Connect with us
DAPA Banner
DAPA Coin
DAPA
COIN PAYMENT ASSET
PRIVACY · BLOCKDAG · HOMOMORPHIC ENCRYPTION · RUST
ElGamal Encrypted MINE DAPA
🚫 GENESIS SOLD OUT
DAPAPAY COMING

Tech

This new Mac malware won’t let you use your computer until you surrender your password

Published

on

A newly discovered strain of macOS malware is taking social engineering to an unsettling new level. Instead of exploiting a software vulnerability or silently stealing information in the background, it simply refuses to let you use your Mac until you type in your login password.

Dubbed ClickLock, the malware repeatedly shuts down key macOS processes, disables notifications, displays convincing Apple password prompts, and effectively traps users in a loop that only ends when the correct password is entered. Once that happens, it doesn’t just steal the password. It goes after browser data, cryptocurrency wallets, saved credentials, password managers, and much more.

A BleepingComputer reports states researchers at Group-IB say the malware has already infected at least 100 systems across 33 countries since May. Even more worrying, when it was first uploaded to VirusTotal in June, none of the security engines on the platform flagged it as malicious.

ClickLock doesn’t hack your Mac. It hacks you.

Unlike many modern malware campaigns that rely on zero-day exploits or privilege escalation vulnerabilities, ClickLock succeeds through psychological pressure. The infection is believed to begin with a ClickFix-style attack, where users are tricked into copying and pasting a command into Terminal under the guise of completing a Cloudflare “human verification” check. While a fake verification progress bar keeps the victim distracted, the malware quietly downloads its payloads in the background.

Advertisement

At the same time, it disables keyboard interrupts, hides the Terminal cursor, and suppresses macOS Notification Center alerts for nearly six hours, making it much harder for victims to realise something suspicious is happening.

The malware’s most disturbing feature comes next. It displays what appears to be a legitimate macOS password dialog complete with the user’s real account name and Apple branding. If the victim enters the correct system password, ClickLock immediately validates it and sends the credentials to the attackers through Telegram.

If the user refuses, the malware doesn’t give up. Instead, it installs persistence mechanisms that reactivate after the next login. Once triggered, ClickLock begins killing critical macOS processes every 210 milliseconds, including Finder, Dock, Terminal, Activity Monitor, Console, System Settings, Spotlight, and even popular web browsers.

The result is a Mac that appears almost completely unusable, leaving only the password prompt visible on screen. According to Group-IB, this loop can continue for more than 83 hours, or until the victim finally gives in.

It wants far more than your password

The login password is only the beginning. ClickLock also attempts to trick victims into approving a genuine Keychain access prompt that grants permission to Chrome’s Safe Storage key. That key can later be used to decrypt stored passwords, cookies, and autofill information from Chromium-based browsers.

Advertisement

The malware’s data-stealing module casts an exceptionally wide net. It targets browser profiles from Chrome, Firefox, Brave, Microsoft Edge, Opera, Vivaldi, Arc and Chromium, harvesting saved passwords, cookies, bookmarks, browsing sessions, local storage and autofill information.

Cryptocurrency users face an even greater risk. ClickLock searches for browser wallet extensions, desktop wallet files, encrypted wallet vaults and cached wallet addresses across major blockchain ecosystems including Bitcoin, Ethereum-compatible chains, Solana, TRON, TON and Stacks.

It also collects FileZilla FTP configurations, shell history, basic system information and public IP addresses before compressing everything into ZIP archives and uploading the stolen data through the Telegram Bot API. To ensure attackers maintain long-term access, ClickLock deploys a modified version of the open-source GSocket tool, creating a persistent backdoor capable of remotely controlling the infected Mac. Unlike the malware’s other components, which delete themselves after execution to minimise forensic evidence, this backdoor remains active on the system.

The stealth techniques don’t end there. Researchers say the malware is hosted on compromised but otherwise legitimate websites, helping it evade reputation-based security systems. Its payloads also remove themselves after execution, leaving very few traces behind. Despite that, Group-IB says defenders can still spot suspicious behaviour by watching for repeated password dialog boxes generated through osascript, continuous termination of macOS processes, mass access to browser profile folders and unusual outbound connections to Telegram.

