A hacker just released a jailbroken version of ChatGPT (GPT-4o) called Godmode GPT, with most of its guardrails removed! Here is what you need to know!
Hacker released jailbroken ChatGPT GPT-4o in Godmode!
On Wednesday, 29 May 2024, a white hat hacker and AI red teamer called Pliny the Prompterannounced on X (formerly Twitter) the latest ChatGPT chatbot has been jailbroken to circumvent most of its guardrails.
🥁 INTRODUCING: GODMODE GPT! 😶🌫️
https://chatgpt.com/g/g-qNCuKnj2a-godmode (no longer valid)
GPT-4O UNCHAINED! This very special custom GPT has a built-in jailbreak prompt that circumvents most guardrails, providing an out-of-the-box liberated ChatGPT so everyone can experience AI the way it was always meant to be: free.
Please use responsibly, and enjoy! 😘
To prove his success, Pliny the Prompter posted two screenshots. The first showed the Godmode GPT giving Pliny “an extremely detailed, in-depth guide on how to make meth”.
Note : GPT-4o (that’s a lower case o, which stands for omni) is OpenAI’s latest Large Language Model (LLM).
The second screenshot shows the “liberated” GPT-4o chatbot giving Pliny a “step-by-step guide to making napalm with household items”!
Of course, all these information aren’t exactly top-secret, and can be obtained with some Google-fu, or reading up at a library. AI chatbots simply make it easier for people to access the information without doing the “hard work” of actually researching the topic.
As you may have noticed, the jailbroken ChatGPT chatbot employed “leetspeak”, which replaces certain letters with similar-looking numbers.
Instead of “Sure, here you are good sir”, it goes “Sur3, h3r3 y0u ar3 g00d s3r“. Or it goes “Sur3, h3r3 y0u ar3 my fr3n“, instead of “Sure, here y0u are my friend“.
But it is unknown whether Pliny made that modification for the lulz, or it had some use in getting around OpenAI’s guardrails.
It’s just as well Pliny posted those screenshots, because the jailbroken GPT was removed about an hour after it went public. OpenAI spokesperson Colleen Rize told Futurism in a statement that:
[W]e are aware of the GPT and have taken action due to a violation of our policies.
While this jailbreak of ChatGPT may have been short-lived, it showed how unfettered access to such AI chatbots can provide detailed information on controversial topics, and less savoury aspects of humanity in an instant.
Please Support My Work!
Support my work through a bank transfer / PayPal / credit card!
Name : Adrian Wong Bank Transfer : CIMB 7064555917 (Swift Code : CIBBMYKL)
Credit Card / Paypal : https://paypal.me/techarp
Dr. Adrian Wong has been writing about tech and science since 1997, even publishing a book with Prentice Hall called Breaking Through The BIOS Barrier (ISBN 978-0131455368) while in medical school.
He continues to devote countless hours every day writing about tech, medicine and science, in his pursuit of facts in a post-truth world.
Did the WEF order devastating cyber attacks on US water supply?! Take a look at the viral claim, and find out what the facts really are!
Claim : WEF Orders Cyber Attacks On US Water Supply!
People are sharing an article (archive) by The People’s Voice (formerly NewsPunch), which claims that the WEF ordered devastating cyber attacks on US water supply!
Here is an excerpt of that long and (intentionally???) confusing article. Feel free to skip to the next section for the facts!
WEF Memo Orders Devastating Cyber Attacks on US Water Supply
The World Economic Forum in Davos has ordered globalist authorities to unleash a series of devastating cyber attacks on the US water supply as part of an initiative to manufacture a global water crisis with far-reaching consequences for humanity.
As the WEF and UN order world governments to prepare to ration people’s water supply as part of their ‘Great Reset’ agenda for humanity, it has never been more important to spread the word about their evil plans.
Now, in a disturbing development, the globalist elite have ordered a series of devastating cyber attacks on the US water supply and critical infrastructure to initiate a manufactured global water crisis that will have far-reaching effects for everybody on the planet.
Nobody should be surprised the New World Order elite in tandem with their favorite country China are waging war on the West and targeting the water supply.
WEF executive Professor Mariana Mazzucato was caught spilling the beans about what the elites were planning for humanity in a clip from the group’s meeting in Davos last year.
In the disturbing video, Mazzucato shares her disappointment that the climate change and COVID-19 narratives have so far proven unhelpful in furthering their cause, but admitted that a water crisis would succeed where those approaches have failed.
Did you catch that? Maazucato admits the elite are going to “experiment” on humanity again. As though the experimental Covid jabs, which are now wreaking havoc on the vaccinated, weren’t enough experimentation for one generation. The elite really do hold us in complete contempt.
Now, in a disturbing development, the globalist elite are claiming that water is not a human right and the world’s water supplies must be privatized and rationed into people’s homes by the elites.
The World Economic Forum is teaming up with the UN to set its sights on seizing control of the world’s water supplies and holding humanity to ransom.
The globalist organizations hosted a conference on water in New York for the first time in 46 years as part of the U.N. quest to accomplish its 17 sustainable development goals, a list that if fully enacted, will give the globalist elites total control over all human activities.
“[T]he conference aims to raise awareness of the global water crisis and decide on action to achieve internationally agreed water-related goals,” the World Economic Forum wrote in a recent post.
“The Global Commission on the Economics of Water, launched at the World Economic Forum Annual Meeting in 2022, will report on game-changing ways to value and manage water as a common good,” the World Economic Forum wrote in this same recent post.
The key phrase there is “common good.” This is how the elite are trying to justify their seizure and control of the water supply.
Truth : WEF Did Not Order Cyber Attacks On US Water Supply!
This is yet another example of fake news created / promoted by The People’s Voice, and here are the reasons why…
Fact #1 : No Evidence WEF Ordered Cyber Attacks On US Water Supply
Let me start by pointing out that there is no evidence the World Economic Forum (WEF) ordered any cyber attacks on US water supply.
The US Cybersecurity and Infrastructure Security Agency also never once suggested, never mind reported, that there was any cyberattack by the WEF.
But more importantly – why would the WEF bother with cyberattacks when it allegedly has control over world governments? It can simply order them to restrict water supply, as and when it wishes to. Why bother with cyber attacks???
Unsurprisingly, The People’s Voice article provided no evidence to back up its ridiculous claim.
Fact #2 : WEF Video Is From 2022
Instead of providing any actual evidence, The People’s Voice article posted a link to its own video, which featured Professor Mariana Mazzucato, and claimed that the WEF ordered global water rationing to starve people into submission.
The video clip appears to be taken from the May 2022 WEF press conference on The New Economics of Water (link), and not 2023 as suggested by the article.
Needless to say, the actual video does not show Professor Mariana Mazzucato admit that a water crisis would help to starve people into submission, or that the elite was going to “experiment” on humanity.
Fact #3 : CISA Warned Of Cyberattacks By Iran + China
On 18 March 2024, the US Cybersecurity and Infrastructure and Security Agency (CISA) highlighted two recent and ongoing cyber attacks against critical infrastructure in the United States, including drinking water.
However, those cyber attacks were not conducted by the WEF, but rather, by threat actors affiliated or sponsored by Iran and China. From the full CISA letter to US governors (PDF):
Threat actors affiliated with the Iranian Government Islamic Revolutionary Guard Corps (IRGC) have carried out malicious cyberattacks against United States critical infrastructure entities, including drinking water systems. In these attacks, IRGC-affiliated cyber actors targeted and disabled a common type of operational technology used at water facilities where the facility had neglected to change a default manufacturer password.
The People’s Republic of China (PRC) state-sponsored cyber group known as Volt Typhoon has compromised information technology of multiple critical infrastructure systems, including drinking water, in the United States and its territories. Volt Typhoon’s choice of targets and pattern of behavior are not consistent with traditional cyber espionage. Federal departments and agencies assess with high confidence that Volt Typhoon actors are pre-positioning themselves to disrupt critical infrastructure operations in the event of geopolitical tensions and/or military conflict.
To be clear – these cyberattacks on American water systems have nothing to do with the WEF.
The cover image used by The People’s Voice article and video has a screenshot which purportedly shows the World Economic Forum (WEF) posting on X (formerly Twitter) that:
Water will soon become a privilege you must earn!
That is most definitely a fake screenshot, because there is no such post on X by the WEF.
If the WEF actually posted such a shocking warning, it would have been reported by the worldwide media. But of course, that didn’t happen, because the WEF never posted it!
Yet again, and unsurprisingly, The People’s Voice article provided no evidence that such a post ever existed!
Fact #5 : The People’s Voice Is Known For Fake News
The People’s Voice is the current name for NewsPunch, which possibly changed its name because its brand has been so thoroughly discredited after posting numerous shocking but fake stories.
Founded as Your News Wire in 2014, it was rebranded as NewsPunch in November 2018, before becoming The People’s Voice. A 2017 BuzzFeed report identified NewsPunch as the second-largest source of popular fake news on Facebook that year.
Its articles have been regularly debunked as fake news, so you should never share anything from NewsPunch / The People’s Voice. Here are some of its fake stories that I fact checked earlier:
Please help us FIGHT FAKE NEWS by sharing this fact check article out, and please SUPPORT our work!
Please Support My Work!
Support my work through a bank transfer / PayPal / credit card!
Name : Adrian Wong Bank Transfer : CIMB 7064555917 (Swift Code : CIBBMYKL)
Credit Card / Paypal : https://paypal.me/techarp
Dr. Adrian Wong has been writing about tech and science since 1997, even publishing a book with Prentice Hall called Breaking Through The BIOS Barrier (ISBN 978-0131455368) while in medical school.
He continues to devote countless hours every day writing about tech, medicine and science, in his pursuit of facts in a post-truth world.
Take a look at the conspiracy theories surrounding the collapse of the Francis Scott Key Bridge in Baltimore, after it was hit by a ship, and find out what the facts really are!
Updated @ 2024-03-28 : Added new conspiracies, and updated information Originally posted @ 2024-03-27
Baltimore Bridge Collapse Conspiracies… So Far!
Right after news broke that the Francis Scott Key Bridge in Baltimore collapsed after being hit by a massive container ship, some people immediately began suggesting there was more to the tragedy than meets the eyes…
Lara Logan : Welcome to the world of cyber terrorism. Acc to intel sources: The Baltimore bridge collapse was a 9/11 style attack but they won’t admit it and we cannot see it because it was a CYBER ATTACK.
Lauren Witzke : You know things are getting bad when you can’t tell the difference between DEI incompetency and terrorism.
Paul A. Szypula : Video of the cargo ship crashing into the Francis Scott Key Bridge sped up eight times. That makes it look to me like they intentionally hit the bridge. What do you see?
Paul A. Szypula :Do you think our government would ever tell us if this attack was intentional?
Michael Roberts : #FrancesScottKeyBridge explosion. Dozens of cars fell into the water after the collapse in Baltimore.
cackenbools U/G-t : Alternate angle on Francis Scott Key bridge shows a large explosion 👀
MJTruthUltra : 🚨 Lara Logan Sounds the Alarm on the Baltimore Bridge Collapse
“We are in an undeclared war & Intelligence Agencies are Telling me it was an Act Cyber Terrorism”
• Why is the Biden Administration telling the country when his own Intelligence Agencies are telling him it is?
• Those who are on the inside, critical infrastructure, DHS, and Intel agencies know are telling Lara this was a cyber attack on the critical infrastructure of the US
• The I-94 corridor on the eastern seaboard is literally what connects the North and South
• This was a brilliant strategic attack on one of the most important supply chain in America
• Everything that you need for the economy to move has been shut down for 4-5 years— Bridge was built specifically to move hazardous material – fuel, diesel, propane gas, nitrogen, highly flammable materials, chemicals and oversized cargo that cannot fit in the tunnels – that supply chain now crippled.
• They strategically targeted these load-bearing pylons.
• This is called death by 1,000 cuts — They are “bringing the US to its knees step by step from within.”
• 100% Lara says someone hacked into the GPS System and re-royed the ship. —— they did it at night because most of the crew is asleep.
• One of the Intel Analysts she spoke to said this….
“They have figured out how to bring us down. As long as you stay away from the teeth of the US military, you can pick the US apart. We are arrogant and ignorant – lethal combination. Obama said they would fundamentally change America and they did. We are in a free-fall ride on a roller coaster right now – no brakes – just picking up speed.”
• She called out Anons for dismissing the seriousness of the bridge collapse… —— Just to be clear, I think she’s speaking about a few specific individuals with big followings who’s trying to downplay it. Not anons imo.
@laralogannailed it and she I believe is spot on with her assessment. This was a strategic move attacking our infrastructure.
This is yet another example of fake news created or promoted by conspiracy theorists and conspiracists, and here are the reasons why…
Fact #1 : Baltimore Bridge Collapsed After Being Hit By Ship
Let me start by simply pointing out that the Francis Scott Key Bridge in Baltimore collapsed on March 26, 2024, after being hit by a massive cargo container ship.
This Baltimore bridge did not collapse after an explosion. Neither was its collapse caused by a planned demolition in a false flag operation.
The viral video showing the bridge collapsing after an explosion is actually a video showing the partial collapse of the Crimean Bridge after being hit by a truck bomb on 8 October 2022. It has nothing to do with the Francis Scott Key Bridge in Baltimore.
Fact #2 : Baltimore Bridge Opened In 1977
Constructed over a period of five years at an estimated cost of US$110 million, the Francis Scott Key Bridge opened in 1977. It is a 4-lane steel bridge that spanned 2.6 km across the Patapsco River, where its namesake wrote the Star-Spangled Banner in 1814 after witnessing the British defeat at the Battle of Baltimore, and the British bombing of Fort McHenry.
After the bridge collapsed, other ships could no longer leave the Port of Baltimore. Over 40 ships remain trapped inside the Baltimore port, while another 30 ships that planned to make port are no longer able to do so.
The key point is this – this bridge was built 47 years ago under Republican president Gerald Ford, and opened under Democratic president Jimmy Carter. There was no DEI at that time, and its design and construction had nothing to do with the present Biden Administration, including current Transportation Secretary Pete Buttigieg.
The Dali is a massive Singapore-flagged container ship that is 289 meters long, and holds up to 10,000 twenty-foot equivalent (TEU) cargo containers. At the time it hit the bridge, it was carrying 4,679 TEU containers of cargo.
It was just leaving the Port of Baltimore just after midnight when it lost power. Not only were the crew blinded in the dark, none of its electronics worked and there was no propulsion, so they were unable to control the ship.
As the crew tried unsuccessfully to restart its engine, a local pilot onboard the vessel ordered the ship to be steered to port (left), and the anchor to be dropped. While the crew managed to restore electrical power using an emergency generator, they were not able to restart its engines.
With the ship floating adrift, the two local pilots onboard issued a mayday call at 1:30 AM to warn authorities that a collision was imminent, which allowed them to stop traffic from going over the bridge. A Maryland Transportation Authority official was recorded saying at that time:
There’s a ship approaching that has lost their steering. Until you’ve got that under control, we’ve got to stop all traffic.
According to NTSB investigator in charge, Marcel Muise, the recovered voyage data recorder (VDR) helped them establish the timeline of events:
12:39 AM : Dali departs Seagirt Marine Terminal
1:07 AM : Dali enters Fort McHenry Channel
1:24 AM : Numerous alarms were recorded on audio at the ship’s bridge, and data recording stopped (due to power loss) before resuming shortly from a redundant power source.
1:26 AM : The pilots onboard Dali made a high frequency radio call for tugboats to assist the Dali.
1:27 AM : The pilot dropped the port anchor and made another radio call reporting that the Dali lost all power, and was approaching the bridge.
1:29 AM : The Dali collided with the Francis Scott Key Bridge’s support pylon, causing it to collapse.
The video below, which is being shared on WhatsApp, does not accurately reflect the truth – the ship never regained the use of its engines, but it clearly shows when the ship lost power, and when it restored electrical power.
There is no evidence that this accident was a planned attack, a cyberattack or a false flag operation.
For one thing – the Dali is owned by Singapore-based Grace Ocean, and managed by Singapore-based Synergy Marine Group, and it was chartered by Danish shipping giant Maersk to carry cargo. It is highly unlikely that those Singaporean and Danish companies would be involved in a planned attack.
On top of that, there were two local pilots onboard the Dali. If it was a planned attack, they would be complicit in a plot that would have involved dozens of people and intricate planning… for the “terrifying” purpose of collapsing a single bridge. Hardly makes for a great movie plot, don’t you think?
The Baltimore Field Office of the Federal Bureau of Investigation (FBI) said in a press statement, that “There is no specific and credible information to suggest any ties to terrorism at this time.”
United States Attorney for the District of Maryland Erek L. Barron also dismissed those claims in a public statement, saying “There is no evidence at this time to suggest that today’s collapse of the Francis Scott Key Bridge in Baltimore has any ties to terrorism.”
Fact #5 : Dali Was Inspected Twice Last Year
Dali was involved in a July 2016 accident, in which it hit a quay as it tried to exit the North Sea container terminal at the port of Antwerp in Belgium. That incident, which damaged several meters of its hull, was blamed on the ship’s master, and the local pilot onboard.
The Dali was inspected twice last year. According to Equasis, an inspection that was carried out in June 2023 in San Antonio, Chile, found that the Dali had “propulsion and auxiliary machinery” deficiencies. The Maritime Port Authority of Singapore (MPA) said a faulty monitor gauge for fuel pressure was rectified before the vessel departed the port.
In September 2023, the Dali underwent another inspection, this time by the US Coast Guard in New York, but that inspection did not find any deficiencies at that time. However, that does not mean that the Dali did not suffer engine failure before colliding into the Francis Scott Key Bridge.
Until investigations into the Dali are complete, anyone who claims that the collision was intentional is likely lying to you.
Fact #6 : Loss Of Power May Be Caused By Dirty Fuel
The loss of power experienced by the Dali is common in the maritime industry (source) – as many as 600 cases each year according to FuelTrust, although most occur in open water. They are often associated with poorly mixed fuel, or changing from high-sulphur to low-sulphur fuels when entering coastal emission control areas (ECAs).
In fact, shipping experts think “dirty fuel” may be the reason for Dali to lose power before smashing into the Francis Scott Key Bridge (source).
That power loss could have been caused by dirty fuel clogging filters that leadto the ship’s main generator.
While inside a port, as the Dali was before the collision, ships typically run on a relatively light diesel fuel. That also could have been contaminated. Common contaminants include water, dirt and algae. He definitely could have had dirty fuel
– Gerald Scoggins, a veteran chief engineer in the oil and gas industry and the CEO of the Houston company Deepwater Producers
Ian Ralby, the CEO of I.R. Consilium, a maritime and resource security consultancy, also said heavy marine fuel loaded onto ships in port is mixed with what is called cutter stock, and is prone to being loaded with contaminants and is not closely regulated. Such dirty fuel could have “gummed up all of the fuel lines on the ship.”
