Anti-ICE agitators helped criminal illegal immigrants evade deportation, DHS says

PR Tech News US
-
0
Anti-ICE agitators helped criminal illegal immigrants evade deportation, DHS says

NEWYou can now listen to Fox News articles!

FIRST ON FOX: The Department of Homeland Security (DHS) is detailing cases in which anti-ICE agitators actively helped criminal illegal immigrants evade federal arrest, including suspects accused of child rape, domestic abuse and gang-related violence.

The cases point to a growing pattern of organized interference with federal immigration enforcement during recent ICE operations. 

“These are the monsters that agitators and sanctuary politicians are protecting,” DHS Assistant Secretary Tricia McLaughlin told Fox News Digital. “We remind the public that obstructing law enforcement is a felony and a federal crime.”

FROM PROTEST TO FELONY: THE LINES MINNESOTA ANTI-ICE AGITATORS MAY BE CROSSING 

Protesters face off with Minneapolis police officers in Minneapolis, Minn.

Protesters, using whistles to alert neighborhoods to ICE activity, face off with Minneapolis police officers in Minneapolis, Minneapolis, on Jan. 24, 2026.  (Roberto Schmidt / AFP via Getty Images)

According to DHS, members of the anti-ICE Colorado Rapid Response Network, alerted Jose Reyes Leon-Deras, a convicted child rapist, of ICE’s presence on June 20, 2025. A Facebook post by the anti-ICE group, accused by DHS of facilitating Leon-Deras’ evasion on June 20, indicates members affiliated with the anti-ICE group used a bullhorn that day to alert potential targets of ICE. The post suggested that police left without serving any warrants, while noting that agents returned the following days as well. 

Per DHS, federal agents finally arrested Leon-Deras on June 27, and he was issued a final order of removal on Oct. 30 amid the Trump administration’s ongoing operations in Colorado.

In a separate situation in Minneapolis, an apartment manager allegedly prevented federal immigration agents from entering a building where a criminal foreign national from Somalia, convicted of violent sex crimes and previously arrested for a high-level assault, was located. 

DHS accused the apartment manager of actively protecting a sex offender, Mahad Abdulkadir Yusuf, who had a conviction of criminal sexual conduct in the first degree. He allegedly forcibly compelled his victim to perform sex acts on him on multiple occasions. 

Meanwhile, according to DHS, Yusuf had also been arrested in 2016 for first-degree assault and had an active warrant out for obstructing police.

WEEKEND ROUNDUP: CONVICTED MURDERERS, CHILD SEX ABUSERS AMONG ILLEGAL ALIENS NABBED BY ICE ACROSS US 

Yusuf originally entered the United States in 1996 and was a lawful permanent resident, but his crimes made him eligible for removal, and ICE arrested him on Dec. 31. 

Another child sex offender, Jozias Natanael Carmona-Pena, was allegedly assisted by not only agitators but sanctuary city leaders in Minneapolis as well, according to DHS. 

Carmona-Pena had pending charges for lewd and lascivious acts with a child, but he was released onto the streets of Minneapolis after local law enforcement allegedly denied ICE’s detainer request that Carmona-Pena be held until they could pick him up for immigration violations, according to the Trump administration. Meanwhile, Carmona-Pena was issued a final order of removal in 2023 but remained in the country.

Mugshots of criminal illegal aliens who ICE agitators have tried to protect from being arrested

Pictured are five criminal illegal aliens, whose charges range from child rape to domestic abuse, who ICE agitators allegedly tried to help evade arrest, according to the Department of Homeland Security. (Department of Homeland Security/Getty Images)

When federal officials sought to arrest Carmona-Pena on Dec. 10, agitators allegedly swarmed immigration officials and obstructed their attempts to arrest the illegal alien accused of child sex crimes, including by ramming one of their cars into an ICE vehicle. 

Local police subsequently responded and provided assistance, but according to DHS, the actions allowed Carmona-Pena to avoid arrest. He was eventually caught later that same month on Dec. 27, and is now in custody pending his removal.    

In another case from Milwaukee, a federal judge, Hannah Dugan, was convicted of felony obstruction for directing a criminal illegal alien, Eduardo Flores-Ruiz, charged with domestic abuse, out a backdoor inside her courthouse to avoid ICE agents. According to DHS, Flores-Ruiz had other violent criminal charges on his record, from strangulation, suffocation, and battery, to domestic abuse, when he was eventually arrested following the April evasion incident with Dugan. 

CLICK HERE TO DOWNLOAD THE FOX NEWS APP

Federal immigration officials in Illinois who were chasing down an alleged Venezuelan gang member in Illinois were obstructed by agitators as well, according to DHS, which said when the suspect tried to barricade himself inside an apartment — after ramming his car into police — bystanders formed around the officers and began throwing rocks and bottles at them.

The car of a criminal illegal alien gang member after he rammed it into police as they were giving chase

Luis Jesus Acosta Gutierrez, an illegal alien from Venezuela and suspected member of Tren de Aragua (TdA), rammed his car into police as they sought to chase him down. Agitators attempted to obstruct ICE agents as they tried to bring Acosta Gutierrez, who had barricaded himself inside an apartment, into custody. (Department of Homeland Security (DHS))

Meanwhile, according to DHS, local police would not come to assist. Following several hours of negotiation, ICE officials were able to take Acosta into custody. 

“As our law enforcement are putting their lives on the line to arrest heinous criminals including child rapists, sex offenders, gang members, and other violent offenders, our officers are facing a coordinated campaign of violence against them,” McLaughlin said Thursday. “President Trump and Secretary Noem have been very clear; we will NOT let agitators slow us down from removing criminal illegal aliens from American neighborhoods. If you obstruct or assault law enforcement, you will be arrested and prosecuted to the fullest extent of the law.”



Source link

Stock Market Live Updates Feb 6: Stock to buy today: Gallantt Ispat (₹596.80) – BUY

PR Tech Finance
-
0
Stock Market Live Updates Feb 6: Stock to buy today: Gallantt Ispat (₹596.80) – BUY

Businessman using laptop trading and analysis data on stock market investments funds and digital assets, Economy, Financial, Banking and exchange currency, Business investment and finance technology istock photo for BL

Businessman using laptop trading and analysis data on stock market investments funds and digital assets, Economy, Financial, Banking and exchange currency, Business investment and finance technology istock photo for BL | Photo Credit: iStockphoto

talk Market Today | Stock Market Live Updates 6 February – Find here all the live updates related to Sensex, Nifty, BSE, NSE share prices and Indian stock markets for 6 February.

  • February 6, 2026 06:48

    Stock market live updates today: Stock to buy today: Gallantt Ispat (₹596.80) – BUY

    The short-term outlook is bullish for Gallantt Ispat. The stock has surged 15 per cent since Budget Day. The rise over the last two days has taken the share price well above the 200-Day Moving Average (DMA). This gives an early sign of a bullish trend reversal.

    Gallantt Ispat turns bullish after 200-day moving average breakout

    The 200-DMA near ₹573 now acts as a key reference level, with strong support seen in the ₹560–₹550 zone. If momentum sustains, the share price can climb towards ₹680 in the coming weeks.

Published on February 6, 2026

Ad blocking alive and well, despite changes to Chrome • The Register

Raj Bhat
-
0
Ad blocking alive and well, despite changes to Chrome • The Register

Chrome’s latest revision of its browser extension architecture, known as Manifest v3 (MV3), was widely expected to make content blocking and privacy extensions less effective than its predecessor, Manifest v2 (MV2).

But when researchers affiliated with Goethe University Frankfurt compared the old and new tools, they could not find much difference.

According to a study titled, “Privacy vs. Profit: The Impact of Google’s Manifest Version 3 (MV3) Update on Ad Blocker Effectiveness,” just published in the peer reviewed publication Proceedings on Privacy Enhancing Technologies (PoPETs), the performance of Chrome’s MV3 architecture is more or less on par with the legacy MV2 specification.

“Our results reveal no statistically significant reduction in ad-blocking or anti-tracking effectiveness for MV3 ad blockers compared to their MV2 counterparts, and in some cases, MV3 instances even exhibit slight improvements in blocking trackers,” conclude authors Karlo Lukic and Lazaros Papadopoulos.

Google announced MV3 back in 2019 when it had become apparent that the powerful capabilities exposed to extension developers through MV2 could be (and were) easily abused. The company’s answer involved a revised set of APIs that limited those capabilities and revised the underlying architecture to improve performance.

The most widely noted of those APIs was the blocking (synchronous) version of chrome.webRequest. Under MV2, it could intercept and modify incoming network data, making it ideal for stopping ads, tracking scripts, and making other interventions.

MV3 stopped supporting the blocking version of chrome.webRequest and replaced it with chrome.declarativeNetRequest. The new API is asynchronous (capable of concurrent task processing) rather than synchronous (processes tasks in sequence), which has performance benefits but is less flexible in terms of adapting to page content on the fly.

This and several other API changes alarmed the makers of content blocking and privacy extensions. Google insisted the changes were necessary for performance, security, and privacy, assurances that seemed disingenuous when considered alongside warnings of the potential revenue impact of ad blocking software in Google’s financial boilerplate.

Despite years of developer grumbling and requests for improvements, the phaseout of MV2 went ahead last year. And not much has changed with respect to the role of Chrome extensions in ad blocking and privacy.

The research by Lukic and Papadopoulos, independently funded and unaffiliated with Google or vendors of privacy tools, found not only that MV3 and MV2 ad blocking and anti-tracking extensions are equally effective, but that MV3 improved anti-tracking by blocking 1.8 more tracking scripts per website on average than the MV2 extensions.

Lazaros Papadopoulos, research assistant at Goethe University, told The Register in an email that the study used the default filter sets for the respective ad blocking extensions in order to mimic the behavior of the typical user and to ensure rule consistency.

Papadopoulos suggests that there’s no longer a reason to choose a browser based on its availability to run legacy MV2 extensions (e.g. Firefox).

“There could be minor cosmetic reasons we describe in the paper, but nothing that from our point of view significantly impacts privacy negatively,” he said. “It is important though to note our study is a snapshot in time, and future changes to MV3 might have an impact.”

The study did not consider how MV3 and MV2 browser extensions compare in terms of performance (e.g., page load speed). And the paper notes that the authors did not test whether MV3’s limit on the number of declarative rules could make MV3 extensions less effective for less frequently visited websites.

That said, developers of Chrome-based extensions have a broader set of concerns than the APIs used for blocking content and tracking scripts. The technical and functional improvements sought by developers have been slow to materialize and the oversight of the Chrome Web Store has been underwhelming – security is still a problem, among other issues.

Still, there’s progress, with features like publisher pages, verified uploads, and changes to the Affiliate Ads Policy that disallow the alteration of affiliate links to steal affiliate revenue. ®



Source link

Most statin side-effects not caused by the drugs, study finds | Statins

PR Tech News
-
0

Almost all side-effects listed for statins are not caused by the drugs, according to the world’s most comprehensive review of evidence.

Other than the well-known risks around muscle pain and diabetes, only four of 66 other statin side-effects listed on labels – liver test changes, minor liver abnormalities, urine changes and tissue swelling – are supported by evidence. And the risks are very small, according to the systematic review and meta-analysis published in the Lancet.

Statins have been used by hundreds of millions of people worldwide over the last three decades and are proven to reduce heart attacks, strokes and cardiovascular deaths. At the same time, millions have been put off the drugs amid long-running safety concerns, with statin labels listing dozens of possible side-effects.

The study is the most comprehensive assessment of evidence for listed side-effects of statins. It examined 19 randomised controlled trials involving 124,000 people, with an average follow-up of four and a half years.

Of the 66 side-effects currently listed on product labels, researchers found no strong evidence to support statins causing 62 of them, such as memory problems, depression, sleep disturbances and nerve damage leading to tingling in the hands and feet.

The results showed the risk of most listed side-effects was minimal while the benefits far outweighed potential harms. As a result, labels should be updated to better reflect the evidence so patients and doctors could make more informed choices about statins, the researchers said.

The study’s lead author, Christina Reith, an associate professor at Oxford University, said: “What we were able to show reliably was that statins did not make these commonly experienced events occur more often.

“So for example, the percentage of people suffering memory loss per year was similar to those taking statin therapy as those not, equally. The percentage of people suffering sleep problems per year was similar to those taking statin therapy as for those not.

“This means that we now have really good evidence that although these things may well happen to people while they take statins, that statins are not the cause of these problems.”

While the study also noted the potential for side-effects appearing after statin use for longer than the average follow-up time, Reith said it provided “reassurance that, for most people, the risk of side-effects is greatly outweighed by the benefits of statins”.

Prof Sir Rory Collins, emeritus professor of medicine and epidemiology at Oxford and a senior author of the paper, said: “Now that we know that statins do not cause the majority of side-effects listed in package leaflets, statin information requires rapid revision to help patients and doctors make better-informed health decisions.”

