codesanitize

Flutter Error: “No podspec discovered for flutter_meta_sdk_flutter in .symlinks/plugins/flutter_meta_sdk_flutter/ios” when operating Flutter undertaking on iOS

iOS Development

codesanitize

-

22 August 2024

0

Downside:

I’m encountering a problem when operating my Flutter undertaking on iOS. The construct fails with the error

[!] No podspec discovered for ‘flutter_meta_sdk_flutter’ in ‘.symlinks/plugins/flutter_meta_sdk_flutter/ios’.

– Undertaking works on android**

Assertion:**

I not too long ago added the flutter_meta_sdk_flutter plugin to my Flutter undertaking to combine Fb’s Meta SDK. Every little thing works effective on Android, however once I try to run the undertaking on iOS, the construct course of fails with a podspec error associated to the flutter_meta_sdk_flutter plugin.

Tried Options:

pod set up –repo-update output:


    1.  Cleaned the Flutter undertaking:
    •   Ran flutter clear
    •   Reinstalled dependencies utilizing flutter pub get
    2.  Rebuilt iOS-specific code:
    •   Deleted Podfile.lock and Pods/
    •   Ran pod deintegrate
    •   Reinstalled pods utilizing pod set up --repo-update
    3.  Verified the plugin: Checked the plugin’s documentation on pub.dev to make sure it helps iOS, however couldn’t discover particular data associated to iOS help.
    4.  Manually linked the plugin within the Podfile:
    •   Added pod 'flutter_meta_sdk_flutter', :path => '.symlinks/plugins/flutter_meta_sdk_flutter/ios' to the Podfile.
    •   Reinstalled pods, however the error persists.

Extra Data:

    •   Flutter Model: 3.24.1
    •   iOS Deployment Goal: 17.5.1
    •   Xcode Model: 15.4
    •   Plugin Model: flutter_meta_sdk_flutter: ^1.0.5

pupspec.yaml:

identify: app
description: "DESCRIPTION"

publish_to: 'none' 

model: 7.7.9+7036

atmosphere:
  sdk: '>=3.4.0 <4.0.0'

dependencies:
  flutter:
    sdk: flutter

  app_tracking_transparency: ^2.0.6
  awesome_notifications: ^0.9.3+1
  badges: ^3.1.2
  cupertino_icons: ^1.0.8
  cached_network_image: ^3.4.0
  carousel_slider: ^5.0.0
  crypto: ^3.0.5
  device_info_plus: ^10.1.2
  dio: ^5.6.0
  flutter_easyloading: ^3.0.5
  font_awesome_flutter: ^10.7.0
  firebase_auth: ^5.1.4
  firebase_analytics: ^11.2.1
  flutter_checkout_payment:
    git:
      url: https://github.com/lucasuracosta/flutter_checkout_payment.git
      ref: grasp # department identify
  firebase_core: ^3.3.0
  flutter_credit_card: ^4.0.1
  firebase_dynamic_links: ^6.0.4
  #TODO remmber to examine tabby model earlier than updating this pacakge to newer variations
  flutter_inappwebview: ^5.8.0  #downgraded due to tabby package deal constraints ^1.5.0
  flutter_local_notifications: ^17.2.2
  firebase_messaging: ^15.0.4
  flutter_phoenix: ^1.1.1
  flutter_rating_bar: ^4.0.1
  flutter_secure_storage: ^9.2.2
  flutter_widget_from_html: ^0.15.1
  pay: ^2.0.0
  get: ^4.6.6
  get_storage: ^2.1.1
  google_sign_in: ^6.2.1
  http: ^1.2.2
  path_provider: ^2.1.4
  permission_handler: ^11.3.1
  persistent_bottom_nav_bar_v2: ^5.3.0
  retry: ^3.1.2
  selection_menu: ^2.0.2
  shared_preferences: ^2.3.2
  shimmer: ^3.0.0
  sign_in_with_apple: ^6.1.1
  url_launcher: ^6.3.0
  webview_flutter: ^4.8.0
  icons_launcher: ^3.0.0-beta.3