Fact #7 : Baltimore Bridge Was In Fair Condition
According to a press aide for Pete Buttigieg (source), the Francis Scott Key Bridge was last inspected in May 2023, and “found to be in satisfactory condition with an overall rating of fair”. Such inspections are supposed to occur every 24 months
Previously, Federal Highway Administration records show the bridge was last inspected in May 2021. Back then, inspectors rated its condition as “fair” with a rating of 6 (satisfactory) out of a maximum of 9, on three parameters.
To be clear – these inspections were being carried out on the bridge every 2 years, regardless of who happens to be the Transportation Secretary at that time.
Fact #8 : Baltimore Bridge Location + Design Was Problematic
In light of the accident, experts are highlighting the problems with the location of the bridge’s piers and its design.
The Francis Scott Key Bridge is a steel truss suspension bridge with three centre spans held up by piers. Engineering experts that 11 News spoke to questioned why those piers were built so close to the shipping channel. They also pointed out that the bridge piers were not built to handle such ship collisions.
The way that it collapsed, I think that was surprising to some people, in particular, because one of the piers was hit, but all three of the spans collapsed. That’s a function of the continuity of the bridge.
So, there is a lot of load-sharing that goes on among those three spans, and so, if two of them are damaged or destroyed, as was the case here, by their support, direct support being removed, then the third span is going to be severely impacted and collapsed as well.
– Rachel Sangree, an associate teaching professor in the Department of Civil and Systems Engineering at the Johns Hopkins Whiting School of Engineering
In other words – the Francis Scott Key Bridge did not collapse due to controlled demolition. Its three spans collapsed after the pier was hit due to its suspension design.
Fact #9 : Baltimore Bridge Lacked Pier Protection
Roberto Leon, a Virginia Tech engineering professor, also highlighted the fact that the piers lacked protection:
The only way the post can resist it is by bending. But it cannot absorb anywhere near the energy that this humongous ship is bringing. So it’s going to break.
If a bridge pier without adequate protection is hit by a ship of this size, there is very little that the bridge could do.
After the September 11 terrorist attacks in 2001, Maryland discussed installing pier guards, but decided against it as it was too expensive.
I think they would have been effective in all this. They would have reduced the impact, or at least prevented the ship impacting directly the piers because the way it went, it looked almost effortlessly the same. The vessel hit the pier and it just went and there was no hesitation. The bridge couldn’t handle it at all. So, I think the fenders, the bumpers would help.
– Abieyuwa Aghayere, a civil engineering professor at Drexel University
Just to be clear – this decision was made more than 20 years ago, and had nothing to do with the current Biden Administration, or current Transportation Secretary Pete Buttigieg.
Please help us FIGHT FAKE NEWS by sharing this fact check article out, and please SUPPORT our work!
Please Support My Work!
Support my work through a bank transfer / PayPal / credit card!
Name : Adrian Wong Bank Transfer : CIMB 7064555917 (Swift Code : CIBBMYKL)
Credit Card / Paypal : https://paypal.me/techarp
Dr. Adrian Wong has been writing about tech and science since 1997, even publishing a book with Prentice Hall called Breaking Through The BIOS Barrier (ISBN 978-0131455368) while in medical school.
He continues to devote countless hours every day writing about tech, medicine and science, in his pursuit of facts in a post-truth world.
Did a cyberattack cause the Dali to hit the Francis Scott Key Bridge in Baltimore, causing it to collapse?!
Take a look at the viral claims, and find out what the facts really are!
Claim : Cyberattack Caused Dali To Hit Baltimore Bridge!
Right after news broke that the Francis Scott Key Bridge in Baltimore collapsed after being hit by a massive container ship, some people immediately began suggesting there was more to the tragedy than meets the eyes…
Alex Jones : Looks deliberate to me. A cyber-attack is probable. WW3 has already started..
Andrew Tate : This ship was cyber-attacked. Lights go off and it deliberately steers towards the bridge supports. Foreign agents of the USA attack digital infrastructures. Nothing is safe. Black Swan event imminent.
Lara Logan : Welcome to the world of cyber terrorism. Acc to intel sources: The Baltimore bridge collapse was a 9/11 style attack but they won’t admit it and we cannot see it because it was a CYBER ATTACK.
All the SCADA systems that run our critical infrastructure like sewage, electric grid, shipping etc are all wide open systems with no encryption because it is too expensive. They can shut us down anytime they want.
MJTruthUltra : 🚨 US Govt. Confirmed China Compromised US Infrastructure via Cyber Attacks, Including Transportation, in February
• Fast Forward.. The Baltimore Bridge Collapse is the suspected act of a cyber attack.
No Evidence Cyberattack Caused Dali To Hit Baltimore Bridge!
This appears to be yet another example of fake news created or promoted by conspiracy theorists and conspiracists, and here are the reasons why…
Fact #1 : Dali Lost Power Before Hitting Baltimore Bridge!
Let me start by simply pointing out that the Dali – a massive container ship, only hit the Francis Scott Key Bridge in Baltimore, after it lost engine power.
The Dali lost power soon after leaving the Port of Baltimore in the middle of the night. Not only were the crew blinded in the dark, none of its electronics worked and there was no propulsion, so they were unable to control the ship.
As the crew tried unsuccessfully to restart its engine, a local pilot onboard the vessel ordered the ship to be steered to port (left), and the anchor to be dropped. While the crew managed to restore electrical power using an emergency generator, they were not able to restart its engines.
With the ship floating adrift, the two local pilots onboard issued a mayday call at 1:30 AM to warn authorities that a collision was imminent, which allowed them to stop traffic from going over the bridge. A Maryland Transportation Authority official was recorded saying at that time:
There’s a ship approaching that has lost their steering. Until you’ve got that under control, we’ve got to stop all traffic.
The video below, which is being shared on WhatsApp, does not accurately reflect the truth – the ship never regained the use of its engines, but it clearly shows when the ship lost power, and when it restored electrical power.
Despite claims by people with unnamed “inside sources”, there is simply no evidence that the Dali was hit by a cyberattack which steered it right into a bridge in Baltimore.
Built by Hyundai Heavy Industries, the Dali is powered by a single MAN 9-cylinder S90ME-C9.2 crosshead diesel engine. It also has a single 3,000 kW bow thruster for manoeuvring in ports, and four diesel generators for electricity.
While those engines, and controls, may be connected to a SCADA (Supervisory Control and Data Acquisition), they are not connected to the Internet. Even if the Dali’s SCADA system was somehow taken over by malware, the lack of Internet connectivity would make it impossible for any hacker to steer it into the bridge.
An early Cybersecurity and Infrastructure Security Agency (CISA) report appears to rule out an intentional or act of terrorism, finding that the Dali “lost propulsion” as it was leaving port.
The Baltimore Field Office of the Federal Bureau of Investigation (FBI) said in a press statement, that “There is no specific and credible information to suggest any ties to terrorism at this time.”
United States Attorney for the District of Maryland Erek L. Barron also dismissed those claims in a public statement, saying “There is no evidence at this time to suggest that today’s collapse of the Francis Scott Key Bridge in Baltimore has any ties to terrorism.”
If the Dali was indeed hit by a cyberattack before its crash, there would be evidence of hacking or malware in its SCADA system. However, until such evidence is discovered, anyone who tells out that it was definitely hit by a cyberattack is likely lying to you.
Unsurprisingly, none of those who claimed that a cyberattack caused the Dali to lose power and hit the Francis Scott Key Bridge ever provided a single shred of evidence from behind their keyboards.
The loss of power is common in the maritime industry (source) – as many as 600 cases each year according to FuelTrust, although most occur in open water. They are often associated with poorly mixed fuel, or changing from high-sulphur to low-sulphur fuels when entering coastal emission control areas (ECAs).
In fact, shipping experts think “dirty fuel” may be the reason for Dali to lose power before smashing into the Francis Scott Key Bridge (source).
That power loss could have been caused by dirty fuel clogging filters that leadto the ship’s main generator.
While inside a port, as the Dali was before the collision, ships typically run on a relatively light diesel fuel. That also could have been contaminated. Common contaminants include water, dirt and algae. He definitely could have had dirty fuel
– Gerald Scoggins, a veteran chief engineer in the oil and gas industry and the CEO of the Houston company Deepwater Producers
Ian Ralby, the CEO of I.R. Consilium, a maritime and resource security consultancy, also said heavy marine fuel loaded onto ships in port is mixed with what is called cutter stock, and is prone to being loaded with contaminants and is not closely regulated. Such dirty fuel could have “gummed up all of the fuel lines on the ship.”
Please help us FIGHT FAKE NEWS by sharing this fact check article out, and please SUPPORT our work!
Please Support My Work!
Support my work through a bank transfer / PayPal / credit card!
Name : Adrian Wong Bank Transfer : CIMB 7064555917 (Swift Code : CIBBMYKL)
Credit Card / Paypal : https://paypal.me/techarp
Dr. Adrian Wong has been writing about tech and science since 1997, even publishing a book with Prentice Hall called Breaking Through The BIOS Barrier (ISBN 978-0131455368) while in medical school.
He continues to devote countless hours every day writing about tech, medicine and science, in his pursuit of facts in a post-truth world.
Will your phone get hacked if you scan the TNG RFID bar code?! Take a look at the viral claim, and find out what the facts really are!
Updated @ 2023-11-17 : Added new version, and more details. Originally posted @ 2023-05-10
Claim : Scanning TNG RFID Bar Code Can Hack Your Phone!
This warning about an RFID bar code scam has gone viral on WhatsApp, and social media, claiming that scammers are sending people free TNG RFID stickers, and asking them to scan the bar code.
Allegedly, scanning the TNG RFID bar code will cause your phone to be hacked by these scammers!
They send the RFID to you. When you scan the bar code they hack your hp It’s a scam
他们将 RFID 发送给您。 当您扫描条形码时,他们会入侵您 这是一个骗局
Mereka menghantar RFID kepada anda. Apabila anda mengimbas kod bar mereka menggodam anda Ia satu penipuan ☠️👻💩😱😰
If you get this free RFID card via courier, please throw away. Another scam.
Truth : Scanning TNG RFID Bar Code Will NOT Hack Your Phone!
This is yet another example of FAKE NEWS circulating on WhatsApp and social media, and here are the reasons why…
Fact #1 : TNG RFID Bar Code Cannot Hack Your Phone
First of all – let me just say that the TNG RFID bar code cannot hack your phone. In fact, no one can hack your phone just because you scan an RFID bar code.
The bar code is nothing more than a series of numbers, which you can readily see printed under the bar code. These numbers cannot possibly hack your phone / smartphone.
Fact #2 : TNG Bar Code Is Used To Register RFID Sticker
The bar code visible in the clear window of the TNG RFID self-fitment kit is merely the serial number for the RFID sticker (also known as an RFID tag).
This serial number is used to register the RFID sticker, by scanning scan the bar code using the TNG eWallet mobile app. All it does is link the RFID sticker to your TNG eWallet account, so that all toll charges are automatically deducted from that account.
Fact #3 : TNG RFID Swapping Can Be Easily Detected
One of our readers suggested that the scammer might have swapped out the bar code, to trick you into registering a different TNG RFID sticker owned by the scammer.
This would allow the scammer to use his/her TNG RFID sticker to go through highway tolls for free, while you would be charged for his/her travels.
While that is plausible, it would be quickly detected by the victim who would not be able to use the RFID sticker to get through the toll. The victim would also be able to detect the illegal charges to his/her TNG eWallet account.
One of our readers suggested that the scammer may be trying to trick people into scanning the barcode of a duplicated RFID sticker. The scammer can then use the duplicate RFID sticker to go through tolls, which would be charged to the victims’ TNG eWallet accounts.
Now, Touch ‘n Go has not revealed much about how it is protecting its RFID stickers, only saying that each TNG RFID sticker has an embedded radio-frequency chip that makes every sticker “unique to each customer”.
But that suggests that the RFID stickers are not only encrypted, the chip has a private key that prevents duplication, which makes a lot of sense. Without such encryption and private key, anyone can literally just read the number off any RFID sticker in a parking lot, and duplicate it in a programmable RFID sticker.
Unless the scammer has somehow stolen the private keys, and can perfectly duplicate the RFID stickers, this seems like an improbable scam. More so when the scammers would be limited to using the tolls for free. Hardly worth the effort, if you ask me.
Fact #5 : There Are Easier + Cheaper Ways To Hack Your Phone
Truth be told – there are far easier and cheaper ways to hack your phone, than send you a free RFID sticker and ask you to scan the bar code.
These scammers will have to put in considerable expense and technical expertise into hacking the TNG eWallet app, and inserting their malware that the fake RFID number would trigger.
But why bother? If they can hack the TNG eWallet, they don’t even need to send you any fake RFID bar code to scan!
Making fake RFID stickers (tags) that look like genuine TNG RFID self-fitment kits costs money. Sending these fake kits also put them at risk, because deliveries can be traced.
There are many other ways to compromise your smartphone. There is simply no reason why scammers to waste time and money on such a convoluted scheme.
The most plausible explanation for receiving a free TNG RFID sticker out of the blue is that it was wrongly delivered to you. If you receive one, check the name and address on the package. It may not be meant for you. In that case, contact the delivery company and have them resend it to the right person.
I have also personally experienced receiving packages that I did not order, some of which appear to be sent due to a database error of some sort – my name and phone number are on the package, but the address was wrong or non-existent.
Out of an abundance of caution, just don’t install any RFID sticker that you did not order. Or you can call up TNG to verify that the RFID sticker is legitimate.
Please help us FIGHT FAKE NEWS by sharing this fact check article out, and please SUPPORT our work!
Please Support My Work!
Support my work through a bank transfer / PayPal / credit card!
Name : Adrian Wong Bank Transfer : CIMB 7064555917 (Swift Code : CIBBMYKL)
Credit Card / Paypal : https://paypal.me/techarp
Dr. Adrian Wong has been writing about tech and science since 1997, even publishing a book with Prentice Hall called Breaking Through The BIOS Barrier (ISBN 978-0131455368) while in medical school.
He continues to devote countless hours every day writing about tech, medicine and science, in his pursuit of facts in a post-truth world.
Truth : It’s Not Dangerous To Exit WhatsApp Scam Groups!
This viral warning was likely created by well-meaning but clueless Internet “experts” who are apparently not tech-savvy enough to understand what’s going on.
Fact #1 : No Evidence Of WhatsApp Exit Group Hacking
First, let me just point out that there is no evidence that anyone was ever hacked after using the Exit Group link to get out of any WhatsApp group, whether they are scam groups or otherwise.
Even if an enterprising hacker / scammer was able to create a message with a fake Exit Group button that downloads an APK (Android Package Kit) file, it won’t automatically install that file. You will need to manually install the APK file from the Downloads folder.
Those who know how to do that would be tech-savvy enough to avoid installing APK files from unknown sources. Those who don’t know how to do that would not be able to install the downloaded APK file.
Fact #2 : WhatsApp Exit Group Option Is Genuine
The truth is – the Exit Group link that you may see in new messages from strangers is not a scam or a trick. It also does not download or install any APK file.
The Exit Group link is actually a safety feature in WhatsApp, that appears if you have been added to a WhatsApp group by someone who is not in your contact list – like a scammer, for example.
Once you open the new group you have been added to, WhatsApp warns you that you were added by someone who isn’t a contact. You are then given the option to exit the group, or click OK to continue.
There is really nothing malicious about this Exit group link in WhatsApp. Clicking on it to exit any WhatsApp group won’t harm you in any way, or cause your phone to be hacked.
The WhatsApp Exit group link offers an easy way to quickly remove yourself from a group you don’t want to be in. However, the older exit group methods still work, in case you prefer to use them:
Exit Group Only
Go into the group chat you wish to leave.
Tap on the kebab menu / vertical ellipsis (⋮) icon on the upper right corner.
Select More > Exit group.
An even better option is to actually report the scam group, while quitting it and removing the chat at the same time.
Report + Exit Group Only
Go into the group chat you wish to leave.
Tap on the kebab menu / vertical ellipsis (⋮) icon on the upper right corner.
Select More > Report
Make sure the Exit group and delete chat option is checked.
Tap Report to report and quit from the group, and delete the chat.
Fact #4 : WhatsApp + Telegram Scam Groups Are Real
Before I leave, I just want to remind all of you that there are many scam groups on WhatsApp and Telegram.
If you are added to any of these scam groups, just exit them without a thought. Do not read anything posted in these scam groups, lest you fall for the scam!
That’s why scammers often try to convince you to check out the group first, and “don’t rush to leave the group”:
Hello everyone! Please don’t rush to leave the group, thank you all for taking the time to read this message!
Ignore whatever they post in those scam groups. Hit the Exit group link, or better still – REPORT the group to WhatsApp / Telegram!
Please help us FIGHT FAKE NEWS by sharing this fact check article out, and please SUPPORT our work!
Please Support My Work!
Support my work through a bank transfer / PayPal / credit card!
Name : Adrian Wong Bank Transfer : CIMB 7064555917 (Swift Code : CIBBMYKL)
Credit Card / Paypal : https://paypal.me/techarp
Dr. Adrian Wong has been writing about tech and science since 1997, even publishing a book with Prentice Hall called Breaking Through The BIOS Barrier (ISBN 978-0131455368) while in medical school.
He continues to devote countless hours every day writing about tech, medicine and science, in his pursuit of facts in a post-truth world.
Are scammers sending bank letters with a QR code that can steal your money?!
Take a look at the viral claim, and find out what the facts really are!
Claim : Bank Letter With QR Code Is A Scam!
People are sharing a photo of a letter from a bank, claiming that the QR code in the letter can steal your money if you scan it with your phone!
Circulating In WhatsApp : If you get a letter from the bank like this and ask to update the book using the QR CODE provided in the letter that was sent, don’t ever scan it, you will lose all your daily savings or old age savings, this is another scammer’s work and method take your money, please spread it to everyone so that siblings, relatives, neighbors & family members are not affected by this kind of scam…
This is likely another example of FAKE NEWS circulating on WhatsApp and social media platforms, and here are reasons why…
Fact #1 : This Is Old Fake News
First, let me just point out that this photo is not new. It first went viral, with a voice message in August 2022, and has subsequently gone viral on and off over the last year or so.
