A massive phishing campaign built on typoquoting is targeting Windows and Android users with malware, according to a dangerous intelligence firm and cybersecurity website.

More than 200 typoquoting domains are currently used in an ongoing campaign that impersonates 27 brands to trick Web surfers into downloading malicious software to their computers and phones, BleepingComputer reported Sunday.

Threat intelligence firm Cyble revealed the campaign in a blog last week. It reported that phishing websites trick visitors into impersonating Google Wallet, PayPal and Snapchat to download fake Android applications that contain the ERMAC banking trojan.

BleepingComputer explained that while Cyble focused the campaign’s Android malware, a much larger operation aimed at Windows is being deployed by similar threat actors. That campaign features more than 90 websites designed to advance malware and steal cryptocurrency recovery keys.

Typosquatting is an age-old technique of redirecting cyberspace travelers to malicious websites. In this campaign, BleepingComputer explained, the domains used are too close to the original, with a letter swapped out of the domain or an “s” added to it.

It added that the phishing sites also appear to be authentic. They are either clones of real sites or enough to fool a casual visitor.

Typically, victims end up on sites by making typos in the URLs entered in the browser’s address bar, this continues, but URLs are sometimes entered in emails, SMS messages, and on social media as well.

“Typosquatting is not novel,” said Sherrod DeGripo, vice president for threat research and detection at Proofpoint, an enterprise security company in Sunnyvale, Calif.

“Goggle.com was accidentally sending visitors to a malicious site with drive-by malware downloads as early as 2006,” DeGrippo told TechNewsWorld.

abnormal scale

Although the campaign uses tried-and-tested phishing techniques, it does have some distinctive features; Security experts told TechNewsWorld.

“The size of this campaign is unusual, even though the technology is old-school,” said Mike Parkin, senior technical engineer at Vulcan Cyber, a provider of SaaS for enterprise cyber risk prevention in Tel Aviv, Israel.

“This particular operation appears to be on a larger scale than typical typosquatting efforts,” said Jarrod Picker, a competitive intelligence analyst at Deep Instinct, a deep-learning cybersecurity company in New York City.

The focus on mobile apps is another departure from the norm, said Grayson Milborn, director of security intelligence at OpenText Security Solutions, a global threat detection and response company.

“Targeting mobile apps and related websites with the goal of distributing malicious Android apps is something that is not new, but not as common as typosquatting that targets Windows software websites,” he said.

What’s interesting about the campaign is its reliance on both typing mistakes made by users and the deliberate delivery of malicious URLs to the target, observed Hank Schles, senior manager of security solutions at Lookout, a San Francisco-based provider of mobile phishing solutions.

“It appears with a broad campaign [a] There is a high chance of success if an individual or organization does not have proper security,” he said.

Why does typosquatting work?

Phishing campaigns that exploit typoquoting don’t need to be innovative to be successful, maintained Roger Grimes, a defense campaigner at KnowBe4, a security awareness training provider in Clearwater, Fla.

“All typosquatting campaigns are quite effective without the need for advanced or new tricks,” he told TechNewsWorld. “And there are many advanced tricks, such as homoglyphic attacks, that add another layer that can fool even experts.”

Homoglyphs are letters that are similar to each other, such as the letters O and zero (0), or the uppercase I and lowercase letter l (EL), that look similar in a sans-serif font, such as Calibri.

“But you don’t find a ton of these more advanced attacks out there because they don’t need them to be successful,” Grimes continued. “Why work hard when you can work easily?”

Abhay Bhargava, CEO of AppSecEngineer, a security training provider in Singapore, said typosquatting works because of trust.

Bhargava told TechNewsWorld, “People have become so used to seeing and reading well-known names that they think a site, app or software package has almost the same name and the same logo as the original product. “

“People don’t stop to think about minor spelling discrepancies or domain discrepancies that differentiate the original product from the fake,” he said.

Some domain registrars guilty

Picker explained that it’s all too easy to “fat finger” when typing a URL, so PayPal becomes PalPay.

“It will get loads of hits,” he said, “especially since typosquatting attacks typically present a web page that is essentially a clone of the original.”

“Attackers also snatch away multiple similar domains to ensure that many different typos will match,” he said.

Grimes stressed that even the current domain registration system doesn’t help matters.

“The problem is made worse because some services allow bad websites to obtain TLS/HTTPS domain certificates, which many users believe is safe and secure,” he explained. “More than 80% of malware websites have digital certificates. It makes fun of the entire public key infrastructure system.”

“On top of that,” Grimes continued, “the Internet domain naming system is broken, apparently allowing rogue Internet domain registrars to obtain rich registration domains that are easy to see, used in some sort of misdirection attack. Profit incentives, which reward registrants for looking the other way, are a big part of the problem.

