Through the medium of a Wes Anderson-esque stop-motion trailer, publisher Game Science has announced the release window for its upcoming action-RPG Black Myth: Wukong. A game that looks a little like Elden Ring if it was set in Chinese mythology.
We can expect Black Myth: Wukong to launch around mid-2024. It may seem like a while to go for those who still have their 2022 hats on, but in reality, it’s only 18 months. Which isn’t all that long, unless you’re a rabbit.
That’s the spin Game Science is putting on things with the Black Myth: Wukong release window trailer. The animated video shows a rabbit spend its entire life waiting for the game. Look, it kind of defies explanation, and you should just watch it to see what I’m going on about.
While it’s clear from the trailer that Black Myth: Wukong is coming to PC, Game Science still hasn’t confirmed what consoles the title is coming to. Hopefully, we’ll see Black Myth on PS5 or Xbox Series X|S as the game will be coming to “other major main-stream consoles” according to Game Science’s website (opens in new tab).
The bigger picture
Black Myth: Wukong takes place in an Eastern-inspired fantasy world, where you will play the legendary character Wukong as you travel around the desolate and unforgiving landscape, defeating fantastical enemies. Inspired by the 16th Century Chinese novel Journey to the West, Wukong will meet many strange and mythical characters along his path.
While the new trailer only has a snippet of gameplay, back in 2020, Game Science announced Black Myth with 13 minutes of in-game footage (opens in new tab). The new clip resembles Elden Ring in its weary and grayscale landscape; we can see Wukong fighting what looks to be a massive tiger that wields a menacing long sword. In this short fight, it seems like the best way to take this tiger down is by striking it and then getting the hell out of there before it lands a hit. In this sense, the attacks also mimic Elden Ring in the hit-and-evade fighting style.
Inspired by Chinese myth and recreating the world of Journey to the West, which is a fantasy epic in the vein of Homer’s Iliad and The Odyssey, we can expect a humongous landscape filled with strange monsters. Exploring these stories in an RPG will let us get up close and personal with those monsters, for good and ill: there’s a giant fleshy spider somewhere in there, and, honestly, it’s already creeping me out.
Long time coming
While to me, it seems like 2024 isn’t too long to wait, that may be because I’ve only just learned about Black Myth. The project has been in development since 2011; it has taken Game Science 12 years of painstaking work to get this far.
Game Science talks about the struggles of completing this monumental task on Black Myth: Wukong’s information page (opens in new tab); it questions whether it’s done enough work or even if it was all worth it. “On countless nights of working overtime, exhaustedly, we asked ourselves half-jokingly – how much did it matter?” says Game Science.
Luckily Game Science has faith in its long-awaited RPG and is pushing full steam ahead to hit the targeted release window in 2024. In the meantime, we can sit back and wait for more news about Wukong and where he will head next.
Great news for Elder Scrolls fans: Skyblivion, an ambitious fan-made recreation of Oblivion within Skyrim’s engine, has finally been given a release window after years of development updates. Skyblivion is an attempt to rebuild the entirety of Skyrim’s predecessor in a modern engine.
Skyblivion’s latest trailer reveals that the project, that’s been in development since 2017, is now due for release in 2025. Though still some way away, it’s reassuring that the mod has a confirmed release window. At this rate, Skyblivion may well be out before Elder Scrolls 6.
The sunny horizons of the RPG’s setting, Cyrodiil, make for a welcome change from Skyrim’s harsh, wintery vistas. The trailer also treats us to all sorts of goodies, such as footage of the neo-classical imperial capital, the dominating palace tower that sits in its center, and glimpses of the sinister assassin’s guild, the Dark Brotherhood. In the video’s closing moments, we even get a look at the Daedric Prince Mehrunes Dagon, Oblivion’s final boss. As terrifying as he might be, this demonic colossus should really consider putting on a shirt.
Beyond the gate
As you might expect, recreating the entirety of The Elder Scrolls: Oblivion within Skyrim is no mean feat. As the mod’s official website (opens in new tab) puts it: “making games takes time, [and] this goes double for a volunteer project the size of a AAA game that took a team of fulltime devs years to make.”
