An anonymous reader shares a report: Microsoft has now started notifying IT admins that it will force Outlook and Teams to ignore the default web browser on Windows and open links in Microsoft Edge instead. Reddit users have posted messages from the Microsoft 365 admin center that reveal how Microsoft is going to roll out this change. "Web links from Azure Active Directory (AAD) accounts and Microsoft (MSA) accounts in the Outlook for Windows app will open in Microsoft Edge in a single view showing the opened link side-by-side with the email it came from," reads a message to IT admins from Microsoft. While this won't affect the default browser setting in Windows, it's yet another part of Microsoft 365 and Windows that totally ignores your default browser choice for links. Microsoft already does this with the Widgets system in Windows 11 and even the search experience, where you'll be forced into Edge if you click a link even if you have another browser set as default. Further reading: Microsoft Broke a Chrome Feature To Promote Its Edge Browser.

An anonymous reader quotes a report from Gizmodo: Microsoft issued a Windows update that broke a Chrome feature, making it harder to change your default browser and annoying Chrome users with popups, Gizmodo has learned. An April Windows update borked a new button in Chrome -- the most popular browser in the world -- that let you change your default browser with a single click, but the worst was reserved for users on the enterprise version of Windows. For weeks, every time an enterprise user opened Chrome, the Windows default settings page would pop up. There was no way to make it stop unless you uninstalled the operating system update. It forced Google to disable the setting, which had made Chrome more convenient.

This petty chapter of the browser wars started in July 2022 when Google quietly rolled out a new button in Chrome for Windows. It would show up near the top of the screen and let you change your default browser in one click without pulling up your system settings. For eight months, it worked great. Then, in April, Microsoft issued Windows update KB5025221, and things got interesting. "Every time I open Chrome the default app settings of Windows will open. I've tried many ways to resolve this without luck," one IT administrator said on a Microsoft forum. A Reddit user noticed that the settings page also popped up any and every time you clicked on a link, but only if Chrome was your default browser. "It doesn't happen if we change the default browser to Edge," the user said. Others made similar complaints on Google support forums, some saying that entire organizations were having the issue. Users quickly realized the culprit was the operating system update.

For people on the regular consumer version of Windows, things weren't quite as bad; the one-click "Make Default" button just stopped working. Gizmodo was able to replicate the problem. In fact, we were able to circumvent the issue just by changing the name of the Chrome app on a Windows desktop. It seems that Microsoft threw up the roadblock specifically for Chrome, the main competitor to its Edge browser. [...] In response, Google had to disable its one-click default button; the issue stopped after it did. In other words, Microsoft seems to have gone out of its way to break a Chrome feature that made life easier for users. Google confirmed the details of this story, but declined to comment further.

According to Windows Latest, Microsoft is working on new ARM chips to compete against Apple Silicon. "I have also spotted some job listings that suggest the company is building its own Silicon-based ARM chips for client devices" writes Mayank Parmar. "Additionally, I understand that Microsoft is optimizing Windows 12 for Silicon-ARM architecture." From the report: These developments coincide with the upcoming launch of Windows 12, which has a special version optimized for silicon and designed to leverage AI capabilities. The job listings (most of them have now been taken down) describe positions related to custom silicon accelerators, System on Chips (SoCs), and high-performance, high-bandwidth designs. This suggests that Microsoft is building its own ARM-based chips, aiming to compete with Apple's M chips lineup in terms of performance and efficiency.

For Red Hat's 30th anniversary, North Carolina's News & Observer newspaper ran a special four-part series of articles.

In the first article Red Hat co-founder Bob Young remembers Red Hat's first big breakthrough: winning InfoWorld's "OS of the Year" award in 1998 — at a time when Microsoft's Windows controlled 85% of the market. "How is that possible," Young said, "that one of the world's biggest technology companies, on this strategically critical product, loses the product of the year to a company with 50 employees in the tobacco fields of North Carolina?" The answer, he would tell the many reporters who suddenly wanted to learn about his upstart company, strikes at "the beauty" of open-source software.

