Connect with us
DAPA Banner
DAPA Coin
DAPA
COIN PAYMENT ASSET
PRIVACY · BLOCKDAG · HOMOMORPHIC ENCRYPTION · RUST
ElGamal Encrypted MINE DAPA
🚫 GENESIS SOLD OUT
DAPAPAY COMING

Tech

This new Mac malware won’t let you use your computer until you surrender your password

Published

on

A newly discovered strain of macOS malware is taking social engineering to an unsettling new level. Instead of exploiting a software vulnerability or silently stealing information in the background, it simply refuses to let you use your Mac until you type in your login password.

Dubbed ClickLock, the malware repeatedly shuts down key macOS processes, disables notifications, displays convincing Apple password prompts, and effectively traps users in a loop that only ends when the correct password is entered. Once that happens, it doesn’t just steal the password. It goes after browser data, cryptocurrency wallets, saved credentials, password managers, and much more.

A BleepingComputer reports states researchers at Group-IB say the malware has already infected at least 100 systems across 33 countries since May. Even more worrying, when it was first uploaded to VirusTotal in June, none of the security engines on the platform flagged it as malicious.

ClickLock doesn’t hack your Mac. It hacks you.

Unlike many modern malware campaigns that rely on zero-day exploits or privilege escalation vulnerabilities, ClickLock succeeds through psychological pressure. The infection is believed to begin with a ClickFix-style attack, where users are tricked into copying and pasting a command into Terminal under the guise of completing a Cloudflare “human verification” check. While a fake verification progress bar keeps the victim distracted, the malware quietly downloads its payloads in the background.

Advertisement

At the same time, it disables keyboard interrupts, hides the Terminal cursor, and suppresses macOS Notification Center alerts for nearly six hours, making it much harder for victims to realise something suspicious is happening.

The malware’s most disturbing feature comes next. It displays what appears to be a legitimate macOS password dialog complete with the user’s real account name and Apple branding. If the victim enters the correct system password, ClickLock immediately validates it and sends the credentials to the attackers through Telegram.

If the user refuses, the malware doesn’t give up. Instead, it installs persistence mechanisms that reactivate after the next login. Once triggered, ClickLock begins killing critical macOS processes every 210 milliseconds, including Finder, Dock, Terminal, Activity Monitor, Console, System Settings, Spotlight, and even popular web browsers.

The result is a Mac that appears almost completely unusable, leaving only the password prompt visible on screen. According to Group-IB, this loop can continue for more than 83 hours, or until the victim finally gives in.

It wants far more than your password

The login password is only the beginning. ClickLock also attempts to trick victims into approving a genuine Keychain access prompt that grants permission to Chrome’s Safe Storage key. That key can later be used to decrypt stored passwords, cookies, and autofill information from Chromium-based browsers.

Advertisement

The malware’s data-stealing module casts an exceptionally wide net. It targets browser profiles from Chrome, Firefox, Brave, Microsoft Edge, Opera, Vivaldi, Arc and Chromium, harvesting saved passwords, cookies, bookmarks, browsing sessions, local storage and autofill information.

Cryptocurrency users face an even greater risk. ClickLock searches for browser wallet extensions, desktop wallet files, encrypted wallet vaults and cached wallet addresses across major blockchain ecosystems including Bitcoin, Ethereum-compatible chains, Solana, TRON, TON and Stacks.

It also collects FileZilla FTP configurations, shell history, basic system information and public IP addresses before compressing everything into ZIP archives and uploading the stolen data through the Telegram Bot API. To ensure attackers maintain long-term access, ClickLock deploys a modified version of the open-source GSocket tool, creating a persistent backdoor capable of remotely controlling the infected Mac. Unlike the malware’s other components, which delete themselves after execution to minimise forensic evidence, this backdoor remains active on the system.