Skyblivion’s development diaries confirm the astronomical work these dedicated fans-turned-developers have put into the project. All of Oblivion’s original 3D assets had to be remade, along with every single environment in what is a huge map. Though released in 2006, Oblivion is a game of tremendous scope, bursting with content.
Skyblivion is part of a group of volunteer projects entitled: The Elder Scrolls Renewal (opens in new tab). A group that aims to recreate all of the major, recent Elder Scrolls games with Bethesda’s modern tools. As well as Skyblivion, TES Renewal hosts the Morroblivion and Skywind projects, mods that bring Morrowind into the Oblivion engine and Morrowind into the Skyrim engine, respectively. Clearly, The Elder Scrolls Renewal projects participants have a lot on their plates.
Oblivion holds a special place in my heart. The game dropped around my 13th birthday, I’d just started at a new school and life was pretty scary. Enter: Bethesda’s brand new open-world RPG. The tutorial’s opening dungeon crawl hooked me deep. I played the game relentlessly, spending hundreds of hours in Cyrodiil. I joined the Fighter’s Guild, explored long-lost ruins, and, eventually, saved the world.
Oblivion was far from perfect. The voice acting was notoriously hit and miss, and the overlapping systems that made up the RPG’s open world often led to goofy shenanigans. Still, I feel there’s a certain charm to Cyrodiil that’s worth immortalizing.
Oblivion was a magical game that set the bar for modern open-world experiences and welcomed a whole new generation of players to RPGs. The prospect of seeing Oblivion’s world realized with modern graphics has me counting down the days on my Elder Scrolls-themed almanac until 2025.
Norton LifeLock has announced that a large number customer accounts have been affected by a breach.
A customer notice from Gen Digital, Norton’s parent company, claimed that the breach was likely the result of a credential stuffing attack, where threat actors use lists of previously exposed passwords to hack into numerous accounts used by victims, on the presumption that they will have used the same password for multiple services.
On December 12 2022, Gen Digital said that it received a large number of failed login attempts, tipping it off to the attack. It believes that compromised accounts dated back to December 1.
Passwords at risk
Given the fact that many admit to reusing the same passwords for various accounts, these attacks can be quite effective.
The notices were sent to over 6,000 customers whose accounts had been hacked. Gen Digital stated that hackers may have ascertained personal information from hacking into customer accounts, such as names, phone numbers and addresses. Passwords stored using the password manager feature may also have been accessed, with Gen Digital cautioning this could not be ruled out.
LifeLock is an identify theft protection platform by Norton, the company best known for its once market leading antivirus software. It also comes bundled with the company’s security suite Norton 360.
As Gen Digital itself recommends, multi-factor authentication is essential for keeping safe, by making sure it is actually you who is trying to access your account. It works by sending a verification prompt or code to another one of your devices, such as your smartphone, via SMS or a dedicated authenticator app, when a login is attempted on your account.
LifeLock’s password manager isn’t alone in suffering a potential breach. LastPass has been having a torrid time since its customer’s password vaults were stolen last year, despite assuring customers that the passwords remained encrypted.
For optimum security, you should consider using the best firewall
Google Stadia may be shutting down in just a couple of days, but that hasn’t stopped Google from releasing one last game for the ill-fated streaming device.
Worm Game, available to play now on Google Stadia, will be very familiar to anyone who owned a phone in the early 2000s. It’s essentially Snake, albeit with some modern flourishes thrown in, like colorful visuals and multiple game modes.
If you’ve kept hold of your Google Stadia subscription right until the bitter end, you can give Worm Game a go by heading over to its Stadia page (opens in new tab). You can even try it out for free, for a whopping three hours, with the Google Stadia trial.
You might have seen one last game arrive on Stadia today. It’s a humble 🧡 thanks 💜 for playing from our team. Find it here: https://t.co/PyAUH181v1January 13, 2023
See more
Don’t be too quick to think Google released a Snake clone as a joke, though. Worm Game’s store page explains that the game was used to test many of Google Stadia’s features, from its 2019 launch up until its imminent demise.