The biggest takeaway, however, is surprisingly simple. If a website ever asks you to open Terminal and paste a command to prove you’re human, close the page immediately. No legitimate website, including Cloudflare, requires Terminal access for human verification. And if your Mac suddenly becomes unusable while repeatedly demanding your system password, resist the urge to comply. Instead, force a shutdown using the power button, restart in Safe Mode, and investigate the system before entering any credentials. In ClickLock’s case, your password isn’t solving the problem. It’s exactly what the attackers are waiting for.

Advertisement

Source link

Continue Reading
Click to comment

You must be logged in to post a comment Login

Leave a Reply

Tech

Why Did Automakers Stop Using Bulky Bumpers On Their Cars?

Published

on





At one time, automobiles in the United States were big, boxy, and often covered in swathes of chrome. But over the years, vehicles have become more compact and streamlined, ditching chrome in favor of other options. The bulky bumpers that characterized American-market cars gradually disappeared as well, thanks to amended government regulations introduced in 1983.

Those regulations were set forth by the National Highway Traffic Safety Administration (NHTSA) and lowered the front and rear impact requirement from 5 mph to 2.5 mph. The updated rules also reduced corner impact requirements to 1.5 mph. These changes allowed automakers to be more flexible with their bumper designs. So, instead of relying on massive front and rear structures, designers could focus more on creating bumpers that blended into the vehicle’s body. As a result, the big and heavy bumpers that were the norm during the 1970s gave way to newer setups that were more integrated into the automobile’s overall shape while still offering protection in low-speed collisions.

This change came after the NHTSA reviewed both the costs and benefits of the Bumper Standard as it existed at the time. In a 1981 evaluation, the agency determined that the requirements, while strict, may not have benefited consumers enough. Taking the findings and public comments into account, the NHTSA amended the Bumper Standard in 1982, with the changes taking effect for 1983 model year vehicles.

Advertisement

The evolution of the automobile bumper

During the early days of automobiles, carmakers used bumpers as protective equipment for the vehicle and its passengers. But bumpers were also seen as an important style element that added to the vehicle’s overall appearance. However, that changed when the NHTSA’s Federal Motor Vehicle Safety Standard No. 215 (FMVSS 215), known as Exterior Protection, was introduced for model year 1973. That standard listed a specific front and rear impact requirement, also known as the 5-mph bumper rule, leading automakers to design new, bigger bumpers to comply.

Some car manufacturers actually just attached large steel bumpers to existing designs instead, which contributed to the new era of bulky front ends. These new bumpers often extended farther from the body than previous structures, which increased the front and rear overhangs. They also added significant weight. Not all automakers went down this path, though; some chose instead to develop bumpers that fit the vehicle and didn’t ruin the lines. The Corvette C3 is a great example of this.

Advertisement

Today’s bumper systems are not as visible as they were in years past, with automakers now hiding the necessary safety components behind a plastic cover. Underneath that cover lies thick, energy-absorbing foam and metal reinforcement, a combination that allows manufacturers to maintain low-speed impact protection, per government standards, without compromising on aesthetics.



Advertisement

Source link

Continue Reading

Tech

Apple Sends Legal Letters To Dozens of OpenAI Employees

Published

on

An anonymous reader quotes a report from MacRumors: Apple has reportedly sent legal letters to dozens of former Apple employees now working at OpenAI, telling them to preserve potentially relevant documents and communications as it continues to pursue its trade secret lawsuit against the AI company. The Financial Times (paywalled) reports that Apple has targeted around 40 former employees with legal preservation letters, acting on its belief that the alleged misappropriation of confidential information may extend beyond the individuals named in its original complaint.

The development follows Apple’s lawsuit filed last week against OpenAI, in which the company alleges a coordinated effort to obtain confidential information relating to its hardware engineering and product development. Apple claims OpenAI recruited key engineers, including former Apple executives Tang Tan and Chang Liu, and benefited from proprietary designs, manufacturing processes, and other trade secrets. Tan is OpenAI’s Chief Hardware Officer and a 24-year Apple veteran who led product design, while Liu is on the hardware team at OpenAI after working as a senior system electrical engineer at Apple.

