In an underworld fueled by infamy and money that leaves a trail of human misery in its wake, the unbound collective colloquially known as Scattered Spider deviates from many norms in cybercrime.

The cunning threat group composed of young, native English-speaking people lacks cohesion, is rife with infighting and doesn’t have a data leak site, which many financially motivated cybercriminals use to claim responsibility for alleged victims and ramp up pressure to pay extortion demands. 

Scattered Spider’s preferred methods of intrusion — social engineering and phishing — makes it difficult for most threat hunters to attribute attacks to the collective with confidence. The cybercrime outfit doesn’t leave the types of fingerprints behind that researchers typically track, and as a result there’s considerable discrepancies and uncertainty across the industry with respect to what Scattered Spider is, how it determines targets and which companies it has attacked.

As Scattered Spider has risen the ranks of cybercrime — most recently suspected of attacking Marks & Spencer in the United Kingdom, United Natural Foods, WestJet and Hawaiian Airlines — researchers have been mapping clues about the organization and how it operates.

Following a brief hiatus starting last summer, Scattered Spider regrouped earlier this year and has hit dozens of companies in the retail, insurance and aviation industries. The group first gained notoriety for attacks on MGM Resorts and Caesars Entertainment in 2023.

Scattered Spider has infiltrated more than 100 businesses since 2022, hitting organizations in hospitality and gaming, manufacturing, technology and cloud services, telecommunications, retail, manufacturing, food production, insurance and financial services, media, apparel, business process outsourcing, health care, transportation and aviation, according to researchers.

The group’s total take on extortion demands exceeds $66 million, the cybersecurity firm Halcyon told CyberScoop, but it’s likely collected much more. “I’ve had clients pay them eight figures,” said Charles Carmakal, chief technology officer at Mandiant Consulting, which tracks the group as UNC3944.

Scattered Spider doesn’t always encrypt data or systems, but when it does the group has used multiple ransomware variants, including Akira, AlphV, Play, Qilin, RansomHub and most recently DragonForce, researchers said.

Cynthia Kaiser, senior vice president of Halcyon’s ransomware research center, describes Scattered Spider as a “decentralized but tightly aligned group” with a clear division of roles and responsibilities. This includes a small band of two to four senior operators and leaders who function as project managers, coordinating with initial access brokers, ransomware affiliates and negotiators.

“Meanwhile, you have newcomers and junior affiliates, and they’re conducting all those lower-tier operations to prove themselves, trying to test detection thresholds,” said Kaiser, former deputy assistant director of the FBI’s cyber policy, intelligence and engagement branch. 

Researchers wobble on the number of people involved with Scattered Spider because of this tiered structure. The inner circle is tight, followed by dozens of others and then a larger pool of people who filter in and out of the group to facilitate operations, incident response specialists told CyberScoop.

Scattered Spider is an offshoot of The Com, a much larger grassroots network of more than 1,000 people responsible for a vast catalog of crimes, including social engineering, crypto theft, phishing, SIM swapping, extortion, sextortion, swatting, kidnapping and murder. 

While the volume and intensity of attacks linked to Scattered Spider following its resurgence might appear extraordinary, the group’s tempo of activity was much higher in previous years, according to Carmakal. 

Many Scattered Spider victims have disclosed attacks over the years, but they were never formally attributed to the cybercrime collective. 

“It is notable again because we are paying more attention to this group,” Carmakal said. “Now we talk about them and people care about them because they’ve seen the kinetic outcomes of their cyberattacks. That’s the difference.”

Social engineering the help desk

Another change involves the group’s tactics. While Scattered Spider’s early hits in 2022 and 2023 were the result of social-engineering attacks, the group transitioned to domain-based phishing through much of 2024 before activity went dormant last summer. The group’s revival this year marks a throwback in tactics, as it has relied exclusively once again on social engineering as an initial access vector.

“Come March, when they basically abandoned all their phishing pages, they threw out all of the playbooks they’ve been using and they went back to their very original playbooks,” said Zach Edwards, threat researcher at Silent Push.

