Your daily dose of tech news, in brief.

With Emotet back in play, MS Defender seems to be hypersensitive to the possibility of infection from the malware. The security software seems to be giving off false alarms.

According to BleepingComputer:

"Windows system admins are reporting that this is happening since updating Microsoft's enterprise endpoint security platform (previously known as Microsoft Defender ATP) definitions to version 1.353.1874.0. When triggered, Defender for Endpoint will block the file from opening and throw an error mentioning suspicious activity linked to Win32/PowEmotet.SB or Win32/PowEmotet.SC. "We're seeing issues with definition update 1.353.1874.0 detecting printing as Win32/PowEmotet.SB this afternoon," one admin said. "We are seeing this detected for Excel, any Office app using MSIP.ExecutionHost.exe ( AIP Sensitivity Client ) and splwow64.exe," another added.

A third one confirmed the issues with today's definition updates: "We're seeing the same behavior specifically with v.1.353.1874.0 of the definitions, which was released today, & included a definition for Behavior:Win32/PowEmotet.SB & Behavior:Win32/PowEmotet.SC." BleepingComputer was able to trigger the false positive on a Windows 10 virtual machine with the latest Microsoft Defender signatures. While Microsoft hasn't yet shared any info on what causes this, the most likely reason is that the company has increased the sensitivity for detecting Emotet-like behavior in updates released today, which makes Defender's generic behavioral detection engine too sensitive prone to false positives. The change was likely prompted by the recent revival of the Emotet botnet from two weeks ago, after Emotet research group Cryptolaemus, GData, and Advanced Intel began seeing TrickBot dropping Emotet loaders on infected devices. Even though this is almost surely not the real thing, the timing is definitely unfortunate with Emotet coming back and most Windows admins already on their toes."

Learn more about MS Defender at BleepingComputer. Opens a new window Opens a new window

Want to do a scam? Need a legit phone number to do so? There's a business for that. Just don't do anything illegal, or they'll be upset with you.

According to Vice:

"Fraudsters can turn to large scale, automated services to lease them phone numbers for less than a cent. One of those is 5SIM, a website that members of the video game cheating community mention as a way to fulfill the request for SMS verification. “I used 5 sim too. I have every region number,” one member of a Telegram group focused on online video game cheating wrote. Video game cheaters sometimes need to either buy or create accounts so once a game bans them, they can quickly switch to a new account. Some people also sell phone verified accounts in bulk. On its website, 5SIM says “Today a lot of sites require SMS verification code for registration account. If you do not want to use your personal phone number to verify or activate account, use phone number 5SIM. Thus, there is no need for a SIM card in your mobile phone, only need access to the Internet.” Users can select phone numbers from all over the world.

Some online services don’t allow users to perform SMS verification with VoIP numbers, presumably in an effort to mitigate against fraud. 5SIM’s numbers, however, are just like ordinary phone numbers, the site claims. When people buy 5SIM’s services, they must only use it for receiving texts related to an online account. “Different SMS will [be] rejected,” the website adds. 5SIM also offers an API to automate parts of the service. 5SIM’s rules say that customers are “Forbidden to use the service for any illegal purposes as well as not to take actions that harm the service and (or) third parties.” The website also includes a denylist of words that its service may block. 5SIM told Motherboard in an email that “5sim service is prohibited to use for illegal purposes."

Learn more about virtual phone services at Vice. Opens a new window Opens a new window

Authorities seem to be getting better at seizing ransomware actor money, as evidenced by this latest victory: Millions taken back from REvil.

According to BleepingComputer:

"In a complaint unsealed today, the FBI seized 39.89138522 bitcoins worth approximately $2.3 million at current prices ($1.5 million at time of seizure) from an Exodus wallet on August 3rd, 2021. The FBI does not state how they gained access to the wallet other than that it is in their custody, indicating that they likely gained access to the wallet's private key or secret passphrase. "The United States of America files this verified complaint in rem against 39.89138522 Bitcoin Seized From Exodus Wallet ("the Defendant Property") that is now located and in the custody and management of the Federal Bureau of Investigation ("FBI") Dallas Division, One Justice Way, Dallas Texas," reads the United States' Complaint for Forfeiture.