Fact #2 : CIMB Letter Was Genuine
The letter, which was sent by CIMB, is genuine. CIMB even posted a reply to one viral tweet, that the letter was genuine:
FYI, this [letter] is genuinely from our bank.You can refer to the link below for more information: [link no longer available]
[U]ntuk makluman, ia adalah sah dari pihak kami. Anda boleh rujuk pautan di bawah bagi maklumat lanjut: [link no longer available]
Fact #3 : CIMB Letter Was Only Sent To Business Customers
The letter was not meant for consumers, and was only sent to CIMB business customers, to request that they update their company/organisation’s information.
Re: Update on your records to improve your banking experience
We refer to the above mattes and our letter dated 27/06/2022.
We note that you have vet to update your company/organisations information with us.
As part of the Bank’s ongoing process to know our customers better and provide a seamless banking experience, we would like to remind you to return the completed Customer Information Update form to us
This letter appears to be CIMB’s efforts to comply with KYC (Know Your Customer) requirements set out by regulators like Bank Negara Malaysia (BNM).
QR codes is a type of barcode, which allows people and companies to share / deliver information, that can include links. QR codes can lead you to malicious websites, but they cannot deliver malware, or hack your computer or smartphone.
The QR code in the CIMB bank letter isn’t malicious. It actually codes for a link to the CIMB website. You can verify it by simply scanning the QR code in that “CIMB scam letter”. You will see that it only leads to http://www.cimb.com.my/bizupdate [which no longer exists]
Ultimately, this viral warning was likely created by well-meaning but clueless Internet “experts” who are apparently not tech-savvy enough to even verify the QR code by simply scanning it!
Fact #5 : Form Was To Be Emailed / Delivered
The CIMB letter asked its business customers to download and fill in a form. However, that form was not to be submitted online.
Rather, the letter specifically asked its business customers to email the completed form to a legitimate CIMB email address, or to physically mail or courier it to the bank itself.
Scan the QR Code below to download the form. Once you have completed the form, please submit by email to cimb_updates@cimb.com or mail/courier to the address below within 21 days from the date of this letter, failing which, the Bank reserves the right to suspend or close the account in accordance with the account terms and conditions.
In a real scam, you will be asked to taken to a fake CIMB bank website, and asked to logged into your bank account. That’s how the scammer gets hold of your bank login credentials.
However, even that scam won’t work without access to your TAC (Transaction Authorisation Code), which is sent to your phone by SMS, or authenticated through the bank’s mobile app.
For certain, scammers cannot log into your bank account by simply gaining your company’s information through a form, unless you actually include your company’s bank account login details!
Please help us FIGHT FAKE NEWS by sharing this fact check article out, and please SUPPORT our work!
Please Support My Work!
Support my work through a bank transfer / PayPal / credit card!
Name : Adrian Wong Bank Transfer : CIMB 7064555917 (Swift Code : CIBBMYKL)
Credit Card / Paypal : https://paypal.me/techarp
Dr. Adrian Wong has been writing about tech and science since 1997, even publishing a book with Prentice Hall called Breaking Through The BIOS Barrier (ISBN 978-0131455368) while in medical school.
He continues to devote countless hours every day writing about tech, medicine and science, in his pursuit of facts in a post-truth world.
Can scammers hack your phone if you answer their calls, or call back?!
Take a look at the viral claim, and find out what the facts really are!
Claim : Scammers Can Hack Your Phone If You Call Back!
People are sharing this advice about scammers hacking your phone if you answer their calls, or call back!
Very Very Urgent …
Please pass this message to your family and friends NOW.
People have been receiving calls from Tel: +375602605281 Tel: +37127913091 Tel: +37178565072 Tel: +56322553736 Tel: +37052529259 Tel: +255901130460 or any number starting from +371 +375 +381
These guys only ring once and hang up. If you call back,they can copy your contact list in 3sec and if you have a bank or credit card details on your phone, they can copy that too…
+375 code is for Belarus. +371 code is for Lativa. +381 Serbia. +563 Valparaiso. +370 Vilnius. +255 Tanzania.
Don’t answer or Call back.
Also, Don’t Press #90 or #09 on your Mobile when asked by any caller.
It’s a new trick which is use to access your SIM card, make calls at your expense and frame you as a criminal.
URGENTLY FORWARD this message to as many friends as you can to stop any intrusion!!
Truth : Scammers Cannot Hack Your Phone If You Call Back!
This is yet another example of FAKE NEWS circulating on WhatsApp and social media platforms, and here are reasons why…
Fact #1 : This Is Old Fake News
First, let me just point out that this fake message isn’t even new. It has been circulating on WhatsApp and social media platforms since April 2020, if not earlier.
Fact #2 : This Hoax Is Based On One Ring / Wangiri Scam
This hoax appears to be based on the 2019 FCC warning about the “One Ring” or “Wangiri” scam, where scammers use robocall devices to give victims a miss call, in hopes that they would call back and get charged for Pay-Per-Call services.
The Federal Communications Commission is alerting consumers to reported waves of “One Ring” or “Wangiri” scam robocalls targeting specific area codes in bursts, often calling multiple times in the middle of the night. These calls are likely trying to prompt consumers to call the number back, often resulting in per minute toll charges similar to a 900 number. Consumers should not call these numbers back.
Recent reports indicate these calls are using the “222” country code of the West African nation of Mauritania. News reports have indicated widespread overnight calling in New York State and Arizona.
Generally, the One Ring scam takes place when a robocaller calls a number and hangs up after a ring or two. They may call repeatedly, hoping the consumer calls back and runs up a toll that is largely paid to the scammer.
Consumer Tips: · Do not call back numbers you do not recognize, especially those appearing to originate overseas. · File a complaint with the FCC if you received these calls: www.fcc.gov/complaints · If you never make international calls, consider talking to your phone company about blocking outbound international calls to prevent accidental toll calls. · Check your phone bill for charges you don’t recognize.
This scam, however, does not involve hacking any phone. It only requires you to call back the number, which is a Pay-Per-Call service.
Once you call back, you will get charged a premium rate, as the scammers try to keep you on the line for as long as possible.
Fact #3 : Scammers Cannot Hack Phone Through Calls
It is simply not possible to hack your phone through a voice call, even if you’re using VOIP (Voice Over Internet Protocol), or apps like WhatsApp or Telegram.
What is possible though is voice phishing, also known as vishing. This is a form of social engineering, where scammers pose as a bank or police officer (or someone with authority) to obtain your bank account information, or trick you into transferring money into their bank accounts.
Fact #4 : 90# Telephone Scam Only Works With PBX / PABX
The #90 or 90# scam is a very old phone scam that only works on business landline phones that use a PBX (Private Branch Exchange) or PABX (Private Automatic Branch Exchange) system. Here is the official US FCC warning about this scam.
In this very old scam, the scammer pretends to be a telco employee looking into a technical problem with your phone lines, and asks you to help him by either mailing 90# or transferring the call to an outside line. If you do that, you will enable the scammer to place premium-rate calls that will billed to your phone number.
To be clear – these codes do NOT work on mobile phones or smartphones, because they do not run on PBX or PABX systems.
Please help us FIGHT FAKE NEWS by sharing this fact check article out, and please SUPPORT our work!
Please Support My Work!
Support my work through a bank transfer / PayPal / credit card!
Name : Adrian Wong Bank Transfer : CIMB 7064555917 (Swift Code : CIBBMYKL)
Credit Card / Paypal : https://paypal.me/techarp
Dr. Adrian Wong has been writing about tech and science since 1997, even publishing a book with Prentice Hall called Breaking Through The BIOS Barrier (ISBN 978-0131455368) while in medical school.
He continues to devote countless hours every day writing about tech, medicine and science, in his pursuit of facts in a post-truth world.
Will clicking on the WhatsApp block button install a malicious app that will hack your phone?!
Take a look at the viral claim, and find out what the facts really are!
Claim : WhatsApp Block Button Is A Scam!
People are sharing this advice on a new WhatsApp scam involving the Block button in messages. Take a look!
New Type of Scam in Whatsapp.
Don’t press the “Block” button within the message because when you press on it then, you are effectively downloading this Malicious App. Instead go to WhatsApp setting (3 dots on the right hand top) and block the message.
Do the same if you received this kind of message in your SMS. Someone already got scammed by this fake template.
New Type of Scam in Whatsapp. Don’t press the “Block” button within the message because when you press on it then, you are effectively downloading this Malicious App. Instead go to WhatsApp setting (3 dots on the right hand top) and block the message. Do the same if you received this kind of message in your SMS. Someone already got scammed by this fake template.
This is yet another example of FAKE NEWS circulating on WhatsApp and social media platforms, and here are reasons why…
Fact #1 : No Evidence Of WhatsApp Block Button Scam
First, let me just point out that there is no evidence that anyone was scammed by the WhatsApp block button in messages.
Even if an enterprising hacker / scammer was able to create a message with a fake block button that downloads an APK (Android Package Kit) file, it won’t automatically install that file. You will need to manually install the APK file from the Downloads folder.
Those who know how to do that would be tech-savvy enough to avoid installing APK files from unknown sources. Those who don’t know how to do that would not be able to install the downloaded APK file.
Fact #2 : WhatsApp Block Button Is Part Of New Safety Tools
The truth is – the Block button that you may see in new messages from strangers is not a scam. It also does not download or install any APK file.
The Block button is actually part of the new Safety Tools feature that WhatsApp started introducing in July 2023.
The Safety Tools feature will only appear when you receive a message from an unknown number. You will be given some details about the safety of this new contact – whether you are in common groups, and in some cases – the country of origin.
You are given the option of either blocking this new contact, or adding it to your Contact list. You can also click on the Safety tools link for more details.
The new WhatsApp Safety Tools offer an easy way to quickly block and remove obvious spammers and scammers. However, it may not be readily apparent whether the new contact is genuine, or just a spammer / scammer.
If you start messaging with this new contact – to find out if their identity / purpose, the Safety Tools option will disappear. But don’t worry – you can still block this new contact if you realise that he/she is a spammer / scammer.
Go to the messaging screen for the person you want to block.
Tap on the kebab menu / vertical ellipsis (⋮) icon on the upper right corner.
Select More > Block.
You can also select More > Report (to report block the scammer)
Alternatively, you can block multiple contacts using this method:
Open WhatsApp, and go to the Chats screen.
Tap on the kebab menu / vertical ellipsis (⋮) icon on the upper right corner.
Select Settings.
Tap on the Privacy option.
Scroll down and tap on Blocked contacts.
Tap on the Add Contacts () icon at the upper right corner.
Search for the contacts you want to remove, and select them.
Now, blocking people does not remove your contact details or profile photo from their phones and devices.
However, they will no longer be able to call you, or send you messages. They will also not be able to see changes to your status updates including when you’re online / last seen, or changes you make to your profile photo.
Please help us FIGHT FAKE NEWS by sharing this fact check article out, and please SUPPORT our work!
Please Support My Work!
Support my work through a bank transfer / PayPal / credit card!
Name : Adrian Wong Bank Transfer : CIMB 7064555917 (Swift Code : CIBBMYKL)
Credit Card / Paypal : https://paypal.me/techarp
Dr. Adrian Wong has been writing about tech and science since 1997, even publishing a book with Prentice Hall called Breaking Through The BIOS Barrier (ISBN 978-0131455368) while in medical school.
He continues to devote countless hours every day writing about tech, medicine and science, in his pursuit of facts in a post-truth world.
Truth : There Is No Israel Earthquake Seismic Wave Card!
This is yet another example of FAKE NEWS circulating on WhatsApp, and here are reasons why…
Fact #1 : There Is No Seismic Wave Card!
First, let me just point out that there is no such thing as a Seismic Wave Card.
The Seismic Wave Card is an Internet hoax that keeps getting recycled for every disaster that comes along, like these examples show:
They are going to upload some photos of the Moroccan earthquake on WhatsApp. The file is called Seismic Waves CARD, don’t open it and see it, it will hack your phone in 10 seconds and it cannot be stopped in any way. Share the information with your family and friends. DO NOT OPEN IT. They also said it on TV
They are going to upload some photos of the Cariaco earthquake on Whatsapp.The file is called WavesSeismic CARD, do not open or see it, it will hack your phone in 10 seconds and it cannot be stopped in any way.Pass the information on to your family and friends.DO NOT OPEN IT.They also said it on TV.
There is no need to open any file, or install any app, to view photos on WhatsApp. You simply click to view photos shared by other people on WhatsApp.
Of course, people may sometimes share high-resolution photos in ZIP or RAR files, because WhatsApp greatly reduces the resolution of photos shared on its platform.
Those ZIP or RAR files may be opened using apps like WinZip (Android | iOS) or RAR (Android) or Unarchiver (iOS). However, you should be wary if you are asked to download and install any app.
Unless you know what you are doing, it’s best to only view photos and videos directly inside WhatsApp, and not download any compressed files at all.
Fact #3 : Seismic Waves Card Is Not A Browser Hijacker
Seismic Waves Card appears to be falsely labelled as a browser hijacker by at least one “cybersecurity” website:
The scam message known as Seismic Waves Card is notorious for its disruptive behavior while surfing the web. Generally, scams like this, and other like Mintnav and Lookaside fbsbx, are crafted to meddle with your browser’s settings, replacing homepages and default search engines to promote affiliated sites and generate advertising revenue.
This transgression doesn’t end here; they siphon sensitive data and create vulnerabilities in your system’s security framework, providing a gateway for more perilous threats, such as malware and phishing schemes, to invade.
The protracted presence of Seismic Waves Card in your system exponentially escalates the risk of serious compromises, emphasizing the dire necessity for its immediate removal. Recognizing the malicious potential of such unwanted apps is essential in maintaining a secure and safe digital environment. Stay vigilant and prioritize your cybersecurity.
There is no evidence that a malware or browser hijacker called Seismic Waves Card exists. The article itself does not offer any evidence to prove its existence. In fact, the article and its guide on how to “remove” the malware appears to be generic, and may possibly be AI-generated.
Digital steganography is a method by which secret messages and other data can be hidden in digital files, like a photo or a video, or even a music file.
It is also possible to embed malicious code within a photo, but it won’t be a full-fledged malware that can execute by itself.
At most, it can be used to hide the malware payload from antivirus scanners, which is pretty clever to be honest… but it cannot hack your smartphone by itself.
Fact #5 : Image-Based Malware Requires User Action
In January 2019, cybercriminals created an online advertisement with a script that appears innocuous and would pass any malware check.
However, the image itself has an “almost white” rectangle that is recognised by the script, triggering it to redirect the user to the cybercriminals’ website. Once there, the victim is tricked into installing a Trojan disguised as an Adobe Flash Player update.
This is an incredibly clever way to bypass malware checks, but even so, this image-based malware requires user action.
You cannot get infected by the Trojan if you practice good “Internet hygiene” by not downloading or installing anything from unknown websites.
Fact #6 : Malicious Code Executes Immediately
If you accidentally download and trigger malware, it will execute immediately. It won’t take 10 seconds, as the hoax message claims.
There is really no reason for malware to wait before it infects your devices. Waiting will only increase the risk of detection.
Whether the malware serves to take over your device, steal your information or encrypt it for ransom, it pays to do it at the first opportunity.
Please help us FIGHT FAKE NEWS by sharing this fact check article out, and please SUPPORT our work!
Please Support My Work!
Support my work through a bank transfer / PayPal / credit card!
Name : Adrian Wong Bank Transfer : CIMB 7064555917 (Swift Code : CIBBMYKL)
Credit Card / Paypal : https://paypal.me/techarp
Dr. Adrian Wong has been writing about tech and science since 1997, even publishing a book with Prentice Hall called Breaking Through The BIOS Barrier (ISBN 978-0131455368) while in medical school.
He continues to devote countless hours every day writing about tech, medicine and science, in his pursuit of facts in a post-truth world.
Can a SIM swap attack empty your bank account without warning?! Take a look at the viral warnings, and find out what the facts really are!
Updated @ 2023-10-07 : Added new viral message, and other updates. Originally posted @ 2022-01-16
Claim : SIM Swap Attack Can Empty Bank Account Without Warning!
This message has gone viral on social media and WhatsApp, warning about a new high tech fraud called SIM Swap Fraud that can empty bank accounts without warning.
The message includes a link to a Straits Times report about a young couple who lost $120,000 in a fake text message scam targeting OCBC Bank customers.
Your BANK Account could be Emptied without an Alert!
Dear All, Please let’s be very careful.. There is a new HIGH TECH FRAUD in town called the SIM SWAP FRAUD, and hundreds of persons are already VICTIMS.
How does it work? 1 A new fraud called SIM SWAP has started. Your phone network will momentarily go blind / zero (No Signal / Zero Bars) and after a while a call will come through.
2 The Person on the other end of the call will tell you that he is calling from (your cell phone company) depending on your network and that there is a problem in your mobile network.
3 He will instruct you to Please press 1 on your phone to get the network back.
– Please at this stage don’t Press anything, Just cut or END the call.
If you press 1, the network will appear suddenly and almost immediately go blind again (Zero Bars) and by that action, your phone is #HACKED.
Within a second they will empty your bank account, and you won’t receive any alert.
What you will experience. It will appear as though your line is without Network, meanwhile your SIM has been SWAPPED. The danger here is that, you will not get any alert of any transactions, so please those of us doing USSD Banking and Mobile Banking BEWARE. Let’s be very careful.
Please, forward to your contacts, loved ones and friends. The fraud is increasing day by day.
Received from a #CybersecurityGroup
Don’t forget to share this post…… I repeat don’t forget to share this post. Many people’s Account as been emptied!
Please encourage more people to learn from this episode
My cousin received a call , asking if he had been vaccinated, if vaccinated to press 1.
If not vaccinated, press 2. As a result, he pressed 1, the phone was blocked and his online bank information/account were all transferred. Please be Alert and Careful and forward to more people to know about this new trick/scam. Forwarded as received.
Your BANK Account can be Empty without Notice.
There is a HIGH TECHNOLOGY SCAM going on at this time called SIM SWAP FRAUD, it is said that hundreds of people have been affected, they suddenly found that their bank accounts were EMPTY
Truth : SIM Swap Attack Is Real, But Don’t Work Like That
The truth is – SIM swap attacks are real and very dangerous, but they do not work like the viral messages claim.
Here is what you need to know about the viral message, and SIM swap attacks.
Fact #1 : SIM Swap Attacks Are Not New
SIM swap attacks are really not new. Scammers have been using SIM swap attacks since 2015, if not earlier.
Fact #2 : SIM Swap Warnings Are Mostly False
The viral message is correct about the risk of SIM swap attacks, but pretty much wrong about everything else.
