and industry giants Tencent and NetEase

Chinese regulators have temporarily suspended approval for all new online games in the country, dealing a fresh blow to the video gaming businesses of industry giants Tencent Holdings and NetEase, as Beijing steps up measures to tackle gaming addiction among young people, according to people with knowledge of the matter.

That decision was revealed during a meeting on Wednesday called by regulators, led by the publicity department of the Chinese Communist Party and gaming watchdog the National Press and Publication Administration
(NPPA), to discuss with representatives from Tencent and NetEase how they will implement Beijing’s new restrictions on video gaming for minors, according to a person briefed on the matter, but declined to be named because the information is private.

The regulators’ move means “everything is on hold”, the person said.

Another person, who was also briefed on the discussion, said new game approvals would be on hold “for a while” because the priority was to “cut the number of new games” and “reduce gaming addiction” in the country, which is the world’s biggest video gaming market. This source, who declined to be named because the matter discussed remains confidential, also described the approval of new games in the first half of this year as being “a bit too aggressive”.

https://www.scmp.com/tech/big-tech/article/3148128/china-said-suspend-approval-new-online-games-heating-beijings

#china #online #gaming
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

Mēris botnet, climbing to the record

Introduction

For the last five years, there have virtually been almost no global-scale application-layer attacks.

During this period, the industry has learned how to cope with the high bandwidth network layer attacks, including amplification-based ones. It does not mean that botnets are now harmless.

End of June 2021, Qrator Labs started to see signs of a new assaulting force on the Internet – a botnet of a new kind. That is a joint research we conducted together with Yandex to elaborate on the specifics of the DDoS attacks enabler emerging in almost real-time.

Discovery

We see here a pretty substantial attacking force – dozens of thousands of host devices, growing. Separately, Qrator Labs saw the 30 000 host devices in actual numbers through several attacks, and Yandex collected the data about 56 000 attacking hosts.

However, we suppose the number to be higher – probably more than 200 000 devices, due to the rotation and absence of will to show the "full force" attacking at once. Moreover, all those being highly capable devices, not your typical IoT blinker connected to WiFi – here we speak of a botnet consisting of, with the highest probability, devices connected through the Ethernet connection – network devices, primarily.

Some people and organizations already called the botnet "a return of Mirai", which we do not think to be accurate. Mirai possessed a higher number of compromised devices united under C2C, and it attacked mainly with volumetric traffic.

We have not seen the malicious code, and we are not ready to tell yet if it is somehow related to the Mirai family or not. We tend to think that it is not, since the devices it unites under one umbrella seems to be related to only one manufacturer – Mikrotik.

Another reason we wanted to name this particular botnet, operating under elusive C2C, with a different name – Mēris, which means "Plague" in the Latvian language. It seems appropriate and relatively close to Mirai in terms of pronunciation.

https://habr.com/ru/company/yandex/blog/577040/

#botnet #DDoS #mirai #mēris
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

Marvin's Dream - (Maybe the first) children's story written and illustrated entirely by AI models

The only input given to the models: "Marvin the robot was depressed but well-loved by his robot, alien and animal friends."

https://www.youtube.com/watch?v=CeYyYM4XVOU

#ai #video
🎥 @cRyPtHoN_INFOSEC_FR
🎥 @cRyPtHoN_INFOSEC_EN
🎥 @cRyPtHoN_INFOSEC_DE
🎥 @BlackBox_Archiv

The Catalog of Carceral Surveillance: Exploring the Future of Incarceration Technology

Prison technology and telecom companies such as Securus and Global Tel*Link are already notorious for their ongoing efforts to extract every last penny and destroy any last shred of privacy afforded to incarcerated people. They have so far succeeded in their goals, operating in thousands of prisons in every state in the U.S. But they are not content to rest on their laurels.

Securus and GTL have spent the last several years inventing new and improved ways to extract money from incarcerated people, violate human rights, and surveil not only prisoners but their families, and friends.

Over the next two weeks we will be shedding light on some of the patents and technologies these companies have been working on, which either are already actively used or may soon be coming to prisons across the country.

https://www.eff.org/deeplinks/2021/09/uncovering-incarceration-tech-introducing-catalog-prison-surveillance

#incarceration #surveillance #prison #eff
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

Groove ransomware group is threatening the Ukrainian Government - demanding they stop extraditing citizens to the United States or else they will begin extortion. They have named the price: $30,000,000

https://nitter.pussthecat.org/vxunderground/status/1435948304601321476

via Twitter

💡 Read as well: 👇🏽

How Groove Gang is Shaking up the Ransomware-as-a-Service Market to Empower Affiliates
https://www.mcafee.com/blogs/enterprise/mcafee-enterprise-atr/how-groove-gang-is-shaking-up-the-ransomware-as-a-service-market-to-empower-affiliates/

#groove #ransomware #ukraine
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

Join CPJ at @skylineforhuman's event about #Pegasus #spyware, featuring CPJ's @sherifmnsour, @thewire_in's @svaradarajan, @accessnow's @marwasf & @GulfCentre4HR's @khalidibrahim12.