And as Snake-likes go, Worm Game is certainly a mite more involved than what you’d boot up on your Nokia 3310 during those long car journeys to Wales. It’s not much to write home about, but at least an important footnote in Google Stadia’s short history.
A fitting end?
Google Stadia’s shutdown on January 18 is unsurprising. An oddball subscription model paired with inconsistent streaming quality led to the device sitting lukewarmly with all but its staunchest proponents.
Stadia wasn’t entirely without wins, though. I’m a big fan of Google Stadia’s excellent controller, and now that Google has finally confirmed Bluetooth support, the pad has at least been granted a new lease on life. At least for players who want to continue using it wirelessly on PC and, hopefully, devices and consoles beyond.
Unfortunately for Google, a handful of other streaming services like GeForce Now and Xbox Cloud Gaming have offered more attractive game libraries, with better quality streaming. Stadia, as a result, was never able to find a sizable and dedicated audience across PC, mobile, and console.
The streaming service itself isn’t exactly going out with a bang, but I’d argue certainly not a whimper, as evidenced by the release of Worm Game. It’s a game that’s clearly important to the development of Google Stadia, however primitive and basic.
Whether Google decides to eventually throw its hat back into the game streaming ring remains to be seen. But if it does, the tech giant would do well to learn the lessons of its first experiment’s shortcomings.
Now that 2023 is well underway, the Samsung Galaxy Z Fold 5 rumors are coming thick and fast, and the latest speculation concerns the upcoming foldable’s camera setup.
The Pixel also suggests that the Galaxy Z Fold 5 could feature a 64MP telephoto camera (with 2x optical zoom) and a 12MP ultrawide snapper. That setup would trump the Galaxy Z Fold 4’s 10MP telephoto sensor, but lose out on the latter’s 3x optical zoom capabilities.
That last point has us exercising a degree of caution over these new rumors. While it’s undoubtedly exciting to think that we might finally see a foldable phone capable of matching non-foldables in the photography department, it’s hard to imagine Samsung giving the Galaxy Z Fold 5 weaker optical zoom capabilities than its predecessor.
What’s more, as SamMobile (opens in new tab) notes, Samsung’s track record of seldom implementing two major camera revisions on the trot raises another red flag. The Galaxy Z Fold 4’s camera setup marked a significant improvement over the Samsung Galaxy Z Fold 3’s equivalent sensors, which makes us slightly skeptical that the Galaxy Z Fold 5 would feature yet another significant snapper upgrade.
Of course, we do expect some form of photographic improvement from the Galaxy Z Fold 5 over the Galaxy Z Fold 4, but we’re hesitant to lean full-tilt into rumors of a 108MP rear sensor and a 64MP telephoto lens, at this stage.
Anaylsis: folding in more than just camera upgrades
We do, however, have more faith in rumors surrounding Galaxy Z Fold 5’s design. Per South Korean outlet Naver (opens in new tab), Samsung intends to use a water drop-shaped hinge in its upcoming foldable, which would allow the phone to fold completely flat, with no gaps visible between the two halves of its display.
Several handsets from Chinese manufacturers already use this design approach for their foldables (with examples including the Huawei Mate X2, Honor Magic Vs and Oppo Find N2), but at the cost of full water resistance. Samsung, however, is reportedly planning to add the new hinge shape while maintaining an IPX8 rating for the Galaxy Z Fold 5, a feature no rival has been able to compete on in the foldable space.
As for the phone’s release date, we’re expecting the Samsung Galaxy Z Fold 5 to arrive sometime in August 2023. The Galaxy Z Fold 4, Galaxy Z Fold 3 and Galaxy Z Fold 2 were all unveiled in August in their respective years of release, so we anticipate that the Galaxy Z Fold 5 will stick with tradition in that regard.
There’s been no word yet on the phone’s price, but the Samsung Galaxy Z Fold 4 launched for $1,799 / £1,649 / AU$2,499, so a similarly eye-watering figure is to be expected for its successor. Even so, these upgrades might help it find a place on our rundown of the best Samsung phones out there.
