A nickname “ Walking cat ”（WalkingCat） Well known hackers recently discovered that , The latest version Windows 10 Redstone Build 14251 It's possible to have one built into the system secretly Linux Subsystem . He tweeted that , Found two mysterious files ,LXss.sys and LXCore.sys. These two files are probably Microsoft Project Astoria Part of ,Astoria Is allowed to Windows 10 A toolkit for running Android apps on mobile devices .
In terms of naming rules LX It probably means LINUX（ Such as ,Astoria The Android subsystem file in is named ADss.sys）, in other words ,Windows 10 Will also be able to access a Linux Subsystem .
The logic of Microsoft's product strategy also makes sense .Windows 10 It has always been touted as a common operating system for all devices , So Microsoft wants to Project Astoria It's natural to expand from mobile devices to desktop users . and , If Microsoft plans to Linux Application provides technology , Especially if it supports server related technologies and software , This will undoubtedly be very beneficial .
Isn't it a little exciting ？
Last week claimed to be right to get rid of 20 A hacker organization in charge of the website of the Ministry of prison in Thailand , Recently released 100 A database of the prison system , This includes a database of escaped prisoners who have not yet been arrested .
This hacker group is called “ Blink ”（Blink）, It's an affiliate of anonymous people , It's thought to be based in Myanmar . It also claims to be right 1 month 5 Attack No 297 Royal Thai police website and 1 month 15 I'm in charge of , And release the personal information of the users of the court computer network , Including name, 、 Phone and password , But it didn't leak any information about the judge or the case .
“ Blink ” The invasion was to protest the death sentences of two Burmese by Thai police , A Thai court held that the Burmese murdered two British tourists on the Thai island of Tao . The prison also held the two in a cell , Handcuffed and fettered and put into effect 7*24 Hourly surveillance .“ Blink ” Think , Police torture and use questionable DNA evidence .
In a public statement by an immigrant human rights activist , The prison has released the two men 、 Open the shackles , After returning to the normal daily activities of prisoners ,“ Blink ” Released key documents , To help the Thai judiciary restore their website . Without these key documents , These websites can only be paralyzed all the time . because ,
They don't have a backup , No backup , No backup ！
A mysterious hacker cracked Dridex The distribution channel of Trojan botnet , And then use anti-virus software Avira Instead of Dridex Malicious link .
Dridex Botnets have been rampant on the Internet since their birth , Even after a high-profile crackdown last year , It's still rampant .Dridex Most malicious code is spread in the form of spam attachments , This attachment is usually embedded with a malicious macro virus Word file .
Once the document is opened , The macro virus will be downloaded from the hijacked server payload Infect the current computer .Dridex Will create a keystroke recorder , And use transparent redirection and web Injection to fake bank sites , Steal the victim's login credentials .
An unlikely possibility , It's cyber criminals who deliberately distribute anti malware , To confuse security personnel . But a more likely explanation is , A white hat hacker has mastered Dridex The control system of , Then try to “ fishing ” To the originator of this botnet . Although this kind of behavior , It's illegal in many countries .
What's more interesting is , This is not Avira The first time the installer was used by malware , There have been two similar incidents before .CryptoLocker and Tesla Both of these notorious blackmail programs are embedded in Avira Installers .
Avira Officials think , This attack should have been done by an unknown white hat hacker .
“ We don't know who did this with our installers yet , And why , But we certainly won't do that .”
Believe it or not , Anyway, I believe .