Home Tags Minecraft

Tag: Minecraft

Where are all the Nintendo Switch game ports?

Despite healthy hardware sales, plenty of big-name games aren't making the switch.

Sony continues to lock PS4 players out of cross-platform play

But Sony exec says there's no "profound philosophical stance" against the feature.

First impressions: Xbox One X doesn’t quite bring the “wow!” factor

Our initial thoughts on the new hardware, plus a look at upcoming Xbox software.

Minecraft to receive its first top-engine visual overhaul since 2010 debut

"Super-Duper Graphics Pack" retains blockiness, goes crazy with particles, shadows.

After uproar, Minecraft maker to stop feeding cookies to in-game parrots

Mojang accepts concerns that children might imitate the game's dangerous avian diet.

Minecraft on Nintendo Switch does the trick, hides most of its...

Visual and rendering compromises are totally fine, but do you have enough controllers?

How Microsoft is future-proofing for Xbox’s “multi-generational” future

Phil Spencer hints that the Xbox platform could become more like the PC.

How zombie cameras took down Netflix… and an entire country’s internet

Here's how the Internet of Things botnet went from being Minecraft server nuisances to a billion dollar threat that disabled a country's internet infrastructure

Operator of DDoS protection service named as Mirai author

Krebs says he's fingered author of epic IoT web assault code The author of the massive distributed denial-of-service attack malware Mirai, which ropes infected routers and internet of things devices into remotely controlled armies, is a New Jersey man, according to journo Brian Krebs. On his website this week, Krebs names a chap called Para Jha, owner of a distributed denial-of-service (DDoS) attack mitigation company ProTraf Solutions, for the creation and dissemination of the Mirai software nasty. Mirai is one of the worst DDoS botnets ever to grace the internet and is fingered for fingered for downing large chunks of the internet, including record-breaking attacks on Krebs' own site. Previous analyses have suggested the malware was penned by a person named "Anna-Senpai". Krebs builds a case to link Anna-Senpai to Jha and says that he, along with other players, built the Miari code and used it to attack Minecraft servers to lure disgruntled customers. He tells of how Jha contacted upstream providers to have command and control servers of rival IoT shut down, and how the hacker built malcode into his botnet that eliminated rival Qbot botnets. Those upstream providers that ignored Jha's requests were also subject to large DDoS attacks. Mirai evolved from earlier incarnations of botnet code designed for DDoS attacks.
In 2014 an earlier variant was used to launch DDoS attacks against Minecraft servers which can generate up to US$50,000 a month. Krebs found that Jha lists the same skills on his LinkedIn page as on HackForums, a large marketplace where low level grey hat activities, cybercrime, and bragging takes place. He details many other compelling links between Jha's older identities he used online while learning to code, including 'OG_Richard_Stallman', and his recent aliases including Anna-Senpai. ® Sponsored: Flash enters the mainstream.
Visit The Register's storage hub

4chan is running out of money—and Martin Shkreli wants to help...

Louis Lanzano/Bloomberg via Getty Imagesreader comments 70 Share this story 4chan, the infamous message board whose users once labelled it "the asshole of the Internet," is nearly out of money and will have to take drastic action if it wants to survive, according to its new owner. Meanwhile, the notorious hedge fund manager Martin Shkreli has offered to help out. The site, which hosts notoriously racist and sexist message boards, and which in the form of its /b/ board launched 1,000 unpleasant trolling campaigns, has long suffered money troubles, with users unwilling to subscribe and legitimate advertisers put off by unpalatable content.
Its founder, Christopher "Moot" Poole, sold up in January 2015 to Hiroyuki Nisimura, the man who founded the board that inspired 4chan, Japan's almost equally unpleasant 2Channel. In a post on Sunday, entitled "Winter is Coming," Nisimura wrote that he "had tried to keep 4chan as is.

But I failed.
I am sincerely sorry." He added: Some notice there are no more middle ads and bottom ads on 4chan. Ads don't work well.
So we reduced advertisement servers cost. 4chan can't afford infrastructure costs, network fee, servers cost, CDN and etc, now. He went on to describe three options to cut costs, none of which is likely to impress the site's fractious users.

To stay afloat, the site apparently would need to halve traffic costs by closing some boards, limiting image sizes, and using slower servers; or have more pop-up or even "malicious" ads; or have more paying users. However, an unlikely saviour has seemingly emerged.
Shkreli—who erupted to notoriety of his own last year when his company, Turing Pharmaceuticals, acquired the manufacturing licence to the antiparasitic drug Daraprim and jacked its price up by 5,556 percent, from $13.5 to $750 per tablet (£10.60 to £588)—tweeted Nisimura to indicate that he would be "open to joining the Board of Directors of 4chan." Nisimura replied, and the two apparently took the discussions away from public view. Shkreli is currently on bail, pending a trial over federal charges for alleged securities fraud, after his arrest by the FBI in December last year. He also recently offered people the chance to punch him in the face for $50,000 for charity, to support the young son of his former PR guy Mike Kulich, who passed away suddenly a few weeks ago. It looks like 4chan still has a few allies in the tech world, despite its unpleasant reputation.
In a now-deleted but still-cached tweet, billionaire Minecraft founder Marcus "Notch" Persson apparently also expressed an interest in helping the site, writing: "Assuming it's not too expensive, and assuming I don't have to do any actual work myself, I'm in." Poole, meanwhile, has scored himself a job at Google, where he is "building online communities." This post originated on Ars Technica UK