The stealth techniques don’t end there. Researchers say the malware is hosted on compromised but otherwise legitimate websites, helping it evade reputation-based security systems. Its payloads also remove themselves after execution, leaving very few traces behind. Despite that, Group-IB says defenders can still spot suspicious behaviour by watching for repeated password dialog boxes generated through osascript, continuous termination of macOS processes, mass access to browser profile folders and unusual outbound connections to Telegram.

The biggest takeaway, however, is surprisingly simple. If a website ever asks you to open Terminal and paste a command to prove you’re human, close the page immediately. No legitimate website, including Cloudflare, requires Terminal access for human verification. And if your Mac suddenly becomes unusable while repeatedly demanding your system password, resist the urge to comply. Instead, force a shutdown using the power button, restart in Safe Mode, and investigate the system before entering any credentials. In ClickLock’s case, your password isn’t solving the problem. It’s exactly what the attackers are waiting for.

Advertisement

Source link

Continue Reading
Click to comment

You must be logged in to post a comment Login

Leave a Reply

Tech

RugOne Xlink 7 rugged walkie-talkie review

Published

on

Why you can trust TechRadar


We spend hours testing every product or service we review, so you can be sure you’re buying the best. Find out more about how we test.

RugOne Xlink 7: 30-second review

The RugOne Xlink 7 wants to solve an old problem in a new way. Traditional walkie-talkies are brilliant until you walk out of range. Hills block them. Buildings block them. Distance blocks them. The Xlink 7 sidesteps all of that by using 4G instead of short-range radio, so two or three people can stay in touch across a city, a country, or, in theory, the whole planet, as long as there’s signal.

That idea alone makes it worth a look. Add a genuinely tough build, IP68 and IP69K rated, plus MIL STD 810H certification, and you have a device that will survive rain, dust, a drop, or a dunking, all while weighing just 84g. It comes loaded with sensible extras too. A wireless PTT (push-to-talk) remote means you never have to fumble for the unit itself while riding or climbing. An emergency SOS mode, backed by GPS, GLONASS and Beidou positioning, can sound an alarm and share your live location with five quick presses. There’s even a basic AI assistant for weather checks and settings, and a noise cancellation system tuned for wind and speed.

Advertisement

Source link

Continue Reading

Tech

MacSurf Hits 2.0 To Bring PowerPCs Back Online

Published

on

There’s an interesting thing about retrocomputing — the moment that you realize your 25-year-old machine can do almost everything your average person uses a computer for. The problem is that the average person mostly uses a computer as an internet appliance, and the big missing piece for most old machines is hooking up to the modern internet. HTTPS is good to have, but isn’t so easy to implement when your browser gets megabytes of RAM instead of gigabytes.

That’s why MacSurf by [mplsllc] is so interesting, especially version 2.0 just released-– its explicit goal is to get as much of the modern web onto an OS 9 equipped PowerPC Macintosh as physically possible.

Before you get too excited– no, you won’t be hitting up YouTube.com or even GitHub. That’s just too big and bloated now, even if you can get past the HTTPS hurdle. You will, however, be able to access, say MacintoshGarden.org, whose out-of-order HTTPS certificates sent the last version for a tizzy. The forums at 68kMLA work, and threads load quickly thanks to the as-needed image loading added this version.

Advertisement

Other nice things added include a proper history and bookmark manager.  There’s still no tab support, but have you seen the modern web? You’re not fitting more than one webpage into RAM on a G3 no matter how hard you try. You can, however, download the web browser directly from the http-only MacSurf.org homepage.

We featured the first release of this netsurf-based browser, and have to admit we’re impressed with the speed of development. If you want a totally modern system on PPC instead of just an up-to-date browser, you might want to check out MorphOS.

Advertisement

Source link

Continue Reading

Tech

Seattle Sounders FC pay tribute to S. ‘Soma’ Somasegar, beloved tech leader and team owner

Published

on

A tribute to venture capitalist S. “Soma” Somasegar before the Sounders FC match. (GeekWire photo/John Cook0

The Seattle Sounders paused before Thursday night’s rivalry match against the Portland Timbers to honor one of their own.