  tabby_flutter_inapp_sdk: ^1.5.0
  phone_form_field: ^9.2.5
  sentry_flutter: ^8.7.0
  in_app_review: ^2.0.9
  is_first_run_plus: ^1.1.0
  jiffy: ^6.3.1


dev_dependencies:
  flutter_test:
    sdk: flutter

  flutter_lints: ^4.0.0
  sentry_dart_plugin: ^2.1.0

I’m not sure if this problem is as a result of plugin not supporting iOS (which I doubt), an incorrect setup on my aspect, or one thing else.

How can I resolve this problem and efficiently run my Flutter undertaking on iOS?

How hacked YouTube channels unfold scams and malware

Hacking

codesanitize

-

22 August 2024

0

How hacked YouTube channels unfold scams and malware

Scams, Social Media

Right here’s how cybercriminals go after YouTube channels and use them as conduits for fraud – and what it is best to be careful for when watching movies on the platform

01 Jul 2024
•
,
4 min. learn

Hijacked: How hacked YouTube channels spread scams and malware

As one among right now’s hottest social media platforms, YouTube is usually within the crosshairs of cybercriminals who exploit it to hawk scams and distribute malware. The lures run the gamut, however typically contain movies posing as tutorials about in style software program or adverts for crypto giveaways. In different eventualities, fraudsters embed hyperlinks to malicious web sites in video descriptions or feedback, disguising them as real sources associated to the video’s content material.

Thefts of in style YouTube channels up the sport additional. By extending the attain of the fraudulent campaigns to untold numbers of normal YouTube customers, they offer the attackers essentially the most bang for his or her buck. Cybercriminals have lengthy been recognized to repurpose these channels to unfold crypto and different scams and a number of info-stealing malware, typically by means of hyperlinks to pirated and malware-laden software program, motion pictures and sport cheats.

In the meantime, YouTubers who’ve had their accounts stolen are in for a extremely distressing expertise, with the implications starting from lack of revenue to lasting reputational injury.

How can cybercriminals take over YouTube channels?

Most of the time, all of it begins with good ol’ phishing. Attackers create faux web sites and ship emails that appear like they’re from YouTube or Google and try to trick the targets into surrendering their “keys to the dominion”. In lots of instances, in addition they tout sponsorship or collaboration offers because the lure – the message contains an attachment or a hyperlink to a file the place the phrases and circumstances are stated to be detailed.

Nothing might be farther from the reality, nevertheless, with the risk turning into much more acute the place the accounts weren’t protected by two-factor authentication (2FA) or the place attackers circumvented this further safeguard. (Since late 2021, content material creators want to make use of 2FA on the Google account related to their YouTube channel).

In some instances (cue the breach of Linus Tech Ideas, a channel with 15 million subscribers on the time), attackers wanted neither passwords nor 2FA codes to hijack the channels. As a substitute, they stole session cookies from the victims’ browsers that finally enabled them to bypass the extra safety checks concerned within the authentication course of.

In one other tried-and-tested method, attackers leverage lists of usernames and passwords from previous knowledge breaches to interrupt into current accounts, counting on the truth that many individuals reuse passwords throughout completely different websites. In brute-force makes an attempt, in the meantime, attackers use automated instruments to strive quite a few password combos till they discover the proper one. This methodology yields fruits particularly if individuals use weak or frequent passwords and skimp on 2FA.

Figure 1. YouTube scam message — Determine 1. Instance of a phishing e-mail despatched to a YouTuber. It delivers malware that deletes the person’s browser cookies, forcing them to re-enter their login credentials. These are then despatched to the attacker. (Supply: The PC Safety Channel)

Simply weeks in the past, the AhnLab Safety Intelligence Middle (ASEC) wrote a couple of rising variety of instances the place cybercriminals hijack in style YouTube channels, together with one with 800,000 subscribers, and exploit them to distribute malware reminiscent of RedLine Stealer, Vidar and Lumma Stealer.