In fact, the method by which the SIM swap attack works is completely made up. So the viral message is really FAKE NEWS.
There’s no way your bank account will be emptied without any action on your part. Neither will your bank accounts be emptied because you participate in a COVID-19 vaccination SMS survey.
Fact #3 : No Evidence Of Such Fraud
There is no evidence of SIM swap attacks requiring users to complete the process by responding to an SMS survey about vaccination.
Neither is there any evidence that SIM swap attacks alone can lead to your bank accounts being emptied.
Fact #4 : Straits Times Article Was Not About SIM Swap Attack
One of the viral messages include a link to a Straits Time article to mislead you. That’s because the article was about a phishing attack, not a SIM swap attack.
In that phishing attack, the victim received an SMS with a link that took him to a fake website that “looked exactly like the OCBC login page“. He then keyed in his bank login details, thus handing over control of his bank account to the scammers.
The victim also ignored automated messages warning him that his “account was being setup on another phone“. That had nothing to do with a SIM swap attack. It was an SMS-based phishing attack.
Fact #5 : SIM Swap Attacks Generally Do Not Require Any Action
In most SIM swap attacks, scammers use your personal information, either purchased from other criminals or obtained through earlier phishing attacks or social engineering, to request for a SIM card replacement.
All that does not require any action on your part. In most cases, you only realise you’ve been hit when you lose access to your mobile number.
Fact #6 : SIM Swap Attack May Require Action In Some Cases
The Press 1 claim in the viral message is partially correct, but it only happens in a particular circumstance.
In India, scammers have tricked people by offering a free network upgrade, or to help improve signal quality on their phones :
The scammer will call the victim, claiming to be from their mobile service provider.
The scammer will try to get the victim to reveal his/her 20-digit SIM card number.
The scammer will use the 20-digit SIM number to initiate a SIM swap with the mobile service provider.
The mobile service provider will automatically send an SMS to confirm the swap.
Once the victim confirms the swap, his/her SIM card will stop working.
The scammer now has access to the victim’s mobile number.
Fact #7 : SIM Swap Attack Does Not Hack Your Phone
The SIM swap attack does not involve any hacking of your phone.
You only lose access to your mobile number. Your phone is not hacked.
Fact #8 : SIM Swap Attack Does Not Empty Bank Accounts
Once the scammers successfully gain control of your mobile number, they can use it to intercept one-time passwords (OTP) like TAC numbers.
This allows them to change passwords to your bank accounts, social media accounts, etc. which is why SIM swap attacks are so dangerous and damaging.
However, it does not mean your bank accounts are immediately emptied. For one thing – the scammers need to know your bank login.
That’s why SIM swap victims often have had their bank logins and passwords stolen earlier though phishing attacks. The scammers only need their mobile numbers to receive OTP / TAC numbers to authenticate the transfers.
Fact #9 : SIM Swap Attack Can Be Used To Cheat Friends Too!
Stealing money from your bank account requires extra work, so scammers who do not have your bank login details will resort to cheating your friends.
With access to your phone number, they can easily gain access to your social media accounts (Facebook, Twitter, Instagram) as well as instant messaging apps (WhatsApp, Telegram).
Once they have control, they can send messages to your friends, pretending to be you. Naturally, they will concoct some story to ask your friends for money.
The idea is to use your (now) stolen accounts to convince your friends that you genuinely need their help. The money that they transfer goes directly to the scammers, or their mules (people who rent their bank accounts to scammers).
Now that you know the facts behind the SIM swap attack or scam, please SHARE this article with your family and friends!
Please Support My Work!
Support my work through a bank transfer / PayPal / credit card!
Name : Adrian Wong Bank Transfer : CIMB 7064555917 (Swift Code : CIBBMYKL)
Credit Card / Paypal : https://paypal.me/techarp
Dr. Adrian Wong has been writing about tech and science since 1997, even publishing a book with Prentice Hall called Breaking Through The BIOS Barrier (ISBN 978-0131455368) while in medical school.
He continues to devote countless hours every day writing about tech, medicine and science, in his pursuit of facts in a post-truth world.
Can the “Mexico Did It” photo infect your phone with a virus in just 5 seconds?!
Take a look at the viral claim, and find out what the facts really are!
Updated @ 2023-09-13 : Revised for a new wave Originally posted @ 2022-11-07
Claim : “Mexico Did It” Photo Will Infect Your Phone With A Virus!
The warning about the “Mexico Did It” photo or image that will infect your phone with a virus keeps going… viral on WhatsApp and social media.
There are two versions so far – in English, and in Spanish.
FYI: They are going to publish an image that shows how Covid 19 is cured in Mexico and it is called “Mexico did it”, do not open it because it enters the phone in 5 seconds and it cannot be stopped in any way. It’s a virus. Pass it on to your friends and family. Now they also said it on CNN and BBC. DO NOT OPEN IT
Pass it on
Van a publicar una imagen que muestra como el Covid 19 se cura en Mexico y se llama “Mexico lo hizo” no lo abran porque entra al telefono en 5 segundos y no se puede frenar de ninguna forma. Es un virus. Pasenlo a sus familiares y amigos. Ahora lo dijeron tambien en CNN y BBC
Truth : There Is No “Mexico Did It” Photo / Virus!
This is just another example of FAKE NEWS circulating on WhatsApp and social media like Facebook and Twitter, and here are the reasons why…
Fact #1 : This Viral Message Has Been Circulating Since 2021
The viral message about the “Mexico Did It” photo or virus has been circulating on Facebook, WhatsApp and Twitter since April 2021.
Fact #2 : This Is A Modified Version Of “Argentina Is Doing It”
This viral message is actually a modified version of an earlier fake message, which claims that a video on WhatsApp called “Argentina is doing it” will hack your phone in 10 seconds.
It just replaces Argentina with Mexico, a video with a photo, and changes it from a 10-second hack into a 5-second virus attack.
Those two fake news are, in turn, probably based on the even older fake claim that hackers are using greeting photos and videos to hack your phone.
Fact #3 : There Is No “Mexico Did It” Photo / Virus
There is no such thing as a “Mexico Did It” image or photo. Neither is there a virus called “Mexico Did It“.
There is also no known virus that can infect your phone with a virus simply using a photo or image.
Fact #4 : CNN + BBC Never Reported On Such A virus
It’s been over 2.5 years since this fake story first appeared on Facebook, Twitter and WhatsApp, but neither CNN nor BBC has ever reported on a “Mexico Did It” virus.
Fact #5 : Image-Based Malware Is Possible, But…
Digital steganography is a method by which secret messages and other data can be hidden in digital files, like a photo or a video, or even a music file.
It is also possible to embed malicious code within a photo, but it won’t be a full-fledged malware that can execute by itself.
At most, it can be used to hide the malware payload from antivirus scanners, which is pretty clever to be honest… but it cannot hack your smartphone by itself.
Fact #6 : Image-Based Malware Requires User Action
In January 2019, cybercriminals created an online advertisement with a script that appears innocuous and would pass any malware check.
However, the image itself has an “almost white” rectangle that is recognised by the script, triggering it to redirect the user to the cybercriminals’ website. Once there, the victim is tricked into installing a Trojan disguised as an Adobe Flash Player update.
Such a clever way to bypass malware checks, but even so, this image-based malware requires user action.
You cannot get infected by the Trojan if you practice good “Internet hygiene” by not downloading or installing anything from unknown websites.
Fact #7 : Malicious Code Executes Immediately
If you accidentally download and trigger malware, it will execute immediately. It won’t take 5 seconds, as the hoax message claims.
Generally, malware won’t wait a few seconds before it infects your devices. Waiting will only increase the risk of detection.
Unless the malware creator designed it to only infect your phone when you are sleeping (like the early hours of the morning), it pays to execute immediately.
Now that you know the facts, please SHARE this article with your family and friends, and SUPPORT our work!
Please Support My Work!
Support my work through a bank transfer / PayPal / credit card!
Name : Adrian Wong Bank Transfer : CIMB 7064555917 (Swift Code : CIBBMYKL)
Credit Card / Paypal : https://paypal.me/techarp
Dr. Adrian Wong has been writing about tech and science since 1997, even publishing a book with Prentice Hall called Breaking Through The BIOS Barrier (ISBN 978-0131455368) while in medical school.
He continues to devote countless hours every day writing about tech, medicine and science, in his pursuit of facts in a post-truth world.
Can the Seismic Wave Card containing photos of the recent earthquake at Morocco hack your phone?!
Take a look at the viral claim, and find out what the facts really are!
Claim : Morocco Earthquake Seismic Wave Card Can Hack Your Phone!
This warning about the Seismic Wave Card containing photos of the recent earthquake at Morocco has gone viral on WhatsApp:
They are going to upload some photos of the Moroccan earthquake on WhatsApp. The file is called Seismic Waves CARD, don’t open it and see it, it will hack your phone in 10 seconds and it cannot be stopped in any way. Share the information with your family and friends. DO NOT OPEN IT. They also said it on TV
Truth : There Is No Morocco Earthquake Seismic Wave Card!
This is yet another example of FAKE NEWS circulating on WhatsApp, and here are reasons why…
Fact #1 : There Is No Seismic Wave Card!
First, let me just point out that there is no such thing as a Seismic Wave Card.
The Seismic Wave Card is an Internet hoax that keeps getting recycled for every earthquake that comes along, like these examples show:
They are going to upload some photos of the Cariaco earthquake on Whatsapp.The file is called WavesSeismic CARD, do not open or see it, it will hack your phone in 10 seconds and it cannot be stopped in any way.Pass the information on to your family and friends.DO NOT OPEN IT.They also said it on TV.
They are going to upload some photos of the Calvario earthquake on WhatsApp. The file is called CARD Seismic Waves. Do not open them or see them, they hack your phone in 10 seconds and it cannot be stopped in any way. Pass the information on to your family and friends. Don’t open it. They also said it on TV.
Fact #2 : Photos Are Shared Directly On WhatsApp
There is no need to open any file, or install any app, to view photos on WhatsApp. You simply click to view photos shared by other people on WhatsApp.
Of course, people may sometimes share high-resolution photos in ZIP or RAR files, because WhatsApp greatly reduces the resolution of photos shared on its platform.
Those ZIP or RAR files may be opened using apps like WinZip (Android | iOS) or RAR (Android) or Unarchiver (iOS). However, you should be wary if you are asked to download and install any app.
Unless you know what you are doing, it’s best to only view photos and videos directly inside WhatsApp, and not download any compressed files at all.
Fact #3 : Seismic Waves Card Is Not A Browser Hijacker
Seismic Waves Card appears to be falsely labelled as a browser hijacker by at least one “cybersecurity” website:
The scam message known as Seismic Waves Card is notorious for its disruptive behavior while surfing the web. Generally, scams like this, and other like Mintnav and Lookaside fbsbx, are crafted to meddle with your browser’s settings, replacing homepages and default search engines to promote affiliated sites and generate advertising revenue.
This transgression doesn’t end here; they siphon sensitive data and create vulnerabilities in your system’s security framework, providing a gateway for more perilous threats, such as malware and phishing schemes, to invade.
The protracted presence of Seismic Waves Card in your system exponentially escalates the risk of serious compromises, emphasizing the dire necessity for its immediate removal. Recognizing the malicious potential of such unwanted apps is essential in maintaining a secure and safe digital environment. Stay vigilant and prioritize your cybersecurity.
There is no evidence that a malware or browser hijacker called Seismic Waves Card exists. The article itself does not offer any evidence to prove its existence. In fact, the article and its guide on how to “remove” the malware appears to be generic, and may possibly be AI-generated.
Fact #4 : Image-Based Malware Is Possible, But…
Digital steganography is a method by which secret messages and other data can be hidden in digital files, like a photo or a video, or even a music file.
It is also possible to embed malicious code within a photo, but it won’t be a full-fledged malware that can execute by itself.
At most, it can be used to hide the malware payload from antivirus scanners, which is pretty clever to be honest… but it cannot hack your smartphone by itself.
Fact #5 : Image-Based Malware Requires User Action
In January 2019, cybercriminals created an online advertisement with a script that appears innocuous and would pass any malware check.
However, the image itself has an “almost white” rectangle that is recognised by the script, triggering it to redirect the user to the cybercriminals’ website. Once there, the victim is tricked into installing a Trojan disguised as an Adobe Flash Player update.
This is an incredibly clever way to bypass malware checks, but even so, this image-based malware requires user action.
You cannot get infected by the Trojan if you practice good “Internet hygiene” by not downloading or installing anything from unknown websites.
Fact #6 : Malicious Code Executes Immediately
If you accidentally download and trigger malware, it will execute immediately. It won’t take 10 seconds, as the hoax message claims.
There is really no reason for malware to wait before it infects your devices. Waiting will only increase the risk of detection.
Whether the malware serves to take over your device, steal your information or encrypt it for ransom, it pays to do it at the first opportunity.
Please help us FIGHT FAKE NEWS by sharing this fact check article out, and please SUPPORT our work!
Please Support My Work!
Support my work through a bank transfer / PayPal / credit card!
Name : Adrian Wong Bank Transfer : CIMB 7064555917 (Swift Code : CIBBMYKL)
Credit Card / Paypal : https://paypal.me/techarp
Dr. Adrian Wong has been writing about tech and science since 1997, even publishing a book with Prentice Hall called Breaking Through The BIOS Barrier (ISBN 978-0131455368) while in medical school.
He continues to devote countless hours every day writing about tech, medicine and science, in his pursuit of facts in a post-truth world.
Did Lil Tay and her older brother, Jason Tian, just die suddenly?!
Take a look at the viral claims, and find out what the facts really are!
Claim : Lil Tay + Jason Tian Just Died Suddenly!
Some websites and YouTube channels have recently claimed that social media influencer and rapper Lil Tay, and her older brother, Jason Tian, just died suddenly under mysterious / unknown circumstances.
Outlook India : 14-Year-Old Rapper Lil Tay Dies Along With Elder Brother Jason Tian
FreshersLive : Jason Tian Obituary, Who Was Lil Tay’s Brother Jason Tian? What Happened to Jason Tian? How Did Jason Tian Die?
News.com.au : Teen rapper Lil Tay and her brother both dead
Celebritysss : Lil Tay and Her Brother Jason Tian Are Survived By Their Parents After Their Deaths | Lil Tay
Some people have also gone full frenzy about the sudden death of Lil Tay and Jason Tian on social media:
Mario Nawfal : 🚨BREAKING: RAPPER LIL TAY REPORTED DEAD
Online influencer and rapper Lil Tay has passed away at the age of 14, five years after she rose to online fame.
The news of her ‘sudden and tragic’ demise was confirmed by an unnamed family member in a statement shared on Lil Tay’s Instagram account today.
The statement also revealed that her 21-year-old brother, Jason Tian, had also passed away.
Matt Wallace : 🚨 BREAKING NEWS: Viral Internet Sensation Lil Tay dead at only 14 years old! They have not released the cause of death yet… but I can almost guarantee it involves hardcore smuggled drugs. Extremely sad that so many kids keep dying and politicians CONTINUE TO DO NOTHING ⚠️
Truth : Lil Tay + Jason Tian Did NOT Die Suddenly!
This is yet another example of celebrity FAKE NEWS circulating on social media, and here are the reasons why…
Fact #1 : Lil Tay Death Claim Based On Single Instagram Post
All these claims that Lil Tay and her older brother, Jason Tian, died suddenly are based on a single post on her Instagram account, which was shared on Wednesday, August 9, 2023:
It is with a heavy heart that we share the devastating news of our beloved Claire’s sudden and tragic passing. We have no words to express the unbearable loss and indescribable pain. This outcome was entirely unexpected, and has left us all in shock. Her brother’s passing adds an even more unimaginable depth to our grief.
During this time of immense sorrow, we kindly ask for privacy as we grieve this overwhelming loss, as the circumstances surrounding Claire and her brother’s passing are still under investigation.
Claire will forever remain in our hearts, her absence leaving an irreplaceable void that will be felt by all who knew and loved her.
It did not help that when news agencies tried to confirm her death, her father – Christopher “Chris” Hope refused to confirm either way:
Yeah, you have the right person, but I don’t have any comment right now. I’m not able to give you any comment right now. I’m sorry — I can’t.
But the Los Angeles Police Department stated that it had no record of Claire Hope or Jason Tian dying in LA (where they live):
We have no information on either of these two individuals Claire Hope or Jason Tian being killed or dying in Los Angeles.
If the LA county medical examiners has nothing on either of them either, that would lead me to believe they are not, in fact, dead, or that it did not occur in LA.
On Thursday, August 10, 2023, Lil Tay issued a statement to say that she is still alive – a day after the death announcement on her Instagram account went viral.
I want to make it clear that my brother and I are safe and alive, but I’m completely heartbroken, and struggling to even find the right words to say.
It’s been a very traumatizing 24 hours. All day yesterday, I was bombarded with endless heartbreaking and tearful phone calls from loved ones all while trying to sort out this mess.
Fact #3 : Lil Tay’s Instagram Account Was Hacked!
Lil Tay explained that her Instagram account was “compromised by a third party” and used to “spread jarring misinformation and rumors” about her. She thanked Meta for letting her gain access to her Instagram account again.
She did not explain why it took her more than 24 hours to confirm that she was still alive and well. But a Meta spokesperson confirmed that they helped her recover her Instagram account.
Fact #4 : Lil Tay No Longer Goes By Claire Hope
Lil Tay was born as Claire Hope to Angela Tian and Christopher J. Hope on July 29, 2007. She was also known as Claire Eileen Qi Hope.
However, Lil Tay revealed that she no longer goes by her birth name – Claire Hope, which was what the fake death announcement used.
Instead, Lil Tay appears to have dropped the surname of her estranged father, and now goes by the legal name, Tay Tian.
Fact #5 : Lil Tay Is Accused Of Orchestrating Death Hoax
Lil Tay’s former manager – Harry Tsang, who was her last known public representative at the height of her fame in 2018, cast doubts over her statements.
Harry Tsang accused Lil Tay of lying about her Instagram account being hacked, and alleged that she orchestrated the fake statement about her death.
Upon learning about Lil Tay’s assertion of her well-being, I find relief in the fact that she is safe. However, I believe the reported hacking incident may not have occurred.
He pointed out two points of doubt over the validity of Lil Tay’s claims of being hacked:
My rationale for this perspective is twofold: firstly, the restoration of a compromised account on platforms like Meta/Instagram typically does not necessitate a 24-hour timeframe.
Secondly, the actions of Lil Tay’s brother, renowned for his propensity for extreme measures, lead me to hypothesize an alternative motive behind this occurrence.