Before the match at Lumen Field, the club paid tribute to S. “Soma” Somasegar, the longtime Microsoft executive, Madrona venture capitalist and Sounders minority owner who died in May at age 59. Fans stood in silence as Somasegar’s image appeared on the stadium video boards.

Somasegar joined the Sounders ownership group in 2019, part of a wave of Seattle tech leaders — including Microsoft CEO Satya Nadella — who bought in that year.

After his death, the club said Somasegar viewed sports as a way to bring people together, and credited him and his wife, Akila, with strengthening the Sounders and Seattle Reign communities.

Advertisement

@media (max-width: 600px) {
aside.callout { float:none !important; max-width:100% !important; margin-left:0 !important; margin-right:0 !important; }
aside.callout .callout-img { display:none !important; }
}

GeekWire chronicled the outpouring of tributes after Somasegar’s death, as colleagues, founders and friends remembered the former Microsoft executive and venture capitalist for his humility, generosity and commitment to helping others succeed.

During his 27 years at Microsoft, he helped lead the company’s developer tools business before spending more than a decade at Madrona, where he backed and advised a new generation of cloud and AI startups.

Source link

Advertisement
Continue Reading

Tech

Dangerous new GoSerpent malware is apparently on the hunt for government secrets

Published

on


  • Kaspersky uncovers GoSerpent, a long‑running campaign on Southeast Asian government systems using a backdoor, RAT (Stowaway), and exfiltration tool (TmcLoader)
  • Attackers showed extreme patience, waiting weeks before deploying secondary tools to evade detection and outlast log retention policies
  • Attribution remains uncertain, but overlaps with past TetrisPhantom operations; defenders are urged to review shared IoCs to detect compromise

Security researchers Kaspersky discovered a five-year-old piece of malware that’s been hiding on government computers in the Southeast Asian region, harvesting secrets and other actionable intelligence.

The company analyzed a campaign called GoSerpent, which comprises of a backdoor of the same name, a Remote Access Trojan (RAT) called Stowaway, and a two-stage data exfiltration tool called TmcLoader.

Source link

Continue Reading

Tech

Apple vs. Open AI Explained: The Battle for AI Gadgets Begins With a Juicy Lawsuit

Published

on

Apple’s lawsuit against OpenAI is full of astonishing accusations and details, with Apple alleging it uncovered a pattern of theft of Apple’s trade secrets. Apple’s complaint mostly points the finger at a few ex-Apple employees that now work at OpenAI, the maker of ChatGPT.

OpenAI has faced quite a number of lawsuits lately on how it does business, but Apple’s suit brings a different twist. If this case goes to trial, it could reveal the secret hardware that OpenAI has long teased. A trial could seek damages if Apple’s work is being used to help develop some sort of rival AI device. Would a lawsuit spill the beans on a device — or several devices — before OpenAI is ready to launch?

Advertisement

Watch this: Apple vs. OpenAI: These Lawsuit Details Are Wild

This week’s episode of One More Thing, embedded above, goes into the juicy details of the suit and what happens next. OpenAI CEO Sam Altman says he’s not afraid of Apple, but maybe he should be. Taking rivals to court is part of the Apple playbook, and the company knows how to do it well

The fight could also drag in a few famous Apple faces. Apple’s former design chief, Jony Ive, is now working on making AI gadgets for OpenAI. That means Apple lawyers might call to the stand the former designer of the iPhone, to see if he used information stolen from Apple. (Awkwaaard.)

For more One More Thing, subscribe to our YouTube page to catch Bridget Carey breaking down the latest Apple news and issues every Friday.

Advertisement

Source link

Continue Reading

Tech

Kalshi Flags Trump’s Teleprompter Operator For Alleged Insider Trading

Published

on

ABC News reports that White House teleprompter operator Gabriel Perez allegedly made more than $100,000 betting on Kalshi markets tied to what President Trump would say in speeches, using his access to prepared remarks and last-minute edits. ABC News reports: According to the sources, Kalshi alerted its regulator, the Commodity Futures Trading Commission (CFTC), to the suspicious activity on its “Mentions” market, where users can bet on whether specific words, phrases or topics are uttered during a public speech. “Our surveillance team promptly flagged and referred these trades to the CFTC, and we are cooperating and assisting regulators,” Kalshi’s head of enforcement, Bobby DeNault, said in a statement provided to ABC News.

