Sony has always put great interest in the security of its line of consoles, constantly correcting even the minimum exploit and preventing users from modifying the software of their PlayStation. Although the company does this as a means of preventing piracy and cheating in competitive video games, these security mechanisms also prevent the use of custom software, a practice considered legitimate by enthusiasts and developers.

Andy Nguyen, a renowned security engineer, recently introduced an exploit that would allow arbitrary code to be executed on PlayStation 4 and PlayStation 5 consoles for the specific purpose of executing custom code on these systems. It is also possible for the exploit to work on PlayStation 3 consoles, although the method has not been effectively tested in this version.

For some home software enthusiasts, this is a hack similar to the popular FreeDVDBoot, detected on PlayStation 2. This technique allowed games recorded on burned discs to be run without the need to make physical modifications to the console. Methods like this have become more important since issues such as video game conservation started to become relevant.

Despite attempts to preserve old video games as a cultural expression, Sony (and companies in general) continues to try to scuttle any attempt to modify its software, always arguing that the use of homebrew software simply benefits the creators of pirated video games.

Many people believe that the industry’s stance has simply led independent developers to undertake better and more organized efforts to find ways to use homebrew software. A well-known example is that of the PlayStation 4 console, considered highly difficult to modify until a bug in firmware version 9.0 opened the door to multiple modification methods.

Feel free to access the International Institute of Cyber Security (IICS) websites to learn more about information security risks, malware variants, vulnerabilities, and information technologies.

The post <strong>Critical vulnerability in the way Sony PS3, PS4, and PS5 consoles read Blu-Ray discs allows rooting and modifying the firmware</strong> appeared first on Information Security Newspaper | Hacking News.

At the beginning of the investigation, Bowser faced 11 serious charges, although he has only pleaded guilty to conspiracy to evade security mechanisms in technological devices and traffic in evasion devices. Team Xecutor developed pirated software and emulators for Switch, Nintendo 3DS, Xbox, PlayStation and NES Classic.

The defendant admitted to working with this group between 2013 and 2020, during which time he managed illegal websites and sold software to hack consoles and devices. In the lawsuit against Team Xecutor, Nintendo claims to have lost more than $65 million USD due to this group.

Nintendo thanked the law enforcement agencies involved in the investigation, which include the Federal Bureau of Investigation (FBI) and the Department of Homeland Security (NHS).

The video game company has always tried to take strict action against the illegal use of its products. Previously, Nintendo won a lawsuit against the RomUniverse platform, forcing the website’s administrators to pay $2.1 million USD compensation, plus they had to destroy all the illegal ROMs developed.

More recently, Nintendo began sending out copyright warnings against the GilvaSunner YouTube channel for its Nintendo soundtrack videos, which will likely lead to the channel’s definitive shutdown. 

To learn more about information security risks, malware variants, vulnerabilities and information technologies, feel free to access the International Institute of Cyber Security (IICS) websites.

The post Hacker sentenced to 3 years in prison for developing pirated software for Nintendo Switch appeared first on Information Security Newspaper | Hacking News.

In its busiest period, Popcorn Time was the largest peer-to-peer (P2P) streaming and download platform, thanks to a simple interface and that Netflix came to consider it as a serious threat; Reed Hastings, Netflix founder and CEO, pointed out piracy and Popcorn Time as his greatest competitors.

After a period of great popularity, everything began to change in 2015, when they shut down their first servers due to U.S. authorities starting to put pressure on some of the original developers. In addition to this, Popcorn Time was an open source platform that could be replicated on other domains, so there were more and more options for users looking for online piracy. Most of the websites derived from this code have already closed though.

Even during its peak of activity, the main developers anticipated that the platform would eventually shut down, mainly due to law enforcement activities against torrent websites, which were once the target of advanced police operations, thus decreasing its number and activity levels.

Curiously, it is platforms like Netflix that once again increased the interest in P2P downloads and torrents, since in a matter of a couple of years the availability of exclusive content on streaming platforms skyrocketed considerably.