The Xbox Series X is a lot more powerful than the Series S. It utilizes its specs to significantly reduce load times and boost overall game performance and visual fidelity, while features such as Quick Resume, Smart Delivery, and backward compatibility give it the edge.
For
Much faster loading times
Dolby Vision + Atmos support
Backwards compatibility
4K/60fps gameplay (4K/120Hz support)
Against
Exclusive library is lacking
Minimal UI improvements
Compatible TV required for full visual experience
The Xbox Series S is a great option if you want to avoid the sizable financial outlay required to own a full-blown new-gen console, but it has significantly less storage, prioritizes 1440p resolution for gaming, and does without the 4K HD Blu-Ray drive of the Xbox Series X.
For
The smallest Xbox ever made
Completely silent in operation
Cheaper than the Series X
Smooth frame rates
Against
Outputs at 1440p resolution when gaming
512GB SSD fills up fast
No disc drive
UI can be overwhelming at first
The battle between Xbox Series X vs Xbox Series S is a pretty tricky debate to understand if you’re a first-time buyer. The pair are constantly advertised alongside one another when promoting new games, but once you’ve started looking into the details, the vital differences will begin to shine through. So, before shopping, you must consider a few more details than your budget to ensure you’re buying the console that will benefit you the most.
So while the Xbox Series X vs Xbox Series S may look similar at first glance, they both showcase tremendous differences, which should be carefully noted while you shop. One of the main differences to consider outside of your budget is whether you spend more time with digital or physical media and whether or not your current setup hosts one of the best gaming TVs to make the most out of whichever console you purchase.
If you’re looking for further insight into both consoles, our Xbox Series X review highlights the pros of the console alongside our Xbox Series S review. However, if you’re looking for something a bit more next-gen, then it might be worth checking out our PS5 vs Xbox series X guide.
Xbox Series X vs Xbox Series S: key differences
If we had to highlight three key differences between the consoles, it’s these: the Xbox Series X has a 4K UHD Blu-ray drive capable of playing physical games and movies, while the Xbox Series S does not.
The Xbox Series X packs a large 1TB SSD that can store, on average, around 16 games, Meanwhile, the Xbox Series S has a 512GB SSD that only stores around four to five, though both can be expanded with a 512GB, 1TB, or 2TB Storage Expansion Card from Seagate. Finally, the Xbox Series X renders games in native 4K at 60 frames-per-second, while the Xbox Series S targets 1440p.
Otherwise, both include the same user interface, the same controller, and the same Xbox Velocity Architecture that enables features like Quick Resume. Both have the same media apps like Netflix and Prime Video, but more importantly, both can play exactly the same games. From what we’ve seen, people are drawn to the sheer power of the Xbox Series X. But don’t overlook the advantages of the more affordable model. Both work well and both can serve a different audiences.
Let’s break them down even further. First up is the Xbox Series X, Microsoft’s flagship console. It’s capable of 4K graphics and is currently one of the most powerful consoles available. On paper, these specs are impressive, and it has a compact tower-style design that manages to be both unique and unobtrusive. It’s expensive, though, at $499 / £449 / AU$749, the same RRP as the PS5.
The Xbox Series S is far more affordable and a less powerful alternative for you to consider. However, it’s digital-only, so you’ll be at the mercy of the Microsoft Store for any purchases you make. That said, Xbox Game Pass, Microsoft’s Netflix-like subscription service and Xbox Cloud Gaming (only available for Xbox Game Pass Ultimate subscribers), lets gamers stream games and alleviates some of the digital-only restrictions.
Overall, the Series S’ price point is aimed at those who are willing to compromise on power for a much better price.
Xbox Series X vs Xbox Series S: price
The Xbox Series X costs $499 / £449 / AU$749 and was launched on November 10, 2020. Packed with cutting-edge technology, this console goes head-to-head with the PS5, which also costs $499. The price point may be too expensive for some, but it puts the Xbox Series X in a strong position to compete with Sony’s hardware.
