The Register

Biting the hand that feeds IT — Enterprise Technology News and Analysis

C'mon, just copy this text string and paste it into your macOS Terminal – it'll fix your computer, honest

Threat intel outfit Group-IB has detailed a previously undocumented macOS information stealer that doesn't bother hunting for software bugs. Instead, it persuades users to pwn themselves by pasting a command into Terminal, after which it helps itself to passwords, crypto wallets, browser data, and anything else worth stealing. The boffins have dubbed the malware “ClickLock Stealer,” a nod to its use of the increasingly popular ClickFix social engineering technique and a coercive "locker" feature that pressures victims into handing over their Mac login password. According to the researchers, the operation has been active since around May and has already targeted at least 100 victims across 33 countries, with more than half located in Europe. Group-IB said it discovered the malware after analyzing a malicious shell script uploaded to VirusTotal on June 9 that had zero antivirus detections at the time. The attackers appear to distribute the malware via fake verification pages using ClickFix, host payloads on compromised WordPress sites, and rely on Telegram infrastructure for command-and-control. "The current malware doesn't even need any elevated privileges or rely on exploits for the successful execution," the researchers wrote. Instead, victims are tricked into launching the infection themselves. After they paste the supplied command into Terminal, the malware displays what appears to be a Cloudflare verification sequence, complete with a fake progress animation, while quietly downloading additional components in the background. Group-IB says ClickLock targets data from eight browsers, 31 cryptocurrency wallet browser extensions, seven password manager extensions, eight desktop wallet applications, macOS Keychain, shell history, FTP credentials, and blockchain addresses spanning six different chains. The malware also deploys a modified version of the open source GSocket tool to provide the attackers with remote access. The researchers believe the malware is still under active development based on its code structure and other artifacts, suggesting operators are continuing to expand its capabilities. The nastiest touch comes when victims refuse to play along. During the fake verification process, ClickLock prompts for the user's macOS password. If the password isn't entered, the malware repeatedly kills visible applications, effectively preventing normal use of the machine until the victim complies. If the password is supplied, the theft completes quietly. If the machine is rebooted instead, persistence mechanisms are designed to resume the attack. "The entire attack chain from initial access to full credential theft and data exfiltration relies on a single moment of trust: the user pasting a command into Terminal," Group-IB wrote. The researchers say defenders will need to watch for suspicious behavior rather than known malware signatures. Among the warning signs are unexpected password prompts, applications being repeatedly forced to close, unusual access to browser data and stored credentials, and connections sending stolen information to Telegram. For everyone else, the advice is considerably simpler. If a website claiming to be Cloudflare, Google, or anyone else asks you to open Terminal and paste in a command, close the tab. ®

NASA's Artemis III will need three rockets to do the job Apollo did with one

NASA has given an update on the Artemis III mission and, while sticking with an optimistic 2028 landing target for Artemis IV, offered a glimpse into just how much development work remains to be done at Blue Origin and SpaceX. Artemis III has been compared to Apollo 9, which tested the Apollo Lunar Module in Earth orbit, yet neither SpaceX nor Blue Origin is flying anything as close to the lunar landers. Blue Origin's test lander will be based on the company's current Mark 2 crew lander architecture, incorporating the major avionics, flight software, life support, and crew cabin. Orion, launched atop NASA's SLS, will dock to the side of the Blue Origin spacecraft for crew transfer; two crew members in orange Orion survival suits can baord the test lander, with Orion's software controlling the stack. An instrumented lunar surface spacesuit mass simulator, similar to the "Moonikin" manikin that flew aboard Orion for Artemis I, will also ride along on the Blue Origin lander. SpaceX's test is considerably simpler - just a docking system mounted on the nose of a Starship. That requires Starship testing to have reached the orbital stage first, which is why NASA will be closely watching the upcoming Flight Test 13. Starship V3 is still flying suborbital until SpaceX proves it can reliably relight an engine for controlled re-entry. Under the current plan, Blue Origin launches its lander into orbit first, where it can loiter for up to 30 days. Once it's checked out, a crew launches aboard Orion to rendezvous and dock with it. After that's complete, SpaceX launches its Starship test article to rendezvous and dock Orion in turn, though the crew won't board Starship, just verify communications and interoperability. SpaceX's vehicle will control that docked stack. Notably, SpaceX's docking capability was qualified in 2023, while Blue Origin only tested its pressurized docking system earlier this year. Jeremy Parsons, Artemis program manager, stated, "Artemis III will be a highly choreographed dance with a demanding launch sequence across multiple launch pads and equally demanding mission operations for our ground and flight crews, making it one of the most complex and ambitious missions NASA has ever undertaken." He is not exaggerating. Apollo 9 needed a single Saturn V launch; Artemis III needs three – an SLS, whatever Blue Origin ultimately uses to launch its lander (the company is still rebuilding its launch pad after May's explosion), and a Starship. The SLS has flown twice, including one lunar flyby. Starship has yet to reach orbit despite Elon Musk once claiming that uncrewed versions would be landing on Mars around now. It'll be an impressive feat if NASA can pull it off, even if SpaceX's piece of the puzzle looks a lot simpler than Blue Origin's. ®

TRAILER. 'I play Rocky'