"Our engineering team is an order of magnitude bigger than Microsoft's engineering team on Windows, and I don't really care how many people they have," Young would say. "Like they may have thousands of the smartest operating system engineers that they could scour the planet for, and we had 10,000 engineers by comparison...."

Young was a 40-year-old Canadian computer equipment salesperson with a software catalog when he noticed what Marc Ewing was doing. [Ewing was a recent college graduate bored with his two-month job at IBM, selling customized Linux as a side hustle.] It's pretty primitive, but it's going in the right direction, Young thought. He began reselling Ewing's Red Hat product. Eventually, he called Ewing, and the two met at a tech conference in New York City. "I needed a product, and Marc needed some marketing help," said Young, who was living in Connecticut at the time. "So we put our two little businesses together."

Red Hat incorporated in March 1993, with the earliest employees operating the nascent business out of Ewing's Durham apartment. Eventually, the landlord discovered what they were doing and kicked them out.
The four articles capture the highlights. ("A visual effects group used its Linux 4.1 to design parts of the 1997 film Titanic.") And it doesn't leave out Red Hat's skirmishes with Microsoft. ("Microsoft was owned by the richest person in the world. Red Hat engineers were still linking servers together with extension cords. ") "We were changing the industry and a lot of companies were mad at us," says Michael Ferris, Red Hat's VP of corporate development/strategy. Soon there were corporate partnerships with Netscape, Intel, Hewlett-Packard, Compaq, Dell, and IBM — and when Red Hat finally goes public in 1999, its stock sees the eighth-largest first-day gain in Wall Street history, rising in value in days to over $7 billion and "making overnight millionaires of its earliest employees."

But there's also inspiring details like the quote painted on the wall of Red Hat's headquarters in Durham: "Every revolution was first a thought in one man's mind; and when the same thought occurs to another man, it is the key to that era..." It's fun to see the story told by a local newspaper, with subheadings like "It started with a student from Finland" and "Red Hat takes on the Microsoft Goliath."

Something I'd never thought of. 2001's 9/11 terrorist attack on the World Trade Center "destroyed the principal data centers of many Wall Street investment banks, which were housed in the twin towers. With their computers wiped out, financial institutions had to choose whether to rebuild with standard proprietary software or the emergent open source. Many picked the latter." And by the mid-2000s, "Red Hat was the world's largest provider of Linux...' according to part two of the series. "Soon, Red Hat was servicing more than 90% of Fortune 500 companies." By then, even the most vehement former critics were amenable to Red Hat's kind of software. Microsoft had begun to integrate open source into its core operations. "Microsoft was on the wrong side of history when open source exploded at the beginning of the century, and I can say that about me personally," Microsoft President Brad Smith later said.

In the 2010s, "open source has won" became a popular tagline among programmers. After years of fighting for legitimacy, former Red Hat executives said victory felt good. "There was never gloating," Tiemann said.

"But there was always pride."
In 2017 Red Hat's CEO answered questions from Slashdot's readers.

Linux Magazine argues that System76's Pop!_OS offers "something rare: a commercial distribution that was integrated into the hardware, with utilities designed specifically for System76 computers and keyboards." The only other example of an integrated commercial distro of which I am aware is Purism, a company in the same niche... With hardware and software coming from the same source — what business calls vertical integration — distributions like System76/Pop!_OS offer Linux users their first experiences with what Windows and macOS users have always enjoyed — to say nothing of the closest they can currently get to open hardware. Could Linux be finally becoming mainstream at last?
They interviewed System76 CEO Carl Richell (along with a marketing director and media relations manager), who remembered how System76 was actually founded in Carl's basement around 2005: He wanted to show the world how far Linux and open source software had come by delivering it preinstalled on high-quality computers backed by caring, knowledgeable customer support. Carl felt that making Linux computers that highlight the work of the community would be a great way to introduce the broader public to open source technology and its potential...