The Xbox Series S launched alongside the Series X and its price is much lower at just $299.99 / £249.99 / AU$499. A $200 saving will be very appealing to the more cost-conscious consumer. That’s considerably cheaper than the PS5 Digital Edition too, which retains the base PS5’s specifications but initially came in at $399.99 / £359.99 / AU$599 instead.
The Xbox Series X is a beast of a console that’s truly brought us into the latest generation of gaming.
Xbox Series X specs
CPU: Eight-core 3.8GHz (3.6GHz with SMT) custom AMD 7nm
GPU: 12 teraflops 1.825GHz (locked)
RAM: 16GB GDDR6
Frame rate: Up to 120 fps
Resolution: Up to 8K
Optical: HD Blu-Ray disk drive
Storage: 1TB NVMe SSD
With a 12 teraflop GPU capable of up to 120 frames per second, the Xbox Series X is twice as powerful as the Xbox One X, Microsoft’s former flagship console for the last generation. It supports various exciting new-gen features such as ray tracing, variable rate shading, and support for 8K resolution.
The Xbox Series X makes the wait when booting up games or loading new levels a thing of the past, thanks to its custom-designed super-fast NVMe SSD. The SSD is part of the console’s new Velocity Architecture, which allows multiple games to be suspended in the background while you’re playing something entirely different. Everything is more responsive and snappier as a result, too.
Microsoft is also trying to make latency a thing of the past on Xbox Series X. Forward-thinking features such as Auto Low Latency Mode (ALLM), communication improvements to the Xbox controller, and Variable Refresh Rate (VRR) support take full advantage of TVs with HDMI 2.1 support.
Xbox Series S specs
CPU: Eight-core 3.6GHz (3.4GHz with SMT) custom AMD 7nm
GPU: 4 teraflops at 1.550GHz
RAM: 10GB GDDR6
Frame rate: Up to 120 fps
Resolution: 1440p with 4K upscaling
Optical: No disk drive
Storage: 512GB NVMe SSD
The Xbox Series S packs significant power for a small box. The console targets a resolution of 1440p instead of native 4K (some games do support native 4K, though), and is capable of 120fps gaming. It’s got an almost identical CPU to the Xbox Series X, but the GPU is considerably less powerful, coming with 10GB of GDDR6 RAM instead of 16GB.
That might sound like a big compromise on paper, but remember the Xbox Series S is targeting 1440p/60fps instead of 4K/60fps. This means it needs less power to reach its pixel count, but it can still deliver all the new-gen features Microsoft is focusing on like ray tracing and 120fps.
There’s no disk drive, of course, and the storage is almost halved compared to the Xbox Series X. That’s admittedly concerning for a digital-only model, but Microsoft is undoubtedly hoping people are taking advantage of Xbox Cloud Gaming. That involves no downloads, since games are streamed from Microsoft’s remote data servers.
The storage of both consoles can be expanded, however. Microsoft is selling a proprietary expansion card that plugs into the back of the console, available in 512GB, 1TB, and 2TB options. The best Xbox One games can also be stored on a standard external hard drive to help free up space.
The Xbox Series S and Xbox Series X also support Spatial Sound, including Dolby Atmos and Dolby Vision, via streaming apps at launch. Dolby Vision support for gaming was introduced post-launch and is now available.
Xbox Series X vs Xbox Series S: games
Here’s what you need to know: both the Xbox Series X and Xbox Series S can play exactly the same games, although they’ll undoubtedly look best on Xbox Series X. The compromises we’ve usually seen on Xbox Series S mainly focus on the resolution drop to 1440p from 4K, and likely more minor changes that probably won’t be as noticeable.
Both consoles offer full backward compatibility with Xbox One, Xbox 360, and original Xbox games. Some FPS Boost games aren’t supported on Xbox Series S though, while others see greater benefits on Xbox Series X.
