Saturday, June 19, 2021

Battlegrounds Mobile India Beta Released - How to Download and Install

Battlegrounds Mobile India beta version has been released. If you remember the pre registration of Battlegrounds Game was started a month ago. The beta version of the BGMI game got updated on Google Play for downloading everyone on 17 June 2021.

BGMI Beta can now available for all users. Initially it was available for select users only who participated on Testing program called early access of Battlegrounds Mobile India. But after one day of release Battlegrounds Mobile India Beta can be downloaded , installed and played by all users. This means, if you want to play this game then now you can download the Battleground Mobile India beta version on your Android phone.

Those who played PUBG Mobile until it blocked in India , will find a lot of similarities between the old Battle Royale game and new version of Battleground mobile game. As of now only Android users can download the beta version but the iOS version will be available very soon.

Table of contents

  • What are Hardware Requirement for Battlegrounds Game Beta
  • How to Download and install Battlegrounds Mobile India
  • Can we Play Battlegrounds Mobile India game on Jio Phone?

What are Hardware Requirement for Battlegrounds Game Beta

1. BGMI will take up to 600MB of storage space on the Android device. However, we all know  that you will actually need more storage on the phone if you want to run the game smoothly.

2. Your phone's Operating system can not be lower than Android 5.1. 

3. RAM should be 2GB or more in your Android phone.

4. A good internet connection is a must for good gaming experience to avoid lagging.

Please note, Battleground game cannot be played on Jio phones.

How to Download and install Battlegrounds Mobile India

  1. To become Beta Testers of Battleground Mobile India, you has to join the testing program by  using the Testing Program link.
  2. Once you are selected as a Tester, a link to "Download" will be shown in the same page on Google Play.
  3. It will redirect to the game's page on Google Play Store.
  4. Now click on "Install" in Google Play in order to download and install in no time.

Can we Play Battlegrounds Mobile India game on Jio Phone?

Battlegrounds Mobile India game is developed to play on Android phones only. Jio Phone runs on KaiOS platform that doesnt support graphics-heavy games like Battlegrounds Mobile game.

Thursday, June 17, 2021

Clop Ransomware Gang Got Arrested By Ukraine Police

Ukrainian law enforcement officials have arrested Clop ransomware gang. Officials informed that they have been disrupting the infrastructure used in attacks targeting victims around the world since 2019.

Ukrainian National Police, authorities from South Korean and U.S. authorities ran a joint operation and arrested six offenders who are accused of running a double extortion scheme. Wherein if victims refusing to pay a ransom then these hackers threatened them with sensitive monetary leak and personal data.

“Together, law enforcement has managed to shut down the infrastructure from where the virus spreads and block channels for legalizing criminally acquired cryptocurrencies," the National Police said.

Law enforcement officers seized computer equipment, cars and $ 184,679 (5 million hryvnia} in 21 searches in the Kiev region. This seizure includes the defendant’s car and house.

Clop ransomware defendants will face up to 8 years imprisonment for unauthorized intrusion/snooping in the home or work computers, AI systems, Computer and telecommunication networks. It is still not disclosed whether these defendants are just affiliate or core developer of ransomware operations.

Clop Ransomware Previous Attacks :

Clop threat actors have been associated with number of high-profile attacks, including Accellion, Qualys, Software AG IT, ExecuPharm, Indiabulls since 2019. Many universities such as Maastricht University, Stanford University Medical School, University of Maryland, and University of California.

Another ransomware group named Avaddon cover up operations and passed 2,934 victims’ decryption key with Bleeping Computer Last week.

You can read below articles about to know more about Ransomware attacks.

Execution and Business Model of REvil Ransomware

REvil Ransomware Attack - JBS Foods Shutdowns Temporarily 

Friday, June 4, 2021

REvil Ransomware Attack - JBS Foods Shutdowns Temporarily

The largest meat distributor JBS Foods faced a REvil ransomeware attack over the weekend and it disrupted several servers supporting IT systems and affected the supply chain as well.

Global meat distributor JBS SA had to shut down operations in the United States, Canada and Australia after a Ransomware attack on its IT systems. “Attackers targeted several servers supporting North American and Australian IT systems of JBS Foods on Sunday”, according to a statement by JBS USA. JBS employees were greeted with a ransom note over the weekend the same had been used in previous REvil attacks as well.

“the company took immediate action, suspending all affected systems, notifying authorities and activating the company’s global network of IT professionals and third-party experts to resolve the situation,” as per company statement after ransomware attack.

Production has begun to resume at most of the JBS beef plants in the United States on Wednesday. Canada beef plant partially operational on Tuesday. Most of the workers at JBS plants in Australia, Canada and the United States were unable to start their work on Monday and Tuesday.

JBS didn’t confirm whether it had paid the ransom or not to the attackers.

Who is JBS Foods

Brazil-based JBS Foods is the largest meat distributor includes beef, chicken and pork. Total 245,000 employees work for JBS in many countries and has 9 plants in US. Their major clients are Country Pride, Swift, Certified Angus Beef, Clear River Farms and Pilgrim’s.

Who is Attacker -

The FBI confirmed that Russia-based cybercriminal group known for its attacks on leading U.S. companies and they are the major suspect. This group is known as REvil and it has already targeted around 237 organizations since 2020, according to Recorded Future, a cybersecurity company. The number of victims of ransomware attack could be much higher because most of the organization quietly pay their ransom to maintain their reputation and avoid the loss of data.

What is REvil Ransomware -

REvil group runs its organization like "ransomware as a service" and rents their script and help to individual or group to target the attack. This is known as Sodinokibi, Bluebackground, or Sodin aslo. If you remember Darkside who was responsible Colonial Pipeline ransomware attack, is one of the subscriber of REvil group. Reports suggest that now DarkSide has choose a separate path. If you want to know about Execution and Business Model of REvil then you should read this post.