LM: What other hardware might System76 offer in the future?

S76: We are in the research and development process of designing our own in-house laptop. We'll eventually refresh our Meerkat mini desktop with a new Thelio-style aesthetic. That project will start sometime after our first in-house laptops start shipping. [In addition,] Launch keyboards and the System76 Keyboard Configurator work on macOS and Windows! We've also prepared ISO layouts for most Launch models but don't have a time frame for release.

LM: What are you willing to say at this point about the company's future directions?

S76: We're developing COSMIC DE — a desktop environment written in Rust — as well as a prototype for an open hardware laptop manufactured in-house. Finally, Nebula, a line of computer cases based on Thelio desktops will be arriving in the coming months.
My favorite line from the interview? "Seeing a flat sheet of aluminum transformed into a beautiful desktop is strikingly rewarding."

Microsoft is rewriting core Windows libraries in the Rust programming language, and the more memory-safe code is already reaching developers. From a report: David "dwizzle" Weston, director of OS security for Windows, announced the arrival of Rust in the operating system's kernel at BlueHat IL 2023 in Tel Aviv, Israel, last month. "You will actually have Windows booting with Rust in the kernel in probably the next several weeks or months, which is really cool," he said. "The basic goal here was to convert some of these internal C++ data types into their Rust equivalents."

Microsoft showed interest in Rust several years ago as a way to catch and squash memory safety bugs before the code lands in the hands of users; these kinds of bugs were at the heart of about 70 percent of the CVE-listed security vulnerabilities patched by the Windows maker in its own products since 2006. The Rust toolchain strives to prevent code from being built and shipped that is exploitable, which in an ideal world reduces opportunities for miscreants to attack weaknesses in software. Simply put, Rust is focused on memory safety and similar protections, which cuts down on the number of bad bugs in the resulting code. Rivals like Google have already publicly declared their affinity for Rust.

Windows 10 22H2 will be the final version of the operating system, Microsoft said in a blog post on Thursday. From a report: Moving forward, all editions of Windows 10 will be supported with monthly security updates until October 14th, 2025, when Microsoft will end support. (Some releases on the Long-Term Servicing Channel, or LTSC, will get updates past that end of support date.) Microsoft is encouraging users to now transition to Windows 11 because Windows 10 won't be getting any new features.

An anonymous reader quotes a report from The Hacker News: Google on Wednesday said it obtained a temporary court order in the U.S. to disrupt the distribution of a Windows-based information-stealing malware called CryptBot and "decelerate" its growth. The tech giant's Mike Trinh and Pierre-Marc Bureau said the efforts are part of steps it takes to "not only hold criminal operators of malware accountable, but also those who profit from its distribution." CryptBot is estimated to have infected over 670,000 computers in 2022 with the goal of stealing sensitive data such as authentication credentials, social media account logins, and cryptocurrency wallets from users of Google Chrome. The harvested data is then exfiltrated to the threat actors, who then sell the data to other attackers for use in data breach campaigns. CryptBot was first discovered in the wild in December 2019.

The malware has been traditionally delivered via maliciously modified versions of legitimate and popular software packages such as Google Earth Pro and Google Chrome that are hosted on fake websites. [...] The major distributors of CryptBot, per Google, are suspected to be operating a "worldwide criminal enterprise" based out of Pakistan. Google said it intends to use the court order, granted by a federal judge in the Southern District of New York, to "take down current and future domains that are tied to the distribution of CryptBot," thereby kneecapping the spread of new infections.

In the company's first-quarter earnings results (PDF) on Wednesday, Intel reported a 133% annual reduction in earnings per share. "Revenue dropped nearly 36% year over year to $11.7 billion," adds CNBC. From the report: In the first quarter, Intel swung to a net loss of $2.8 billion, or 66 cents per share, from a net profit of $8.1 billion, or $1.98 per share, last year. Excluding the impact of inventory restructuring, a recent change to employee stock options and other acquisition-related charges, Intel said it lost 4 cents a share, which was a narrower loss than analyst had expected. Revenue decreased to $11.7 billion from $18.4 billion a year ago.

It's the fifth consecutive quarter of falling sales for the semiconductor giant and the second consecutive quarter of losses. It's also Intel's largest quarterly loss of all time, beating out the fourth quarter of 2017, when it lost $687 million. Intel hopes that by 2026 that it can manufacture chips as advanced as those made by TSMC in Taiwan, and it can compete for custom work like Apple's A-series chips in iPhones. Intel said on Thursday it was still on track to hit that goal.

Intel's Client Computing group, which includes the chips that power the majority of desktop and laptop Windows PCs, reported $5.8 billion in revenue, down 38% on an annual basis. Intel's server chip division, under its Data Center and AI segment suffered an even worse decline, falling 39% to $3.7 billion. Its smallest full line of business, Network and Edge, posted $1.5 billion in sales, down 30% from the same time last year. One bright spot was Mobileye, which went public last year but is still controlled by Intel. Mobileye makes systems and software for self-driving cars, and reported 16% sales growth to $458 million.

Microsoft will no longer manufacture mice, keyboards, and webcams that are Microsoft-branded. Instead, Microsoft is now focusing on its Surface-branded PC accessories, which include mice, keyboards, pens, and more. From a report: It brings an end to the legacy of Microsoft-branded PC hardware after the company first launched its first mouse in 1983 and bundled it with Microsoft Word and Notepad. "Going forward, we are focusing on our Windows PC accessories portfolio under the Surface brand," says Dan Laycock, senior communications manager at Microsoft, in a statement to The Verge. "We will continue to offer a range of Surface branded PC Accessories -- including mice, keyboards, pens, docks, adaptive accessories, and more. Existing Microsoft branded PC accessories like mice, keyboards, and webcams will continue to be sold in existing markets at existing sell-in prices while supplies last."

In early April with the start of previews for "Windows Frontline" -- a service that provides a single license for frontline employees to use up to three Cloud PCs, Microsoft floated the idea that businesses should buy fewer PCs. The Register reports: The "Frontline" name hints at its purpose: Microsoft thinks this license will benefit organizations that employ shift workers in roles like customer support or healthcare. Microsoft imagines shift workers will log on for eight hours, then the next worker on duty will do likewise, and advances this as a fairer way to charge than assuming cloud PCs are used 24x7. To burnish that argument, Microsoft's launch material for Windows Frontline included research (PDF) by tech sustainability consultancy Px3 that tries to answer the question "Can modern work applications and endpoints abate end user computing greenhouse gas emissions and drive climate action?" The answer is "Yes," when one considers cloudy PCs to be "modern endpoints."

The research reaches that conclusion with analysis of the energy consumption of desktop computers, laptops, tablets, and thin clients, compared to the impact of running a Cloud PC. The research also considers bring your own PC plans that see business fund the acquisition of PCs that their staff use for personal and employment purposes, meaning fewer devices need to be summoned into existence and fewer resources are consumed because users operate one machine instead of two. Px3 instead imagines that end users and their sole device to access a Windows365 Cloud PC when they're on the clock. Doing so would mean corporate PC replacement cycles could stretch to eight years!

Readers will not be surprised that the research found the combination of Windows365 and a bring your own PC plan has significantly lower environmental impact and is therefore a jolly good idea. The research's concluding paragraph states "it is reasonable to state that modern work applications and endpoint computers not only abate GHG emissions, they are perhaps critical to securing a sustainable future." That's perhaps a little overblown but the point is made: slowing consumption is a good idea and it's now possible to turn down the speed of the PC upgrade treadmill.

Microsoft is heading further down the path of advertising its own services in Windows 11, with different ads now popping up in the Start menu. From a report: To be precise, this is Windows 11 preview build 23435, which was just released to the Dev channel. As Microsoft puts it: "We are continuing the exploration of badging on the Start menu with several new treatments for users logging in with local user accounts to highlight the benefits of signing in with a Microsoft account (MSA)." So, the translation of this is that 'badging' is essentially advertising ('badgering' would perhaps be more accurate), and it's something we've recently seen with Windows 11 urging users to perform a cloud backup (in OneDrive).

In this new preview build, the prodding stick is being employed to nudge those who haven't enlisted for a Microsoft Account (who remain using a local account) into signing up for an MSA. Compared to the previous cloud backup prompt on the Start menu, it's even clearer that this is advertising because it's fully selling the benefits of having a Microsoft account. For example, Microsoft tells you how hooking your Windows 11 installation into an MSA will ensure that your PC is kept backed up and more secure, or that it'll keep your settings synced across multiple devices.

Bleeping Computer warned this week about compromised web sites "that display fake Google Chrome automatic update errors that distribute malware to unaware visitors." The campaign has been underway since November 2022, and according to NTT's security analyst Rintaro Koike, it shifted up a gear after February 2023, expanding its targeting scope to cover users who speak Japanese, Korean, and Spanish. BleepingComputer has found numerous sites hacked in this malware distribution campaign, including adult sites, blogs, news sites, and online stores...

If a targeted visitor browses the site, the scripts will display a fake Google Chrome error screen stating that an automatic update that is required to continue browsing the site failed to install. "An error occurred in Chrome automatic update. Please install the update package manually later, or wait for the next automatic update," reads the fake Chrome error message. The scripts will then automatically download a ZIP file called 'release.zip' that is disguised as a Chrome update the user should install.

However, this ZIP file contains a Monero miner that will utilize the device's CPU resources to mine cryptocurrency for the threat actors. Upon launch, the malware copies itself to C:\Program Files\Google\Chrome as "updater.exe" and then launches a legitimate executable to perform process injection and run straight from memory. According to VirusTotal, the malware uses the "BYOVD" (bring your own vulnerable driver) technique to exploit a vulnerability in the legitimate WinRing0x64.sys to gain SYSTEM privileges on the device.

The miner persists by adding scheduled tasks and performing Registry modifications while excluding itself from Windows Defender. Additionally, it stops Windows Update and disrupts the communication of security products with their servers by modifying the IP addresses of the latter in the HOSTS file. This hinders updates and threat detection and may even disable an AV altogether.

The stock market, real estate and cryptocurrencies did poorly in 2022, but the global luxury goods market grew 20 percent. People may have had less, but they spent more on fine arts and collectibles that serve no function except to provide pleasure. From a report: The culture is bursting with new material -- every day, thousands of new books are published and 100,000 new songs are released on Spotify -- but the old stuff offers a sweeter emotional payoff for many. It could be tapes or posters or pictures or comics or coins or sports cards or memorabilia. It might be from their childhood or the childhood they never had, or it might merely express a longing to be anywhere but 2023. The common element is this: People like to own a thing from a thing they love. For Mr. Carlson and millions like him, the nostalgia factory is working overtime.

When Mr. Carlson first began to look for sealed VHS cassettes, they were considered so much plastic trash. "Back to the Future," "The Goonies," "Blade Runner," were about $20 each on eBay. He put them on a shelf, little windows into his past, and started an Instagram account called Rare and Sealed. Then tapes began to get scarcer and much more expensive. People trapped at home had lots of money to spend during the pandemic. But it was more than that. Objects with a bit of history have an obvious attraction in a high-tech world. The current cultural tumult, with its boom in fake images, endless arguments over everything and now the debut of imperious A.I. chatbots, increases the appeal of things that can't be plugged in. At the same time, advances in technology mean it is ever easier to buy expensive things online. Bids at auctions routinely reach tens, even hundreds, of thousands of dollars.

Andrew Cunningham writes via Ars Technica: Microsoft is aware of the problems running Windows on the Steam Deck and other similar handheld Windows PCs, and at least some developers inside the company have spent time thinking of ways to address them. That's the thrust of a leaked presentation (posted in two parts by Twitter user _h0x0d_) about a new "Handheld Mode" for Windows, developed as part of an internal Microsoft hackathon in September 2022.

As presented, Handheld Mode includes several components: a new first-time setup screen that simplifies driver installation and setup; an improved touchscreen keyboard that fits better on a 7-inch screen and can be controlled Xbox-style with the built-in buttons and joysticks; a simplified Nintendo Switch-esque game launcher; and improved OS-wide controller support thanks to the open source Steamdeck Windows Controller Driver (SWICD) project. The presentation also calls for other changes to Windows' default behaviors, like always opening apps in full-screen mode when in Handheld Mode, better UI scaling for small screens, and "mapping of controls to common Windows functions."

An anonymous reader writes: Windows users don't like it when Microsoft changes long-used and familiar functions in its OS, so altering something that's been the same for 28 years is always going to bring controversy. Nevertheless, it seems that the Redmond firm is planning on changing the Print Screen button into a key that opens the Windows 11 Snipping Tool. The Print Screen button has performed the same function in the Windows operating system since Windows 95: taking a screenshot of the current screen and copying it to the clipboard, usually so it can be edited in another program. But Windows Latest discovered that Microsoft is changing the default function of the Print Screen key in Windows 11. In the Windows 11 Beta preview builds 22621.1546 and 22624.1546, hitting the key will open the Windows Snipping Tool, Windows' built-in screenshotting tool that's currently accessed by pressing the Windows logo Key + Shift + S.

An anonymous reader shares a report: Firefox has a reputation of being something of a resource hog, even among modern browsers. But it might not be entirely earned, because it looks like a CPU bug affecting Firefox users on Windows was actually the fault of Windows Defender. The latest update to the ubiquitous security tool addresses the issue, and should result in measurably lower CPU usage for the Windows version of Firefox. According to Mozilla senior software engineer Yannis Juglaret, the culprit was MsMpEng.exe, which you might recognize from your Task Manager. It handles the Real-Time protection feature that monitors web activity for malicious threats.

The bug was causing Firefox to call on the service much more frequently than comparable browsers like Chrome or Edge, resulting in notable CPU spikes. Said CPU spikes could reduce performance in other applications or affect a laptop's battery life. The issue was first reported on Mozilla's bug tracker system way back in 2018 and quickly assigned to the MsMpEng service, but some more recent and diligent documentation on the part of Juglaret resulted in more swift action from Microsoft's developers.

A filmmaker walks us through the reasons behind the 'dark cinematography' that's causing so many complaints. From a report: Take, for instance, Wes Craven's 1996 horror classic Scream -- a film often remarked on for just how lit everything in it is at all times. An early scene depicts protagonist Sidney Prescott embracing her boyfriend Billy Loomis in the wake of a terrifying home invasion and her near-death at the hands of a masked killer. After Sidney throws her arms around Billy, Craven cuts to a tight close-up on Billy's face, which is illuminated by a harsh, ominous, icy-cool light that telegraphs his sinister intentions. But where is that light coming from? The bedroom they're in has no lamps switched on. Could it be the moon? Hard to justify, as the only windows in the space are behind Billy, and the light we're staring at is so much brighter and closer than the moon could ever be. So what on Earth is that light?