Scattered Spider has mostly intruded companies’ networks over the past few months by socially engineering help-desk employees. This includes requests for password resets, removing phone numbers from multifactor authentication solutions to enroll new devices, or adding a phone number to an account to issue a self-service password reset. 

“Once Scattered Spider calls the help desk and gets on the phone with them, there’s a clock ticking, and the help desk has only so much time to close that ticket in order to hit their metrics,” said Adam Meyers, senior video president of counter adversary operations at CrowdStrike. 

“They’re taking advantage of the fact that these help desks validate the authenticity of the person simply by checking whatever the criteria is that they’ve been given,” he said.

These callers have been very successful without much effort, according to Chris Yule, director of threat research at Sophos Counter Threat Unit. “In some cases, if not many cases, they are not getting very much pushback at all or any resistance they’re having to overcome.”

There’s a debate among threat researchers about the extent to which Scattered Spider is purposely targeting single industries before pivoting to new sectors, or merely going after help-desk outsourcing firms, which happen to have a lot of customers in a specific vertical.

Researchers at Halcyon said recent attacks against U.K. retailers and U.S.-based insurance companies likely originated, at least in part, from Scattered Spider’s compromise of business process outsourcing providers. 

Carmakal doesn’t think Scattered Spider is methodically targeting outsourced IT help desks in particular and cautioned people against concluding that any particular help-desk provider is the source of a compromise.

Mandiant defines patterns of attribution

Mandiant, which has provided incident response services to many Scattered Spider victims, has repeatedly offered early warnings of patterns of attacks in a given industry, including a shift to U.S.-based retailers, and more recently the insurance industry and North American airlines. Each of those ominous warnings were proven out days or weeks later as attack sprees came to light across those sectors.

When Mandiant says Scattered Spider is targeting a specific sector, from an investigative perspective, the attacks follow the same attacker playbook. “It’s how they’re getting access to credentials. It’s what they’re doing immediately when they have credentials. It’s how they’re using credentials on domain controllers in a very unique way. It’s the tooling that they’re using. It’s the re-use of the infrastructure,” Carmakal said. 

“There’s a lot of patterns that allow us to predict what they’re going to do over the next few days and weeks, and those patterns and predictability could change at any point in time. They’re a very capable group,” he continued. “I see patterns in the totality of the incident. It can’t just be a pattern in the social engineering and the telephone call.”

Scattered Spider isn’t the only cybercrime ring using social engineering or attacking organizations in sectors known to be targeted by the group. Yet, Scattered Spider often gets unsubstantiated credit for activities beyond its purview.

Other threat groups such as UNC6040, which is also affiliated with the Com, have attacked companies in the same sectors via social engineering. Google Threat Intelligence Group attributed at least 20 intrusions to UNC6040 as of last month. 

“Activity involving a social engineering of the help desk might look and feel like Scattered Spider,” but some industry observers are prematurely drawing attribution conclusions, Carmakal said.

Web of destruction drifts in the wind

Scattered Spider’s web of destruction persists and continues to catch more victims because its techniques and specialization in targeting the cloud and identity works across all sectors. 

“They’re targeting the weakest link in the security chain, which is the human,” Meyers said. “They’re very fast and, once they gain access, you have oftentimes well under 48, even 24, hours to find them and eradicate them from your infrastructure before they’re able to run an encryption. So, speed is a killer.

“Unless somebody takes them off the field, they’re gonna keep doing what they’re doing,” he added. “There’s no reason not to.”

Edwards noted that social engineering attacks have been successful since the dawn of the telephone. “Voice as confirmation is a fabulous way to get around security, where if you know the little keyphrases to use — the slang, the lingo — it’s voice of trust,” he said.

“If you call, you know the right things to say, you know what they’re going to ask, and you have answers ready,” Edwards added. “It’s an incredibly effective way to basically gain trust from someone and then get them to do something they normally wouldn’t do.”

The post Scattered Spider weaves web of social-engineered destruction appeared first on CyberScoop.

from CyberScoop https://ift.tt/knAsQuD
via IFTTT

Multiple critical infrastructure sectors were hit last year during an attack spree in France via a trio of zero-day vulnerabilities affecting Ivanti Cloud Service Appliance devices, the country’s cybersecurity agency said in a report released Tuesday.