Mobile browser more responsive

Hardware form factors can also contribute to the problem.

“Typoquoting is far more effective on mobile devices because of how mobile operating systems are built to simplify the user experience and reduce clutter on small screens,” explained Schles.

“Mobile browsers and apps shorten URLs to improve their user experience, so the victim may not see the full URL in the first place, much less typos,” he continued. “People usually don’t preview URLs on mobile, which is something they can do by hovering over a computer.”

Typosquatting is certainly more effective for phishing on mobile phones because URLs aren’t fully visible, agree CISO and co-founders of Tresorit, an email encryption-based security solutions company in Zurich.

“To run Trojans, not so much because people usually use apps or the Play Store,” he told TechNewsWorld.

How to prevent typosquatting

To protect themselves from falling victim to phishing typosquatting, Picker advises users not to follow links in SMS messages or emails from unknown senders.

He also advised caution while typing URLs, especially on mobile devices.

“When in doubt, the user can directly Google the established domain name, rather than simply clicking on the link,” DeGripo said.

In the meantime, Schles suggested that people should rely on their mobile devices a little less.

“We know how to install anti-malware and anti-phishing solutions on our computers, but there is an inherent belief in mobile devices such that we feel it is not necessary to do so on iOS and Android devices,” he said.

“This campaign is one of countless examples of how threat actors leverage that trust against us,” he said, which demonstrates why it’s important to build a security solution specifically for mobile threats on your smartphone and tablet. .

It’s been 15 years since Amazon introduced the first Kindle, introducing many readers to the benefits of electronic paper (e-ink) technology, including long battery life and excellent sunlight readability.

Displays have improved over the years but still exhibit drawbacks such as screen ghosting, where a lighter version of the previous screen image can be seen in lighter parts of the display, and disruptive refresh, which involves removing an image from showing. At first the screen flashes shadow. Technology also took the hard way for coloring.

Two recently released e-paper tablets address these issues, managing contrast versus screen refresh speed, out-of-the-box Google Play compatibility, stylus support, and the latest in E Ink’s color technology called the Kaleido Plus. Offers multiple modes.

Nova Air C: Ultimate Digital Notepad

The Nova Air C comes from Onyx Boox, which offers the industry’s widest range of e-readers and e-paper tablets – even if one excludes only its China-based products.

The Onyx Boox portfolio ranges in size from 6″ to 13.3″ and includes two E Ink-based monitors under its Mira brand. Its products consistently showcase thoughtful designs, attractive packaging and smartly designed accessories.

For example, Onyx Books offers a keyboard folio for its 10.3″ devices that makes it the closest thing to a true E Ink laptop today (a product the company released at a 2017 trade fair but canceled). It also offers a cover that adds page-turning buttons for e-reading apps. Indeed, one of the advantages of Android-based e-paper tablets is that they offer the Kindle’s screen aesthetic, allowing you to choose from a wider range of digital bookstores.

While most companies in the e-paper tablet space have yet to ship a color product, the Nova Air Sea is another entrant from the Onyx Books that includes improved color and grayscale uniformity.

Nova Air Sea E-Reader by Onyx Books

Nova Air Sea E-Reader (Image Credit: Onyx Books)

Like other Onyx Books products, the Nova Air C interface is marked by a “function tab” that appears on the left side of the display by default. These launch a less-than-useful store full of public domain tasks and a library to organize them, a basic file manager, and an exceptionally full-featured note-taking app.

Working with the product’s comprehensive, button-free stylus, the app supports multiple page sizes, adding and deleting pages and layers, inserting images, shapes, and recordings, up to 5GB of free cloud syncing, and handwriting support. In two ways- text. You can also set up multiple pens and brushes and choose from three different erasing modes.

The Apps section includes an App Store that provides some of the basics, taken from the Internet. However, the device supports the full breadth of Google Play and Android-style navigation including settings and notification access from the swipe-down notification shade; The Back, Home, and App Switch functions can be accessed by swiping up from the left, middle, and right sides of the bottom of the screen, respectively.

Alternatively, a circle floating over other app interfaces — similar to those used by Android screen-recording applications — pops out controls for features like switching apps, taking screenshots, and powering off.

All told, the Nova Air Sea is a mix of the best that E Ink has to offer: an excellent note-taking app for those looking for an alternative to Android apps like Nebo or Noteshelf, and a wide range of Google apps. have access to. Via Google Play—all in one lightweight, well-accessorized package.