As described within the ESET Menace Report H2 2023, Lumma Stealer made a splash significantly within the second half of final 12 months. This infostealer-for-hire is thought for focusing on crypto wallets, login credentials and 2FA browser extensions, in addition to for exfiltrating info from compromised machines. Because the ESET Menace Report H1 2024 reveals, each instruments stay a significant menace and sometimes pose as dishonest software program or online game cracks, together with by way of YouTube.

Figure 2. YouTube channel spreading malware — *Determine 2. YouTube video providing a cracked model of Adobe After Results and downloading RedLine*

Figure 3. YouTube channel spreading malware — *Determine 3. Cracked – and malicious – model of Adobe After Results*

In some eventualities, criminals hijack current Google accounts and within the span of minutes create and submit hundreds of movies that distribute info-stealing malware. Individuals who fall sufferer to the assaults might find yourself having their units compromised with malware that additionally steals their accounts on different main platforms reminiscent of Instagram, Fb, X, Twitch and Steam.

Staying out of hurt’s manner on YouTube

The following pointers will go a great distance in direction of holding you secure on the platform, together with when you’re a YouTuber your self.

Use robust and distinctive login credentials

Create robust passwords or passphrases and keep away from reusing them throughout a number of websites. Discover passkeys as one other type of authentication provided by Google.

For an added layer of safety, use 2FA not simply in your Google account, however on all of your different accounts. Wherever doable, select 2FA involving authentication apps or {hardware} safety keys as an alternative of SMS-based strategies.

Be cautious with emails and hyperlinks

Be skeptical of emails or messages claiming to be from YouTube or Google, doubly after they ask in your private info or account credentials. Verify the sender’s e-mail handle and search for indicators of phishing. Simply as importantly, keep away from clicking on suspicious hyperlinks or downloading attachments from unknown sources. The identical goes for apps or different software program that’s promoted on YouTube except they arrive from trusted and verified sources.

Maintain your working system and different software program up to date

Guarantee your working system, browser, and different software program are updated to guard in opposition to recognized vulnerabilities.

Maintain tabs in your account exercise

Recurrently test your account exercise for any suspicious actions or login makes an attempt. When you suspect your channel has fallen prey to an assault, consult with this steerage from Google.

Keep knowledgeable concerning the newest cyberthreats and scams focusing on you on-line, together with on YouTube. Figuring out what to look out for will help you keep away from falling sufferer to those threats.

Report and block suspicious content material

Report any suspicious or dangerous content material, feedback, hyperlinks, or customers to YouTube. Blocking such customers can forestall them from contacting you additional.

Use multi-layered safety software program throughout your units to guard in opposition to a wide range of threats.

Google now has a brand new restoration software for hacked YouTube accounts

Technology

codesanitize

-

22 August 2024

0

Damien Wilde / Android Authority

TL;DR

YouTube is including a brand new AI software that helps creators get well a hacked account.
The brand new software will initially be obtainable to pick out creators however will ultimately roll out to everybody.
The brand new hacked account restoration software can be solely obtainable in English for now.

Ever had your Fb, YouTube, or one other on-line account hacked? You’re undoubtedly not alone, as that is an more and more frequent incidence with hackers’ instruments and strategies changing into extra subtle in recent times. Now, Google is preventing again with the introduction of a brand new software designed that will help you get well a hacked YouTube account, as famous in an official publish on the Youtube help website (by way of Android Police.)

Should you imagine your account has been hacked, you’ll be capable of entry the brand new troubleshooting software by way of the YouTube Assist Heart. The software makes use of AI to information you thru the restoration course of with out the necessity to contact Google help instantly. This contains asking you a collection of questions on your channel, similar to any latest unauthorized adjustments to the account.