So while we’re still waiting for some of the biggest new-gen exclusives like Fable 4 to launch, there’s still plenty to play, particularly if you have a large library of titles already. If you own a lot of physical copies, though, be mindful that these won’t work on Xbox Series S, due to the lack of disc drive.
If you’re hoping to get Xbox Game Pass Ultimate for an even cheaper price, we’ve got good news. While this is currently being trialled in just the Republic of Ireland and Colombia, Microsoft is looking to launch an Xbox Game Pass family plan, allowing you and four players to jump in for a monthly cost of €21.99 – which comes to around $21.99 / £19.99 / AU$32.99
Xbox Series X vs Xbox Series S: verdict
Microsoft may be onto something here. By offering two consoles that target different audiences, consumers ultimately have more choice and more ways to enter into the Xbox ecosystem. If only the best will do, pick up an Xbox Series X, but be prepared to pay a premium. Want to enter the next generation without breaking the bank? The Xbox Series S is a fantastic entry point, thanks to a tempting price.
Microsoft seems to have created two appealing iterations of its console, without one appearing less attractive than the other. Crucially, it can now fight the PS5 on two important fronts: price and performance. The Xbox Series S costs significantly less than the PS5 and the PS5 Digital Edition.
By creating an argument for Xbox Series X vs Xbox Series S, Microsoft has essentially done its best to turn consumers’ heads where it might not have done so before, was it a straight fight between Xbox Series X and PS5. And that’s surely a win for Xbox as a whole.
Xbox Series X vs Xbox Series S – Frequently Asked Question
Is the Xbox Series X better than the Xbox Series S?
In terms of performance and power, the Xbox Series X delivers on a better scale than the Series S, which is reflected in its price. However, that’s not to say that the Xbox Series S is underpowered. Even though it boasts a smaller size than the Series X, the Series S still manages to pack a punch and perform almost as well as its flagship console. But, generally speaking, the Xbox Series X takes the biscuit as the more powerful console.
Does the Xbox Series X have a disc drive?
One of the main factors to separate the Xbox Series X vs the Xbox Series S is a disc drive. The Xbox Series X has a disc drive, which appeals to players who still rely on a lot of physical media instead of digital downloads. But, the disc-less Xbox Series S helps keep the price down, so if you aren’t too fussed with physical media, then a disc drive may be one of the things to sway your decision.
How much storage does the Xbox Series S have compared to the Xbox Series X?
If storage is one of your primary concerns when shopping for a new console, the Xbox Series X may be a safer option. While the Series S still hosts a wealthy 512GB memory, which drops to around the 300GB mark once you factor in system software. The Xbox Series X offers slightly more with its initial 1TB storage, falling to the 800GB mark with system software considered. Then, of course, there’s always the option to add an SSD or an external hard drive to your console to boost the storage.
Google subsidiary DeepMind says it could launch a ChatGPT rival soon – and its chatbot promises to be a safer kind of AI assistant.
DeepMind has been a pioneer in AI research for the last decade and was acquired by Google nine years ago. However, with ChatGPT stealing the recent headlines, DeepMind CEO Demis Hassabis told Time (opens in new tab) that it’s considering releasing its own chatbot, called Sparrow, for a “private beta” sometime in 2023.
Sparrow was introduced to the world last year as a proof-of-concept in a research paper (opens in new tab) that described it as a “dialogue agent that’s useful and reduces the risk of unsafe and inappropriate answers”.
Despite some misgivings about the potential dangers of chatbots, which DeepMind says includes “inaccurate or invented information”, it seems that Sparrow could be ready to take flight soon in beta form. Given DeepMind’s close relationship to Google, it could effectively become the search giant’s answer to ChatGPT.
The slight delay to Sparrow’s launch is, according to Demis Hassabis, down to DeepMind’s keenness to make sure it has important features that ChatGPT lacks –most notably, citing specific sources. As Hassabis told Time, “it’s right to be cautious on that front”.
From DeepMind’s research paper, it also sounds like Sparrow will initially be more constrained and conservative than ChatGPT. The latter has gone viral with its impressive ability to help everyone from coders to armchair poets, but it’s also caused alarm with its capacity for discriminatory comments and malware-writing skills.