Source link

Continue Reading

Tech

RugOne Xlink 7 rugged walkie-talkie review

Published

on

Why you can trust TechRadar


We spend hours testing every product or service we review, so you can be sure you’re buying the best. Find out more about how we test.

RugOne Xlink 7: 30-second review

The RugOne Xlink 7 wants to solve an old problem in a new way. Traditional walkie-talkies are brilliant until you walk out of range. Hills block them. Buildings block them. Distance blocks them. The Xlink 7 sidesteps all of that by using 4G instead of short-range radio, so two or three people can stay in touch across a city, a country, or, in theory, the whole planet, as long as there’s signal.

That idea alone makes it worth a look. Add a genuinely tough build, IP68 and IP69K rated, plus MIL STD 810H certification, and you have a device that will survive rain, dust, a drop, or a dunking, all while weighing just 84g. It comes loaded with sensible extras too. A wireless PTT (push-to-talk) remote means you never have to fumble for the unit itself while riding or climbing. An emergency SOS mode, backed by GPS, GLONASS and Beidou positioning, can sound an alarm and share your live location with five quick presses. There’s even a basic AI assistant for weather checks and settings, and a noise cancellation system tuned for wind and speed.

Advertisement

Source link

Continue Reading

Tech

MacSurf Hits 2.0 To Bring PowerPCs Back Online

Published

on

There’s an interesting thing about retrocomputing — the moment that you realize your 25-year-old machine can do almost everything your average person uses a computer for. The problem is that the average person mostly uses a computer as an internet appliance, and the big missing piece for most old machines is hooking up to the modern internet. HTTPS is good to have, but isn’t so easy to implement when your browser gets megabytes of RAM instead of gigabytes.

That’s why MacSurf by [mplsllc] is so interesting, especially version 2.0 just released-– its explicit goal is to get as much of the modern web onto an OS 9 equipped PowerPC Macintosh as physically possible.

Before you get too excited– no, you won’t be hitting up YouTube.com or even GitHub. That’s just too big and bloated now, even if you can get past the HTTPS hurdle. You will, however, be able to access, say MacintoshGarden.org, whose out-of-order HTTPS certificates sent the last version for a tizzy. The forums at 68kMLA work, and threads load quickly thanks to the as-needed image loading added this version.

Advertisement

Other nice things added include a proper history and bookmark manager.  There’s still no tab support, but have you seen the modern web? You’re not fitting more than one webpage into RAM on a G3 no matter how hard you try. You can, however, download the web browser directly from the http-only MacSurf.org homepage.

We featured the first release of this netsurf-based browser, and have to admit we’re impressed with the speed of development. If you want a totally modern system on PPC instead of just an up-to-date browser, you might want to check out MorphOS.

Advertisement

Source link

Continue Reading

Tech

Seattle Sounders FC pay tribute to S. ‘Soma’ Somasegar, beloved tech leader and team owner

Published

on

A tribute to venture capitalist S. “Soma” Somasegar before the Sounders FC match. (GeekWire photo/John Cook0

The Seattle Sounders paused before Thursday night’s rivalry match against the Portland Timbers to honor one of their own.

Before the match at Lumen Field, the club paid tribute to S. “Soma” Somasegar, the longtime Microsoft executive, Madrona venture capitalist and Sounders minority owner who died in May at age 59. Fans stood in silence as Somasegar’s image appeared on the stadium video boards.

Somasegar joined the Sounders ownership group in 2019, part of a wave of Seattle tech leaders — including Microsoft CEO Satya Nadella — who bought in that year.

After his death, the club said Somasegar viewed sports as a way to bring people together, and credited him and his wife, Akila, with strengthening the Sounders and Seattle Reign communities.

Advertisement

@media (max-width: 600px) {
aside.callout { float:none !important; max-width:100% !important; margin-left:0 !important; margin-right:0 !important; }
aside.callout .callout-img { display:none !important; }
}

GeekWire chronicled the outpouring of tributes after Somasegar’s death, as colleagues, founders and friends remembered the former Microsoft executive and venture capitalist for his humility, generosity and commitment to helping others succeed.