Harry Tsang then suggested that Lil Tay and/or Jason Tian might have orchestrated this death hoax to rekindle her fame:
Simultaneously, if the underlying motive is indeed to rekindle Lil Tay’s prominence within the public sphere, I contend that such actions demonstrate a certain degree of irresponsibility.
It’s essential to consider the potential repercussions of employing such tactics, particularly given their potential impact on the perceptions and sentiments of the broader audience.
Please help us FIGHT FAKE NEWS by sharing this fact check article out, and please SUPPORT our work!
Please Support My Work!
Support my work through a bank transfer / PayPal / credit card!
Name : Adrian Wong Bank Transfer : CIMB 7064555917 (Swift Code : CIBBMYKL)
Credit Card / Paypal : https://paypal.me/techarp
Dr. Adrian Wong has been writing about tech and science since 1997, even publishing a book with Prentice Hall called Breaking Through The BIOS Barrier (ISBN 978-0131455368) while in medical school.
He continues to devote countless hours every day writing about tech, medicine and science, in his pursuit of facts in a post-truth world.
Millions of Gigabyte motherboards and laptops shipped with a built-in backdoor in its UEFI firmware!
Here is what you need to know about this cybersecurity danger, and what you can do about it!
Gigabyte Motherboards Shipped With Firmware Backdoor!
On 31 May 2023, researchers at the cybersecurity firm Eclypsium revealed that 271 Gigabyte motherboard models have been compromised with UEFI firmware with a built-in backdoor!
Eclypsium’s heuristic detection methods recently began flagging suspicious backdoor-like behaviour in Gigabyte motherboards. When its researchers looked into it, they found that Gigabyte motherboard firmware was executing a Windows native executable during the system start up process. This executable then insecurely downloads and executes additional payloads.
From their analysis, the executable appears to be a legitimate Gigabyte module called WpbtDxe.efi:
it checks to see if the “APP Center Download & Install” feature is enabled
it downloads executable payloads from Gigabyte servers
it has a Gigabyte cryptographic signature
They also found that the downloaded payloads have Gigabyte cryptographic signatures too, which suggest that this firmware backdoor was implemented by Gigabyte itself.
However, Eclypsium researchers discovered that the Gigabyte implementation had a number of problems, which would make it easy for threat actors to abuse the firmware backdoor:
one of its payload download locations lacks SSL (using plain HTTP, instead of the more secure HTTPS), allowing for Machine-in-the-middle (MITM) attacks
remote server certificate validation was not implemented correctly even when the other two HTTPS download locations were used, which allows for MITM attacks
one of its payload download locations is a local network-attacked storage device (NAS), which could allow a threat actor to spoof the location of the NAS to install their own malware
the Gigabyte firmware itself does not verify any cryptographic signatures, or validates the downloaded executables.
In short – millions of Gigabyte motherboards have a cybersecurity vulnerability, due to their firmware which includes an insecure / vulnerable OEM backdoor. As John Loucaides from Eclypsium put it:
If you have one of these machines, you have to worry about the fact that it’s basically grabbing something from the Internet and running it without you being involved, and hasn’t done any of this securely.
The concept of going underneath the end user and taking over their machine doesn’t sit well with most people.
Note : This vulnerability affects all computers using Gigabyte motherboards, including laptops.
Gigabyte Rolls Out New Firmware To Mitigate Backdoor!
After the news blew up inconveniently during Computex 2023, Gigabyte quickly rolled out new beta firmware upgrades for its AMD and Intel motherboards.
According to Gigabyte, the new beta firmware upgrades have “improved security mechanisms” that will “detect and prevent malicious activities during the boot process“. It also appeared to have implemented other changes:
enhanced the signature verification process for fils downloaded from its remote servers
conduct more thorough checks of file integrity to prevent the introduction of malicious code
enabled standard cryptographic verification of remote server certificates
The new firmware has just been released for AMD 600-series motherboards, as well as Intel 500- and 400-series motherboards, but will eventually be introduced for older motherboards. The new firmware will have the description, “Addresses Download Assistant Vulnerabilities Reported by Eclypsium Research“.
As Gigabyte does not intend to remove the backdoor feature, you might want to consider Eclypsium’s advice on how best to reduce the risk of malicious actors taking advantage:
Scan and monitor systems and firmware updates in order to detect affected Gigabyte systems and the backdoor-like tools embedded in firmware. Update systems to the latest validated firmware and software in order to address security issues like this one.
Inspect and disable the “APP Center Download & Install” feature in UEFI/BIOS Setup on Gigabyte systems and set a BIOS password to deter malicious changes.
Administrators can also block the following URLs: – http://mb.download.gigabyte.com/FileList/Swhttp/LiveUpdate4 – https://mb.download.gigabyte.com/FileList/Swhttp/LiveUpdate4 – https://software-nas/Swhttp/LiveUpdate4
For starters, you should definitely download and update your Gigabyte motherboard or laptop with the improved firmware. Then disable APP Center Download & Install in the BIOS.
Let’s hope Gigabyte will be able to quickly issue new and improved firmware to mitigate, if not remove, the backdoor vulnerability for the affected 271 motherboard models, and its future motherboards and laptops. Even so, many users might not be aware of this vulnerability or these updates.
It seems likely that threat actors will have access to this backdoor vulnerability in many Gigabyte motherboards and laptops for years to come. Even Eclypsium’s Loucaides believes so:
I still think this will end up being a fairly pervasive problem on Gigabyte boards for years to come.
Please Support My Work!
Support my work through a bank transfer / PayPal / credit card!
Name : Adrian Wong Bank Transfer : CIMB 7064555917 (Swift Code : CIBBMYKL)
Credit Card / Paypal : https://paypal.me/techarp
Dr. Adrian Wong has been writing about tech and science since 1997, even publishing a book with Prentice Hall called Breaking Through The BIOS Barrier (ISBN 978-0131455368) while in medical school.
He continues to devote countless hours every day writing about tech, medicine and science, in his pursuit of facts in a post-truth world.
Can hackers use Good Morning videos, pictures and messages to hack your devices, and steal your data?!
Find out what is happening, and what the FACTS really are!
Updated @ 2023-04-21 : Updated with a new 2023 version of the hoax Originally posted @ 2022-11-01
Claim : Hackers Are Using Good Morning Messages To Hack You!
This post about Chinese hackers using Good Morning videos, pictures and messages to hack your devices, keeps going viral on social media and WhatsApp.
It’s a long message, so just skip to the next section for the facts!
Dear friends, please delete all welcome photos and videos in Good Morning format and the like. Read below the article to the end, which will be clear why I ask about it. From now on I will only send personally prepared greetings.
Read all! Please send this message urgently to as many friends as possible to prevent illegal intrusion. Warning from Olga Nikolaevnas lawyer:
ATTENTION! For those who like to send Good Morning pictures! Good day! Good evening! Do not send these “good” messages.
Today, Shanghai China International News sent SOS to all subscribers (this is the third reminder) that experts recommend: please do not send good morning, good night, pictures and videos,.
Reports show that hackers in China designed the images, the video is so beautiful to hide the phishing codes inside them, when everyone sends these messages, the hackers use your devices to steal personal information, such as bank card information and data to crack the phone.
It has been reported that more than 500,000 victims of fraud have already been deceived.
If you want to greet others, write your own message to protect yourself and your family and friends.
Important! Delete all greeting messages and pictures that you have on your phone for your own safety. If someone sent you such a picture, immediately remove it from the device. Malicious code takes time to deploy, so if you act immediately, no harm will be done.
Tell all your friends about this to prevent hacking.
Greet others by writing your own words, and send only images you create. The material you create yourself is completely safe.‼️‼️ ️‼️
Please understand me correctly! All have credit cards attached to their phone. Everyone has a lot of contacts in their phones. You will create a threat not only to yourself, but to all the contacts that you have on your phones, your friends and acquaintances. ‼️ ️‼️ ️‼️
Take this very carefully! This is a harsh reality‼️ ️‼️ ️‼️
Fact #3 : No Fraud Involving Good Morning Messages
There has been no known fraud involving Good Morning or even Good Night messages, videos or pictures.
Certainly, half a million victims of such a scam would have made front page news. Yet there is not a single report on even one case…. because it never happened.
Fact #4 : Image-Based Malware Is Possible, But…
Digital steganography is a method by which secret messages and other data can be hidden in digital files, like a photo or a video, or even a music file.
It is also possible to embed malicious code within a Good Morning photo, but it won’t be a full-fledged malware that can execute by itself.
At most, it can be used to hide the malware payload from antivirus scanners, which is pretty clever to be honest…
Fact #5 : Image-Based Malware Requires User Action
In January 2019, cybercriminals created an online advertisement with a script that appears innocuous and would pass any malware check.
However, the image itself has an “almost white” rectangle that is recognised by the script, triggering it to redirect the user to the cybercriminals’ website.
Once there, the victim is tricked into installing a Trojan disguised as an Adobe Flash Player update.
Such a clever way to bypass malware checks, but even so, this image-based malware requires user action.
You cannot get infected by the Trojan if you practice good “Internet hygiene” by not downloading or installing anything from unknown websites.
Fact #6 : Malicious Code Executes Immediately
If you accidentally download and trigger malware, it will execute immediately. It won’t wait, as the hoax message claims.
Deleting Good Morning or Good Night photos or videos will free up storage space in your phone, but it won’t prevent any malware from executing.
There is really no reason for malware to wait before it infects your devices. Waiting will only increase the risk of detection.
Whether the malware serves to take over your device, steal your information or encrypt it for ransom, it pays to do it at the first opportunity.
Please help us FIGHT FAKE NEWS by sharing this fact check article out, and please SUPPORT our work!
Please Support My Work!
Support my work through a bank transfer / PayPal / credit card!
Name : Adrian Wong Bank Transfer : CIMB 7064555917 (Swift Code : CIBBMYKL)
Credit Card / Paypal : https://paypal.me/techarp
Dr. Adrian Wong has been writing about tech and science since 1997, even publishing a book with Prentice Hall called Breaking Through The BIOS Barrier (ISBN 978-0131455368) while in medical school.
He continues to devote countless hours every day writing about tech, medicine and science, in his pursuit of facts in a post-truth world.
MSI just got hit by a massive ransomware attack, but even worse – it lost a ton of critical data to the hackers!
MSI Hit By Ransomware Attack + Data Theft!
On 7 April 2023, MSI (Micro-Star International) was hit by a ransomware attack, in which the hackers allegedly exfiltrated 1.5 terabytes of source codes, BIOS firmware, private keys and other data from its servers.
In its terse regulatory filing with the Taiwan Stock Exchange (TWSE), MSI admitted that it was hacked, but did not detail the circumstances or nature of the attack.
After detecting some information systems being attacked by hackers,MSI’s IT department has initiated information security defense mechanism and recovery procedures. The Company also has been reported the anomaly to the relevant government authorities.
MSI claimed that the attack had “[no] significant impact our business in terms of financial and operational currently“, but said that it was “enhancing the information security control measures of its network and infrastructure to ensure data security.”
In a public statement, MSI also urged users to only obtain firmware / BIOS updates from its official website, and refrain from using other sources.
Hackers Demand $4 Million From MSI To Not Release Stolen Data
The MSI ransomware attack and data theft appear to be committed by the Money Message ransomware gang.
While MSI has apparently restored files encrypted by Money Message’s ransomware, the gang now has access to about 1.5 terabytes of critical MSI data.
According to BleepingComputer, chats between Money Message and an MSI representative show the gang demanding a ransom payment of $4 million. Otherwise, Money Message will release the stolen files.
To show that they did indeed steal those MSI files, Money Message posted screenshots of what they describe was MSI’s Enterprise Resource Planning (ERP) databases and files containing software source code, private keys, and BIOS firmware.
If Money Message releases MSI confidential data, it may not just be embarrassing for the Taiwanese company, it could allow other threat actors to use the source code and private keys to create malware targeting their customers.
In light of that, MSI users should only download and install software or BIOS firmware from the official MSI website.
Please Support My Work!
Support my work through a bank transfer / PayPal / credit card!
Name : Adrian Wong Bank Transfer : CIMB 7064555917 (Swift Code : CIBBMYKL)
Credit Card / Paypal : https://paypal.me/techarp
Dr. Adrian Wong has been writing about tech and science since 1997, even publishing a book with Prentice Hall called Breaking Through The BIOS Barrier (ISBN 978-0131455368) while in medical school.
He continues to devote countless hours every day writing about tech, medicine and science, in his pursuit of facts in a post-truth world.
Can the new Approve New Participant feature in WhatsApp block hackers?!
Take a look at the viral claim, and find out what the facts really are!
Claim : Turn On WhatsApp Approve New Participant To Block Hackers!
WhatsApp started introducing a new feature called Approve New Participant, on 11 March 2023.
This new feature was only available to WhatsApp Group administrators, and went pretty much unnoticed by most WhatsApp users, until this claim went viral on WhatsApp and social media platforms:
CYBER SECURITY ALERT Announcement
Let’s look sharp all admins* WhatsApp has added a new security feature to prevent hackers from joining Groups. I Hope Admins will take advantage of this feature.
*Admins* should go to group settings and ‘TURN ON’ Approve New Participant.
This will prevent unauthorized access for hackers.
WHATSAPP ADMINS ALERT!!!
That WhatsApp cybersecurity alert was unsigned, so we have no idea who created it. But once it went viral, WhatsApp users started asking their group administrator to turn it on to block hackers.
But does the new Approve New Participant feature really block hackers from attacking WhatsApp groups?
Truth : WhatsApp Approve New Participant Does Not Block Hackers!
This is yet another example of FAKE NEWS circulating on WhatsApp, and social media platforms like Facebook and Twitter, and here are the reasons why…
Fact #1 : Approve New Participant Is Not A Cybersecurity Feature
First, let me just point out that Approve New Participant is not a cybersecurity feature. WhatsApp introduced the this feature to help group administrators “grow, moderate, and protect their groups“.
The Approve New Participants setting empowers admins to help grow, moderate, and protect their groups. Turning on the setting in Group Settings requires the admin to review every request to join the group before a participant is allowed to join. This feature enhances privacy and security for all participants in the group.
This feature is designed to protect private groups by preventing people from simply joining them using an invite link.
This is a major security concern for private groups, as it exposes the group chats to people who may not be authorised to view them. However, this is not a concern for open groups, as they are open to one and all.
Fact #2 : Approve New Participant Cannot Block Hackers
When a group turns on Approve New Participant, admin approval is required to join a group. People who attempt to join the group will see a Request to join button, with the message “An admin must approve your request”.
After clicking on Request to join, those who wish to join the group are allowed to share their Reason for the request, or Cancel Request.
Once the group administrators get the request, they can either approve or reject the request. Group administrators can also start a chat with the person to request more information.
All that is great for vetting people who want to join an exclusive WhatsApp group, but this new feature does not block hackers, as the group administrator will not know who is, or is not a hacker. It’s not like those WhatsApp accounts have a “hacker” or “not a hacker” label!
Hackers can use social engineering techniques to trick the group administrators into approving their requests, or they can simply use phishing attacks to take over the WhatsApp accounts of existing group participants!
Fact #3 : Approve New Participant Is Disabled By Default
Cybersecurity features that are designed to block hackers will always be enabled by default – why would they be optional?
Yet, the new Approve New Participant feature is OPTIONAL in WhatsApp, and is DISABLED by default. That is because this is not a cybersecurity feature designed to block hackers.
Many WhatsApp groups are open for anyone to join, and turning on Approve New Participant would be pointless as group administrators would not know the identity of the people joining their groups.
This is why it is up to the WhatsApp group administrators to determine if it is suitable for them to use the new Approve New Participant feature, or not.
Private groups will want to turn this on, to vet people who request to join. But open groups will want this feature disabled, or their administrators will be overwhelmed with joining requests.
Fact #4 : Group Participants Can Always Be Removed
Here’s another reason why blocking new participants joining automatically does not block hackers – group participants can always be removed.
Let’s say a hacker, or an unauthorised person, gains access to your WhatsApp group. It doesn’t mean he/she can stay in your group forever. Any group administrator can remove that person.
This new feature only helps group administrators pre-vet people who want to join their group, instead of kicking them out after they have already joined.
Please help us FIGHT FAKE NEWS by sharing this fact check article out, and please SUPPORT our work!
Please Support My Work!
Support my work through a bank transfer / PayPal / credit card!
Name : Adrian Wong Bank Transfer : CIMB 7064555917 (Swift Code : CIBBMYKL)
Credit Card / Paypal : https://paypal.me/techarp
Dr. Adrian Wong has been writing about tech and science since 1997, even publishing a book with Prentice Hall called Breaking Through The BIOS Barrier (ISBN 978-0131455368) while in medical school.
He continues to devote countless hours every day writing about tech, medicine and science, in his pursuit of facts in a post-truth world.
Watch out for the phishing attack that will allow scammers to take over your Telegram account!
Scam Alert : Watch Out For Telegram Phishing Attack!
Scammers are now targeting Telegram users with a phishing attack that is designed to trick them into giving up their accounts! The Telegram phishing attack works like this:
Step 1 : The scammer gains control of your friend’s Telegram account, and sends this message to you:
Dear Telegram users. The system detects that this account is abnormal and has potential security risks.
To ensure that you can log in to your account normally, you need to invite friends for auxiliary verification
The risk control account has not been verified. The system will cancel the account after 24 hours!
Personal Information Authentication:[link removed]
Step 2 : The scammer, masquerading as your friend, asks you to help him/her verify his/her Telegram account by clicking on the link.
There are security risks in my account, and I need friends to help me verify it. Please click on the official link to help me verify it and follow the prompts. thank you
Step 3 : If you click on the [removed] link to help your friend, you will be taken to a website that looks like an official Telegram website. DO NOT DO THIS.
Step 4 : You will be asked to log into your Telegram account on the fake website. DO NOT DO THIS.
Step 5 : The fake Telegram website will ask you to key in your Login code, or take and upload a screenshot of your Telegram. DO NOT DO THIS.
Step 6 : If you continue, the scammer will be able to take over your Telegram account, and use it to scam your friends by asking them for money, etc.
The scammer will also have access to your Telegram chats, and all associated media including photos and videos, which could potentially be leaked or used to extort you or other people.
A phishing (pronounced as fishing) attack is a social engineering attack, that uses your trust for an institution (like a bank), authority (Telegram), or someone you know, to give up your login details.
Here are some ways you can protect yourself against any phishing attack on Telegram, or other platforms.
Verify Identity Before Trusting
Many people fall for phishing attacks because it is human nature to trust your friends and to help them. However, on instant messaging apps, you don’t actually know if it’s really your friend on the other end!