DeepMind has talked up the behavior-constraining rules that Sparrow’s built on, along with its willingness to decline to answer questions in “contexts where it is appropriate to defer to humans”. In early tests, Sparrow apparently provided a plausible answer and, crucially, supported it with evidence “78% of the time when asked a factual question”.
But its true abilities will become clearer when that public beta is launched later this year. We’ll certainly be grabbing the popcorn for the first AI chatbot debate between the Google-affiliated Sparrow and the increasingly Microsoft-loving ChatGPT.
Analysis: AI chatbots are still at kindergarten
Anyone who’s used ChatGPT will know that it’s capable of doing a pretty good imitation of intelligence on a number of subjects. But while that’s definitely a fun ride, AI chatbots also need moral intelligence and an ability to cite sources – and that’s where DeepMind says its Sparrow ‘dialogue agent’ is strongest.
Taking this to the next level will need tons of external input, which is why a Sparrow public beta is imminent. DeepMind says that developing better rules for its AI assistant “will require both expert input on many topics (including policymakers, social scientists, and ethicists) and participatory input from a diverse array of users and affected groups”.
Sam Altman, CEO of OpenAI (which created ChatGPT), has similarly talked about difficulties in opening up AI chatbots without causing collateral damage. On Twitter (opens in new tab) he admitted, “there are going to be significant problems with the use of OpenAI tech over time; we will do our best but will not successfully anticipate every issue.”
In other words, the developers of both ChatGPT and DeepMind’s Sparrow are like parents with inquisitive toddlers, which brings fun and danger in equal measure – particularly when their kindergarten teacher is effectively the entire internet.
ChatGPT is already running wild and heading towards a monetized future with ChatGPT Professional, an imminent paid-for tier. But DeepMind’s Sparrow sounds like it could be the more mild-mannered character that AI chatbots need as they race toward the next-gen models, like the rumored ChatGPT-4.
Spyware has been discovered stealing Iranian users data via an infected VPN installer, antivirus provider Bitdefender has revealed.
The company’s joint-research with cybersecurity firm Blackpoint found components of Iranian-made EyeSpy malware to be injected “through Trojanized installers of VPN software (also developed in Iran).”
The majority of targets were within the country’s borders, only a few victims were found to be based in Germany and the US.
This is particularly concerning in a country like Iran, where using one the best VPN services has increasingly become a necessity. Whether this is for bypassing its strict online censorship, or preserving anonymity to avoid dangerous government surveillance. Most likely, a mix of both.
At the same time, a harsh crackdown on Iranian VPN services might push people towards unsecure third-party vendor sites. This makes such a spyware campaign even more dangerous for Iranians’ privacy and security.
Anti-dissident spware?
“In light of the recent events, it’s possible that the targets are Iranians who want to access the internet via a VPN to bypass the country’s digital lockdown. Such malicious installers could plant spyware on people who pose a threat to the regime,” Bitdefender’s report (opens in new tab) noted.
Developed by Iranian-based firm SecondEye, EyeSpy is a legit monitoring software sold to businesses as a way to monitor employees’ activities working remotely.
The attackers were observed using components of the legit application in a malicious way to infect users’ downloading the Iranian-based VPN service 20Speed and spy on their activities.
Once injected into a device, the malware can virtually spy on every activity and collect a tons of sensitive data. These include stored passwords, crypto-wallet data, documents and images, contents from clipboard, and logs key presses.
“The components of the malware are scripts that steal sensitive information from the system and upload them to an FTP server belonging to SecondEye,” Bitdefender explained.
“This can lead to complete account takeovers, identity theft and financial loss. Moreover, by logging keypresses, attackers can obtain messages typed by the victim on social media or e-mail, and this information can be used to blackmail the victims.”
The campaign appears to be active since May 2022, with a growing number of attacks following the wave of anti government protests began in September.
A VPN islargely used by Iranian citizens to access restricted apps like Instagram and WhatsApp. But, as the government increasingly charges dissidents with harsh sentences even reaching the death penalty, extra security software is also a necessity to safeguard sensitive data.