Social

Samengevat: ZE moesten hem niet wegens z'n ongebruikelijke gezicht door zenuwschade tijdens z'n geboorte en slepende spraak en stem, maar boden wel $360.000 (gecorrigeerd voor inflatie zo'n $2,2 miljoen!) voor het script dat hij in 3,5 dag schreef. Sylvester leefde met een zwangere vrouw in abjecte armoede en zag zich op een gegeven moment zelfs gedwongen zijn hond voor $40 te verkopen. Maar hij weigerde, en hield vol dat hij de hoofdrol zou spelen. Uiteindelijk kreeg hij een (voor zo'n script miniem) budget van $1 miljoen. Resultaat? De film verdiende in 1976 wereldwijd $225 miljoen (nu $1,2 miljard), 3 Oscars en 10 Oscar-nominaties. Kortom, inderdaad een film waard, en we verwachten Oscarnominaties. Paar docu-achtige video's over de totstandkoming onderstaand.

Het gevecht Chuck Wepner vs Muhammed Ali dat Sylvester inspireerde tot het script

Social

Docu's

SocialSocialSocial

Hoera, minder minder minder afval per Nederlander

Schouderklopje voor uzelf want het bevuilen van onze aardkloot is afgelopen. In 2025 produceerde Nederland een schamele 449 kilo huishoudafval per inwoner en dat is een verpletterende ZES KILO minder dan in 2024. Minder restafval, minder Groente- Fruit- en Tuinafval-afval en minder oud papier. Een prachtrapport van het CBS, waaruit maar weer eens blijkt waar in dit land de daadwerkelijke vooruitgang plaatsvindt: niet in de randstad. Een gebied dat alles erbuiten graag vertelt hoe er geleefd moet worden, maar waar men zelf leeft als varkens in een naar poep meurende megastal. Ook afval scheiden is voor de grote steden teveel gevraagd. Alles wordt er elke dag van het jaar willekeurig op straat geflikkerd en blijft daar als het ff kan ook nog een maand of wat liggen. Dit terwijl Rinie en Tinus in Jipsingboermussel meerdere uren per week kwijt zijn aan het categorisch ordenen van alle teringtroep. Maar goed, een stuk minder afval per Nederlander dus. Geldt alleen niet voor Gordon, die is juist meer gaan afvallen. Chapeau aan alle voorbeeldige burgers en hoera voor DE REGIO.

ajpscs posted a photo:

the SQUARE
COZY CORNER
TOKYO DAY WALK
© ajpscs

MetaFilter

The past 24 hours of MetaFilter

Two creepy webcomics that deserved to go longer

Both webcomics about small towns that are more than they seem. In Broodhollow by Kris Straub, everyone's excited to talk about the town's terrifying traditions. In Follow the Leader (navigation may not work on mobile) by Jonas Goonface, nobody wants to acknowledge the cult of cannibal children in the park. Neither reached their finale, but both are satisfying reads.

There's been at least three attempts to start chapter 3 of Broodhollow, but none of them stuck. Rumour has it you can find them on the internet archive. Kris Straub's other projects, including the lengthy sci-fi webcomic Starslip, could make for posts of their own, but browse his site if you're curious. Follow The leader was ended prematurely when Jonas became uncomfortable with the racism inherent in some of the imagery he was using (announced here and articulately defended in the comments). But he did give us a summary of the planned ending for closure. Jonas Goonface didn't stop making comics when he stopped Follow The Leader, he just started doing it for money. His impressive bibliography includes the critically acclaimed Godshaper (with Simon Spurrier). Most recently The Unsinkable Ship Of Fools (as nsfw as his itch page). Sadly his pre-FtL webcomics seem lost to linkrot.

Rechter: ziekenhuis hoeft commerciële bv van cardiologen niet te slikken

Het ziekenhuis in Delft hoeft niet langer te accepteren dat medicijntesten en onderzoeken met hartpatiënten van het ziekenhuis via een aparte op winst gerichte vennootschap van cardiologen lopen. Dat heeft de voorzieningenrechter donderdag geoordeeld.


Nieuwe apensoort is een kalme bladereneter die leeft op grote hoogte in het woud van Congo

Deze Afrikaanse franjeaap was al in 2008 gefotografeerd, maar nu pas is duidelijk dat het om een nieuwe soort gaat. „Ze hebben niet veel goeds te verwachten van mensen.”


Protecting Privacy in an AI Era

Daniel Solove argues in the Wall Street Journal (alternate link) that giving people control of their personal data is not an effective way to regulate privacy in this era. Instead, we need to hold companies accountable for their actions, similar to what we do with food and drug companies. Measures such as rigorous data minimization, fiduciary duties, liability for negligent or reckless technological design, liability for algorithms that cause harm, and multi-stakeholder review of technologies will be far more effective.

Paper.

De Speld

Uw vaste prik voor betrouwbaar nieuws.

Hoe werkt de Amerikaanse democratie? En waarom werkt die niet meer?

Net als de cronut, komt de democratie uit Amerika. In het begin was de Amerikaanse grondwet zeer progressief. Inmiddels werkt het systeem niet zo best meer. Hoe heeft het zover kunnen komen?

Abonneer je op ons YouTube-kanaal