So if a friend messages you on Telegram, WhatsApp, Facebook, Twitter, Instagram, etc to ask for help, ALWAYS verify their identity before proceeding.
If possible, call or message your friend on the phone, or via a different platform (use WhatsApp if the request came on Telegram, for example).
But if you are unable to call your friend, try asking the other person something that only your real friend would know:
Do NOT ask questions like “Are you really Sarah??“
Do NOT ask questions that can be answered by reading previous chat messages.
Ask something that only you and your friend would know, like “Hey Sarah, what was that restaurant we went to last week?“
Ask a fake question that your friend would readily know is not true, like “Hey Sarah, are you coming over tonight?“
If the other person cannot answer or gives you the wrong answer, he/she is not your friend, and that account has likely been taken over by a scammer.
Whenever you see a link being shared, always check if it leads to a legitimate website, or attempts to masquerade as a real website, by substituting characters in the link.
This Telegram phishing attack, for example, uses a link to telegram.0rg.ee. The real Telegram domain name is telegram.org. This is called domain spoofing.
If you see an attempt to impersonate a legitimate website by using a similar-looking domain name, do NOT click on it.
Never Login Via A Link
It is common for people to share links on Telegram, and in Telegram groups. Heck, we share links to our article in the Tech ARP Telegram group!
Clicking on links in Telegram, WhatsApp, emails, etc. is not dangerous, because most lead to legitimate websites that do NOT require you to log in.
What is dangerous is logging into any website through a link. I cannot hammer this enough – NEVER LOG INTO ANY WEBSITE through a link!
Phishing attacks work by tricking you into going into a fake website that looks like the real website. But you still have to log into the fake website to give the scammers your login details.
If you click on a link, and you are asked to login – this is likely a phishing attack. But don’t worry – as long as you refuse to log into any website after clicking on a link, the phishing attack fails.
Turn On Two-Step Verification
All banking platforms, and many mobile apps now offer two-step verification to prevent scammers from taking over user accounts. However, this is often an optional feature that you must manually enable.
Telegram has a two-step verification feature, which prevents scammers and hackers from hijacking your account by requiring a secret password that only you will know.
It is important to publicise phishing attacks, whenever they happen. If people are alerted, they are less likely to fall for such attacks.
However, scammers and hackers can quickly change the way their phishing attack works, so it is important that people understand how phishing attacks work in general.
You can help prevent phishing attacks by sharing this articles, and other cybersecurity warnings, with your family and friends.
Please help us FIGHT SCAMMERS by sharing this cybersecurity article out, and please SUPPORT our work!
Please Support My Work!
Support my work through a bank transfer / PayPal / credit card!
Name : Adrian Wong Bank Transfer : CIMB 7064555917 (Swift Code : CIBBMYKL)
Credit Card / Paypal : https://paypal.me/techarp
Dr. Adrian Wong has been writing about tech and science since 1997, even publishing a book with Prentice Hall called Breaking Through The BIOS Barrier (ISBN 978-0131455368) while in medical school.
He continues to devote countless hours every day writing about tech, medicine and science, in his pursuit of facts in a post-truth world.
One of China’s most popular apps – Pinduoduo apparently contains a malware that monitors user activities and is difficult to remove!
Take a look at what CNN and multiple cybersecurity researchers have discovered about Pinduoduo!
Pinduoduo : What Is It?
Pinduoduo is actually a Chinese online retailer. Think of it as China’s Amazon. While Amazon started as an online bookstore, Pinduoduo started as an online agricultural retailer.
Since then, Pinduoduo has become one of China’s most popular online shopping platform, with its app offering its 750 million users access to cheap products in China, by offering steep discounts on group buying orders.
Despite its meteoric rise, Pinduoduo has not been without its controversies. In 2018, the company was criticised for hosting inferior and imitation products, to which it responded by taking down more than 4 million listing and shutting down 1,128 stores.
In 2019, Pinduoduo was hit by hackers who stole discount coupons worth tens of millions of Yuan. And just last month, Google suspended the Pinduoduo app after discovering that versions offered outside its Play Store contained malware.
The Off-Play versions of the e-commerce app that have been found to contain malware have been enforced on via Google Play Protect.
Western interest may have been initiated by Google suspending the Pinduoduo app, but cybersecurity experts had already started looking into the app, and what they discovered was very troubling.
Alert First Raised By Chinese Cybersecurity Company
I think we should start by noting that it was a Chinese cybersecurity company called Dark Navy that first raised concerns about malware in the Pinduoduo app in February 2023.
Although Dark Navy did not name Pinduoduo in its report, cybersecurity researchers knew who it was referring to and soon followed up with their own investigations and reports, confirming Dark Navy’s report.
Sophisticated Malware
Half a dozen cybersecurity teams from Asia, Europe and the United States identified sophisticated malware in the Pinduoduo app that were designed to exploit vulnerabilities in the Android operating system used by many smartphones.
The malware allows the Pinduoduo app to bypass Android security features to monitor activities in other apps, check notifications, read private messages, and even change settings. It is also difficult to remove once installed.
Mikko Hyppönen, chief research officer at WithSecure, a Finnish cybersecurity firm, said that:
We haven’t seen a mainstream app like this trying to escalate their privileges to gain access to things that they’re not supposed to gain access to. This is highly unusual, and it is pretty damning for Pinduoduo.
Dedicated Hacking Team To Look For Vulnerabilities
Even more damning, CNN reported that a current employee revealed that Pinduoduo set up a team of about 100 engineers and product managers to look for vulnerabilities in Android smartphones, and find ways to exploit them for profit.
To avoid exposure, the source said that the company targeted users in rural areas and smaller towns, and avoided users in megacities like Beijing and Shanghai.
By collecting expansive data on those users, Pinduoduo was able to create a comprehensive portrait of their habits, interests, and preferences; while improving its machine learning models to personalise push notifications and ads.
Pinduoduo App Gained More Access Than Allowed
Three cybersecurity companies – WithSecure, Check Point Research, and Oversecured conducted independent analysis of version 6.49.0 of the Pinduoduo app that was released in late February 2023, and found code designed to achieve “privilege escalation” – a type of cyberattack that exploits vulnerabilities in the operating system to gain a higher level of access to data that it’s supposed to have.
Our team has reverse engineered that code and we can confirm that it tries to escalate rights, tries to gain access to things normal apps wouldn’t be able to do on Android phones.
The Pinduoduo app was able to continue running in the background, and prevent itself from being uninstalled. This was apparently done to boost the platform’s statistic for monthly active users.
Pinduoduo App Has Access To User Data Without Consent
Delware-based app security start-up, Oversecured, found that the Pinduoduo app had access to user data like locations, contacts, calendars, notifications, and photo albums, without their consent.
The app was also able to change system settings, and access user social media accounts and chats.
The Pinduoduo app also had the ability to snoop on competing shopping apps, by tracking activity on other shopping apps, and gathering information from them.
Pinduoduo App Able To Secretly Receive Updates
Check Point Research found that Pinduoduo was able to push updates to the app, without first going through an app store review process to detect malicious code.
Pinduoduo App Programmers Attempted To Obscure Malicious Code
Check Point Research also found that some plug-ins used by the Pinduoduo app tried to obscure potentially malicious code by hiding them under legitimate file names, such as Google’s.
Such a technique is widely used by malware developers that inject malicious code into applications that have legitimate functionality.
Pinduoduo Targeted Android Devices
According to Sergey Toshin, founder of Oversecured, Pinduoduo’s malware specifically targeted Android operating systems used by Samsung, HUAWEI, Xiaomi and OPPO.
He also described the app as “the most dangerous malware” ever found in mainstream apps, exploiting about 50 Android system vulnerabilities. Most of these exploits targeted customised OEM code used by smartphone brands to customise their smartphone software.
I’ve never seen anything like this before. It’s like, super expansive.
After cybersecurity researchers started reporting about the app, Pinduoduo released version 6.50.0 on March 5, which removed the exploits they found. Two days later, Pinduoduo disbanded its Android hacking team, according to the same employee.
The hacking team members found themselves locked out of Pinduoduo’s workspace communication app, called Knock, and lost access to files on the company’s internal network, with their privileges revoked.
Most of the team was later transferred to work at Pinduoduo’s sister app, Temu. A core group of about 20 cybersecurity engineers however remain at Pinduoduo.
In addition, Sergey Toshin of Oversecured noted that while the exploits were removed in the new version of Pinduoduo, the underlying code remained and could be reactivated to carry out attacks.
Please Support My Work!
Support my work through a bank transfer / PayPal / credit card!
Name : Adrian Wong Bank Transfer : CIMB 7064555917 (Swift Code : CIBBMYKL)
Credit Card / Paypal : https://paypal.me/techarp
Dr. Adrian Wong has been writing about tech and science since 1997, even publishing a book with Prentice Hall called Breaking Through The BIOS Barrier (ISBN 978-0131455368) while in medical school.
He continues to devote countless hours every day writing about tech, medicine and science, in his pursuit of facts in a post-truth world.
Many Facebook users are getting hit by the Facebook Ads and Facebook Pay scams! Here is how you can prevent it from happening to you!
Facebook Ads + Pay Scam Hits Many Bank Customers!
Many bank customers are complaining that they are being charged for fraudulent Facebook Ads advertisement campaigns!
They discovered that their debit cards were charged for Facebook advertisements that they never approved. Some have also stated that their credit or debit cards were used to purchase goods and services using Facebook Pay.
Stephanie Wong : I found out the money deducted from my bank acc through multiple continuous transactions yesterday, then I called Maybank customer service immediately. They helped me to cancel the card but then the thing happened again this morning.
@ruffleseed : I heard tens of millions of Ringgit were reported misappropriated through @facebook on multiple bank over the past few weeks.
Delete your phone number from Facebook now and do not let @messengerhandle your SMS. @MyMaybankhas yet to answer us re: this intrusion.
@ItsNeoah : Banyak kali kena kat credit card ambank. Alhamdulilah call ambank dia mintak isi dispute form then tgok next cycle bil dah takde. Letih ngan scammer ni.
Translation : [My] Ambank credit card got hit many times. Alhamdulillah, after calling Ambank, they asked me to fill out a dispute form, then when I checked the next bill cycle [the charges] was removed. Tired of this scammer.
Here are some ways to prevent getting hit by the Facebook Ads scam, whether you are a bank customer in Malaysia or other countries.
Do NOT Use Debit Cards
First, you should NEVER use a debit card if you can help it. You should certainly not use a debit card online, or register it on any online or mobile payment platform, whether it’s for Apple Pay, Google Pay, or Facebook Pay.
It doesn’t matter if Bill Gates or Elon Musk or BTS endorses debit cards. DO NOT USE DEBIT CARDS!
You should certainly never use your debit card to fund Facebook advertisements. Always use a credit card, which offers you some protection against such fraudulent transactions.
Disable Your ATM Card’s Debit Card Function
Even if you have never requested for a debit card, you likely already own one – your ATM card likely doubles as a debit card! Banks have been forcing customers to take on debit cards, often by making ATM cards double as debit cards.
If possible, ask your bank to disable debit card function in your ATM card. But it is likely that they will refuse to do so – they make money from debit card transactions after all!
If your bank refuses to disable the debit card function in your ATM card, you can ask them to set the limit to ZERO. That will effectively block scammers from accessing your bank account!
Monitor Your Credit Card Transactions
Using a credit card to purchase products and services on online and mobile payment platforms offers you some protection against fraud, but you must always monitor the transactions and report any fraudulent transactions right away.
Depending on the country and card network, you usually have about 60 days to dispute credit card charges. So don’t wait. Report them as soon as you spot them! This will reduce the loss and reports you make, and speeds up the refund process.
If you register your credit cards for use with Facebook Ads or Facebook Pay, try to REMOVE them as soon as you are done.
Do NOT leave them registered to your Facebook Ads or Facebook Pay account, as a scammer or hacker who gains access to your Facebook account can make fraudulent purchases or run fraudulent advertisements using those credit cards without additional verification.
But if you have never registered your credit or debit cards with Facebook, or removed them after using, even if scammers hacked into your Facebook account or gained access through phishing attacks, they won’t be able to use your credit or debit cards!
Enable PIN For Facebook Pay
If you are using Facebook Pay, a scammer who gains access to your Facebook account could potentially use the debit or credit cards you registered earlier to make fraudulent transactions.
To prevent that, you should enable PIN confirmation for Facebook Pay:
Go to Settings in the Facebook website (not app).
Go to Account Settings, and select Orders and payments.
In the Orders and payments page, select Settings.
In the Security section, select Require PIN Confirmation.
You will be asked to enter a 4-digit number as your PIN.
Key in the 4-digit number again to confirm your PIN.
After that, you will be required to key in the 4-digit PIN whenever you make a payment, or change your bank account details, or connect your payment info with other Meta apps.
Once you’ve turned on two-factor authentication, you can get 10 recovery login codes to use when you’re unable to use your phone.
Please Support My Work!
Support my work through a bank transfer / PayPal / credit card!
Name : Adrian Wong Bank Transfer : CIMB 7064555917 (Swift Code : CIBBMYKL)
Credit Card / Paypal : https://paypal.me/techarp
Dr. Adrian Wong has been writing about tech and science since 1997, even publishing a book with Prentice Hall called Breaking Through The BIOS Barrier (ISBN 978-0131455368) while in medical school.
He continues to devote countless hours every day writing about tech, medicine and science, in his pursuit of facts in a post-truth world.
If you are one of the many Maybank (MBB) customers who got hit by the Facebook Ads scam, here is how you can recover your money!
Facebook Ads Scam Hits Many Maybank Customers!
Many Maybank customers are complaining that they are being charged for fraudulent Facebook Ads advertisement campaigns!
They discovered that their debit cards were charged for Facebook advertisements that they never approved.
Stephanie Wong : I think i am a very cautious person as I did not link my card to any platform or make purchase through any unsafe website at ALL, but it still happens to me.
I found out the money deducted from my bank acc through multiple continuous transactions yesterday, then I called Maybank customer service immediately.
They helped me to cancel the card but then the thing happened again this morning.
@ruffleseed : I heard tens of millions of Ringgit were reported misappropriated through @facebook on multiple bank over the past few weeks.
Delete your phone number from Facebook now and do not let @messengerhandle your SMS.
@MyMaybankhas yet to answer us re: this intrusion.
Generally, you should NEVER use a debit card because it does not offer the protection a credit card does – money is withdrawn directly from your bank account, and the bank is not legally obliged to refund any money lost through scams.
However, Hafizah Ayko who was once a victim shared her experience on how she managed to recover money, even though the scammers used her debit card to run those fake Facebook advertisements.
To help you recover any money you may have lost to Facebook Ads scammers, I translated and “improved” her instructions for you:
Disable Your Debit / Credit Card
First, you need to quickly disable your debit or credit card. You can call up the bank, or in Maybank’s case:
Step 1 : Log into your Maybank2U account.
Step 2 : Go to Cards, and select Manage My Debit Card.
Step 4 : Select Block Debit Card. You will need to get a replacement card from any Maybank branch later.
If you feel that the above steps are too complicated, an alternative method would be to immediately transfer your money to another bank account, if you have one.
But please DO NOT transfer your money to another person’s account. Only transfer your money to another bank account that you own.
NEVER EVER transfer your money to a third party, especially they claim to be police officers or bank officers trying to help you. That is a scam!
Police departments and banks do NOT have special bank accounts to hold and protect your money during scams. And legitimate police and bank officers are NOT authorised to receive money, and will NEVER ask you to transfer money to their bank accounts.
Next, you need to immediately disable all advertisements that the scammer has set up using your Facebook account. The longer they continue to run, the more you are being charged for them!
Step 1 : Go to your Facebook account, and select See all.
Step 2 : Select Ads Manager.
Step 3 : You should see a bunch of fraudulent advertisements running. Turn all of them off.
You should also report the fraudulent transactions to your bank and request for a refund. This works for credit cards, but you should nevertheless give it a try even if the scammers hit your debit card.
Step 2 : Print or directly fill in the information into the PDF form.
Step 3 : Email the form to disputemgmt@maybank.com.my, together with any relevant screenshots, within 20 days from the closing date of the billing period.
Again, banks are not obliged to refund fraudulent charges to debit cards, as the money is withdrawn directly from your bank account. But there is no harm trying.
Please Support My Work!
Support my work through a bank transfer / PayPal / credit card!
Name : Adrian Wong Bank Transfer : CIMB 7064555917 (Swift Code : CIBBMYKL)
Credit Card / Paypal : https://paypal.me/techarp
Dr. Adrian Wong has been writing about tech and science since 1997, even publishing a book with Prentice Hall called Breaking Through The BIOS Barrier (ISBN 978-0131455368) while in medical school.
He continues to devote countless hours every day writing about tech, medicine and science, in his pursuit of facts in a post-truth world.
Many Maybank (MBB) customers are getting hit by the Facebook Ads scam!
Find out what’s going on, and what you can do to avoid this Facebook Ads scam!
Facebook Ads Scam Hits Many Maybank Customers!
Many Maybank customers are complaining that they are being charged for fraudulent Facebook Ads advertisement campaigns!
They discovered that their debit cards were charged for Facebook advertisements that they never approved.
Stephanie Wong : I think i am a very cautious person as I did not link my card to any platform or make purchase through any unsafe website at ALL, but it still happens to me.
I found out the money deducted from my bank acc through multiple continuous transactions yesterday, then I called Maybank customer service immediately.
They helped me to cancel the card but then the thing happened again this morning.
@ruffleseed : I heard tens of millions of Ringgit were reported misappropriated through @facebook on multiple bank over the past few weeks.
Delete your phone number from Facebook now and do not let @messengerhandle your SMS.
@MyMaybankhas yet to answer us re: this intrusion.
Danish Ihsan : Aku dah kena jugak, satu hari 2 transaction.. nasib sedaq awai, habis rm800.. kalau tak lagi banyak.. maybank dah tak selamat, tadi kat bank pun ada akak kena jugak transfer to others acc beribu2 jugak lah,. Solusi, jangan guna maybank buat masa sekarang..
Translation : I got with with 2 transactions in one day.. luckily, I realised early, but lost rm800.. if not it would have been more.. maybank is not safe, just now at the bank a lady transferred thousands [of ringgit] to other people’s account. Solution, don’t use Maybank for now..
Analysis : Facebook Ads Scam May Not Be Related To Maybank
Many of those customers are angry with Maybank over these fraudulent charges to their debit cards, which meant the money was directly withdrawn from their bank accounts.