During his 27 years at Microsoft, he helped lead the company’s developer tools business before spending more than a decade at Madrona, where he backed and advised a new generation of cloud and AI startups.

Source link

Advertisement
Continue Reading

Tech

Dangerous new GoSerpent malware is apparently on the hunt for government secrets

Published

on


  • Kaspersky uncovers GoSerpent, a long‑running campaign on Southeast Asian government systems using a backdoor, RAT (Stowaway), and exfiltration tool (TmcLoader)
  • Attackers showed extreme patience, waiting weeks before deploying secondary tools to evade detection and outlast log retention policies
  • Attribution remains uncertain, but overlaps with past TetrisPhantom operations; defenders are urged to review shared IoCs to detect compromise

Security researchers Kaspersky discovered a five-year-old piece of malware that’s been hiding on government computers in the Southeast Asian region, harvesting secrets and other actionable intelligence.

The company analyzed a campaign called GoSerpent, which comprises of a backdoor of the same name, a Remote Access Trojan (RAT) called Stowaway, and a two-stage data exfiltration tool called TmcLoader.

Source link

Continue Reading

Tech

Apple vs. Open AI Explained: The Battle for AI Gadgets Begins With a Juicy Lawsuit

Published

on

Apple’s lawsuit against OpenAI is full of astonishing accusations and details, with Apple alleging it uncovered a pattern of theft of Apple’s trade secrets. Apple’s complaint mostly points the finger at a few ex-Apple employees that now work at OpenAI, the maker of ChatGPT.

OpenAI has faced quite a number of lawsuits lately on how it does business, but Apple’s suit brings a different twist. If this case goes to trial, it could reveal the secret hardware that OpenAI has long teased. A trial could seek damages if Apple’s work is being used to help develop some sort of rival AI device. Would a lawsuit spill the beans on a device — or several devices — before OpenAI is ready to launch?

Advertisement

Watch this: Apple vs. OpenAI: These Lawsuit Details Are Wild

This week’s episode of One More Thing, embedded above, goes into the juicy details of the suit and what happens next. OpenAI CEO Sam Altman says he’s not afraid of Apple, but maybe he should be. Taking rivals to court is part of the Apple playbook, and the company knows how to do it well

The fight could also drag in a few famous Apple faces. Apple’s former design chief, Jony Ive, is now working on making AI gadgets for OpenAI. That means Apple lawyers might call to the stand the former designer of the iPhone, to see if he used information stolen from Apple. (Awkwaaard.)

For more One More Thing, subscribe to our YouTube page to catch Bridget Carey breaking down the latest Apple news and issues every Friday.

Advertisement

Source link

Continue Reading

Tech

Kalshi Flags Trump’s Teleprompter Operator For Alleged Insider Trading

Published

on

ABC News reports that White House teleprompter operator Gabriel Perez allegedly made more than $100,000 betting on Kalshi markets tied to what President Trump would say in speeches, using his access to prepared remarks and last-minute edits. ABC News reports: According to the sources, Kalshi alerted its regulator, the Commodity Futures Trading Commission (CFTC), to the suspicious activity on its “Mentions” market, where users can bet on whether specific words, phrases or topics are uttered during a public speech. “Our surveillance team promptly flagged and referred these trades to the CFTC, and we are cooperating and assisting regulators,” Kalshi’s head of enforcement, Bobby DeNault, said in a statement provided to ABC News.

White House Press Secretary Karoline Leavitt told reporters Thursday afternoon, following ABC News’ report, that Perez has been put on unpaid administrative leave. Leavitt said she spoke with President Trump about it, and he thought it was a “disgrace” and made the decision himself to put Perez on unpaid leave. Leavitt said she was unaware of any other White House staffers who have made such trades. “The White House has strict ethics guidelines that we expect all staffers and officials to follow,” said White House spokesperson Davis Ingle when contacted by ABC News.

