Scams

fda-deletes-warning-on-bogus-autism-therapies-touted-by-rfk-jr.‘s-allies

FDA deletes warning on bogus autism therapies touted by RFK Jr.‘s allies

anti-vaccine, autism, fda, fraud, health, Robert F Kenned Jr., Scams, treatment / /

For years, the Food and Drug Administration provided an informational webpage for parents warning them of the dangers of bogus autism treatments, some promoted by anti-vaccine activists and “wellness” companies. The page cited specifics scams and the “significant health risks” they pose.

But, under anti-vaccine Health Secretary Robert F. Kennedy Jr.—who has numerous ties to the wellness industry—that FDA information webpage is now gone. It was quietly deleted at the end of last year, the Department of Health and Human Services confirmed to Ars Technica.

The defunct webpage, titled “Be Aware of Potentially Dangerous Products and Therapies that Claim to Treat Autism,” provided parents and other consumers with an overview of the problem. It began with a short description of autism and some evidence-based, FDA-approved medications that can help manage autism symptoms. Then, the regulatory agency provided a list of some false claims and unproven, potentially dangerous treatments it had been working to combat. “Some of these so-called therapies carry significant health risks,” the FDA wrote.

The list included chelation and hyperbaric oxygen therapy, treatments that those in the anti-vaccine and wellness spheres have championed.

Dangerous detoxes

Chelation is a real treatment for heavy metal poisoning, such as lead poisoning. But it has been co-opted by anti-vaccine activists and wellness gurus, who falsely claim it can treat autism, among other things. These sham treatments can come in a variety of forms, including sprays, suppositories, capsules, and liquid drops. Actual FDA-approved chelation therapy products are prescription only, the agency noted, and chelating certain minerals from the body “can lead to serious and life-threatening outcomes.”

Many anti-vaccine activists promote the false and thoroughly debunked claim that vaccines cause autism, and more specifically, that trace metal components in some vaccines cause the neurological disorder. For years, anti-vaccine activists like Kennedy focused on thimerosal, a vaccine preservative that contains ethylmercury. Thimerosal was largely removed from childhood vaccines by 2001 amid unfounded concerns. The removal made no impact on autism rates, and many studies have continued to show that it is safe and not a cause of autism. Anti-vaccine activists moved on to blame other vaccine components for autism, including aluminum, which is used in some vaccines to help spur protective immune responses. It too has been found to be safe and not linked to autism.

FDA deletes warning on bogus autism therapies touted by RFK Jr.‘s allies Read More »

clickfix-may-be-the-biggest-security-threat-your-family-has-never-heard-of

ClickFix may be the biggest security threat your family has never heard of

Biz & IT, clickfix, malware, Scams, Security / /

Another campaign, documented by Sekoia, targeted Windows users. The attackers behind it first compromise a hotel’s account for Booking.com or another online travel service. Using the information stored in the compromised accounts, the attackers contact people with pending reservations, an ability that builds immediate trust with many targets, who are eager to comply with instructions, lest their stay be canceled.

The site eventually presents a fake CAPTCHA notification that bears an almost identical look and feel to those required by content delivery network Cloudflare. The proof the notification requires for confirmation that there’s a human behind the keyboard is to copy a string of text and paste it into the Windows terminal. With that, the machine is infected with malware tracked as PureRAT.

Push Security, meanwhile, reported a ClickFix campaign with a page “adapting to the device that you’re visiting from.” Depending on the OS, the page will deliver payloads for Windows or macOS. Many of these payloads, Microsoft said, are LOLbins, the name for binaries that use a technique known as living off the land. These scripts rely solely on native capabilities built into the operating system. With no malicious files being written to disk, endpoint protection is further hamstrung.

The commands, which are often base-64 encoded to make them unreadable to humans, are often copied inside the browser sandbox, a part of most browsers that accesses the Internet in an isolated environment designed to protect devices from malware or harmful scripts. Many security tools are unable to observe and flag these actions as potentially malicious.

The attacks can also be effective given the lack of awareness. Many people have learned over the years to be suspicious of links in emails or messengers. In many users’ minds, the precaution doesn’t extend to sites that instruct them to copy a piece of text and paste it into an unfamiliar window. When the instructions come in emails from a known hotel or at the top of Google results, targets can be further caught off guard.

With many families gathering in the coming weeks for various holiday dinners, ClickFix scams are worth mentioning to those family members who ask for security advice. Microsoft Defender and other endpoint protection programs offer some defenses against these attacks, but they can, in some cases, be bypassed. That means that, for now, awareness is the best countermeasure.

ClickFix may be the biggest security threat your family has never heard of Read More »

adult-sites-are-stashing-exploit-code-inside-racy.svg-files

Adult sites are stashing exploit code inside racy .svg files

Biz & IT, exploits, JavaScript, phishing, Scams, Security / /

The obfuscated code inside an .svg file downloaded from one of the porn sites.

Credit: Malwarebytes

The obfuscated code inside an .svg file downloaded from one of the porn sites. Credit: Malwarebytes

Once decoded, the script causes the browser to download a chain of additional obfuscated JavaScript. The final payload, a known malicious script called Trojan.JS.Likejack, induces the browser to like a specified Facebook post as long as a user has their account open.

“This Trojan, also written in Javascript, silently clicks a ‘Like’ button for a Facebook page without the user’s knowledge or consent, in this case the adult posts we found above,” Malwarebytes researcher Pieter Arntz wrote. “The user will have to be logged in on Facebook for this to work, but we know many people keep Facebook open for easy access.”

Malicious uses of the .svg format have been documented before. In 2023, pro-Russian hackers used an .svg tag to exploit a cross-site scripting bug in Roundcube, a server application that was used by more than 1,000 webmail services and millions of their end users. In June, researchers documented a phishing attack that used an .svg file to open a fake Microsoft login screen with the target’s email address already filled in.