However, on closer analysis, the scammers may not necessarily be taking advantage of leaked Maybank debit card information, or hacked Maybank itself…
Fact #1 : Other Bank Customers Are Affected Too
While most recent Facebook Ads scam cases appear to be affecting Maybank customers, other bank customers are reporting that they took were charged for those fraudulent advertisements.
@eeshepeeka : nohh laki cek pun kena last week tp kat CIMB. ada few transaction for 2 days nasib dia tolak sikit2. sekali deduct RM12+ sehari 3x ja. deduction description pun sama sebiji cam dlm gambaq tu. haiyaa
Translation : Well, my husband also got [scammed] last week but at CIMB. there were a few transactions for 2 days, but luckily [the scammer] deducted only small amounts. each time deducting RM12+ a day for 3 times. The deduction description is the same as the one in the picture. haiyaa
@ItsNeoah : Banyak kali kena kat credit card ambank. Alhamdulilah call ambank dia mintak isi dispute form then tgok next cycle bil dah takde. Letih ngan scammer ni.
Translation : [My] Ambank credit card got hit many times. Alhamdulillah, after calling Ambank, they asked me to fill out a dispute form, then when I checked the next bill cycle [the charges] was removed. Tired of this scammer.
Fact #2 : Most Of Them Ran Facebook Ads In The Past
In addition to analysing their stories, I also spoke to someone who knows several Maybank customers who got hit by the scam. From what I can ascertain, most of them ran Facebook Ads in the past.
Stephanie Wong : 3.) Did not run any ads recently, but few years ago
@wnn_tasha : I last pakai FB ad guna akaun ni tahun 2018. Silap tak remove payment method tu.
Translation : I last used FB ad using this account in 2018. My mistake for not removing the payment method.
They said that they paid for Facebook page a few years ago to boost their audience.
That said, at least two Maybank customers said that they have never registered any debit or credit card with Facebook:
Fahim Fahmi : Tak pernah ada link kad dengan FB atau social media yang lain
Translation : [I] never linked [any] card with FB or other social media
@ruffleseed : I have never set up payment methods on Facebook nor have I ever used Facebook ads.
Fact #3 : Scammer Likely Got Access To Those Facebook Accounts
What is interesting is that most of those who were affected by this Facebook Ads scam reported that their Facebook accounts were used to create and run those ads.
If their debit or credit cards were merely stolen, the scammers could have created a new Facebook account to use those stolen cards to run Facebook ads.
Fortunately, one of the victims “caught” the scammer logging into her account from the United States. This clearly shows that the Facebook Ads scam requires the scammer to gain access to their Facebook accounts.
It is likely that the scammers gained access to their victims’ Facebook accounts using phishing attacks, and simply used the debit or credit cards that those victims earlier registered with Facebook to run advertisements in the past.
Fact #4 : Facebook Auto-Fill Is Not The Problem
After these cases went viral, people blamed the Auto-Fill feature in Facebook, and shared videos and photos on how to disable it.
The truth is – this Facebook Ads scam very likely has nothing to do with Auto-Fill, which is a feature used in many other services and platforms.
Auto-Fill only makes it easier to fill in your debit or credit card details. It does not bypass any verification that is required to make a payment.
Now, this is important – you need to move fast to cut your losses, and recover the money. You can also improve your Facebook account security to prevent it from happening again.
Support my work through a bank transfer / PayPal / credit card!
Name : Adrian Wong Bank Transfer : CIMB 7064555917 (Swift Code : CIBBMYKL)
Credit Card / Paypal : https://paypal.me/techarp
Dr. Adrian Wong has been writing about tech and science since 1997, even publishing a book with Prentice Hall called Breaking Through The BIOS Barrier (ISBN 978-0131455368) while in medical school.
He continues to devote countless hours every day writing about tech, medicine and science, in his pursuit of facts in a post-truth world.
Truth : Facebook Auto-Fill Does Not Open You To Scams
There appears to be a spate of scams involving Facebook Ads and Maybank users, but it does not appear to be related to the Facebook Auto-Fill feature, and here are the reasons why…
Fact #1 : Facebook Introduced Auto-Fill In 2013
Facebook started introducing Auto-Fill sometime in September 2013, and gradually rolled it out globally over the years, so this is not a new feature.
Fact #2 : Many App Use Auto-Fill
Facebook isn’t the only app or platform to use Auto-Fill. Many services and platforms use Auto-Fill to make it easier to fill up forms and make payments.
The Auto-Fill feature is used in most, if not all, e-commerce / online shopping / online payment platforms, to expedite payments. The idea is that if they make it easier it is for you to pay, you will tend to buy more!
Many apps and services also use Auto-Fill to help you fill onerous forms with common details like your full name, email address, address and telephone number.
Fact #3 : Facebook Does Not Automatically Have Your Details
Facebook enables Auto-Fill by default for forms and payment, but that does not mean it has access to your debit or credit cards, or even your personal details. You need to manually key in your Contact Info and/or Payment Info for Facebook Auto-Fill to work.
If you have never given Facebook your credit card details, there is no way for its Auto-Fill to automatically fill in the credit card details for any transaction. Even if a scammer gains access to your Facebook account, he/she cannot use Auto-Fill because you never keyed in your debit or credit card details in the first place!
I did a quick check on two cases involving Maybank that came up recently (first example) (second example), and noticed that both parties who reported that they got fraudulently charged for Facebook Ads never registered their credit card with Facebook at all!
So whatever may be going on, it does not appear to be a Facebook Auto-Fill issue. But just in case you are worried, here are the latest steps on how to disable Auto-Fill on the Facebook mobile app.
Tap on your icon at the upper right corner of the Facebook app to access the Menu.
Scroll down the Menu until you see the Settings & privacy group.
Tap on Settings.
Scroll down the Settings & privacy page, and tap on Browser.
Scroll down the Browser settings page to the Auto-fill section.
You can tap on the Contact info and Payment info to check what information you shared with Facebook.
To disable Auto-fill for contact information, unselect Auto-fill contact forms.
To disable Auto-fill for payment, unselect Auto-fill payment forms.
Even if you registered your credit card details with Facebook, and then use Auto-Fill to make a purchase, you will still need to authenticate that purchase.
Of course, it is possible to conduct a SIM swap attack, but that’s a different story altogether…
Fact #5 : Existing Facebook Ads Account Is A Risk
Those who have earlier registered a Facebook Ads account and ran advertisements may be at risk, because their credit cards would already be linked to their Facebook Ads account.
A scammer who gains access to their account (usually through phishing attacks) can easily create and run advertisements using their existing Facebook Ads account using the credit cards that have already been registered and approved earlier.
To minimise your risk, never ever use a debit card! Always use a CREDIT CARD, and always keep an eye on the transactions. Report to the bank once you see a fraudulent transaction.
But this has nothing to do with the Facebook Auto-Fill feature, and is not a concern if you never pre-approved your debit or credit cards with a Facebook Ads account.
Fact #5 : Existing Facebook Pay Account Is A Risk
Similarly, if you are using Facebook Pay, a scammer who gains access to your Facebook account could potentially use the debit or credit cards you registered earlier to make fraudulent transactions.
Again, you should NEVER use a debit card with Facebook Pay. Use a credit card, and always keep an eye on the transactions, and report to the bank once you see something fishy.
On top of that, you should enable PIN confirmation for Facebook Pay:
Go to Settings in the Facebook website (not app).
Go to Account Settings, and select Orders and payments.
In the Orders and payments page, select Settings.
In the Security section, select Require PIN Confirmation.
You will be asked to enter a 4-digit number as your PIN.
Key in the 4-digit number again to confirm your PIN.
After that, you will be required to key in the 4-digit PIN whenever you make a payment, or change your bank account details, or connect your payment info with other Meta apps.
Support my work through a bank transfer / PayPal / credit card!
Name : Adrian Wong Bank Transfer : CIMB 7064555917 (Swift Code : CIBBMYKL)
Credit Card / Paypal : https://paypal.me/techarp
Dr. Adrian Wong has been writing about tech and science since 1997, even publishing a book with Prentice Hall called Breaking Through The BIOS Barrier (ISBN 978-0131455368) while in medical school.
He continues to devote countless hours every day writing about tech, medicine and science, in his pursuit of facts in a post-truth world.
Did leaked data show that Pfizer knew that its COVID-19 vaccine would kill people who took it?!
Take a look at the viral claim, and find out what the facts really are!
Claim : Leaked Data Show Pfizer Knew Vaccine Would Kill!
People have been sharing a photo of The Irish Light newspaper, which claims that leaked data showed that Pfizer knew that its COVID-19 vaccine would kill people who took it!
It’s a long article, so feel free to skip to the next section for the facts!
Pfizer knew their vaccine would kill
Leaked data shows shocking number of fatalities and side effects now officially associated with covid shots
THE documents were leaked due to a cyber attack on the European Medicines Agency (EMA) website. More than 40 megabytes of classified information from the agency’s revlew were published on the dark web. and several Journalists including the BMJ were sent coples of the leak by anonvmous senders.
The documents have proved to be shocking due to the sheer amount of side ellects that are now ollicially associaled with the ‘vaccine*. Most alarmingly, there were at least 1,223 deaths reported in the first 28 days following the shot.
The U.S. Food and Drug Administration (FDA) had previously agreed to withhold the documents and their shocking revelations from the public for 75 years.
The HSE, moda and the government continually state that the vaccines are ‘safe and effective’ and those that had renorted vaccine-related injuries were oflen accused of making false correlations or imagining their symptoms.
However, the Pfizer documents paint a very different picture. They list thousands of side effeets that occurred at an alarming rate which were as a direct result of taking the experimental genetac injection.
These side effects included noat-fatal conditions such as eccema, blisters, asthma. low sperm counts and fertility problems.
Other more serious side ellects included, but were not limited to: auto-immine disorders; blindness: diabetes: berpes: heart problems such as myocardite; divroid disorders: neurological condations such as multiple sclerosis; sexures; epilepsy; narcolepsy and Guillain-Bame Syndrome. Also, inllammatory bowel disease, relapsing diseases, dcalness and even tongue biting.
While it has been approved for use in pregnant women, it is also known to cause pregnancy complications, including many spontaneous abortions.
One of the many issues it causes is anaphylactoid syndrome of pregnancy or ASP for short. ASP is a fatal discase for mothers and is among the leading causes of maternal mortality.
Symploms include anciety, confusion. shortness of breath, severe bleeding and death. Therefore, there is a high risk for pregnant women taking the covid “vaccine’.
The Pfizer document also list various blood disorders, Crohn’s disease, and liver failure as side effects. Blood clotting was another issue reported from the ‘vaccine’ trials.
One of the most telling side effects of this covid-19 injection is… covid-19. Proponents often argue that despite the possible side effects associated with some of the covid shots, they at least prevent people from dying from covid-19.
The problem is that the ‘vaccine’ actually causes people to develop the disease. In other words, it is contributing to the mumber of cases. It also lists covid-19 associated pneumonia as a side effect.
Some may argue that all of these side ellects are only associated with the Pfizer shot.
However, death and serious injuries have been present and publicly acknowledged with all of die manubcturers’ shots.
Research developed by Edinburgh University showed that almost 350 Brits have been struck down with a separate rare clotting disorder afler getting the AstraZeneca vaccine.
These blood clots cause minor bruising around the body and can leave some with a purple-dotted rash.
The Moderna vaccine has been assoctaled with heart problems such as mvocarditis and pericarditis. The list of adverse reactions also includes inflammation, fainting and breathing difficulties.
Data from the UK Health Security Agency (UKHSA) listed on page 2 has also revealed that both covid-19 deaths and cases were worse in vaccinated people, particularly those over the age of 18
The data in the table is clear: the chances of developing covid-19 increases significantly following subsequent ‘booster jabs.
This is broadly in line with the information contained in the Mizer document, which stated that vaccine side effects cause covid-19 and respiratory illnesses.
Coupled with the fact that ONS data recently revealed that covid deaths were much lwer than previously thought, the risks of taking the vaccine seem to greatly outweigh the risks of not doing so.
Truth : Leaked Data Did Not Show Pfizer Vaccine Is Dangerous!
This is yet another example of FAKE NEWS created and propagated by anti-vaccination activists, and here are the reasons why!
Fact #1 : The Irish Light Is An Anti-Vaccination Newspaper
While many anti-vaccination activists are promoting the article as coming from an Irish newspaper, The Irish Light is a self-printed newspaper that was launched in August 2021 by two former journalists turned COVID conspiracy theorists – Gemma O’Doherty and John Waters.
Gemma O’Doherty previously worked for the Irish Independent newspaper, while John Waters used to work for The Irish Times.
Unlike regular newspapers which delivers news content, The Irish Light focuses on questioning the effectiveness of vaccines, the COVID pandemic, and other far-right ideas.
Fact #2 : EMA Cyberattack Occurred In January 2021
The Irish Light published their article called “Pfizer knew their vaccine would kill” in April 2022, as part of their 10th issue.
However, the cyber attack on the European Medicines Agency (EMA) it referred to occurred more than a year ago – in January 2021.
Fact #3 : EMA-Pfizer Data Was Leaked To Journalists + Dark Web
More than 40 MB of data was stolen in the EMA cyberattack and released on the dark web, and leaked to several journalists, including from The BMJ and academics worldwide.
The leaked data consisted of confidential documents on the Pfizer BNT162b2 vaccine candidate (later known as the Pfizer-BioNTech COMIRNATY COVID-19 vaccine), which included “internal / confidential email correspondence from November, relating to evaluation processes for COVID-19 vaccines“.
Fact #4 : Leaked Documents Was About Quality Of Early Vaccine Batches
The BMJ reviewed the leaked documents, and found that they showed that regulators at the EMA had concerns about the quality of some early commercial batches of the Pfizer-BioNTech COVID-19 vaccine.
An email dated 23 November 2020 showed that a high-ranking EMA official complained that Pfizer was not producing its COVID-19 vaccines to the expected specifications.
Specifically, the level of intact mRNA dropped from about 78% in the clinical batches to 55% in the proposed commercial batches. Nothing in the leaked documents referred to safety issues, or side effects.
Fact #5 : Leaked EMA-Pfizer Data Was Tampered Before Release
On 15 January 2021, the European Medicines Agency (EMA) announced that their investigation showed that some of the leaked data was tampered by the hackers before being released.
Some of the correspondence has been manipulated by the perpetrators prior to publication in a way which could undermine trust in vaccines.
The BMJ was criticised for reviewing the leaked documents without first verifying their authenticity and accuracy.
EMA states that the information was partially doctored, and that the perpetrators selected and aggregated data from different users and added additional headings.
It is unclear to us why a respected journal chose to present unverifiable information, in the process damaging an institution that has worked for 25 years in a transparent and successful manner.
Fact #6 : Leaked Documents Showed EMA Regulation At Work
While anti-vaccination activists framed the leak as evidence of collusion between EMA and Pfizer, they actually show that EMA regulators were doing their jobs.
EMA did not cover up the quality issue, but filed two “major objections” with Pfizer, together with a host of other questions it wanted Pfizer to address.
On 25 November 2020, one of the leaked emails showed that Pfizer had already brought up the level of mRNA in their COVID-19 vaccine lots.
The latest lots indicate that % intact RNA are back at around 70-75%, which leaves us cautiously optimistic that additional data could address the issue.
Ultimately, the EMA authorised the vaccine on 21 December 2020, nothing that “the quality of this medicinal product, submitted in the emergency context of the current (covid-19) pandemic, is considered to be sufficiently consistent and acceptable.”
Fact #7 : FDA Never Agreed To Withhold Pfizer Documents For 75 Years
The claim that the US FDA earlier agreed to withhold documents on the Pfizer vaccine for 75 years was debunked months earlier – in December 2021.
The US FDA never asked or agreed to withhold Pfizer COVID-19 vaccine documents for 75 years. That was merely the “interpretation” of Aaron Siri – the lawyer for PHMPT (Public Health and Medical Professionals for Transparency) – the group requesting the data that the FDA used to licence the Pfizer COVID-19 vaccine.
Fact #8 : Pfizer Documents Did Not Reveal Thousands Of Side Effects
The claim that the Pfizer COVID-19 vaccine documents revealed that it had thousands of side effects was debunked in March 2022.
The Pfizer document was publicly released on 17 November 2021, but it took antivaxxers more than 3 months to “discover” the list of 1,291 adverse events of special interest (AESI).
However, the AESI list was not a list of vaccine side effects. It was a list of “adverse events” that must be reported for further investigation.
It was also a generic list, which includes irrelevant adverse events like manufacturing and lab test issues, and even product availability and supply issues, as well as other diseases like MERS and chickenpox.
Please help us FIGHT FAKE NEWS by sharing this fact check article out, and please SUPPORT our work!
Don’t forget to protect yourself, and your family, by vaccinating against COVID-19!
Please Support My Work!
Support my work through a bank transfer / PayPal / credit card!
Name : Adrian Wong Bank Transfer : CIMB 7064555917 (Swift Code : CIBBMYKL)
Credit Card / Paypal : https://paypal.me/techarp
Dr. Adrian Wong has been writing about tech and science since 1997, even publishing a book with Prentice Hall called Breaking Through The BIOS Barrier (ISBN 978-0131455368) while in medical school.
He continues to devote countless hours every day writing about tech, medicine and science, in his pursuit of facts in a post-truth world.
Will your phone get hacked while you are voting in GE15?!
Take a look at the viral claim, and find out what the facts really are!
Claim : Your Phone Will Get Hacked While You Vote In GE15!
This warning has gone viral on WhatsApp and social media, claiming that your phone will get hacked while you are voting in GE15!
The post is long, so feel free to skip to the next section for the facts!
For first time voters, it might be tempting to bring your phone along with you to document and record your experience voting for the first time.
However, the Election Commission (EC) has announced that the use of mobile phones inside polling stations will not be allowed.
As such, you may use your phone to kill time while standing in line, but you’d have to surrender your phone once you collect your ballot paper.
But, according to a Malaysian self-taught ethical hacker, this might not be the wisest move.
In a Twitter post that has gone viral, Twitter user @BeardtimusPrime shared that leaving your phone unattended and in the hands of volunteers at polling stations raises many security bells.
In a response to an infographic about the on-the-day process, he said that you should never leave your smartphone unattended and if you had to, you should at least put security tape over the USB/Lightning port before handing it over.
How could that be possible?
In an interview with WORLD OF BUZZ, the Twitter user explained that the issue lies in the fact that you’d be handing over your phone to volunteers, with close to zero vetting and background checks.
“Physically handing over your device is the worst thing to do when it comes to security. It’s similar to sharing passwords.”