White House Press Secretary Karoline Leavitt told reporters Thursday afternoon, following ABC News’ report, that Perez has been put on unpaid administrative leave. Leavitt said she spoke with President Trump about it, and he thought it was a “disgrace” and made the decision himself to put Perez on unpaid leave. Leavitt said she was unaware of any other White House staffers who have made such trades. “The White House has strict ethics guidelines that we expect all staffers and officials to follow,” said White House spokesperson Davis Ingle when contacted by ABC News.

In addition to February’s State of the Union address, sources said CFTC investigators discovered that Perez placed bets on more than a dozen Trump speeches over a three-month period, including a December primetime address, a January speech at the World Economic Forum in Davos, Switzerland, and Trump’s remarks in March during a Medal of Honor ceremony.

Source link

Advertisement
Continue Reading

Tech

US sanctions on rogue VPN accidentally break Telegram’s short links worldwide

Published

on


  • The US Treasury sanctioned First VPN Service for aiding ransomware gangs
  • Complying with the sanctions, the .ME registry wrongly suspended Telegram’s entire t.me domain
  • The domain was restored roughly 19 hours later after Telegram CEO Pavel Durov flagged the issue online

If you clicked a Telegram link on Monday and stared at a blank screen, you weren’t alone. Every shortlink starting with ‘t.me’ suddenly vanished from the global internet, breaking group invites, profile shares, and channel links for roughly a billion users worldwide.

But the outage wasn’t caused by a technical glitch or a targeted cyberattack. Instead, it was the unintended collateral damage of a US government crackdown on a cybercriminal proxy network.

Source link

Advertisement
Continue Reading

Tech

The EU is forcing Google to give rival AI assistants the same access as Gemini on Android

Published

on

What just happened? European Union regulators are forcing Google to change how Android handles artificial intelligence, ordering the company to open up the operating system and its search data to competing AI services. Under a binding decision announced on Thursday, Google must grant rival AI assistants the same system-level access that its Gemini assistant enjoys on Android phones in the bloc. The move is intended to prevent Google from using Android’s vast reach to tilt the fast-growing AI market in its favor and to ensure that competing services have a fair opportunity to reach users.

The stakes are high. Android powers about 60% of smartphones in the European Union, and AI companies see those devices as the primary gateway for turning chatbots into everyday assistants. The deeper a service is integrated into a device – reading the screen, handling messages, and interacting with other apps – the more useful it becomes. That is precisely the layer of control EU officials are now trying to open up.

Regulators said Google will have to place rival AI services on “equal footing” with Gemini. That includes access to voice commands, system search, and the ability to perform actions in other apps, such as ordering a ride, replying to a text message, or pulling up information about a place a user recently visited. The changes must be implemented by next July.

The order also extends beyond the operating system. By January, Google will have to begin sharing anonymized search data with competing services, including developers of AI chatbots. The goal is to give those rivals access to more of the behavioral signals that help improve search and assistant products without exposing individual users.

Advertisement

Google has not said whether it will challenge the ruling in court. Instead, the company has warned that the EU’s demands could create new risks.

“Today’s decisions risk undermining vital privacy and security safeguards for millions of Europeans,” Kent Walker, Google’s general counsel, said in a statement. Google argues that allowing third-party developers to access sensitive data stored on a person’s smartphone or in their search history could weaken the protections built into its products.

European officials see it differently. The bloc has long taken a tough stance toward large technology platforms, and it views artificial intelligence as the next gateway to digital services. In their view, allowing a handful of companies to control the main AI assistants built into phones, browsers, and operating systems would entrench those players and shut out competitors.