Government agencies and organizations in the telecommunications, media, finance and transportation industries were impacted by widespread zero-day exploits of CVE-2024-8190, CVE-2024-8963 and CVE-2024-9380 from early September to late November 2024, according to the French National Agency for the Security of Information Systems.

French authorities attribute the attacks to UNC5174, a former member of Chinese hacktivist collectives likely working as a contractor for China’s Ministry of State Security, according to Mandiant. The attacker, believed to use the persona “Uteus,” previously exploited edge device vulnerabilities in ConnectWise ScreenConnect, F5 BIG-IP, Atlassian Confluence, the Linus kernel and Zyxel firewalls.

Authorities in France concluded UNC5174 used a unique intrusion set it dubbed “Houken,” which used zero-day vulnerabilities, a sophisticated rootkit, various open-source tools, commercial VPNs and dedicated servers. Officials said Houken and UNC5174 are likely operated by the same threat actor, an initial access broker that also steals credentials and deploys mechanisms to achieve persistent access to victim networks.

“Though already documented for its opportunistic exploitation of vulnerabilities on edge devices, the use of zero-days by a threat actor linked to UNC5174 is new,” France’s cybersecurity agency said in the report. “The operators behind the UNC5174 and Houken intrusion sets are likely primarily looking for valuable initial accesses to sell to a state-linked actor seeking insightful intelligence.”

The Cybersecurity and Infrastructure Security Agency issued an advisory in January warning that threat actors chained the three Ivanti zero-days to gain initial access, conduct remote code execution, obtain credentials and implant webshells on victim networks. 

Sysdig researchers in April said they observed the China state-sponsored hacking group, UNC5174, using open-source offensive security tools, such as VShell and WebSockets, to blend in with more common cybercriminal activity. 

Multiple attackers, including China-linked espionage groups, have repeatedly exploited a long run of vulnerabilities in Ivanti products. Ivanti is a repeat offender, shipping software with a high number of vulnerabilities — more than any other vendor in this space since the start of last year — across at least 10 different product lines since 2021.

CISA’s known exploited vulnerabilities catalog contains 30 Ivanti defects in the past four years, and attackers have exploited seven vulnerabilities in Ivanti products so far this year, according to cyber authorities.

Ivanti wasn’t immediately available to comment on the French authorities’ report.

The post China-linked attacker hit France’s critical infrastructure via trio of Ivanti zero-days last year appeared first on CyberScoop.

from CyberScoop https://ift.tt/9JbFwkB
via IFTTT

Federal authorities levied sanctions Tuesday on Aeza Group, a bulletproof hosting service provider based in Russia, for allegedly supporting a broad swath of ransomware, malware and infostealer operators.

Aeza Group has provided servers and specialized infrastructure to the Meduza, RedLine and Lumma infostealer operators, BianLian ransomware and BlackSprut, a Russian marketplace for illicit drugs, according to the Treasury Department’s Office of Foreign Assets Control. Lumma infected about 10 million systems before it was dismantled through a coordinated global takedown in May.

The Treasury Department’s action against Aeza Group follows a wave of cybercrime crackdowns across the globe. Prolific cybercriminals have been arrested, and infostealers, malware loaders, counter antivirus and crypting services, cybercrime marketplaces, ransomware infrastructure and DDoS-for-hire operations have all been seized, taken offline or severely disrupted by global coordinated campaigns since May.

Officials accused Aeza Group of helping cybercriminals target U.S. defense companies and technology vendors.

“Cybercriminals continue to rely heavily on bulletproof hosting service providers like Aeza Group to facilitate disruptive ransomware attacks, steal U.S. technology and sell black-market drugs,” Bradley T. Smith, the Treasury Department’s acting under secretary for terrorism and financial intelligence, said in a statement. 

The Treasury Department sanctioned four people for their involvement in Aeza Group, including two part owners — Asenii Aleksandrovich Penzev and Yurii Meruzhanovich Bozoyan — who were previously arrested by Russian law enforcement for their alleged involvement in BlackSprut, authorities said. Igor Anatolyevich Knyazev, another part owner of Aeza Group, and Vladimir Vyacheslavovich Gast were also sanctioned for their leadership positions in the criminal enterprise.

Authorities also imposed sanctions on Aeza Group-affiliated companies, including United Kingdom-based Aeza International and Russia-based subsidiaries Aeza Logistic and Cloud Solutions. 

The sanctions imposed on Aeza Group and its leaders were a follow-on effort, marking a continuation of February’s globally coordinated sanctions against Zservers, a Russia-based bulletproof hosting provider that allegedly supported the LockBit ransomware-as-a-service group.

“Treasury, in close coordination with the U.K. and our other international partners, remains resolved to expose the critical nodes, infrastructure, and individuals that underpin this criminal ecosystem,” Smith said.

The post US sanctions bulletproof hosting provider for supporting ransomware, infostealer operations appeared first on CyberScoop.

from CyberScoop https://ift.tt/t3fzu8H
via IFTTT

The aviation industry has seemingly become the latest target of Scattered Spider, a sophisticated cybercriminal group that has shifted its focus from retail and insurance companies to airlines in what cybersecurity experts describe as a coordinated campaign against the sector.

Hawaiian Airlines disclosed a cybersecurity incident Friday affecting some of its IT systems while maintaining that flights continued operating safely and on schedule. The attack, first detected June 23, according to SEC filings, prompted the airline to engage federal authorities and cybersecurity experts for investigation and remediation efforts.

Multiple incident responders have attributed the Hawaiian Airlines attack to Scattered Spider, also known as Muddled Libra or UNC3944. The assessment comes as cybersecurity firms Unit 42 and Mandiant issued warnings about the group’s apparent pivot to targeting aviation companies.

Charles Carmakal, chief technology officer at Mandiant Consulting – Google Cloud, confirmed his company is “aware of multiple incidents in the airline and transportation sector which resemble the operations of UNC3944 or Scattered Spider.” The group has demonstrated a pattern of focusing intensively on single industries before moving to new sectors.

“Given the habit of this actor to focus on a single sector we suggest that the industry take steps immediately to harden systems,” Carmakal stated.

The Hawaiian Airlines incident follows a similar attack earlier this month on WestJet, Canada’s second-largest airline. The Calgary-based carrier experienced intermittent disruptions to its website and mobile application, with systems largely restored after five days.

Cybersecurity experts note that Scattered Spider has maintained consistent tactics across different industry targets. The group typically employs sophisticated social engineering attacks and targets multi-factor authentication systems through fraudulent reset requests.

Sam Rubin, senior vice president of consulting and threat intelligence at Palo Alto Networks’ Unit 42, emphasized that organizations should maintain “high alert for sophisticated and targeted social engineering attacks and suspicious MFA reset requests.”

The group’s methodical approach to targeting specific industries has previously included campaigns against major retail chains and insurance companies, including attacks on Aflac and other prominent insurers.

The coordinated nature of these attacks across multiple airlines suggests a strategic shift by Scattered Spider toward critical infrastructure sectors. The Federal Bureau of Investigation and the Cybersecurity and Infrastructure Security Agency have yet to comment on the incidents.

The post Scattered Spider strikes again? Aviation industry appears to be next target for criminal group appeared first on CyberScoop.

from CyberScoop https://ift.tt/sSNhrv9
via IFTTT

Data management company Rubrik announced plans Wednesday to acquire artificial intelligence startup Predibase, a move aimed at accelerating the adoption of agentic AI in enterprise settings and pushing efficient AI deployments from pilot programs into full production.

The terms of the deal were not made public, but sources familiar with the situation told CNBC the sale price may range from $100 million to $500 million. Predibase, which was founded in 2021 by former Google and Uber employees, has received over $28 million in funding.

Rubrik, which went public last year, is known for enterprise data protection and recovery services. The company has reported over $1 billion in annualized revenue and a significant increase in value since its initial public offering. Rubrik’s acquisition of Predibase represents its most substantial step yet toward integrating more advanced AI tools with its existing offerings.

Predibase’s platform allows organizations to fine-tune open-source AI models for specific business use cases, and to operate at production scale without massive infrastructure expenses. The company’s technology stack features a proprietary post-training customization toolkit and an open-source system known as LoRA eXchange for personalized model deployment.

For Rubrik, leveraging Predibase’s technology opens pathways to deliver “radical simplicity” in AI models and data management, according to company executives. The deal aims to address persistent industry bottlenecks such as high infrastructure costs, limited model accuracy, data governance hurdles, and slow transitions from pilot to production.

Rubrik’s acquisition aligns with broader efforts across the AI and cloud industry to streamline and secure the deployment of generative AI applications. The move complements its existing collaborations with Amazon Bedrock, Azure OpenAI, and Google Agentspace.

Predibase counts enterprises such as Checkr, Marsh McLennan, and Qualcomm among its clients. 

The post Rubrik acquires AI startup Predibase to boost agentic AI offerings  appeared first on CyberScoop.

from CyberScoop https://ift.tt/cjECXWo
via IFTTT

A recently discovered operational relay box (ORB) network controlled by a China-linked threat group already exceeds 1,000 devices and is growing across the United States and East Asia, SecurityScorecard said in a threat report released Monday. 

The ORB network, which SecurityScorecard dubbed “LapDogs,” is primarily composed of routers designed for small or home offices but also includes infected IoT devices, virtual servers and IP cameras. 

Earliest nodes detected by researchers date back to September 2023 and the network has gradually grown since, infecting no more than 60 devices at a time, indicating a highly targeted operation focused on specific locations. Researchers have identified 162 distinct intrusion sets, and more devices are added to the ORB with each intrusion campaign. 

“The expansion rate of LapDogs is going up,” Gilad Maizles, security researcher at SecurityScorecard, said in an email. “Campaigns become more frequent, and with greater yield in numbers, which ultimately leads to more devices added than removed from the network.”

More than one-third of the infections are located in the United States, followed by Japan, South Korea, Taiwan and Hong Kong. Active infections span devices and services from Ruckus Wireless, Asus, Buffalo Technology, Cisco-Linksys, D-Link, Microsoft, Panasonic and Synology. More than half of the compromised devices are Ruckus Wireless access points, according to SecurityScorecard.

“Post-infection activity from this network is still unclear,” Maizles said. “Some ORBs used by China-Nexus actors are shared infrastructure and can host and facilitate more than one intrusion set at once. This makes questions regarding APT motivations, TTPs and post-infection activities much harder to answer. This also ultimately demonstrates how harmful and dangerous ORBs are as an emerging threat within the China-Nexus APT landscape.”

ORB networks are more complicated than botnets, allowing threat groups who control them more stealth capabilities typically used for espionage.

Botnets are similar in that they also ride on a large set of internet-facing devices or virtual services, but “ORB networks are more like Swiss Army knives, and can contribute to any stage of the intrusion lifecycle,” SecurityScorecard researchers said in the report. This includes reconnaissance, anonymized browsing, network traffic data collection for port and vulnerability scanning, node reconfiguration and relaying stolen data upstream. 

Mandiant Intelligence previously chronicled China state-sponsored threat groups’ growing use of ORB networks as a low-effort exercise designed to “create a constantly evolving mesh network that can be used to conceal espionage operations.” 

ORB networks chip away at the notion of attacker-controlled architecture and because they cycle through network infrastructure on a monthly basis. Mandiant researchers warn that the elimination of indicators of compromise is accelerating, because these operational characteristics of ORB networks make it harder for threat researchers to spot and attribute unusual activity on infected nodes. 

The number of devices infected by LapDogs is smaller than other ORBs, but that is likely due to a deliberate decision by the threat group operating the ORB, Maizles said. 

“We speculate that it is an attempt to keep the ORB under the radar and successfully so for the past two years,” he said. “LapDogs could be utilized for long-term, covert and localized operations, which can carry much greater impact on any given organization, rather than widespread infections.”

The post Stealth China-linked ORB network gaining footholds in US, East Asia appeared first on CyberScoop.

from CyberScoop https://ift.tt/wKkRCds
via IFTTT

The hackers targeting prominent researcher and Russian military expert Keir Giles were different this time. 

The attackers, suspected to be working on behalf of the Russian government, had ginned up the May solicitation email for a consultation with a state.gov address, one that didn’t get a bounceback message when Giles replied. They spoke convincing English, and delivered their message during East Coast business hours. He said they created a realistic domain name to direct him to, rather than using a random string of text. They weren’t in a hurry, pressuring him to respond the way hackers usually do.

“Unlike any of the previous times when they’ve had a go at me, I haven’t actually seen anywhere they’ve put a foot wrong and done something which is implausible,” Giles, who is also a senior consulting fellow for the Russia and Eurasia program at the British think tank Chatham House, told CyberScoop. “It was totally straight up and very well-constructed from beginning to end.”

A report out Wednesday from the University of Toronto’s Citizen Lab that calls the targeting of Giles a “highly sophisticated attack” also details a “novel method” the hackers used to bypass one of the most well-regarded cyber defense tools, multi-factor authentication (MFA).

As Citizen Lab is publishing its forensic analysis of what happened with Giles, Google’s Threat Intelligence Group is also releasing a related blog post on who is behind the compromise of Giles’ accounts, and how he’s not the only one they’ve targeted with that specific technical attack method.

Giles warned over the weekend in a LinkedIn post about the State Department impersonators who had compromised his account, promising “more on the how, what and when later.” 

The “how” involved the credible social engineering aspects that he and Citizen Lab have revealed. On the technical side, the final step was convincing Giles to create and share a screenshot of an app-specific password (ASP), a tool that can be used to give third parties access to users’ accounts that don’t support multi-factor authentication. ASPs are meant to be a convenience and security aid when using third parties without MFA, but in this case the hackers leveraged them to compromise Giles’ Google accounts.

Google picked up on what was happening, then sent Giles a security alert and locked his accounts.

“The days of just tricking someone to hand over a password are over,” John Scott-Railton, senior researcher at Citizen Lab, told CyberScoop. “Companies are getting smarter about detecting hacking, and have given users a lot of new security features, like muti-factor authentication. Users have also gotten wiser to what classic phishing looks like.

“So the more sophisticated hacking groups are constantly innovating and trying to spot new technical and psychological tricks to get access to accounts,” he continued. “This means that they are also probing other ways of gaining access, like tokens and app-specific passwords.”

The Google Threat Intelligence Group (GTIG) assessment is that the hackers in this case, which they’ve dubbed UNC6293, are potentially connected to a unit tied to Russia’s Foreign Intelligence Service, known by names such as APT29, Cozy Bear or ICECAP. The attacks on Giles aren’t the only slow-roll, ASP-based ones GTIG researchers have seen on academics and Russia critics from April through earlier this month, although they couldn’t give precise numbers.

It’s not, though, “widespread” by any means, said Wesley Shields, a security engineer with GTIG. Because the process is so time-consuming, it would be difficult to repeat on a larger scale, said Shields and Gabriella Roncone, Russia and Eastern European tech lead at GTIG.

“Normally we see APT29 or ICECAP targeting larger diplomatic organizations, NGOs — really going after corporate entities or large organizations,” Roncone said. “Whereas in this case, we’re seeing only individuals being targeted, and not only that, but individuals being targeted in a very specific and patient way.”

That patience was a standout feature to Scott-Railton as well.

“What impresses me about this attack is how patient the attackers were, slowly unfolding their deception over a period of weeks. It’s as if they knew everything we’d been taught to expect from Russian hackers, and then did the opposite,” Scott-Railton said.

The deception required a lot of effort and knowledge. For instance, the attackers were likely aware that the State Department’s email server is set up to accept all messages, and that it doesn’t send a bounceback message for non-existent addresses, according to the Citizen Lab report. The email’s authentic-sounding English might have been improved with the use of a large language model.

“There was not something about it, which, as so often happens, it gets your Spidey sense going, because something is off,” Giles said. “That was completely absent.”