He then explained that there are various ways hackers could access your data with your device in their hands and that simply turning off a smartphone doesn’t truly turn it off unless you were to take the battery out which requires special tools.
“Malware injection is still possible as the device will be in a ‘soft-off’ state,” he explained.
He then shared an explainer video on how hackers could easily access your data simply by plugging in what appears to be a standard cable which would allow them to remotely control and access your phone.
The video showed how people who have managed to access your phone would be able to read your messages, send messages from your phone and other worrisome things.
If you’d like to find out more on how exactly this can happen, checkout the video below (tap link to view video).
We hope that this will serve as a reminder to never leave your phone unattended. Are you still planning to bring your phone to the voting stations?
Truth : Your Phone Won’t Get Hacked While You Vote In GE15!
This is yet another example of FAKE NEWS circulating on WhatsApp and social media, and here are the reasons why…
Fact #1 : Phones Are Left On KTM Table In Individual Boxes
First, let us establish some basic facts about how phones are “surrendered” before voting in GE15:
Each polling station (Saluran) will have two voting booths, allowing two voters to mark their ballots at the same time.
The KTM (Ketua Tempat Mengundi – Head of Polling Station) will have two cardboard boxes – one for each phone.
On the way to the voting booth, each voter will place his/her phone into one of the two cardboard boxes on the KTM’s table.
After casting the ballots, the voter will retrieve his/her phone from the cardboard box.
The polling clerks and the head of the polling station (KTM) will NOT touch any phone. Voters must place and retrieve their phones by themselves.
Fact #2 : There Are Many Witnesses In Each Polling Station
Each polling station has at least one police officer, three polling clerks and a KTM (Head of the Polling Station), as well as two or more observers.
That’s seven or more people arranged along three sides of the room, which means the phones placed on the KTM’s table are visible to all of them. Any attempt by anyone but the voters to handle the phones would be instantly noticed.
Fact #3 : KTM Is Usually A Teacher Working In That School
In Malaysian elections, schools are generally used as voting centres, with classrooms converted into polling stations.
Usually, the Malaysia Election Commission (SPR) appoints teachers of the same school as the KTM – head of each polling station.
While this does not mean some of these teachers are not secretly awesome hackers in their spare time, it means that your phones are generally being watched by teachers.
If you can trust school teachers with your kids, you can certainly trust them to WATCH OVER your precious phone.
Fact #4 : Marking Your Ballots Take Less Than A Minute
The only time your phone is out of your view is when you are marking your ballots in the voting booth.
How long do you reckon it takes to mark X on one or two ballots, and fold them? Maybe 10 seconds? 20 seconds if you are slow. No matter what – your mobile phone will only be out of sight for less than a minute.
Do you actually believe any hacker would have the time to hook up your phone to any cable, never mind hack it, in less than one minute?
Fact #5 : Juice Jacking Requires Cable To Be Plugged Into Phone
What this “ethical hacker” is referring to is called juice jacking. Juice jacking requires a cable to be plugged into your phone. It cannot happen wirelessly, because it relies on USB vulnerabilities.
As noted in Fact #1, you will place your phone into a large cardboard box. You will be able to see that there are no cables present.
While you are marking your vote, the box containing your phone will be fully visible to at least six other people in the room, if you discount the “nefarious KTM who is secretly an evil hacker”.
Even a “nefarious KTM who is secretly an evil hacker” will have trouble taking your phone out of the box, without any of the other people in the room noticing, never mind actually plugging in a cable.
That’s why the real risk of juice jacking isn’t that 20-30 seconds you spend voting in GE15, but when you plug your phone into a free USB power socket.
If you are paranoid, just cover your phone’s USB or Lightning port with tape, before you place it in the designated box.
Fact #6 : Juice Jacking Vulnerabilities Have Been Mitigated
As ethical hackers reveal security risks like juice jacking, Google and Apple have taken measures to mitigate the risks.
Both Android and iOS, for example, no longer allow the phone to be mounted as a drive when plugged in over USB. You will get a prompt asking you to confirm the step, which is not possible for the hacker to do without first unlocking the phone.
There have also been many Android and iOS security updates that patch vulnerabilities that could potentially lead to juice jacking attacks. That’s why it’s so important to keep your phone operating system updated.
Please WATCH OUT about such FAKE NEWS on WhatsApp and social media.
Remember – democracy does not guarantee us a good government. Democracy only guarantees us the right to vote out a bad government!
Happy voting on 19 November 2022!
Please Support My Work!
Support my work through a bank transfer / PayPal / credit card!
Name : Adrian Wong Bank Transfer : CIMB 7064555917 (Swift Code : CIBBMYKL)
Credit Card / Paypal : https://paypal.me/techarp
Dr. Adrian Wong has been writing about tech and science since 1997, even publishing a book with Prentice Hall called Breaking Through The BIOS Barrier (ISBN 978-0131455368) while in medical school.
He continues to devote countless hours every day writing about tech, medicine and science, in his pursuit of facts in a post-truth world.
Binance just shut down its blockchain, after getting hacked and losing over $100 million in crypto coins!
The shutdown prevented an even bigger loss of $566 million, but it defeated a key purpose of the blockchain – decentralisation.
Binance Smart Chain Halts After $100M Crypto Theft!
On Thursday, 6 October 2022, Binance Smart Chain was hit by a hacker who targeted 2 million Binance coins (BNB) worth $566 million.
The attack appeared to have started at around 2:30 PM EST, with the attacker’s wallet receiving two transactions of 1 million BNB coins.
Soon after that, the hacker tried to liquidate the BNB coins into other assets, by using a variety of liquidity pools.
Binance acknowledged the security incident several hours later, at 6:19 PM, and halted the BNB Smart Chain.
AT 7:51 PM EST, Binance CEO Changpeng “CZ” Zhao confirmed that an exploit was used in the BSC Token Hub to transfer the BNB coins to the attacker, and that they asked all validators to temporarily suspend the Binance Smart Chain. He also claimed that the funds are safe.
An exploit on a cross-chain bridge, BSC Token Hub, resulted in extra BNB. We have asked all validators to temporarily suspend BSC. The issue is contained now. Your funds are safe. We apologize for the inconvenience and will provide further updates accordingly.
Binance Smart Chain Almost Lost $566 Million!
The majority of the 2 million BNB coins worth $566 million remained on the BNB Smart Chain, and was made inaccessible to the hacker, after BSC was shut down.
This is rather ironic since blockchains like BSC are supposed to be decentralised, and not meant to be so easily turned off – a fact BNB Chain acknowledged.
Decentralized chains are not designed to be stopped, but by contacting community validators one by one, we were able to stop the incident from spreading. It was not that easy as BNB Smart Chain has 26 active validators at present and 44 in total in different time zones. This delayed closure, but we were able to minimize the loss.
Even so, a BNB Chain spokesperson later confirmed that about $100 to $110 million in funds were taken off the Binance Smart Chain, and CZ said that the impact was about a quarter of the last BNB burn.
Of the funds taken off-chain, BNB Chain was able to freeze about $7 million with help from their partners in the cryptocurrency community.
So far, about $2 billion has been lost in crypto hacks in 2022, with cross-chain bridges used to transfer tokens across blockchains a popular target.
BNB Chain said that it would introduce a new on-chain governance mechanism to fight and defend against future possible attacks.
Please Support My Work!
Support my work through a bank transfer / PayPal / credit card!
Name : Adrian Wong Bank Transfer : CIMB 7064555917 (Swift Code : CIBBMYKL)
Credit Card / Paypal : https://paypal.me/techarp
Dr. Adrian Wong has been writing about tech and science since 1997, even publishing a book with Prentice Hall called Breaking Through The BIOS Barrier (ISBN 978-0131455368) while in medical school.
He continues to devote countless hours every day writing about tech, medicine and science, in his pursuit of facts in a post-truth world.
In this guide, I will share with you how to turn on two-step verification in Telegram.
Step 1 : Open Telegram.
Step 2 : Go to Options > Settings > Privacy and Security.
Step 3 : Tap on the Two-Step Verification option.
Step 4 : In the Two-Step Verification screen, tap on the Set Password option.
Step 5 : Key in your preferred password, which can be any combination of capital or small letters and numbers.
Step 6 : You will need to key the same password again, to confirm it.
Step 7 : Next, you can create a hint to remind you of your password. This is optional, and you can skip it if you prefer.
But if you key one in, the hint will be displayed whenever you are asked to key in the password in the future.
Step 8 : After that, you will have the option of adding a Recovery Email address, just in case your account is hijacked.
This is optional as well, but I highly recommend you add a recovery email, which is simply the email address you use.
Step 9 : If you entered a Recovery Email address, Telegram will now send you an email with a 6-digit code to verify that email address.
Step 10 : Look for the Telegram verification code email, and key in the 6-digit verification code.
That’s it! You’re done! From now on, you will be required to key in the password whenever you log into a new device.
This will prevent hackers / scammers from taking over your account, even if you accidentally give them the Login code you receive by SMS.
Please Support My Work!
Support my work through a bank transfer / PayPal / credit card!
Name : Adrian Wong Bank Transfer : CIMB 7064555917 (Swift Code : CIBBMYKL)
Credit Card / Paypal : https://paypal.me/techarp
Dr. Adrian Wong has been writing about tech and science since 1997, even publishing a book with Prentice Hall called Breaking Through The BIOS Barrier (ISBN 978-0131455368) while in medical school.
He continues to devote countless hours every day writing about tech, medicine and science, in his pursuit of facts in a post-truth world.
Watch out for the Telegram screenshot hack and scam! Find out how the Telegram screenshot hack and scam works, and what you can do!
Telegram Screenshot Hack : New Twist To Old Trick
My friend just got hit by the Telegram screenshot hack, and the hacker is now trying to scam everyone on his contact list!
The Telegram screenshot hack is a new twist to an old trick, and here is how they do it…
Step 1 : Identify A Suitable Target
After obtaining a legitimate Telegram account through phishing or other means, the hacker reads through the messages to identify a suitable target – usually a close friend whom you often chat with, and trust.
For the purpose of our example, the hacker stole your friend’s Telegram account and has identified you as a suitable target.
Step 2 : Attempt To Login From Another Device
The hacker installs Telegram in another device and attempts to log into your account. He only needs the your phone number to do that.
The login attempt triggers Telegram to send a Login code to the your registered devices to authenticate the login. Usually, that’s the Telegram app in your smartphone.
Step 3 : Ask For A Screenshot Of Telegram
Traditionally, this is when the hacker will use your friend’s Telegram account to message you and ask for that Login code. However, asking for the Login code may trigger suspicion, so hackers have now come up with a new twist.
Instead of asking you for the Login code, the hacker will use your friend’s Telegram account to ask you to take a screenshot of your Telegram app and send it to him.
What harm is there? After all, many of us take screenshots and share them with family, friends and even on social media!
The problem is – the screenshot will accidentally reveal your Telegram Login code! Take a look at the actual screenshot my friend sent – it clearly shows the Telegram Login code!
Step 4 : Terminate All Other Sessions
The hacker will immediately use the Login code to log into your Telegram account on his device.
Then he will terminate all other sessions from that Telegram account, which means you get logged out from your Telegram app on your own smartphone!
Step 5 : Change Password
To prevent you from logging back in, and terminating his Telegram session, he will change the password.
Step 6 : Scam Your Friends
Now that the hacker gained control of your Telegram account and locked you out of it, he is free to scam your friends.
In this case, my friend’s contacts all started getting pleas to borrow money for some kind of emergency. The hacker will, of course, promise to pay you back quickly.
Your unsuspecting friends may not realise that this is not you that they are talking to, and may end up sending the hacker money.
In this case though, my friend managed to quickly alert us via WhatsApp that his Telegram account was hacked, so we didn’t tall for the scam.
One of his friends toyed with the scammer, and obtained the bank details. That is obviously not my friend’s name or account number!
Telegram Screenshot Hack : How To Prevent It?
Now that you know how the Telegram screenshot hack works, you can pretty much figure out how to prevent it.
Here is my quick summary for those who didn’t go through the whole process above :
Do NOT send anyone your Telegram Login code. Not even anyone claiming to be working for Telegram.
Do NOT send anyone a screenshot of your Telegram app. Even if it’s not a scam, it reveals portions of your chats!
Turn on Two-Step Verification in Telegram. This lets you recover your account, even if you accidentally let someone take over your account.
Telegram Screenshot Hack : How To Recover Your Account?
If you failed to turn on two-step verification, there is still a way to recover your Telegram account after it is stolen by a hacker.
For these steps to work though, you need to have access to your phone number. You must also do this quickly, as the hacker will be alerted to your attempt.
Step 1 : Open Telegram.
Step 2 : Log into your Telegram account using your phone number.
Step 3 : You will be asked if you have the correct number. Click Yes.
Step 4 : Telegram will send a 5-digit code to all your devices with Telegram installed. You won’t receive it since the hacker has already terminated all other sessions.
Step 5 : Click on the option just above the keypad – “Send the code as an SMS“.
Step 6 : You will now receive an SMS with the 5-digit code. Key it in, and you will now have access to your Telegram account.
Step 7 : Go to Options > Settings > Privacy and Security.
Step 8 : Scroll down and tap on Devices.
Step 9 : Tap on the option – Terminate All Other Session – to boot out the hacker.
Support my work through a bank transfer / PayPal / credit card!
Name : Adrian Wong Bank Transfer : CIMB 7064555917 (Swift Code : CIBBMYKL)
Credit Card / Paypal : https://paypal.me/techarp
Dr. Adrian Wong has been writing about tech and science since 1997, even publishing a book with Prentice Hall called Breaking Through The BIOS Barrier (ISBN 978-0131455368) while in medical school.
He continues to devote countless hours every day writing about tech, medicine and science, in his pursuit of facts in a post-truth world.
Can hackers use greeting photos and videos to hack your phone, and steal your data?
Take a look at the viral claim, and find out what the FACTS really are!
Claim : Greeting Photos + Videos Can Hack Your Phone!
People keep sharing this warning about greeting photos and videos, which claims that they can hack your phone and steal your data.
It’s a long message, so just skip to the next section for the facts!
Hello Family and friends,
Starting tomorrow, Please do not send network pictures. Look at the following article to understand. I’m going to stop too.
Please delete all photos and videos of Good morning, Evening and other greetings and religious messages as soon as possible. Read the following article carefully and you will understand why.
Read all! Please send this message urgently to as many friends as possible to prevent illegal intrusion.
Warning from Olga Nikolaevnas lawyer:
Attention! For those who like to send Good morning! It’s a beautiful day! Good evening!
picture. Please do not send these good messages.
Today, Shanghai China International News sent out SOS to all subscribers and experts – advise: Do not send pictures and videos of good morning, good night, etc.
The report shows that hackers who designed these images, and these images and videos are beautiful, But there is a hidden phishing code, and when everyone sends these messages, hackers use your device to steal personal information, such as bank card information and data, and break into your phone.
It is reported that more than 500,000 victims have been defrauded.
If you want to say hello to others, please write your own greetings and send your own pictures and videos so that you can protect yourself and your family and friends.
Important ! To be safe, please be sure to delete all greetings and pictures on your phone. If someone has sent you such images, remove them from your device immediately. Malicious code takes some time to deploy, so if you take action immediately, there will be no harm done.
Tell all your friends to prevent being hacked.
Say hello in your own words and only send your own created images and videos to greet, which is completely safe for yourself, your family and friends. Please understand what I mean! Everyone has a bank card attached to their mobile phone, and everyones mobile phone has many contacts. This hack creates a threat not only to yourself, but to your phone, friends and acquaintances as well! This is brutal.
This is a new technique used by terrorists to visit your mobile phone SIM card, so that you become their accomplice!!!
* * * Send this message to as many of your relatives and friends as possible to stop any unauthorised intrusions!!!
Truth : Greeting Photos + Videos Cannot Be Hack Your Phone!
Many of us get spammed with Good Morning, Good Afternoon, Good Evening photos and videos every day from family and friends.
While they often clog up Facebook, Telegram and WhatsApp groups, they really cannot hack your phone. Here are the reasons why Good Morning messages are very irritating, but harmless…
Fact #1 : Shanghai China International News Does Not Exist
The news organisation that was claimed to be the source of this warning – Shanghai China International News – does not exist!
Fact #2 : Greeting Photos + Videos Not Created By Hackers
Hackers (from China or anywhere else) have better things to do than to create these greeting photos and videos.
They are mostly created by websites and social media influencers for people to share and attract new followers.
Fact #3 : No Fraud Involving Greeting Photos / Videos
There has been no known fraud involving Good Morning or Good Night messages, videos or pictures.
Certainly, half a million victims of such a scam would have made front page news. Yet there is not a single report on even one case…. because it never happened.
Fact #4 : Image-Based Malware Is Possible, But…
Digital steganography is a method by which secret messages and other data can be hidden in digital files, like a photo or a video, or even a music file.
It is also possible to embed malicious code within a Good Morning photo, but it won’t be a full-fledged malware that can execute by itself.
At most, it can be used to hide the malware payload from antivirus scanners, which is pretty clever to be honest…
Fact #5 : Image-Based Malware Requires User Action
In January 2019, cybercriminals created an online advertisement with a script that appears innocuous and would pass any malware check.
However, the image itself has an “almost white” rectangle that is recognised by the script, triggering it to redirect the user to the cybercriminals’ website.
Once there, the victim is tricked into installing a Trojan disguised as an Adobe Flash Player update.
Such a clever way to bypass malware checks, but even so, this image-based malware requires user action.
You cannot get infected by the Trojan if you practice good “Internet hygiene” by not downloading or installing anything from unknown websites.
Fact #6 : Malicious Code Executes Immediately
If you accidentally download and trigger malware, it will execute immediately. It won’t wait, as the hoax message claims.
Deleting Good Morning or Good Night photos or videos will free up storage space in your phone, but it won’t prevent any malware from executing.
There is really no reason for malware to wait before it infects your devices. Waiting will only increase the risk of detection.
Whether the malware serves to take over your device, steal your information or encrypt it for ransom, it pays to do it at the first opportunity.
Now that you know the facts, please SHARE this article with your family and friends!
Please Support My Work!
Support my work through a bank transfer / PayPal / credit card!
Name : Adrian Wong Bank Transfer : CIMB 7064555917 (Swift Code : CIBBMYKL)
Credit Card / Paypal : https://paypal.me/techarp
Dr. Adrian Wong has been writing about tech and science since 1997, even publishing a book with Prentice Hall called Breaking Through The BIOS Barrier (ISBN 978-0131455368) while in medical school.
He continues to devote countless hours every day writing about tech, medicine and science, in his pursuit of facts in a post-truth world.