If Google’s software confirms that the YouTube account has been hacked, it can permit customers to regain management sooner than older strategies. Beforehand restoration required you to speak to Google help and doubtlessly watch for lengthy durations whereas the corporate verified every little thing.

As you’d think about, there are some caveats. First, Google says it is just making this function obtainable to sure creators presently. There’s no readability on who these persons are, although it’s seemingly extra established and confirmed accounts. The excellent news is that Google says it can make the function accessible to all creators sooner or later, seemingly as soon as they’ve ensured it really works as supposed. The software can be solely obtainable in English, at the least for now.

It’s additionally vital to notice that even when your account has been hacked, there’s no assure the software will be capable of confirm your data. Should you run into points, Google says you’ll be able to contact @TeamYouTube on X (previously Twitter) for additional assist.

Whereas some would possibly see this new software as a option to divert sources away from customer support with the intention to minimize prices, AI instruments like this may be a lot sooner and fewer of a trouble than making an attempt to get in contact with an actual particular person. All of it comes right down to the software’s accuracy and whether or not it’s really higher at verifying hacked accounts than a human consultant. Right here’s hoping the brand new software seems like an improve and works as a rule; in any other case, it might find yourself feeling like simply one other pointless step in an already drawn-out restoration course of.

Obtained a tip? Discuss to us! E mail our employees at information@androidauthority.com. You’ll be able to keep nameless or get credit score for the data, it is your selection.

As broadcast viewership declines, content material turns into king on the DNC

Apple

codesanitize

-

22 August 2024

0

As broadcast viewership declines, content material turns into king on the DNC

Evaluate clips from the Democratic Nationwide Conference, which kicked off on Monday in Chicago, to the Republican Nationwide Conference in July. They really feel like completely different universes.

On the RNC, throughout the roll name of votes nominating Donald Trump, states had been known as out to scattered applause together with the variety of votes. The room was largely quiet, and it sounded extra like a jury delivering dangerous information than it did a political social gathering affirming its future.

The DNC roll name, in the meantime, included a playlist of music associated to every state, like “Candy Residence Alabama” for Alabama and “Not Like Us” by Kendrick Lamar for his house state of California. Delegates huddled round microphones, screaming and cheering as they introduced their assist for Vice President Kamala Harris. Lil Jon emerged out of the gang singing “Flip Down for What” just like the Kool-Assist Man breaking by a wall. In comparison with the virtually somber vitality on the RNC, the DNC is a celebration, and the Democrats try to ensure you find out about it.

The Democrats are operating with a simple technique within the lead-up to November: flood the zone with content material. That is taking place in opposition to a reasonably dire backdrop. In line with a Democratic press launch, night time one of many DNC averaged 20 million viewers throughout 13 networks, down 22 p.c from the 2016 conference when Hillary Clinton accepted her social gathering’s nomination. The GOP shouldn’t be faring a lot better: the RNC this yr averaged even much less, with 18 million viewers on its first night. The hole is being crammed by new platforms and new media. The Democrats say that 7 million individuals streamed the primary night time of the DNC, and content material printed by creators acquired 30 million views.

It’s not simply political influencers in attendance, both. Some are way of life influencers whose outfit movies are actually aspect by aspect with footage from the DNC. I learn this as an indication of who they wish to attain: not simply individuals watching Hasan Piker streams but additionally the TikTok customers who flock to the app to listen to their favourite trend influencer speak about their life. The social gathering is hedging its bets that the message will journey farther — and maybe penetrate apathy — if it comes from somebody viewers belief for different matters.

The 2024 US presidential election till this level has been largely vibes-based: pleasure on the left turned a nook actually in a single day after President Joe Biden introduced he wouldn’t search reelection. However politics has all the time been at the least partially knowledgeable by vibes — earlier than voters had been asking about whether or not Tim Walz is “Midwest Princess,” they had been debating which candidate they’d reasonably have a beer with. What the Harris marketing campaign has completed so successfully is to maintain her on the prime of individuals’s minds by savvy advertising and marketing that co-opts the kind of content material that persons are already consuming on-line.