Bigme Inknote Color: E-Paper Power

Onyx Books isn’t the only vendor to bring color to earlier monochrome slates using E Ink and similar technologies such as Digital Electronic Slurry (DES). The latter has been used so far in outright crowdfunded products from Rinkstone and mini-laptop seller Topjoy; Both have faced lengthy shipping delays from their original November 2021 target.

While more established vendor BigMe has used the crowdfunding route for its Inknote color device, it has used the same Kaleido Plus color technology used for the Nova Air C. In fact, the interface of the product is very similar to Onyx Books and others. e-paper tablet, even including an optional floating navigational control and lock screen illustration in the same style.

Upon launch, you are presented with a shelf similar to icons on the left that includes Meeting Records, Offline Books, and Storage. However, Bigme offers more customization options, including being able to dock Android apps there. This is especially useful because the company hasn’t (yet) implemented alphabetical ordering for Android apps as on Onyx Books.

BigMe partnered with Good eReader – a provider of news and reviews about e-paper devices and an online store on product designs that are hard to find in the US.

As Good e-reader’s impressive review notes, the Inknote Color is the first color E Ink product with an A5-sized display. The larger size makes it better suited for reading and annotating PDFs, as well as content like web pages, magazines, sheet music, and comics.

Similar to other larger E Ink-based devices, such as Kobo’s Ellipsa, the Inknote Color has a relatively thin bezel except for a notably wide bezel on the left margin.

Bigme Inknote Color E-Ink Tablet

Bigme Inknote Color E-Ink Tablet (Image Credit: Bigme)

Beyond color, the tablet offers hardware features that have rarely, ever, been seen before in such a product. This includes:

  • 5MP front and 8MP rear cameras that can be used to take a quick profile photo or scan a document with integrated OCR which works well;
  • A large (but inadvertently very easy to detach) active stylus with three buttons, unlike the button-free version on the Onyx Books;
  • Miracast-based screen-casting — a great feature for when you want to take some video that will overwhelm the E Ink display; And
  • A fingerprint reader – although this requires a Bigme Cloud account to set up.

Inknote Color also revives that microSD slot, which has been seen to lack vendor support, and supports 4G internet access, but not in the US

A technical tour de force for the category, the BigMe InkNote Color caters to those who want the biggest Color E Ink tablet available, specifically for consuming and annotating content transferred through a range of Android apps. And the device’s image and audio is recognized by text recognition applications.

E-paper tablets have made great strides in areas such as refresh rate and color support. However, their more mainstream competitors from companies such as Apple, Lenovo and Samsung have progressed into e-paper sweet spots, such as daylight readability and longer battery life, while offering great advantages in color reproduction.

E-paper tablets, then, are better optimized for prolonged reading, note-taking or annotation versus popular media-focused tablet activities such as playing games and watching videos. Products like the Inknote Color and Nova Air C don’t come close to challenging the iPad for those tasks.

However, with Google Play support and an improved color story, these devices allow more penetration into applications like email, web browsing, and messaging—that is, if you want to defy their promise of a less-distracting experience.

Rubin’s Review: Sherpa 100 Series Power Bank

Goal Zero was a pioneer in high capacity portable power products with AC outlets sold under the Yeti brand. These were useful for applications ranging from camping to emergency power. However, its smaller products, sold under the Sherpa brand, underperformed to stand out in the USB-based charging crowd.

Since the first Sherpa products, we’ve seen a flood of unnamed brands in the portable power space. Additionally, USB-C has offered a more versatile and popular charging standard, with its higher-wattage power delivery option.

In response, Goal Zero’s latest 95 kWh Sherpa power banks, the 100PD, which delivers up to 100 watts via USB-C power delivery, and the 100AC which offers the same in addition to a 100-watt AC outlet, while also standing out Covering each base and providing exceptional control over their features.

Target Zero Power Bank, 100PD and 100AC

The Sherpa 100PD (pictured left) and Sherpa 100AC power banks offer 95 watt-hours of portable, airline-approved charging. (image credits: Target Zero)

While both the products are large to accommodate their high capacity, the AC-based product is smaller for its category. Both include informative displays tracking charge level, incoming and outgoing wattage, and other details.

More power banks are now smartly taking advantage of USB-C PDs to charge themselves as well as other products, reducing the need for a separate AC adapter. Sherpas implement this very well, with switches on the back specifying input, output, or port for automatic detection; A subtle colored light ring around the port glows blue or green to reflect this.

The Sherpa 100 family of products support Qi-based charging, and, in keeping with the company’s heritage, they are sturdily built—though not water-resistant; The 100AC includes a ventilation hole on its side. Nevertheless, the products represent how a company can reclaim premium status, even in a category that has seen widespread commoditization.

Currently, the Sherpa 100PD is priced at $199.99 and the Sherpa 100AC is $299.99 at Goal Zero.