Happy VXers get 400 enterprise-popping apps hosted on Google Play

Up to half a million downloads clocked for one poision app. More than 400 malicious apps from a single attacker have been successfully uploaded to the Google Play store, with one downloaded up to half a million times, Trend Micro malware researcher Echo Duan says. The malware is disguised as various games, phone boosters, and themes that when executed can compromise devices and connected networks, download additional payloads, and enslave handsets into botnets. Such malware is usually barred from the Google Play store thanks to security analysis checks Mountain View runs to determine apps that steal user data, spam with advertisements, or adversely impact privacy. The prolific authors who have created some 3000 variants of the DressCode malware have had a significant win in breaching Google's defences since apps hosted on the Play store are considered and marketed as safe. Duan says the malware attempts to gain a foothold on any networks the compromised handsets are connected to making it a threat to to enterprises and small businesses. This malware gives attackers an avenue into internal networks which compromised devices are connected to—a notable risk if the device is used to connect to company networks. "If an infected device connects to an enterprise network, the attacker can either bypass the NAT device to attack the internal server or download sensitive data using the infected device as a springboard," Duan says. "With the growth of bring your own device programs, more enterprises are exposing themselves to risk via care-free employee mobile usage. "[The installed SOCKS proxy] can be used to turn devices into bots and build a botnet." DressCode and you.
Image: Trend Micro. Duan says the malicious code was a small fraction of the total app codebase making it "difficult" for Google to detect. One app offering a Grand Theft Auto theme for Minecraft clocked between 100,000 and 500,000 downloads according to Google Play's metric bands. Compromising modern Android handsets is increasingly difficult for regular malware players thanks to big leaps in defensive upgrades, but most phone users run old, unsupported, and dangerously exposed versions of the mobile operating system. Some 35 percent of Android users operate version five (Lollipop) of Google's platform released in 2014, while about 25 percent run ancient version 4.4 (Kitkat) published in 2013. Fewer than 10 percent run Android version six (Marshmallow) released last year and virtually no one other than owners of Nexus 6P devices sports version seven (Nougat) published last month. Outside of the Nexus line, handsets everywhere are locked into custom vendor ROMs and as such must reply on manufacturers to push through Google's security updates and patches. Trend Micro says it flagged some 16.6 million malware detections as of August, 40 per cent up on January figures. ®

More than 400 malicious apps infiltrate Google Play

EnlargeCurious Expeditions reader comments 4 Share this story Google Play was recently found to be hosting more than 400 apps that turned infected phones into listening posts that could siphon sensitive data out of the protected networks they connected to, security researchers said Thursday. One malicious app infected with the so-called DressCode malware had been downloaded from 100,000 to 500,000 times before it was removed from the Google-hosted marketplace, Trend Micro researchers said in a post. Known as Mod GTA 5 for Minecraft PE, it was disguised as a benign game, but included in the code was a component that established a persistent connection with an attacker controlled server.

The server then had the ability to bypass so-called network address translation protections that shield individual devices inside a network.

Trend Micro has found 3,000 such apps in all, 400 of which were available through Play. Enlarge "This malware allows threat actors to infiltrate a user's network environment," Thursday's report stated. "If an infected device connects to an enterprise network, the attacker can either bypass the NAT device to attack the internal server or download sensitive data using the infected device as a springboard." The report continued: The malware installs a SOCKS proxy on the device, building a general purpose tunnel that can control and give commands to the device.
It can be used to turn devices into bots and build a botnet, which is essentially a network of slave devices that can be used for a variety of schemes like distributed denial-of-service (DDoS) attacks—which have become an increasingly severe problem for organizations worldwide—or spam email campaigns.

The botnet can use the proxied IP addresses also generated by the malware to create fake traffic, disguise ad clicks, and generate revenue for the attackers. Google representatives didn't immediately respond to e-mail seeking comment for this post. Trend Micro's report comes three weeks after researchers from separate security firm Checkpoint said they detected 40 DressCode-infected apps in Google Play. Trend said that only a small portion of each malicious app contained the malicious functions, a feature that makes detection difficult.
In 2012, Google introduced a cloud-based security scanner called Bouncer that scours Play for malicious apps.
Since then, thousands of malicious apps have been detected by researchers.

This raises a question: if outside parties can find them, why can't Google find them first?