Prof Bryan Williams, chief scientific and medical officer at the British Heart Foundation, which part-funded the research, said: “Statins are life-saving drugs, which have been proven to protect against heart attacks and strokes. This evidence is a much-needed counter to the misinformation around statins and should help prevent unnecessary deaths from cardiovascular disease.”

Prof Victoria Tzortziou Brown, chair of the Royal College of GPs, said: “Those considering taking statins should be reassured by this comprehensive study, which shows that while statins, like any medication, have potential side-effects, the risk for most people is low.

“It remains important to note that while statins can have real benefits for some patients, they won’t be appropriate for everyone so the decision to prescribe should always be the result of a conversation between the GP and patient about the various risks and benefits.”



Source link

Kamal Death Case:’The real killer is not the road, it is the irresponsible government’; Rahul Gandhi targets Delhi Government – Kamal Death Case Real Killer Is Not The Roads But Irresponsible Power Rahul Gandhi Targets Delhi Government

PR Tech News
-
0
Kamal Death Case:’The real killer is not the road, it is the irresponsible government’; Rahul Gandhi targets Delhi Government – Kamal Death Case Real Killer Is Not The Roads But Irresponsible Power Rahul Gandhi Targets Delhi Government

Kamal, a youth working in a private bank, has died after falling into a pit in Janakpuri, Delhi. These pits were dug by the Water Board. Now the reaction of the Leader of Opposition of Lok Sabha has come to light on this matter. He said that the epidemic of greed and carelessness spread in India has once again taken the life of a youth.



Also read- Manipur: Protest against the participation of Kuki-Jo-Hamar MLAs in the new government, rallies taken out in three districts

No accountability- Rahul Gandhi
Rahul Gandhi wrote in X Post, “The epidemic of greed and carelessness spreading in India has once again taken the life of a youth. A son, a dream, the entire world of parents, everything was destroyed in one stroke. This is not an accident, it is murder, and the murderer is the government running away from accountability. The real murderer is not the road, but the irresponsible government. Because here there is neither resignation, nor punishment, nor does anyone’s conscience awaken.” The poisonous water of Indore, the road that took the life of Yuvraj in Noida, the falling bridges, the colliding trains, the suffocating pollution… there is no accountability, and until there is accountability, someone will always be the next victim of the epidemic of greed.”


Also read- ‘Bathroom cleaner was used in making ghee’: CM Naidu claims on adulteration in Tirupati laddu, targets Jagan

what is the whole matter
Kamal was returning home on bike at around 10 pm on Thursday night. He was working in a private bank branch located in Rohini. When he was returning, suddenly a deep pothole on the road near Janakpuri took away his life. The family alleges that if there were security arrangements on the road, this accident could have been averted. The brother of the deceased alleged that the police told us his last location in this area, but did not help in locating him. We kept searching for him, but could not find him. This is gross negligence. My brother was not crazy to deliberately crash the car into a pit.

AEW fans chant ‘f— ICE’ during match

PR Tech News US
-
0
AEW fans chant ‘f— ICE’ during match

NEWYou can now listen to Fox News articles!

All Elite Wrestling fans made their sentiments known about U.S. Immigration and Customs Enforcement (ICE) during a match on “Dynamite” Wednesday.

Maxwell Jacob Friedman (MJF) was taking on Brody King in an AEW World Championship eliminator match. 

If King picked up the win over the reigning champion, he would get an AEW World Championship match at Grand Slam Australia next weekend.

CLICK HERE FOR MORE SPORTS COVERAGE ON FOXNEWS.COM

Brody King on Collision

Brody King on the ramp during AEW’s “Collision” Oct. 3, 2024, at the Huntington Center in Toledo, Ohio. (Frank Jansky/Icon Sportswire via Getty Images)

The two men, in their respective corners, stared each other down. The crowd at the Pearl Concert Theater in Las Vegas erupted in “f— ICE” chants. MJF and King took the moment in for an extra second or two before the match got underway.

King ended up defeating MJF pretty quickly after “Hangman” Adam Page diverted the champ’s attention. He earned the title shot next weekend.

PRO WRESTLING STAR CELEBRATES DICK CHENEY’S DEATH, MAMDANI’S NYC WIN

MJF at a UFC event in 2022

Professional wrestler Maxwell Jacob Friedman attends UFC 282 at T-Mobile Arena Dec. 10, 2022, in Las Vegas. (Cooper Neill/Zuffa LLC)

It wasn’t the first time in the last year an AEW star has been involved in an anti-ICE moment.

King was a part of a 14-person tag-team match at Grand Slam Mexico in June. He wore a shirt that said “Abolish ICE.” The event took place in Mexico City and occurred as ICE tensions were heating up in Los Angeles.

Anti-ICE protests in Los Angeles

A protester places debris in a fire as Border Patrol personnel in riot gear and gas masks stand guard outside an industrial park in Paramount, Calif., June 7, 2025.  (AP Photo/Eric Thayer)

CLICK HERE TO DOWNLOAD THE FOX NEWS APP

He showed support for protesters in Los Angeles, who were against the raids in the city at the time. The protesters took a violent turn at several points during that week. Law enforcement officers were injured, autonomous vehicles were set on fire and stores were looted.

Follow Fox News Digital’s sports coverage on X and subscribe to the Fox News Sports Huddle newsletter.

Ryan Gaydos is a senior editor for Fox News Digital.



Source link

Amazon reveals plans to spend $200bn in one year day after Bezos guts Washington Post | Amazon

PR Tech News
-
0

Amazon announced plans to spend $200bn on artificial intelligence and robotics this year, the latest tech giant to vow fresh enormous investments in the artificial intelligence arms race.

The news of the investment comes one day after the Washington Post, owned by Amazon founder Jeff Bezos, announced it was cutting approximately a third of employees.

Amazon also reported $213bn in revenue on Thursday. The fourth-quarter earnings of the e-commerce and cloud-computing giant came in slightly below Wall Street estimates even as sales and growth surged.

Amazon will increase capital spending to $200bn this year from $125bn, CEO Andy Jassy said in a press release. Wall Street analysts were expecting spending to rise to roughly $147bn, according to FactSet.

“With such strong demand for our existing offerings and seminal opportunities like AI, chips, robotics, and low earth orbit satellites, we expect to invest about $200 billion in capital expenditures across Amazon in 2026, and anticipate strong long-term return on invested capital,” Jassy said.

Amazon’s investment is the latest sign that cloud-computing giants will not be hitting the brakes any time soon on hefty AI investments. Amazon, Microsoft, Alphabet’s Google and Meta are expected to collectively spend more than $630bn this year.

Revenue at Amazon rose 14% to $213.4bn in the fourth quarter of fiscal year 2025, compared with $187.8bn in the year-ago period. The company reported net income of $21.2bn, or $1.95 per share, for the three-month period ending on 31 December. That compares with $20bn, or $1.86 per share, in the year-ago quarter.

Analysts had expected $1.97 per share on sales of $211.4bn, according to analysts polled by FactSet. Amazon reported the fastest growth in its prominent cloud-computing business, Amazon Web Services (AWS), in 13 quarters, with revenue increasing 24% to $35.6bn. Advertising revenue rose 22%, per a press release.

Bezos, owner of the Post, is the executive chair of Amazon’s board of directors, a role he assumed in 2021 after founding Amazon in 1994 and serving as CEO for the better part of three decades. He purchased the Post for $250m in 2013. Amazon stock makes up the majority of his $235bn net worth, which Forbes estimated sank by $9bn, just 3.7%, after Amazon’s disappointing earnings. Shares were down close to 9% in after-hours trading.

“The aspirations of this news organization are diminished,” former Post executive editor Marty Baron, who won 11 Pulitzer prizes while helming the newspaper, told the Guardian in an interview. “I think that’ll translate into fewer subscribers. And I hope it’s not a death spiral, but I worry that it might be.”



Source link

RNC launches TikTok account following Trump’s successful lead on platform

PR Tech News US
-
0
RNC launches TikTok account following Trump’s successful lead on platform

NEWYou can now listen to Fox News articles!

FIRST ON FOX: The Republican National Committee is upping their social media presence and following President Donald Trump’s lead by officially launching a TikTok account, marking a strategic shift for the party as it continues to look to connect with younger voters.

The RNC’s plan to make an impact on the digital front lines involves the official launch of @Republicans on TikTok, which is designed to engage a critical demographic: voters under 30 who may not follow traditional political news but rely heavily on social media for information.

The move comes at the same time as polling from Pew Research shows that 63% of Americans aged 18-29 use TikTok. The platform has become an essential battleground for reaching the next generation of voters.

Trump has credited TikTok with being a key part of his election victory in 2024.

TIKTOK AFTER THE US SALE: WHAT CHANGED AND HOW TO USE IT SAFELY

Donald Trump arrives at North Carolina rally

President Donald Trump arrives to speak at a campaign event, Dec.19, 2025, in Rocky Mount, North Carolina.  (Alex Brandon/The Associated Press)

“I wasn’t a fan of TikTok, and then I got to use it,” Trump said last fall. “And I became a fan, and it helped me win the election in a landslide.”

The data shows that TikTok was a valuable tool for Trump and his administration, as Reuters reported he amassed roughly 3 million followers in just 24 hours after joining the platform and quickly began drawing tens of millions of views. 

In 2025, the White House joined TikTok and quickly gained traction, racking up 5 million followers and 80+ million likes as of early January. In addition to launching its own account, the RNC is encouraging Republican candidates across the country to follow the lead and join the platform in order to engage with voters and level the playing field in a space where Democrats have historically dominated. 

11 DEMOCRATS RUNNING TO KEEP BLUE-LEANING SEAT IN PARTY HANDS AS GOP HOUSE MAJORITY ON THE BRINK

RNC TikTok

The RNC announced on Friday it has launched an official TikTok account. (RNC)

“President Trump proved how powerful TikTok can be and took decisive action to secure this platform for American users,” RNC Chair Joe Gruters told Fox News Digital. 

“Our new account will deliver America First content directly to younger voters who get their news online, and we’re encouraging Republican candidates nationwide to do the same now that the platform is safe.”

Earlier this year, TikTok announced it reached a historic deal to launch a majority American-owned joint venture, a move guided by Trump and aimed at averting a potential U.S. ban on the popular social media app and hoping to alleviate concerns about China’s ability to influence Americans on the app.

“I am so happy to have helped in saving TikTok! It will now be owned by a group of Great American Patriots and Investors, the Biggest in the World, and will be an important Voice,” Trump said in a post on Truth Social.

Gains by Trump and Republicans in courting younger voters helped the GOP win back the White House and the Senate and hold their House majority in last year’s elections.

CLICK HERE TO DOWNLOAD THE FOX NEWS APP

Republicans will be hoping to repeat that success in the upcoming midterms as they attempt to hold onto a razor-thin majority in the House of Representatives and a 3-seat majority in the Senate despite historical trends suggesting Democrats have the advantage.

“I think the President of the United States is our secret weapon… He’s laser focused,” Gruters touted in a national digital exclusive sit-down interview with Fox News last month.

Pointing to Trump’s unprecedented agenda during his first year back in the White House, Gruters argued, “I think it’s going to pay huge dividends across the board, whether you’re running for governor, Senate, House, or whether you’re running for a local seat.”

Fox News Digital’s Paul Steinhauser contributed to this report.

Andrew Mark Miller is a reporter at Fox News. Find him on Twitter @andymarkmiller and email tips to AndrewMark.Miller@Fox.com.



Source link

Top News: PM will interact with students today to discuss exams; Us-Iran talks in Oman today; Rcb won the final – Top Headline Today Important And Big News Stories Of 6th February 2026 Updates On Amar Ujala

PR Tech News
-
0
Top News: PM will interact with students today to discuss exams; Us-Iran talks in Oman today; Rcb won the final – Top Headline Today Important And Big News Stories Of 6th February 2026 Updates On Amar Ujala

Top Headline Today Important And Big News Stories Of 6th February 2026 Updates on amar ujala

today’s big news – Photo: Amar Ujala Graphics

Prime Minister Narendra Modi’s popular program ‘Pariksha Pe Charcha’, which takes students out of exam stress and inspires them to move forward with positive thinking, is going to be organized today. Prime Minister Narendra Modi will talk about exam-related topics, the need to remain stress-free and focus on learning in a special episode of Pariksha Pe Charcha on Friday. Amidst the tension in West Asia, the whole world is eyeing the talks to be held between America and Iran in Oman on Friday. The reason is that amidst the ongoing anti-government protests in Iran and the threat of continuous US-like attacks due to this, the two countries have suddenly got an opportunity for talks. In the match played in Vadodara, Delhi Capitals, who came to bat first after losing the toss, scored 203 runs for four wickets in 20 overs. In reply, RCB scored 204 runs losing four wickets in 19.4 overs and won the match by six wickets. Read such important news of the country and the world at one place and at one click…

Trending Videos

Mustang Panda Deploys Updated COOLCLIENT Backdoor in Government Cyber Attacks

Raj Bhat
-
0
Mustang Panda Deploys Updated COOLCLIENT Backdoor in Government Cyber Attacks

Threat actors with ties to China have been observed using an updated version of a backdoor called COOLCLIENT in cyber espionage attacks in 2025 to facilitate comprehensive data theft from infected endpoints.

The activity has been attributed to Mustang Panda (aka Earth Preta, Fireant, HoneyMyte, Polaris, and Twill Typhoon) with the intrusions primarily directed against government entities located across campaigns across Myanmar, Mongolia, Malaysia, and Russia.

Kaspersky, which disclosed details of the updated malware, said it’s deployed as a secondary backdoor along with PlugX and LuminousMoth infections.

“COOLCLIENT was typically delivered alongside encrypted loader files containing encrypted configuration data, shellcode, and in-memory next-stage DLL modules,” the Russian cybersecurity company said. “These modules relied on DLL side-loading as their primary execution method, which required a legitimate signed executable to load a malicious DLL.”

Between 2021 and 2025, Mustang Panda is said to have leveraged signed binaries from various software products, including Bitdefender (“qutppy.exe”), VLC Media Player (“vlc.exe” renamed as “googleupdate.exe”), Ulead PhotoImpact (“olreg.exe”), and Sangfor (“sang.exe”) for this purpose.

Campaigns observed in 2024 and 2025 have been found to abuse legitimate software developed by Sangfor, with one such wave targeting Pakistan and Myanmar using it to deliver a COOLCLIENT variant that drops and executes a previously unseen rootkit.

COOLCLIENT was first documented by Sophos in November 2022 in a report detailing the widespread use of DLL side-loading by China-based APT groups. A subsequent analysis from Trend Micro officially attributed the backdoor to Mustang Panda and highlighted its ability to read/delete files, as well as monitor the clipboard and active windows.

The malware has also been put to use in attacks targeting multiple telecom operators in a single Asian country in a long-running espionage campaign that may have commenced in 2021, Broadcom’s Symantec and Carbon Black Threat Hunter Team revealed in June 2024.

COOLCLIENT is designed for collecting system and user information, such as keystrokes, clipboard contents, files, and HTTP proxy credentials from the host’s HTTP traffic packets based on instructions sent from a command-and-control (C2) server over TCP. It can also set up a reverse tunnel or proxy, and receive and execute additional plugins in memory.

Some of the supported plugins are listed below –

  • ServiceMgrS.dll, a service management plugin to oversee all services on the victim host
  • FileMgrS.dll, a file management plugin to enumerate, create, move, read, compress, search, or delete files and folders
  • RemoteShellS.dll, a remote shell plugin that spawns a “cmd.exe” process to allow the operator to issue commands and capture the resulting output

Mustang Panda has also been observed deploying three different stealer programs in order to extract saved login credentials from Google Chrome, Microsoft Edge, and other Chromium-based browsers. In at least one case, the adversary ran a cURL command to exfiltrate the Mozilla Firefox browser cookie file (“cookies.sqlite”) to Google Drive.

These stealers, detected in attacks against the government sector in Myanmar, Malaysia, and Thailand, are suspected to be used as part of broader post-exploitation efforts.

Furthermore, the attacks are characterized by the use of a known malware called TONESHELL (aka TOnePipeShell), which has been employed with varying levels of capabilities to establish persistence and drop additional payloads like QReverse, a remote access trojan with remote shell, file management, screenshot capture, and information gathering features, and a USB worm codenamed TONEDISK.

Kaspersky’s analysis of the browser credential stealer has also uncovered code-level similarities with a cookie stealer used by LuminousMoth, suggesting some level of tool sharing between the two clusters. On top of that, Mustang Panda has been identified as using batch and PowerShell scripts to gather system information, conduct document theft activities, and steal browser login data.

“With capabilities such as keylogging, clipboard monitoring, proxy credential theft, document exfiltration, browser credential harvesting, and large-scale file theft, HoneyMyte’s campaigns appear to go far beyond traditional espionage goals like document theft and persistence,” the company said.

“These tools indicate a shift toward the active surveillance of user activity that includes capturing keystrokes, collecting clipboard data, and harvesting proxy credentials.”



Source link
1...1,9231,9241,925...2,108Page 1,924 of 2,108