Tune in September 23 at 11 a.m. EDT/5 p.m. Madrid time/6 p.m. Mecca time.

https://nitter.pussthecat.org/pressfreedom/status/1436363587409399818

via Twitter

#pressfreedom #nso
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

KrebsOnSecurity.com was hit last night by the same IoT botnet that launched a record DDoS recently against Cloudflare. Mine was *only* 2 million requests per second. For context, the Mirai IoT attack in 2016 that knocked this site offline for days was ~450k requests per sec.

https://nitter.pussthecat.org/briankrebs/status/1436309299131789326

via Twitter

#KrebsOnSecurity #briankrebs #iot #botnet #ddos
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

Apple wins Epic antitrust suit

The antitrust suit was filed by Epic after Apple kicked popular video game Fortnite out of its App Store in August 2020.

A federal judge sided with Apple on Friday, finding that the iPhone-maker isn't violating antitrust law by imposing tight restrictions on app developers and charging a 30 percent commission for digital goods and services offered on its platforms.

The decision by U.S. District Judge Yvonne Gonzalez Rogers was a blow to Epic Games, the maker of the popular video game Fortnite, which had sought to ride a wave of anti-big tech sentiment with a suit targeting Apple's lucrative App Store.

However, Gonzalez Rogers found that Apple has been violating California state laws by writing contracts with developers that prohibit them from telling customers that cheaper options exist online outside the App Store. She ordered the company to eliminate those provisions.

https://www.politico.com/news/2021/09/10/apple-wins-antitrust-challenge-as-judge-rules-commissions-dont-violate-law-511142

💡 Read as well: 👇🏽

Judge Orders Apple to Loosen App Store Restrictions in Mixed Verdict
https://www.wsj.com/articles/apple-trial-ends-in-mixed-verdict-after-fortnite-makers-monopoly-allegations-11631289792

#apple #epic #antitrust
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

S.O.V.A. - A new Android Banking trojan with fowl intentions

Intro

In the beginning of August 2021, during our daily threat hunting, ThreatFabric researchers came across a new Android banking trojan. Based on the login panel of the C2 server, we could see that it was called S.O.V.A. by its own creators.

Sova is the Russian word for owl. This name was chosen by the threat actor himself/herself possibly because of owl’s nature as nocturnal birds of prey, quiet but efficient in stalking and capturing their victims. This identifies a completely new, to the best of our knowledge, Android banking trojan. The trojan is currently in development and testing phase, and has the objective to add to his overlay and keylogging mechanisms, other higly dangerous features like DDoS and Ransomware in future versions. There are a few interesting aspects that differentiate this trojan to already existing ones, both in features as well as in development.

S.O.V.A. contains features that are usually available in current Android malware, including:

Overlay attacks;
Keylogging;
Notification manipulation.

In addition, it stands out for a feature that is not as common in Android malware:

Session cookies theft

This functionality allows the criminals to have access to valid logged in sessions from the users without the need of knowing the banking credentials.

https://www.threatfabric.com/blogs/sova-new-trojan-with-fowl-intentions.html

💡 Read as well: 👇🏽

This is the first S. O. V. A. / SOVA sample that I saw ITW...
https://nitter.pussthecat.org/malwrhunterteam/status/1436246552465616896

via Twitter

#sova #android #banking #trojan #fowl
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

Opposition of Quad9 to the preliminary injunction of Sony Music

PDF (German)
https://torrentfreak.com/images/Quad9_opposition_redacted_DE_20210901_15d3f14e21.pdf

💡 Read as well: 👇🏽

Sony Wins Pirate Site Blocking Order Against DNS-Resolver Quad9 (Updated)
https://t.iss.one/BlackBox_Archiv/2325

#sony #copyright #pirate #site #blocking #dns #resolver #quad9 #cannapower
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

Anonymous Global OPs | Operation Tinfoil | Operation LonelyWolf

Hello World, Hello Europe, Hello Germany, Hello Attila Hildmann,

Do you remember June 17, 2020? This ordinary Wednesday morning, was for you Attila Hildmann, anything but ordinary.

On this Wednesday morning, you had to painfully realize that in your chat group at Telegram, not only loyal followers were among the admins appointed by you, but also those who in retrospect should turn out to be your greatest enemies.

https://pastebin.com/Y81bjLpP

https://www.youtube.com/watch?v=Y7zNM8894g8

https://anonleaks.net/2021/optinfoil/attila-hildmann-the-final-chapter/

#anonymous #anonleaks #optinfoil #hildmann #video
🎥@cRyPtHoN_INFOSEC_FR
🎥@cRyPtHoN_INFOSEC_EN
🎥@cRyPtHoN_INFOSEC_DE
🎥@BlackBox_Archiv

The 7 most dangerous vulnerabilities in Android applications 2021

Android application vulnerabilities have become a problem because of Google Play’s open format, and also because users can sideload apps, removing any oversight regarding the safety of apps.

There are also updates and patches to the Android operating system. You can’t count on Android to update itself in a timely manner, because wireless carries control update schedules on all but Google’s Pixel devices.

Expert testing of Android mobile applications shows that in most cases, insecure data storage is the most common security flaw in android apps. According to a report, Vulnerabilities and Threats are slightly more common in Android applications, compared to iOS counterparts(43% vs 38%). But the experts categorize this difference as minimal: the security level of apps is roughly equivalent between the two platforms.

Comprehensive security checks of a mobile application include a search for vulnerabilities in the client and server, as well as data transmission between them.

https://www.serage2020.com/2021/09/the-7-most-dangerous-vulnerabilities-in.html

#android #apk #vulnerabilities
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv