OpenAI Blocks 20 Global Malicious Campaigns Using AI for Cybercrime and Disinformation

October 10, 2024 at 09:33AM OpenAI reported disrupting over 20 malicious operations this year, targeting deceptive use of its platform, including malware and social media manipulation. Notably, cyber operations involved groups from China and Iran attempting to exploit AI for harmful activities, while emphasizing that significant breakthroughs in malware development were not evident. ### Meeting … Read more

AI-Powered Cybercrime Cartels on the Rise in Asia

October 9, 2024 at 09:07PM AI-powered cyberattacks, especially involving deepfakes, are surging in the Asia-Pacific, with a 600% increase in deepfake mentions reported by UNODC. Cybercriminals leverage generative AI for phishing, misinformation, and sophisticated scams. Socioeconomic issues exacerbate the vulnerability in the region, necessitating international collaboration to combat these threats effectively. ### Meeting Takeaways 1. … Read more

N. Korean Hackers Use Fake Interviews to Infect Developers with Cross-Platform Malware

October 9, 2024 at 10:42AM North Korean threat actors are targeting tech job seekers with malware through a campaign called “Contagious Interview.” The group poses as employers, enticing victims to download malicious applications like BeaverTail and InvisibleFerret, designed to steal sensitive data. This ongoing threat highlights financial motivations behind their cyber activities. **Meeting Notes Takeaways … Read more

Microsoft Detects Growing Use of File Hosting Services in Business Email Compromise Attacks

October 9, 2024 at 01:03AM Microsoft warns of cyber attack campaigns exploiting file hosting services like SharePoint and OneDrive. These attacks aim to compromise identities and conduct business email compromise (BEC) fraud. Phishing tactics include using view-only files requiring OTP authentication, leading to credential theft through adversary-in-the-middle (AitM) phishing pages. ### Meeting Takeaways – Oct … Read more

Gamers Tricked Into Downloading Lua-Based Malware via Fake Cheating Script Engines

October 8, 2024 at 01:15PM Users searching for game cheats are lured into downloading Lua-based malware, with a focus on gaming engine supplements. The malware establishes persistence on infected systems, delivering additional payloads. Techniques include GitHub exploitation, targeting gaming communities worldwide. Researchers emphasize a shift to obfuscated Lua scripts as a means of evading detection. … Read more

Hackers breach European air-gapped govt systems with custom malware

October 8, 2024 at 11:56AM The APT hacking group GoldenJackal breached air-gapped government systems in Europe using custom toolsets to steal sensitive data, including emails, encryption keys, and documents. The attacks occurred at least twice, targeting government and diplomatic entities for espionage. GoldenJackal also developed a new modular toolset to optimize covert operations. Multiple tools … Read more

GoldenJackal Target Embassies and Air-Gapped Systems Using Malware Toolsets

October 8, 2024 at 06:07AM GoldenJackal, a little-known threat actor, has been linked to cyber attacks on embassies and governmental organizations. They aim to infiltrate air-gapped systems using bespoke toolsets. The attacks targeted a South Asian embassy in Belarus and a European Union government organization. The group has displayed advanced capabilities, using multiple malware families … Read more

Ukrainian pleads guilty to operating Raccoon Stealer malware

October 7, 2024 at 05:17PM Mark Sokolovsky has pleaded guilty to his involvement in the Raccoon Stealer malware cybercrime. He distributed the malware under a MaaS model, allowing users to rent it for weekly or monthly fees. Sokolovsky was arrested in the Netherlands in March 2022, and the FBI dismantled the malware’s infrastructure in a … Read more

DPRK’s APT37 Targets Cambodia With Khmer, ‘VeilShell’ Backdoor

October 3, 2024 at 09:03PM APT37, a North Korean state-sponsored threat actor, has targeted Cambodian organizations with a new campaign called “Shrouded#Sleep.” Through spreading malicious emails related to Cambodian affairs in the Khmer language, APT37 introduces a backdoor called “VeilShell” disguised as shortcut files in an infection routine. This campaign demonstrates sophisticated persistence and stealth … Read more

FIN7 hackers launch deepfake nude “generator” sites to spread malware

October 2, 2024 at 04:05PM FIN7, a notorious APT hacking group, has launched fake AI-powered deepnude generator sites to spread malware. This Russian group is known for financial fraud and social engineering attacks. The network of fake deepnude sites lures in users with promises of generating explicit images, but actually spreads information-stealing malware. Other campaigns … Read more