To learn more about information security risks, malware variants, vulnerabilities and information technologies, feel free to access the International Institute of Cyber Security (IICS) websites.

The post Popcorn Time, the famous pirated content website, shuts down appeared first on Information Security Newspaper | Hacking News.

The Italian authorities have launched a major campaign against the supply and demand of IPTV platforms and other similar services, which make up one of the most important piracy operations worldwide.

A couple of years ago, the Italian police managed to bring down the massive IPTV operation known as Xtream-Codes, with approximately 50 million end users, one of the most important results in terms of the fight against this type of services.

As for the main objectives of the authorities, in February the focus shifted to the detection of end users of these services. A representative of Guardia di Finanza points out that complaints have been filed against 223 IPTV subscribers on the charge of “possession of stolen goods”, which could definitely change the way in which these crimes are combated.

A few weeks ago, several local media outlets in the city of Piacenza reported that 240 people, mostly residents of this locality, were identified as subscribers of a pirate IPTV platform that offers content from platforms such as Sky, Dazn, Mediaset Premium, Netflix and Amazon Prime for only 10 Euros a month.

As mentioned above, investigators managed to file charges against these users after identifying a 60-year-old individual engaged in the sale of subscriptions to IPTV services. Subscription sellers are usually the first contact of the operators of these platforms with potential customers, so they can keep personal records such as names, addresses, email addresses and payment details.

Such appears to have been the case in this investigation, although authorities could also have resorted to sophisticated tracking methods such as financial history investigations and charges to the cards of users of these illegal services.

In case of being found guilty of possession of stolen goods, users could face fines of up to 25,000 Euros and even jail time. The precedent that this case will set remains to be seen, although the authorities hope it will serve to deter those interested in these platforms.

To learn more about information security risks, malware variants, vulnerabilities and information technologies, feel free to access the International Institute of Cyber Security (IICS) websites.

The post Hundreds of people arrested and fined for watching Netflix and Prime on torrents and pirate sites appeared first on Information Security Newspaper | Hacking News.

According to a report by the security firm Kaspersky, users visited websites where, while they could find fragments of the nominated films, a registration window subsequently appeared to access the complete material: “On this registration page potential victims were asked to enter their bank card information; after performing this operation, the film stopped playing completely.”

Experts mention that this attack variant is also used to spread malware as they claim to have found around 80 malicious files associated with the names of the nominated movies in some categories of awards, including “Best Movie”. According to the report, 70% of these attacks are linked to three films: “Judas and the Black Messiah”, “Promising Young Woman” and “Trial of the Chicago 7”.

In this regard, cybersecurity expert Anton Ivanov mentions: “Threat actors will always be looking to monetize users’ interest in multiple entertainment sources. In this example, we can see that big events like the Oscar installment are used to reach a larger number of users, spreading phishing pages and malicious email.” On the other hand, experts believe that streaming platforms have contributed to the reduction of these attacks, although they are still a real security risk.

It should be mentioned that piracy in the film industry is not the only means by which threat actors deploy infections or frauds, as this practice also extends to major sporting events such as the Olympic or World Football Games, as well as holidays such as Valentine’s Day or Christmas.

Kaspersky experts mention that the best way to keep us protected against this hacking variant is to try to prevent the use of hacking websites, since in addition to violating intellectual property legislation they can jeopardize your devices and computer systems. On phishing websites, users should remember that, under no circumstances, it is advisable to enter their confidential information into such platforms, as it is practically a fact that their data will be extracted and used for malicious purposes.

To learn more about information security risks, malware variants, vulnerabilities and information technologies, feel free to access the International Institute of Cyber Security (IICS) websites.

The post Hackers leverage Oscar nominated movies to deploy malware and steal sensitive data appeared first on Information Security Newspaper | Hacking News.

The main problems of this practice have to do with the violation of intellectual property laws, although reports of security incidents related to the use of “cracked” software have recently increased.

A recent report by security firm BitDefender refers to the discovery of a series of attacks based on exploiting security flaws in pirated versions of Microsoft Office and some image editing tools such as the popular Photoshop. These attacks seek to take control of affected devices to hijack cryptocurrency wallets and inadvertently extract information over the Tor network.

When running on the compromised system, cracked software delivers an instance of ncat.exe, a tool for sending raw data over the network, as well as a Tor proxy. These files are placed in the system storage identified as ‘%syswow64%-nap.exe’ or ‘%syswow64%-ndc.exe’, and ‘%syswow64-tarsrv.exe’. A batch file is also placed at ‘%syswow64%-chknap.bat’ which contains a command line for the Ncat component dedicated to traversing ports 8000 and 9000 in .onion domains as shown below.

These tools work together to create a dangerous backdoor connected to the attackers’ C&C server over the Tor network. The ncat binary uses the listener port of the Tor proxy and uses the -exec standard, which allows all client entries to be sent to the corresponding application and responses to be sent to the client through the socket in the same way as a reverse shell.  

This malware also creates persistence mechanisms for the TOR proxy file and the Ncat binary on the compromised machine with a scheduled service that runs every 45 minutes. BitDefender experts mention that the backdoor is highly likely to be used by a human operator rather than sending automated requests to victims.

Some of the malicious tasks detected by experts include:

• Extracting files
• Running the BitTorrent client
• Disabling the firewall
• Theft of Monero wallets through the legitimate CLI client “monero-wallet-cli.exe”

A broader report in addition to the indicators of compromise found by experts, are available on BitDefender’s official platform. To learn more about information security risks, malware, vulnerabilities and information technologies, feel free to access the International Institute of Cyber Security (IICS) websites.

The post Pirated versions of Photoshop and Office steal browser data and cryptocurrency appeared first on Information Security Newspaper | Hacking News.

The main reason we need a specialized tool is security, as Internet service providers monitor user activities and even share this information with third parties. In favor of your privacy, it will always be preferable to use these kinds of tools.

Before starting we want to remind you that these tools do not store torrent files. In fact, the user must enter a query and get related results; then they will then need to log in to the website where the torrent of interest is stored and download the file from there. Don’t forget that it also requires an application to manage P2P traffic.

Websites that store these files contain an absurd amount of advertising. This is normal behavior, so it is recommended to use a browser extension to block ads, although these tools sometimes do not work for all websites.

Zooqle

Although the interface of this website resembles that of a streaming platform, Zooqle is considered by ethical hacking experts to be the best torrent search engines today, thanks to its ease of use and security.

To download a series or movie, for example, simply click on any of the available posters to open a list of available torrents. Then download one and run it in your trusted torrent client. Zooqle is ideal for searching for movies, TV shows, books and video games, with a catalog of more than 5 million different files.

TorrentDownload

This site is very easy to use thanks to a simple and fast interface. By simply entering a keyword in the search bar, TorrentDownload will drop the search results in an instant, as well as relying on resources like Torrentz2, RARBG or LimeTorrents.

Most Internet service providers block this platform, so users may need to use a VPN to access TorrentDownload.

BTDig

BTDig is the successor to BTDigg, possibly the most popular torrent search engine until it was disabled by law enforcement agencies. This platform has everything users expect from a torrent search engine, mentioned by ethical hacking experts.

BTDig has more than two million active users and is available worldwide; at least until Internet service providers can block it

iDope

Although this platform has been active for just a few years its developers have managed to attract a lot of attention, so more than 18 million P2P files already circulate on iDope.

The platform is blocked in multiple countries by Internet companies (not available in the UK, India, Denmark, among others) although in exchange for limited availability users enjoy adequate optimization to mobile devices and a simple interface.

AIO Search

This is probably the best platform available in terms of functionality and ease of use, as mentioned by ethical hacking experts. In addition to the basic search tool, AIO Search tells users how to configure the site to adapt it to their system, not to mention that not only torrent files can be found, since it has images, videos, subtitles and more.

With nearly 1.5 million active users worldwide, this platform receives constant maintenance and updates, so the user experience is more than satisfactory.

BITCQ

When searching for a file in BITCQ, the search engine will not only show you the related results, but you will also find detailed information about the torrents without having to know this platform in depth. Results are categorized by name, file size, status, and location.

Although BITCQ does not reach one million active users, it is available worldwide, not to mention it’s constantly updated and has not been blocked by Internet provider companies at the moment.

TorrentSeeker

TorrentSeeker has one of the easiest interfaces to use in this list, as the homepage only displays the logo and search bar. Users should only enter the title of the file they are looking for and the page will yield results in just a few seconds, although search filters only include relevance and date of the results.

By relying on Google search results, TorrentSeeker can access content from more than 100 torrent platforms, although it is likely to be blocked in multiple countries.

Snowfl

This is also a very simple torrent search tool, as mentioned by ethical hacking specialists. Snowfl uses Google’s custom searches, so most likely the first option that always appears in your results will be The Pirate Bay, which is still the best resource for downloading P2P files.

Efficient, simple design and with search filters, the only disadvantage of Snowfl is that it has already been blocked by multiple Internet service providers, so it has less than 500,000 active users.

Solid Torrents

This platform is relatively new, although it has already attracted many users thanks to its precision while showing search results, which allows verifying all the necessary information before downloading a torrent file.

With a simple design and proper division into categories, more than 23 million users are ready to use in Solid Torrents, not forgetting that the platform is available worldwide.  This site also uses an efficient tagging system to find all content potentially associated with user search, further allowing problematic torrents to be identified, thus eliminating junk content.

XTORX

Unlike other platforms, XTORX displays very limited search results, which contain links to other popular torrent platforms such as The Pirate Bay, Kickass Torrents, Torrent Galaxy, among others. By clicking on these links, users will be able to access additional results.

Although this sounds chaotic, the results are actually organized, not to mention that the platform is very fast and no ads are shown to users. With more than 250,000 users worldwide, the platform has not yet been blocked by Internet service companies.

Academic Torrents

This is a very particular platform because, as its name suggests, it specializes in the search for educational material. Experts in ethical hacking mention that the platform has 65 TB of information, including articles, books and academic research for completely legal download.

This tool is based on Google’s search engine, and can be really useful for academic communities around the world. Academic Torrents is available worldwide and already has tens of thousands of users.

Toorgle

Toorgle is a torrent search engine capable of accessing more than 450 P2P resources, so it yields a lot of results organized by date and relevance and with an interface similar to that of Google.

Toorgle is also compatible with Firefox browser and, although it is not the fastest torrent search engine, it is fully functional and already has more than 120 thousand users worldwide. At the moment this platform has not been blocked by Internet service providers, as mentioned by experts in ethical hacking.

Veoble

This platform differs from the rest when it comes to the results it throws after the search, as it has sophisticated filters that include or exclude certain torrent sites and make language distinctions. You can also choose to have the most relevant or latest results at the top of the list.

This tool is based on Google’s browser and has more than 100,000 users worldwide.

Torrent Paradise

This is an ideal tool for users unfamiliar with torrent search thanks to a simple interface; When entering the website, users only find a search bar in which they will need to enter a keyword to get results sorted by name, file status, and size. Torrent Paradise also allows you to download files without going directly to the website where they are hosted, which avoids inconvenience such as invasive advertisements.

With over 10 million files available, its nearly 100,000 users have made Torrent Paradise one of the most interesting options in recent years.

TorrentZeta

TorrentZeta appeared after Torrentz2 stopped working due to a prolonged denial of service (DoS) attack. This platform offers real-time search and efficient file download directly from the platform where they are hosted.

Internet service providers do not yet block this platform, so it is available worldwide. However, few active TorrentZeta users remain, with just over 50,000 registered.

Security when using torrent search engines

Needless to say, torrent platforms are illegally maintained because they distribute pirated content, so authorities in multiple countries have taken severe steps to close these websites.

According to ethical hacking experts some laws contemplate extreme cases, such as considering any user who downloads these files illegally. That’s why users of these platforms are encouraged to use mandatory virtual private networks (VPNs) to try to go truly unnoticed when using these tools.

The post Top 15 torrents websites to download any file for free in 2021 appeared first on Information Security Newspaper | Hacking News.

In this article, cyber security experts from the International Institute of Cyber Security (IICS) will show you what these protection mechanisms consist of and what methods hacking groups use to breach and access this information by illegitimate means.

Before we begin, it is worth remembering the rise in popularity of the ebook, which is considered by many to be a more environmentally friendly alternative than the traditional book industry. Its popularity increased on par with the massive use of smartphones and electronic tablets and even devices such as the Kindle to the point where ebook sales outweighed sales of physical books on platforms like Amazon.

Unfortunately nothing lasts forever, so by the end of 2016 there had been a critical slowdown in sales in this industry. A few years later the picture looks more complicated even for the production of an ebook, whose costs are already equated or exceed the production costs of a traditional book, and that security restrictions on an ebook have limited the growth of its popularity, as many people consider it useless to buy a protected file that cannot be borrowed, sold or donated after a while.   

IICS cybersecurity specialists mention that Digital Rights Management (DRM) refers to the security mechanisms that copyright holders implement to protect any digital development, including ebooks. In this case, encryption is the most commonly used option, although there are multiple methods to prevent piracy.

Let us take a brief look at this industry which, while facing a severe crisis, refuses to change the logic of its work in favor of options more convenient for all.

PDF: The industry’s favorite format

Adobe PDF Reader was one of the first formats to have DRM protection. The protection of this format seemed to live up to expectations until developer Dmitry Sklyarov found a way to hack this protection, leading him to a jail in the U.S. Although at the time the authorities of multiple countries appeared to have undertaken strict surveillance against the attempted DRM hacking, this practice became increasingly common and it is even possible to discuss this issue in conventional Internet forums.

Adobe PDF Merchant (Acrobat Web Buy)

Although Adobe PDF Merchant is now of exclusively historical interest, this is the format that allows you to understand what DRM protection is when applied to electronic publications. The basic principles of DRM protection have changed little since then, although implementation has undergone substantial changes.

Support for ebooks appeared as a downloadable module in Acrobat Reader 4.05 and the first module of its kind was Acrobat Web Buy. The module’s work was based on close interaction between the client device and the server. When a user tried to open a protected workbook, this module sent the DRM server a request that contained an identifier for the environment where it was about opening this protected workbook (hard drive serial number, user account ID, etc.). This is how these protection mechanisms operate today.

The server was responsible for verifying the legitimacy of access to the protected document. If verification was successful, an RMF format such as XML was sent to the user’s system; this file contained the key to decrypt the PDF, plus a list of allowed actions and a certificate to validate the license. 

In turn, the license was verified by two 1024-bit RSA keys; one belonged to the publisher and the other was used by Adobe as a trusted certificate to sign the publisher’s public key. This security mechanism was built in such a way that it was impossible to create a secure RMF file (and therefore a secure eBook) without Adobe’s involvement. On the other hand, if hacking groups could get an RMF file, it was easy to extract their encryption key.

Adobe DRM (EBX)

This is one of the latest adobe deployments, which worked in conjunction with EBX Workgroup. This DRM system is based on generating two asymmetric keys when you start an application to read ebooks; the public key is registered on the server and the secret is sent to the user’s device. When purchasing the license, the user receives an XML file that contains the document password; the key is encrypted with the user’s public key, as well as containing a list of access rights to validate user information.

Although reliable, this mechanism is considered imperfect. Not to mention that no significant improvements have been made since its early releases, so anyone with cybersecurity knowledge could compromise this information.

DRM PDF Vulnerabilities

It is incredibly difficult to implement these mechanisms to books in PDF format and not functional in real-world scenarios. One of the main problems is that the entire schema would be exposed just by intercepting the encryption key.

With this in mind, Acrobat Reader 6 implemented a new scheme that gave security modules the ability to decide how a particular fragment of a PDF document was encrypted. Key interception stopped working because the key is no longer transmitted between the protection nodes. This still brought new problems, along with the adoption of Adobe Acrobat Reader as a standard ebook reader.

Acrobat Reader began implementing plugin support. Many researchers and even some hackers working in the piracy market discovered that, if you load a specially designed plugin at the time you open a protected PDF, it is possible to obtain the complete information of that file.

Since then this scenario has been transformed into a cat-and-mouse game, with Adobe releasing frequent improvements to prevent these attacks and hackers adapting to what the company has, abusing the possibility of loading malicious plugins with fake digital signatures, a problem that continues to affect the company.

DRM and Amazon

Amazon is the largest ebook store and even has its own ecosystem to access its content, including Kindle family products and Fire tablets. Amazon readers are also limited by a fundamental issue: this product family does not support DRM-free ebooks formats, such as ePub or FB2.

Kindle books support DRM; the link goes to the user’s Amazon account. In Kindle for iOS apps, books are encrypted exclusively with a key generated from the user’s account information. The important thing here is that it is quite difficult to extract information from an iPhone or iPad, mentioned by IICS cybersecurity experts.

For the Kindle family, protection is based on the device’s serial number and the unique PID that is assigned during registration. As a result, the key to decrypting books downloaded to those devices can be calculated based on your Kindle’s serial number and PID. The latter can be extracted using the DeDRM Tools tool, running the following script and passing the device serial number as a parameter (the Kindle device itself must be connected to the computer at this time):

$ kindlepid.py <Kindle Serial Number>

The Windows application also uses shared key encryption per account. However, retrieving books from a Windows computer is much easier than on an Apple system, so Amazon uses a second layer of encryption, this time with a unique separate session key for each book.

Although this is a prominent mechanism, both keys are still stored on the computer and recovering them is an almost trivial issue, cybersecurity specialists say.

Here’s how to evade DRM protections for Kindle formats:

• Install the Kindle Reader for Windows app on your computer
• Download the DeDRM tool (available on GitHub)
• Install Caliber
• Install the plugin DeDRM_plugin.zip in Caliber from DeDRM_calibre_plugin
• You can now download books with the Kindle app
• The rest is simple: drag and drop books in AZW3 or MOBI formats from the Documents-My Kindle Content folder in Calibre. The DRM mechanism will be automatically removed
• Books can be converted to FB2, ePub or any other Caliber-compatible format

Optionally, you can do without Calibre using a command-line utility or simply resort to one of the many online services.

In response to the multiple methods of dodging its security mechanisms, in 2015 Amazon released KFX, a more advanced format and with greater DRM security that to date has not been decrypted by researchers or hacking enthusiasts. To the company’s bad fortune, the use of this format never became widespread, resulting in a very limited number of titles available on KFX.

Barnes & Noble: Adobe Digital Editions Protection (ADEPT)

Barnes & Noble is the second largest library chain in the U.S. and uses the ePub format, protected by the Adobe Digital Editions (ADEPT) schema. This scheme uses an encryption system that has not yet managed to become a reliable DRM scheme. According to cybersecurity experts, each book is encrypted with a unique AES key, and the key itself is encrypted with an RSA key, which is generated based on the user’s credentials (information based on an email address) and stored on the user’s computer.

Barnes & Noble is the second largest library chain in the U.S. and uses the ePub format, protected by the Adobe Digital Editions (ADEPT) schema. This scheme uses an encryption system that has not yet managed to become a reliable DRM scheme. According to cybersecurity experts, each book is encrypted with a unique AES key, and the key itself is encrypted with an RSA key, which is generated based on the user’s credentials (information based on an email address) and stored on the user’s computer.