The answer is, simply enough, nothing. Craven often didn't feel any real need to rationalize why a bright light would suddenly appear one second before disappearing again in the following shot. It's a purely stylistic choice, employed for that one moment to cast doubt on Billy's trustworthiness in the audience's mind. Itâ(TM)s an extremely stagey choice that fits neatly within the larger series' heightened, melodramatic style. Scream wouldn't really be Scream without it. The hyper-lit style was a staple of cinematography in American films during the '90s, and like all trends, it eventually fell out of fashion -- in this case, a few years after Scream hit theaters. The 2000s saw filmmakers embracing more directional, shadowy lighting styles, evoking a grittier, more "grounded" aesthetic while retaining a sense of classic Hollywood polish. The 2010s featured another huge shift in style, this time toward hyper-naturalism. Even broad, big-budget blockbusters like Harry Potter and the Deathly Hallows -- Part 1 embraced a look torn straight from indie cinema. Not only are the lights in that film always motivated, they're realistic. Where earlier films might have used the presence of the moon or a table lamp to justify much brighter lighting, movies like Deathly Hallows, Interstellar, and Dawn of the Planet of the Apes let the light of a lamp simply look like a lamp.

While Chrome 112 just shipped this week and Chrome 113 only in beta, there is already a big reason to look forward to that next Chrome web browser release: Google is finally ready to ship WebGPU support. From a report: WebGPU provides the next-generation high performance 3D graphics API for the web. With next month's Chrome 113 stable release, the plan is to have WebGPU available out-of-the-box for this new web graphics API. Though in that version Google is limiting it to ChromeOS, macOS, and Windows... Yes, Google says other platforms like Linux will see their roll-out later in the year. The WebGPU API is more akin to Direct3D 12, Vulkan, and Metal compared with the existing WebGL being derived from OpenGL (ES). From Google's blog post: WebGPU is a new API for the web, which exposes modern hardware capabilities and allows rendering and computation operations on a GPU, similar to Direct3D 12, Metal, and Vulkan. Unlike the WebGL family of APIs, WebGPU offers access to more advanced GPU features and provides first-class support for general computations on the GPU. The API is designed with the web platform in mind, featuring an idiomatic JavaScript API, integration with promises, support for importing videos, and a polished developer experience with great error messages.

This initial release of WebGPU serves as a building block for future updates and enhancements. The API will offer more advanced graphics features, and developers are encouraged to send requests for additional features. The Chrome team also plans to provide deeper access to shader cores for even more machine learning optimizations and additional ergonomics in WGSL, the WebGPU Shading Language.

eFile.com, an IRS-authorized e-file software service provider used by many for filing their tax returns, has been caught serving JavaScript malware. BleepingComputer reports: eFile.com was caught serving malware, as spotted by multiple users and researchers. The malicious JavaScript file in question is called 'popper.js'. The development comes at a crucial time when U.S. taxpayers are wrapping up their IRS tax returns before the April 18th due date. BleepingComputer can confirm, the malicious JavaScript file 'popper.js' was being loaded by almost every page of eFile.com, at least up until April 1st. As of today, the file is no longer seen serving the malicious code.

On March 17th, a Reddit thread surfaced where multiple eFile.com users suspected the website was "hijacked." At the time, the website showed an SSL error message that, some suspected, was fake and indicative of a hack. Turns out that's indeed the case. [...] The malicious JavaScript file 'update.js', further attempts to prompt users to download next stage payload, depending on whether they are using Chrome [update.exe - VirusTotal] or Firefox [installer.exe - VirusTotal]. Antivirus products have already started flagging these executables as trojans.

BleepingComputer has independently confirmed these binaries establish a connection to a Tokyo-based IP address, 47.245.6.91, that appears to be hosted with Alibaba. The same IP also hosts the illicit domain, infoamanewonliag[.]online associated with this incident. Security research group, MalwareHunterTeam further analyzed these binaries, and stated that these contain Windows botnets written in PHP -- a fact that the research group mocked. Additionally, the group called out eFile.com for leaving the malicious code on its website for weeks: "So, the website of [efile.com]... got compromised at least around middle of March & still not cleaned," writes MalwareHunterTeam.