Menu

Blog

Archive for the ‘cybercrime/malcode’ category: Page 25

Nov 10, 2023

BlueNoroff hackers backdoor Macs with new ObjCShellz malware

Posted by in categories: cryptocurrencies, cybercrime/malcode, finance

The North Korean-backed BlueNorOff threat group targets Apple customers with new macOS malware tracked as ObjCShellz that can open remote shells on compromised devices.

BlueNorOff is a financially motivated hacking group known for attacking cryptocurrency exchanges and financial organizations such as venture capital firms and banks worldwide.

The malicious payload observed by Jamf malware analysts (labeled ProcessRequest) communicates with the swissborg[.]blog, an attacker-controlled domain registered on May 31 and hosted at 104.168.214[.]151 (an IP address part of BlueNorOff infrastructure).

Nov 10, 2023

OpenAI blames DDoS attack for ongoing ChatGPT outage

Posted by in categories: cybercrime/malcode, robotics/AI

OpenAI has confirmed that a distributed denial-of-service (DDoS) attack is behind “periodic outages” affecting ChatGPT and its developer tools.

ChatGPT, OpenAI’s AI-powered chatbot, has been experiencing sporadic outages for the past 24 hours. Users who attempted to access the service have been greeted with a message stating that “ChatGPT is at capacity right now,” and others, including TechCrunch, have been unable to log into the service.

OpenAI CEO Sam Altman initially blamed the issue on interest in the platform’s new features, unveiled at the company’s first developer conference on Monday, “far outpacing our expectations.” OpenAI said the issue was fixed at approximately 1 p.m. PST on November 8.

Nov 9, 2023

N. Korea’s BlueNoroff Blamed for Hacking macOS Machines with ObjCShellz Malware

Posted by in categories: blockchains, cybercrime/malcode

The development arrives days after Elastic Security Labs disclosed the Lazarus Group’s use of a new macOS malware called KANDYKORN to target blockchain engineers.

Also linked to the threat actor is a macOS malware referred to as RustBucket, an AppleScript-based backdoor that’s designed to retrieve a second-stage payload from an attacker-controlled server.

In these attacks, prospective targets are lured under the pretext of offering them investment advice or a job, only to kick-start the infection chain by means of a decoy document.

Nov 9, 2023

Fake everything: how machine learning is being used to fight back against disinformation campaigns

Posted by in categories: cybercrime/malcode, food, internet, robotics/AI, sustainability

Another good use for AI. Fighting disinformation.


About 60% of adults in the US who get their news through social media have, largely unknowingly, shared false information, according to a poll by the Pew Research Center. The ease at which disinformation is spread and the severity of consequences it brings — from election hacking to character assassination — make it an issue of grave concern for us all.

Continue reading “Fake everything: how machine learning is being used to fight back against disinformation campaigns” »

Nov 5, 2023

Chatbots are so gullible, they’ll take directions from hackers

Posted by in categories: cybercrime/malcode, robotics/AI

‘Prompt injection’ attacks haven’t caused giant problems yet. But it’s a matter of time, researchers say.

Imagine a chatbot is applying for a job as your personal assistant. The pros: This chatbot is powered by a cutting-edge large language model. It can write your emails, search your files, summarize websites and converse with you.

The con: It will take orders from absolutely anyone.

Continue reading “Chatbots are so gullible, they’ll take directions from hackers” »

Nov 5, 2023

WormGPT: Dark web’s new AI weapon for cyberattacks

Posted by in categories: business, cybercrime/malcode, robotics/AI

Hackers are using WormGPT, a rogue AI tool, to write phishing emails and malware.

Cybersecurity experts have warned that a new generative AI tool called WormGPT, which is being sold on the dark web, poses a serious threat to businesses and individuals.


IStock/BrianAJackson.

Continue reading “WormGPT: Dark web’s new AI weapon for cyberattacks” »

Nov 4, 2023

StripedFly Malware Operated Unnoticed for 5 Years, Infecting 1 Million Devices

Posted by in category: cybercrime/malcode

StripedFly, a stealthy malware posing as a crypto miner, has infected over a million devices worldwide and has flown under the radar for 5 years.

Nov 4, 2023

How a tiny Pacific Island became the global capital of cybercrime

Posted by in categories: cybercrime/malcode, internet

Up until that moment, Tokelau, formally a territory of New Zealand, didn’t even know it had been assigned a ccTLD. “We discovered the.tk,” remembered Aukusitino Vitale, who at the time was general manager of Teletok, Tokelau’s sole telecom operator.

Zuurbier said “that he would pay Tokelau a certain amount of money and that Tokelau would allow the domain for his use,” remembers Vitale. It was all a bit of a surprise—but striking a deal with Zuurbier felt like a win-win for Tokelau, which lacked the resources to run its own domain. In the model pioneered by Zuurbier and his company, now named Freenom, users could register a free domain name for a year, in exchange for having advertisements hosted on their websites. If they wanted to get rid of ads, or to keep their website active in the long term, they could pay a fee.

In the succeeding years, tiny Tokelau became an unlikely internet giant—but not in the way it may have hoped. Until recently, its.tk domain had more users than any other country’s: a staggering 25 million. But there has been and still is only one website actually from Tokelau that is registered with the domain: the page for Teletok. Nearly all the others that have used.tk have been spammers, phishers, and cybercriminals.

Nov 3, 2023

Hackers Are Taking Over Starlink Accounts, Ordering Thousands In Equipment

Posted by in categories: cybercrime/malcode, mobile phones

Imagine this scenario: It’s early Saturday morning, you just woke up, and are trying to check the news on your phone while enjoying a cup of coffee. You notice your phone isn’t connected to the internet for some reason. You check the Starlink app for a system status, and it’s offline. Attempts to create a support ticket are unsuccessful, your Starlink account credentials aren’t being accepted. The bank calls a few moments later. They’ve frozen your credit card due to fraud. You listen, stunned, as they explain that someone has ordered over $6,000 worth of Starlink equipment in the last 24 hours.

No internet service, thousands of dollars stolen, and no help from Starlink. This is an increasingly common situation faced by Starlink customers. Hackers are gaining access to unsuspecting Starlink accounts, and using the payment information on file to order thousands in equipment. Later, they will resell the equipment on 3rd party marketplaces like Amazon, eBay, and Facebook Marketplace. In this article, I’ll explain what’s going on, how to protect yourself, and what Starlink needs to do to prevent more accounts from being hacked.

Table of Contents.

Nov 2, 2023

Saudi Aramco CEO Warns of New Threat of Generative AI

Posted by in categories: cybercrime/malcode, robotics/AI

The world’s largest oil company issued a warning this week that the energy sector is vulnerable to attacks, particularly with the advent of new technologies such as generative AI.

Amin H. Nasser, CEO of Saudi Aramco, told the Global Cybersecurity Forum that the energy sector is an attractive target to those who want to do harm. “Any large-scale disruption to the steady supply of energy would have an immediate and significant impact around the world,” he said.

According to local media reports, Nasser said new technologies, such as generative AI, are game changers for many industries but must be assessed to identify how they may pose new threats, and any vulnerabilities must be addressed before being fully deployed.

Page 25 of 215First2223242526272829Last