Hackers need to find the session key with which the RSA key was protected, which was used to encrypt the AES key used to encrypt the books. It sounds complicated, but according to the hacker who managed to break this protection, deploying the entire chain was more tedious than difficult.

Even less DRM

By now not all ebook publishers pay much interest to DRM mechanisms, even some publishers in Germany and England have concluded that these protections are detrimental to sales, leaving behind their use and opting for what they called social DRM.

Although publishers do not want to leave Amazon (it remains their most exposed platform), many also resort to selling their titles on their own websites or on third-party platforms, with the particularity that these versions of their books do not have DRM, a practice that has resulted from the liking of a considerable number of readers who prefer digital formats over the physical book.

As mentioned above, some publishers opt for the social DRM option, which allow them to reliably track the origin of books purchased in the public domain thanks to a watermark invisible to the user. In the most extreme cases, publishers simply rely on the word of honor of users, eliminating any kind of protection.

The present and future of the ebook

Given the current conditions, cybersecurity specialists consider that ebook stores that do not have their own ecosystem see their options limited to two possible scenarios: offering free downloads in widespread use formats, or selling access to their websites as a kind of streaming platform.

The second option doesn’t sound crazy in the first instance, but it leads to severe problems for users who invest their money on these platforms. For example, in the catalog offered by Liters users will frequently find all kinds of warnings such as those shown below: 

THE BOOK WAS PURCHASED IN THE ONLINE STORE WWW.FEISOVET.RU

BUYER: Oleg Afonin (aoleg@voicecallcentral.com) ORDER: 287253385/09-Mar-2018

COPYING AND DISTRIBUTING THE TEXT OF THIS BOOK FOR ANY PURPOSE IS PROHIBITED!

That’s not all. In addition to this irritating announcement, this platform also places some bookmarks in its texts, such as: 

#287253385 / 09-мар-2018

This is an anomaly that social DRM drivers were unable to foresee, which is unfortunate considering that there are users who invest their money on these platforms and never expect to encounter such failures.

Conclusions

DRM protection methods generally work for the vast majority of conventional users (which, in fact, is their primary goal). However, it is obvious that any user with sufficient knowledge could dodge these limitations, as this is not even too difficult. At the same time, the only major player in this industry that invests its resources to counter this practice is Adobe, as it seems that the rest of the companies have given this battle for loss.

The other side of the coin (social DRM) also does not seem to turn out as intended, consider cybersecurity experts. This practice still faces more questions than certainties, so DRM-free ebook users will still not enjoy a fully satisfying experience.

Time keeps going and the industry remains in crisis, so the complete demise of the traditional book industry, one of the most adventurous predictions during the ebook boom, is also far from realized.

The post Ebooks: 5 Ways To Hack & Pirate them. And How Amazon, Adobe, Barnes & Noble Protect Them appeared first on Information Security Newspaper | Hacking News.

The website registered millions of visitors each month, becoming one of the most popular platforms of its kind, mainly in Denmark and other European territories. Everything changed just a few days ago, as the website suddenly stopped working, so rumors began to circulate about a police investigation and the possible arrest of the DanishBits owner.

In an interview with the specialized platform TorrentFreak, an anonymous informant who claims to be part of the DanishBits staff confirmed the arrest, as well as confirming that the life of the platform came to an end: “It is with great pain that I inform you that we have reached the end of the DanishBits road.”

Finally, the informant also confirmed that user data stored by DanishBits is completely safe as it was protected with encryption. Still, the individual points out that the arrested man is the only one who has access to the platform’s servers, so no other staff member could do anything about the stored information: “All servers are protected with encryption, although the owner could still access the information and hand it over to the authorities, although this is simple speculation”, concludes the informant.

Given the conditions under which the website was closed, it is virtually impossible to manage the return of DanishBits. However, some staff members and torrent tracking forum users still keep hope that the platform can be enabled again.