While more and more Iranians download a virtual private network on their devices, authorities are hardly cracking down on reliable VPN services as a result.
Many providers are currently blocked in Iran, meaning that third-party VPN installers are increasingly in popularity. According to Iran International (opens in new tab), 20Speed VPN is actually one of the most popular websites where Iranians head to buy their VPN subscriptions. Over 100,000 are the active installations of itsAndroid VPN app.
To fight against such malware campaigns, Bitdefender’s experts recommend “using well-known VPN solutions downloaded from legitimate sources. Also, a security solution, like Bitdefender, can protect against information stealers.”
CircleCi has confirmed that a recent security incident it has been investigating was malware-powered grand theft data.
The company revealed the news in a blog post (opens in new tab) that described what recently happened, what it did to minimize the damage, and how it plans on keeping its users safe in the future.
In the blog, it was said that an employee with high privileges has had their laptop infected with token-stealing malware which gave the attackers keys to the kingdom.
Stealing data for weeks
The malware apparently managed to run on the endpoint despite the device having an antivirus program installed. The attackers used the tool to grab session tokens which kept the employee logged in to some applications.
When a user logs into an app, even if they did so with a password and a multi-factor authentication (MFA) tool, some apps drop session tokens which allow the users to remain logged into the app for prolonged periods of time. In other words, by stealing session tokens, the attackers effectively bypassed any MFA the company had set up.
After that, it was only a question of accessing the right production systems in order to compromise sensitive data.
“Because the targeted employee had privileges to generate production access tokens as part of the employee’s regular duties, the unauthorized third party was able to access and exfiltrate data from a subset of databases and stores, including customer environment variables, tokens, and keys,” the blog notes.
The threat actors lingered around CircleCI’s infrastructure for roughly three weeks – from December 16, 2022, to January 4, 2023.
Even the fact that the stolen data was encrypted didn’t help much, as the attackers obtained encryption keys, too.
“We encourage customers who have yet to take action to do so in order to prevent unauthorized access to third-party systems and stores,” the blog concluded.
CircleCi had asked its customers to rotate any and all secrets stored in its systems. “These may be stored in project environment variables or in contexts”.
Russian cybercriminals have been discovered trying to circumvent the restrictions on ChatGPT and use the advanced AI-powered chatbot for their nefarious purposes.
Check Point Research (CPR) said they spotted multiple discussions on underground forums where hackers discussed various methods, including using stolen payment cards to pay for upgraded user accounts on OpenAI, bypassing geofencing restrictions, and using a “Russian semi-legal online SMS service” to register ChatGPT.
ChatGPT is a new artificial intelligence (AI) chatbot that made huge headlines due to its versatility and ease of use. Cybersecurity researchers have already seen hackers use the tool to generate believable phishing emails, as well as code for malicious, macro-laden Office files.
Paper roadblocks
However, it’s not that easy to abuse the tool as OpenAI put a number of restrictions. Russian hackers, due to the invasion of Ukraine, have even more roadblocks to overcome.
For Sergey Shykevich, Threat Intelligence Group Manager at Check Point Software Technologies, the roadblocks aren’t good enough:
“It is not extremely difficult to bypass OpenAI’s restricting measures for specific countries to access ChatGPT. Right now, we are seeing Russian hackers already discussing and checking how to get past the geofencing to use ChatGPT for their malicious purposes.
We believe these hackers are most likely trying to implement and test ChatGPT into their day-to-day criminal operations. Cybercriminals are growing more and more interested in ChatGPT, because the AI technology behind it can make a hacker more cost-efficient,” Shykevich said.
But hackers are not just looking to use ChatGPT – they’re also trying to cash in on the rising popularity of the tool to spread all kinds of malware (opens in new tab) and steal money. For example, Apple’s mobile app repository, the App Store, hosted an app pretending to be the chatbot, but with a monthly subscription costing roughly $10. Other apps (some of which were found on Google Play, as well), charged as much as $15 for the “service”.