The legal basis for the ruling is the Digital Markets Act, a competition law that applies to gatekeeper companies such as Google and Apple. The DMA requires them to make their products interoperable so that outside developers can offer competing AI assistants alongside – or instead of – built-in options such as Google’s Gemini and Apple’s Siri.

Advertisement

That requirement is already causing friction. In June, Apple said it would withhold new AI features for Siri in the European Union because it could not reach an agreement with regulators. As a result, iPhone users in the bloc will not receive the same Siri upgrades that Apple plans to roll out elsewhere, at least for now.

At the same time, some AI companies are trying to sidestep the mobile platform issue entirely by developing their own hardware. Last year, OpenAI hired Jony Ive, Apple’s former chief designer, to lead work on new AI-centric devices. The goal is to create products in which an AI assistant serves as the primary interface, rather than one that operates within another company’s operating system.

That partnership is now under strain. Last week, Apple sued OpenAI, accusing the company of stealing trade secrets. OpenAI has denied the allegations.

Advertisement

Source link

Continue Reading

Tech

Microsoft Restores Player’s 25-Year-Old Account After Nuking It Due to Hacker

Published

on

Microsoft restored streamer Joshua Khane’s 25-year-old Xbox and OneDrive account after it was compromised by a hacker and then suspended, putting years of personal data, baby photos, and thousands of dollars in games at risk. IGN reports: While he was “extremely happy” and thanked Microsoft for its help recovering his account and all the invaluable information therein, he levied some criticisms toward the brand for its initial response, claiming it had told him the suspension was “irreversible” at first. “It’s unfortunate that such a big company can bring back your account if you ask them to,” he said. “The way it all went, to me, is a little bit shady, because it’s not that they can’t bring back your account — they won’t bring back your account if you’re a nobody.”

Khane credited the community for making his story go viral and bringing it to Microsoft’s attention, but felt that without their help, he would have been up a creek without a paddle. He also tied the situation to the growing conversation surrounding digital ownership, comparing it to Sony’s decision to stop printing physical game discs starting January 2028.

Source link

Continue Reading

Tech

Microsoft gives admins Exchange Online breathing room

Published

on

SAAS

Retirement of PowerShell -Credential parameter pushed back to the end of 2026

Microsoft has delayed the removal of the -Credential parameter from Exchange Online PowerShell until December 2026, giving administrators more time to update affected scripts and automation.

The -Credential parameter is used when connecting to Exchange Online PowerShell. It allows an administrator to supply stored username and password credentials. These days, it is heavily discouraged, particularly when more secure authentication methods are available.

Advertisement

Microsoft had designated the parameter for removal in July 2026 as part of its move away from password-based authentication. The trouble is tracking down automation scripts that use it, updating them, and validating the changes – assuming a fix is even possible.

Once the parameter is gone from the Connect-ExchangeOnline and Connect-IppsSession cmdlets in the Exchange Online PowerShell module, any scripts still relying on it will break, potentially taking carefully built workflows down with them.

However, Microsoft has opted to push back the retirement beginning December 2026 – a festive gift for administrators.

The company stated: “If your organization uses the -Credential parameter in PowerShell scripts or automation workflows connecting to Exchange Online or Security & Compliance PowerShell, those scripts will break when you update to an Exchange Online PowerShell module version released beginning December 2026.”

Advertisement

As such, the retirement won’t take effect until an update is performed. The server-side retirement of the underlying authentication flow is planned “for a later date.”

“When that occurs, the -Credential parameter will stop functioning even on older module versions.”

Microsoft said it delayed the retirement due to “customer feedback,” although it came late in the day. That said, a few extra months will be welcomed by affected administrators dealing with the impact of the change.

And the change is still coming. Microsoft added: “While our published timeline extends to the start of December 2026, we strongly recommend that all customers transition away from the -Credential parameter as soon as possible and not wait until the deadline.” ®

Advertisement

Source link

Continue Reading

Trending

Copyright © 2025