The post One of the largest torrent websites was closed by the police; the owner is arrested appeared first on Information Security Newspaper | Hacking News.

The creators of RDR2 tried to innovate in video game protection by creating a sophisticated combination of DRM, similar to the measures implemented in the latest Ubisoft releases. This mechanism allowed keeping the game safe from hackers for almost a full year, although hacking groups have finally achieved their goal.

This is a worrying fact not only because it has compromised the security of RDR2, since the industry believes that employing similar methods, piracy groups will be able to compromise other video games protected by the same mechanism. This attack, known as bypass crack, is one of the most important resources available to threat actors. 

On Ubisoft, multiple games could be exposed by this attack method, including Watch Dogs Legion, Assassin’s Creed Valhalla, among others, which use Denuvo security technology and in some cases VMProtect. The number of games committed over the last few days could be updated as soon as possible.

The post Red Dead Redemption 2 was finally cracked. Torrents available in forums appeared first on Information Security Newspaper | Hacking News.

Kickass Torrents remains active although it faces constant blocking campaigns by Internet browsers and service providers, as authorities estimate the platform has illegally distributed over $1 billion USD worth of pirated movies, videogames, TV shows and other entertainment content.

According to US law enforcement agencies, Polish Police arrested and then released Vaulin in may 2017, whose defense argued health reasons.

Reportedly, the 34-year-old Ukrainian individual has left Poland in violation of his release conditions, and his current whereabouts are unknown. The US Department of Justice (DOJ) said the extradition proceedings had ceased, although American authorities might start it again. 

About KickassTorrents, it works as a directory for torrent files and links meant to facilitate peer-to-peer file sharing. The site received more than 50 million visitors, the DOJ said. Prosecutors pegged the site’s net worth at more than $54 million in 2016, estimating that its operators reaped between $12.5 million and $22.3 million annually.

Back in 2016, Vaulin was charged with criminal copyright infringement and was contesting his extradition to the US, so he decided to escape custody. A court agreed to release Vaulin into Warsaw in 2017 after his lawyers argued that he suffered from a spine-related disease. Several world known browsers including Safari, Google Chrome and Mozilla’s Firefox all have intermittently blocked KAT, citing the risk of phishing or other malicious activity.

Multiple scamming groups have abused advertisements on KickassTorrents to spread malicious content that would redirect victims to malicious sites aiming to steal their confidential and financial data.

The post Kickass Torents founder Artem Vaulin goes missing. Fugitve from justice appeared first on Information Security Newspaper | Hacking News.

The Nintendo Switch handheld console has become very popular, emulating sales of consoles like the PlayStation 4. However, there is a problem with this device: video game crackers have deciphered possible methods of hacking the console, affecting Nintendo’s profits, mentioning information security awareness experts.

Team-Xecuter hackers, jailbroken in the first generation of Switch in 2018, have just announced the development of SX Core and SX Lite, tools to crack all versions of Switch.

According to information security awareness researchers, a cracked switch can be used by downloading network resources and does not require players to purchase authentic games, either in their physical or digital version. After Nintendo announced the correction of exploited vulnerabilities, Team-Xecuter hackers followed their investigation into the console code, putting various cracking tools up for sale through its website.

What has Nintendo done about it? There is currently a legal procedure to prevent Team-Xecuter from further selling these cracking tools. However, given the nature of cracking developed by this group, Nintendo cannot do much to stop users using pirated software, so only new versions of the console remain to be released: “Team-Xecuter illegally designs and manufactures an unauthorized operating system, in addition to the hacking tools that complement it,” Nintendo’s demand mentions.

The company has also managed to shut down some hacking websites, although video game crackers do not stop. In the event that things don’t change, information security awareness specialists anticipate that Nintendo will start reporting ever-increasing economic losses, so it will be difficult to develop quality video games without the fear of loss.  

The post Every Nintendo Switch model could be jailbroken with this tutorial. Nintendo suing the hackers appeared first on Information Security Newspaper | Hacking News.