In addition to February’s State of the Union address, sources said CFTC investigators discovered that Perez placed bets on more than a dozen Trump speeches over a three-month period, including a December primetime address, a January speech at the World Economic Forum in Davos, Switzerland, and Trump’s remarks in March during a Medal of Honor ceremony.

Source link

Advertisement
Continue Reading

Tech

US sanctions on rogue VPN accidentally break Telegram’s short links worldwide

Published

on


  • The US Treasury sanctioned First VPN Service for aiding ransomware gangs
  • Complying with the sanctions, the .ME registry wrongly suspended Telegram’s entire t.me domain
  • The domain was restored roughly 19 hours later after Telegram CEO Pavel Durov flagged the issue online

If you clicked a Telegram link on Monday and stared at a blank screen, you weren’t alone. Every shortlink starting with ‘t.me’ suddenly vanished from the global internet, breaking group invites, profile shares, and channel links for roughly a billion users worldwide.

But the outage wasn’t caused by a technical glitch or a targeted cyberattack. Instead, it was the unintended collateral damage of a US government crackdown on a cybercriminal proxy network.

Source link

Advertisement
Continue Reading

Tech

The EU is forcing Google to give rival AI assistants the same access as Gemini on Android

Published

on

What just happened? European Union regulators are forcing Google to change how Android handles artificial intelligence, ordering the company to open up the operating system and its search data to competing AI services. Under a binding decision announced on Thursday, Google must grant rival AI assistants the same system-level access that its Gemini assistant enjoys on Android phones in the bloc. The move is intended to prevent Google from using Android’s vast reach to tilt the fast-growing AI market in its favor and to ensure that competing services have a fair opportunity to reach users.

The stakes are high. Android powers about 60% of smartphones in the European Union, and AI companies see those devices as the primary gateway for turning chatbots into everyday assistants. The deeper a service is integrated into a device – reading the screen, handling messages, and interacting with other apps – the more useful it becomes. That is precisely the layer of control EU officials are now trying to open up.

Regulators said Google will have to place rival AI services on “equal footing” with Gemini. That includes access to voice commands, system search, and the ability to perform actions in other apps, such as ordering a ride, replying to a text message, or pulling up information about a place a user recently visited. The changes must be implemented by next July.

The order also extends beyond the operating system. By January, Google will have to begin sharing anonymized search data with competing services, including developers of AI chatbots. The goal is to give those rivals access to more of the behavioral signals that help improve search and assistant products without exposing individual users.

Advertisement

Google has not said whether it will challenge the ruling in court. Instead, the company has warned that the EU’s demands could create new risks.

“Today’s decisions risk undermining vital privacy and security safeguards for millions of Europeans,” Kent Walker, Google’s general counsel, said in a statement. Google argues that allowing third-party developers to access sensitive data stored on a person’s smartphone or in their search history could weaken the protections built into its products.

European officials see it differently. The bloc has long taken a tough stance toward large technology platforms, and it views artificial intelligence as the next gateway to digital services. In their view, allowing a handful of companies to control the main AI assistants built into phones, browsers, and operating systems would entrench those players and shut out competitors.

The legal basis for the ruling is the Digital Markets Act, a competition law that applies to gatekeeper companies such as Google and Apple. The DMA requires them to make their products interoperable so that outside developers can offer competing AI assistants alongside – or instead of – built-in options such as Google’s Gemini and Apple’s Siri.

Advertisement

That requirement is already causing friction. In June, Apple said it would withhold new AI features for Siri in the European Union because it could not reach an agreement with regulators. As a result, iPhone users in the bloc will not receive the same Siri upgrades that Apple plans to roll out elsewhere, at least for now.

At the same time, some AI companies are trying to sidestep the mobile platform issue entirely by developing their own hardware. Last year, OpenAI hired Jony Ive, Apple’s former chief designer, to lead work on new AI-centric devices. The goal is to create products in which an AI assistant serves as the primary interface, rather than one that operates within another company’s operating system.

That partnership is now under strain. Last week, Apple sued OpenAI, accusing the company of stealing trade secrets. OpenAI has denied the allegations.

Advertisement

Source link

Continue Reading

Trending

Copyright © 2025