You can find Prevention method also in above post.

Saturday, May 22, 2021

Importing Your PUBG Mobile Account Data To Battlegrounds Mobile India May Not Be Possible

PUBG Mobile game is banned in India for last few months and couldn’t make a comeback after numerous efforts. Developer Krafton recently announced Pre-registration of Battlegrounds Mobile India for Indian players. It has new privacy policy, gameplay changes, and restrictions. Previous reports revealed that the PUBG Mobile user account and inventory would be migrated to Battlegrounds Mobile India. However, according to Indian Express reports, PUBG Mobile India user data is still accessible and the publication had verified PUBG Mobile user data for Indian account accessibility on the server.

“Krafton’s PUBG Mobile does retain your data from Tencent’s PUBG Mobile. A quick look at my personal account in Krafton’s PUBG Mobile (which is still somewhat playable in India via unofficial means), revealed that all my account data accumulated over the years in Tencent’s PUBG Mobile is intact. This included rewards, statistics, and other unlockables, which I had acquired since PUBG Mobile had launched in India. Everything was intact despite the switch in publishers,” the Indian Express reports.

Why data transfer to Battlegrounds Mobile India from PUBG Mobile India players is doubtful-

Since PUBG Mobile India game is banned in India, people use VPN to play this.This could be the way the publication most likely verified. But gaming experience would not be good over VPN due to some lag in movement.

Krafton developed Battlegrounds Mobile India which looks like PUBG mobile game with different name and company to remove any thread with Tencent’s PUBG. They will avoid moving user account and inventories from PUBG else this can be another hurdle to the game’s release in the country.

Release of Game with New Policies -

Krafton is very careful with Battlegrounds Mobile India Privacy Policy. As per developer’s privacy policy, under 18 years players will have to get consent from their parents/ guardians to play the game and they can play the game only for three hours a day.

The new Battlegrounds Mobile India game’s release date on June 18.

Pre-registration of Battlegrounds Mobile India for Indian players -

Pre registrations for Battlegrounds Mobile India is started and in full swing for Android users. These registered users will receive  few  exclusive rewards:

  • Recon Outfit
  • Recon Mask
  • Limited Celebration Expert title
  • 300 AG

Please note  that  pre-registrations on the Apple App Store are yet to be announced and iOS users will have to wait until next announcement.


Now read about Battleground Beta version

Thursday, April 22, 2021

Hackers Are Using Telegram to Spread Malware and Control the System

Check Point researchers identified more than 130 cyber attacks using a Remote Access Trojan called ToxicEye. This malware is managed by cybercriminals through Telegram messenger app.

As per Check Point Research, there is a new trend of attack among cybercriminals, where Telegram is used as a control-and-command system to spread malware even popular application is not installed or is not used, the system allows attackers to send malicious commands and operations remotely.

Check Point Research explained that they identified more than 130 cyber attacks that resorted to a Remote Access Trojan (RAT) called ToxicEye, communicating with their servers and sending all the data collected there.

ToxicEye is spread via phishing emails embedded with malicious .exe files. Once it open by victim, these files start installing the malware on the it's equipment and increase a series of operations that go undetected.

The Malware can execute the range of exploits without the victim’s knowledge:

  • ·         Data theft
  • ·         Delete or transfer files
  • ·         Encrypt files for a ransom (Ransomware)
  • ·         Remote control and I/O hijacking
  • ·         Installation of a Keylogger
  • ·         Hijack the computer's microphone and camera to record audio and video from the computer.

How This Attack Infection Chain Works -

The researcher mentioned “ The attacker first creates a Telegram account and a Telegram ‘bot.’ A Telegram bot account is a special remote account with which users can interact by Telegram chat or by adding them to Telegram groups, or by sending requests directly from the input field by typing the bot’s Telegram username and a query.

Attacker embeds The Telegram bot into the ToxicEye RAT configuration file then compile into an executable file and this executable file (.exe) can be injected into a Word document also. When victim open this doc file or email , this .exe get installed into this computer and make the same infected. Now victim’s computer can be attacked via the Telegram bot and attackers control this system.

Cybercriminals find Telegram as an essential part of their attacks and it  allows attackers to remain anonymous as the registration process only requires a mobile number, The messaging app Telegram is not blocked by antivirus solutions or network security tools.

Attackers can easily extract data from users equipment or transfer new malicious files to infected devices. Hackers can use their mobile phone to access infected computers from any location in the world.

Identify if your system is compromised and tips to strengthen security

  1. Search for RAT file - First of all you should search your computer for the file (rat.exe) in location (without quotes): “C: \ Users \ ToxicEye \ rat.exe if this file exists on your computer, you must immediately contact your helpdesk and delete this file.
  2. Traffic Monitoring - You can monitor the traffic generated from your personal or organization's system to Telegram C&C accounts. If you see such traffic and Telegram is not installed as a business solution, this is an indication that system has been compromised.
  3. Identify Phishing or Malicious Emails - It is very important to beware of any kind of attachments files that have usernames because malicious/spam emails often use the your username as the subject line or name of the file. These could be suspicious emails and you should not open these attachments,  delete the email immediately and not reply to the sender. If you receive an email from unlisted or undisclosed  sender it indicates that the email is malicious or phishing.
  4. Anti-Phishing Software - In order to minimize the risks phishing attacks for an organization, it is AI-based anti-phishing software  that is able to identify and block malicious content from all communication services (i.e. emails )and platforms (i.e. computers, handheld devices)