And what higher method to do this than to someway license greater than 50 ultrapopular songs and use them, primarily, as hype-up music? The transfer has spawned numerous posts on platforms like X and TikTok, making a social media second out of one thing that in any other case may be a boring formality. It’s one factor to have the influencers you invited make mildly cringey movies about your conference — anybody can throw cash at paid media. But it surely’s this wave of natural, unpaid content material that’s truly notable. Ask anybody in advertising and marketing: that earned media is priceless.

Qilin ransomware caught stealing credentials saved in Google Chrome – Sophos Information

Cyber Security

codesanitize

-

22 August 2024

0

Qilin ransomware caught stealing credentials saved in Google Chrome – Sophos Information

Throughout a current investigation of a Qilin ransomware breach, the Sophos X-Ops group recognized attacker exercise resulting in en masse theft of credentials saved in Google Chrome browsers on a subset of the community’s endpoints – a credential-harvesting approach with potential implications far past the unique sufferer’s group. That is an uncommon tactic, and one which could possibly be a bonus multiplier for the chaos already inherent in ransomware conditions.

What’s Qilin?

The Qilin ransomware group has been in operation for simply over two years. It was within the information in June 2024 because of an assault on Synnovis, a governmental service supplier to varied UK healthcare suppliers and hospitals. Previous to the exercise described on this submit, Qilin assaults have typically concerned “double extortion” – that’s, stealing the sufferer’s information, encrypting their techniques, after which threatening to disclose or promote the stolen information if the sufferer received’t pay for the encryption key, a tactic we’ve lately mentioned in our “Turning the Screws” analysis

The Sophos IR group noticed the exercise described on this submit in July 2024. To supply some context, this exercise was noticed on a single area controller inside the goal’s Lively Listing area; different area controllers in that AD area had been contaminated however affected in a different way by Qilin.

Opening maneuvers

The attacker obtained preliminary entry to the atmosphere through compromised credentials. Sadly, this technique of preliminary entry will not be new for Qilin (or different ransomware gangs for that matter). Our investigation indicated that the VPN portal lacked multifactor authentication (MFA) safety.

The attacker’s dwell time between preliminary entry to the community and additional motion was eighteen days, which can or might not point out that an Preliminary Entry Dealer (IAB) made the precise incursion. In any case, eighteen days after preliminary entry occurred, attacker exercise on the system elevated, with artifacts exhibiting lateral motion to a site controller utilizing compromised credentials.

As soon as the attacker reached the area controller in query, they edited the default area coverage to introduce a logon-based Group Coverage Object (GPO) containing two gadgets. The primary, a PowerShell script named IPScanner.ps1, was written to a brief listing inside the SYSVOL (SYStem VOLume) share (the shared NTFS listing positioned on every area controller inside an Lively Listing area) on the precise area controller concerned. It contained a 19-line script that tried to reap credential information saved inside the Chrome browser.

The second merchandise, a batch script named logon.bat, contained the instructions to execute the primary script. This mixture resulted in harvesting of credentials saved in Chrome browsers on machines related to the community. Since these two scripts had been in a logon GPO, they’d execute on every consumer machine because it logged in.

On the endpoints

At any time when a logon occurred on an endpoint, the logon.bat would launch the IPScanner.ps1 script, which in flip created two information – a SQLite database file named LD and a textual content file named temp.log, as seen in Determine 1.

Determine 1: We name this demo machine Hemlock as a result of it’s toxic: The 2 information created by the startup script on an contaminated machine

These information had been written again to a newly created listing on the area’s SYSVOL share and named after the hostname of the machine(s) on which they had been executed (in our instance, Hemlock)

The LD database file incorporates the construction proven in Determine 2.

Determine 2: Inside LD, the SQLite database file dropped into SYSVOL

In a show of confidence that they’d not be caught or lose their entry to the community, the attacker left this GPO energetic on the community for over three days. This offered ample alternative for customers to go online to their gadgets and, unbeknownst to them, set off the credential-harvesting script on their techniques. Once more, since this was all executed utilizing a logon GPO, every person would expertise this credential-scarfing every time they logged in.

To make it tougher to evaluate the extent of the compromise, as soon as the information containing the harvested credentials had been stolen and exfiltrated, the attacker deleted all of the information and cleared the occasion logs for each the area controller and the contaminated machines. After deleting the proof, they proceeded to encrypt information and drop the ransom notice, as proven in Determine 3. This ransomware leaves a duplicate of the notice in each listing on the machine on which it runs.

Determine 3: A Qilin ransom notice

The Qilin group used GPO once more because the mechanism for affecting the community by having it create a scheduled activity to run a batch file named run.bat, which downloaded and executed the ransomware.

Influence

On this assault, the IPScanner.ps1 script focused Chrome browsers – statistically the selection almost certainly to return a bountiful password harvest, since Chrome at the moment holds simply over 65 p.c of the browser market. The success of every try would rely on precisely what credentials every person was storing within the browser. (As for what number of passwords may be acquired from every contaminated machine, a current survey signifies that the typical person has 87 work-related passwords, and round twice as many private passwords.)

A profitable compromise of this type would imply that not solely should defenders change all Lively Listing passwords; they need to additionally (in principle) request that finish customers change their passwords for dozens, probably tons of, of third-party websites for which the customers have saved their username-password combos within the Chrome browser. The defenders after all would don’t have any method of creating customers try this. As for the end-user expertise, although just about each web person at this level has obtained no less than one “your data has been breached” discover from a web site that has misplaced management of their customers’ information, on this state of affairs it’s reversed – one person, dozens or tons of of separate breaches.

It’s maybe attention-grabbing that, on this particular assault, different area controllers in the identical Lively Listing area had been encrypted, however the area controller the place this particular GPO was initially configured was left unencrypted by the ransomware. What this may need been – a misfire, an oversight, attacker A/B testing – is past the scope of our investigation (and this submit).

Conclusion

Predictably, ransomware teams proceed to alter techniques and increase their repertoire of strategies. The Qilin ransomware group might have determined that, by merely concentrating on the community property of their goal organizations, they had been lacking out.

In the event that they, or different attackers, have determined to additionally mine for endpoint-stored credentials – which may present a foot within the door at a subsequent goal, or troves of details about high-value targets to be exploited by different means – a darkish new chapter might have opened within the ongoing story of cybercrime.

Acknowledgements

Anand Ajjan of SophosLabs, in addition to Ollie Jones and Alexander Giles from the Incident Response group, contributed to this evaluation.

Response and remediation

Organizations and people ought to depend on password managers functions that make use of trade greatest practices for software program improvement, and that are recurrently examined by an unbiased third social gathering. Using a browser-based password supervisor has been confirmed to be insecure repeatedly, with this text being the newest proof.

Multifactor authentication would have been an efficient preventative measure on this state of affairs, as we’ve stated elsewhere. Although use of MFA continues to rise, a 2024 Lastpass research signifies that although MFA adoption at firms with over 10,000 staff is a not-terrible 87%, that adoption degree drops precipitously – from 78% for firms with 1,001-1000 staff all the best way right down to a 27% adoption charge for companies with 25 staff or much less. Talking bluntly, companies should do higher, for their very own security – and on this case, the security of different firms as properly.

Our personal Powershell.01 question was instrumental in figuring out suspicious PowerShell commends executed in the middle of the assault. That question is freely out there from our Github, together with many others.

Sophos detects Qilin ransomware as Troj/Qilin-B and with behavioral detections corresponding to Impact_6a & Lateral_8a. The script described above is detected as Troj/Ransom-HDV.