Arntz said that Malwarebytes has identified dozens of porn sites, all running on the WordPress content management system, that are abusing the .svg files like this for hijacking likes. Facebook regularly shuts down accounts that engage in these sorts of abuse. The scofflaws regularly return using new profiles.

Adult sites are stashing exploit code inside racy .svg files Read More »

what-is-scambaiting?-here’s-everything-you-need-to-know

What Is Scambaiting? Here’s Everything You Need to Know

Cybersecurity, Ethical Hacking, Highlights, Scams, Security / /

internal/modules/cjs/loader.js: 905 throw err; ^ Error: Cannot find module ‘puppeteer’ Require stack: – /home/760439.cloudwaysapps.com/jxzdkzvxkw/public_html/wp-content/plugins/rss-feed-post-generator-echo/res/puppeteer/puppeteer.js at Function.Module._resolveFilename (internal/modules/cjs/loader.js: 902: 15) at Function.Module._load (internal/modules/cjs/loader.js: 746: 27) at Module.require (internal/modules/cjs/loader.js: 974: 19) at require (internal/modules/cjs/helpers.js: 101: 18) at Object. (/home/760439.cloudwaysapps.com/jxzdkzvxkw/public_html/wp-content/plugins/rss-feed-post-generator-echo/res/puppeteer/puppeteer.js:2: 19) at Module._compile (internal/modules/cjs/loader.js: 1085: 14) at Object.Module._extensions..js (internal/modules/cjs/loader.js: 1114: 10) at Module.load (internal/modules/cjs/loader.js: 950: 32) at Function.Module._load (internal/modules/cjs/loader.js: 790: 12) at Function.executeUserEntryPoint [as runMain] (internal/modules/run_main.js: 75: 12) code: ‘MODULE_NOT_FOUND’, requireStack: [ ‘/home/760439.cloudwaysapps.com/jxzdkzvxkw/public_html/wp-content/plugins/rss-feed-post-generator-echo/res/puppeteer/puppeteer.js’ ]

What Is Scambaiting? Here’s Everything You Need to Know Read More »

why-celebrities-are-getting-sued-for-promoting-their-bored-ape-nfts

Why Celebrities Are Getting Sued for Promoting Their Bored Ape NFTs

Blockchain, Cryptocurrency, Highlights, Law, nft, Scams, Technology Explained / /

internal/modules/cjs/loader.js: 905 throw err; ^ Error: Cannot find module ‘puppeteer’ Require stack: – /home/760439.cloudwaysapps.com/jxzdkzvxkw/public_html/wp-content/plugins/rss-feed-post-generator-echo/res/puppeteer/puppeteer.js at Function.Module._resolveFilename (internal/modules/cjs/loader.js: 902: 15) at Function.Module._load (internal/modules/cjs/loader.js: 746: 27) at Module.require (internal/modules/cjs/loader.js: 974: 19) at require (internal/modules/cjs/helpers.js: 101: 18) at Object. (/home/760439.cloudwaysapps.com/jxzdkzvxkw/public_html/wp-content/plugins/rss-feed-post-generator-echo/res/puppeteer/puppeteer.js:2: 19) at Module._compile (internal/modules/cjs/loader.js: 1085: 14) at Object.Module._extensions..js (internal/modules/cjs/loader.js: 1114: 10) at Module.load (internal/modules/cjs/loader.js: 950: 32) at Function.Module._load (internal/modules/cjs/loader.js: 790: 12) at Function.executeUserEntryPoint [as runMain] (internal/modules/run_main.js: 75: 12) code: ‘MODULE_NOT_FOUND’, requireStack: [ ‘/home/760439.cloudwaysapps.com/jxzdkzvxkw/public_html/wp-content/plugins/rss-feed-post-generator-echo/res/puppeteer/puppeteer.js’ ]

Why Celebrities Are Getting Sued for Promoting Their Bored Ape NFTs Read More »

metallica-warns-against-onslaught-of-new-album-crypto-scams

Metallica Warns Against Onslaught of New Album Crypto Scams

Blockchain, Cryptocurrency, Highlights, Music Album, Scams, Technology Explained / /

internal/modules/cjs/loader.js: 905 throw err; ^ Error: Cannot find module ‘puppeteer’ Require stack: – /home/760439.cloudwaysapps.com/jxzdkzvxkw/public_html/wp-content/plugins/rss-feed-post-generator-echo/res/puppeteer/puppeteer.js at Function.Module._resolveFilename (internal/modules/cjs/loader.js: 902: 15) at Function.Module._load (internal/modules/cjs/loader.js: 746: 27) at Module.require (internal/modules/cjs/loader.js: 974: 19) at require (internal/modules/cjs/helpers.js: 101: 18) at Object. (/home/760439.cloudwaysapps.com/jxzdkzvxkw/public_html/wp-content/plugins/rss-feed-post-generator-echo/res/puppeteer/puppeteer.js:2: 19) at Module._compile (internal/modules/cjs/loader.js: 1085: 14) at Object.Module._extensions..js (internal/modules/cjs/loader.js: 1114: 10) at Module.load (internal/modules/cjs/loader.js: 950: 32) at Function.Module._load (internal/modules/cjs/loader.js: 790: 12) at Function.executeUserEntryPoint [as runMain] (internal/modules/run_main.js: 75: 12) code: ‘MODULE_NOT_FOUND’, requireStack: [ ‘/home/760439.cloudwaysapps.com/jxzdkzvxkw/public_html/wp-content/plugins/rss-feed-post-generator-echo/res/puppeteer/puppeteer.js’ ]

Metallica Warns Against Onslaught of New Album Crypto Scams Read More »