In November, the Department of Justice announced that the FBI seized $6 million in ransoms paid to the REvil ransomware gang. It is unclear if this $2.3 million is part of the previously announced number or additional ransoms seized by the FBI. Law enforcement's continued strategy of disrupting the economics and affiliate systems of ransomware operations is paying off. The arrests and seizure of infrastructure are also spooking ransomware gangs into shutting down their operations, including REvil in October and BlackMatter in July."

Learn more about the FBI seizure at BleepingComputer. Opens a new window Opens a new window

SpaceX, despite a number of government contracts and recent launch successes, seems to be in some trouble. They are falling behind production of their Raptor engine, and the CEO is sounding the alarm.

According to Space.com:

"Raptors will power Starship, the huge, fully reusable vehicle that SpaceX is developing to take people and cargo to the moon, Mars and other distant destinations. Each Starship will need a lot of Raptors — 33 for the giant first-stage booster, called Super Heavy, and six for the upper-stage spacecraft, known as Starship. So SpaceX aims to manufacture a lot of Raptors in the relatively near future. And the company is apparently not on track to meet that challenge at the moment, according to an email Musk sent to SpaceX employees over the Thanksgiving weekend. In the email, which was obtained by Space Explored, Musk describes the Raptor production situation as a "crisis" that is "much worse than it had seemed a few weeks ago." He says that he was foregoing a planned Thanksgiving weekend break to work on the Raptor production line and implores all SpaceX employees to pitch in if they can. "Unless you have critical family matters or cannot physically return to Hawthorne, we will need all hands on deck to recover from what is, quite frankly, a disaster," reads the email.

Time is of the essence to get the Raptor problem fixed, Musk stresses in the email. "What it comes down to is that we face a genuine risk of bankruptcy if we can’t achieve a Starship flight rate of at least once every two weeks next year," the missive reads. Given that Starship is designed to be completely and rapidly reusable, SpaceX should need just a few operational vehicles to be able to fly twice a month. But right now it doesn't have any, as Starship remains in the test-flight phase. That could change relatively soon. SpaceX is gearing up to launch the program's first orbital test flight, which will involve a Starship prototype called SN20 and a Super Heavy known as Booster 4. That landmark mission could occur as soon as January or February, provided the U.S. Federal Aviation Administration wraps up its environmental review of Starship's orbital launch site in South Texas by the end of the year, Musk has said."

Learn more about SpaceX's Raptor problem at Space.com. Opens a new window Opens a new window

South Korea has another use for VR besides the metaverse Opens a new window. They are proposing to start testing drivers, specifically seniors, with VR driving challenges in order to assess their proficiency and safety behind the wheel.

According to TheNextWeb:

"As of Monday, a three-year research project has been introduced, which will employ VR tech to assess whether drivers aged 65 years and older can remain behind the wheel. The program’s total budget is expected to reach approximately $3 million (3.6 billion won). Contrary to other countries around the word, South Korea has no strict regulations regarding the driving license of seniors, unless they test positive for dementia. Currently, two measures apply: the three-year license renewal period for those aged 75 years and older, and the voluntary return of the driver’s license for people over 65 years-old. However, the KNPA is still raising concerns over the number of accidents attributed to senior drivers, as well as the continuous aging of the country’s population.

The VR test will asses driving, cognitive, and memory skills using a VR headset, close to how virtual reality technology is used in dementia clinics to check the brain functions of older people. While the specifics are yet to be disclosed, a similar academic research by independent scientists has run an experiment, testing driving performance evaluation based on virtual reality tech. he researchers conducted driving simulator experiments to measure various driving behaviors under many different driving conditions, in order to examine the participants’ visual acuity. The virtual simulations included two scenarios: daytime and nighttime highway driving. In both cases, three unexpected incidents were created to test the drivers’ performance."

Learn more about VR driving tests at TheNextWeb. Opens a new window Opens a new window

What was the most interesting story today? Vote in our poll below. Didn't get this in your inbox? Learn how to! Also, check out previous editions of Snap! to stay in the know on important and entertaining tech and science news.