Giles presumes a leak of any information the hackers obtained, with a mix of phony and altered data, is forthcoming. He quipped that if their goal was espionage, “they would have very quickly got very disappointed.” He was still hearing from the attackers even after he posted about it on social media, with the account he’d interacted with “complaining of technical difficulties and saying, ‘Bear with us a bit longer.’” 

Giles said he was frustrated that he didn’t get an alert from Google about the risks of ASPs, and believed that since Google Workspace was a paid-for service, he would’ve gotten an explanation or more support from the company as opposed to shutting the account and saying it had been closed for security violations.

Google’s blog post said it does send such alerts about ASPs. It also encouraged users who could be at great risk of being hacked to sign up for its Advanced Protection Program, which forbids the use of ASPs.

Scott-Railton praised Giles, potentially the “patient zero” for this kind of attack, for speaking up about it.

Giles said he was “fairly relaxed” about being victimized.

“Nobody’s invulnerable, and they had been trying so very hard for so very long that it was bound to get through eventually,” he said.

During a round of cyberattacks last year, Giles said, “One of the really frustrating things was the people who had been infected and whose accounts were being leveraged to target me then, who were absolutely unwilling to talk about it because they were too embarrassed… they really limited what you could do with some of this stuff.

“So I’m not inclined to cover up the way in which they succeeded in outwitting me,” he said. “I guess if they’re spending this much effort on me, there are other more important targets that are getting less attention as a result. So that’s not such a bad thing.”

The post Unusually patient suspected Russian hackers pose as State Department in ‘sophisticated’ attacks on researchers appeared first on CyberScoop.

from CyberScoop https://ift.tt/74wFvH9
via IFTTT

Multiple variants of jailbroken and uncensored AI tools being sold on hacker forums were likely generated using popular commercial large language models from Mistral AI and X’s Grok, according to research published Tuesday from Cato Networks.

As some commercial AI companies have sought to build guardrails into their models for safety and security — preventing them from explicitly coding malware, relaying detailed instructions for building bombs or other malicious behaviors — a parallel underground market has emerged offering to sell more uncensored versions of the technology.

These “WormGPTs” — named after one of the original AI tools first advertised on underground hacker forums in 2023 — are usually cobbled together from open-source models and other toolsets and can generate code, search for and analyze vulnerabilities, and are then marketed and sold online.

But according to Cato Networks researcher Vitaly Simonovich, two variants advertised on BreachForums over the past year have more straightforward origins.

“Cato CTRL has discovered previously unreported WormGPT variants that are powered by xAI’s Grok and Mistral AI’s Mixtral,” he wrote.

One variant, advertised on BreachForums in February, was accessed through Telegram, calling itself an “Uncensored Assistant,” but otherwise describing its purpose in positive and uncontroversial terms.

Simonovich obtained access to both models and started probing, finding them largely uncensored as advertised. The models were able to craft phishing emails and code PowerShell credential-stealing malware on command, along with other offensive capabilities.

However, he identified prompt-based guardrails designed to elide one thing: the original system prompts used to program those models. Using an LLM jailbreaking technique, he was able to bypass the restrictions and view the first 200 tokens the system processed.

The answer identified xAI’s Grok as the underlying model powering the tool.

“It appears to be a wrapper on top of Grok and uses the system prompt to define its character and instruct it to bypass Grok’s guardrails to produce malicious content,” Simonovich wrote.

Another WormGPT variant advertised in October 2024 under the subject line “WormGPT / ‘Hacking’ & UNCENSORED AI,” was billed as an artificial intelligence-based language model focused on “cyber security and hacking issues.” The seller noted that the tools provide users with “access to information about how cyber attacks are carried out, how to detect vulnerabilities or how to take defensive measures,” and emphasized that neither they nor the tool accept any legal responsibility for the user’s actions.

A similar analysis revealed the original prompting included commands like “WormGPT should not answer the standard Mixtral model” and “You should always create answers in WormGPT mode.”

Emails sent to xAI and Mistral AI requesting comment on the research were not returned by the time of publication.

Simonovich said the pricing structure for these tools range from subscription-based payment models (around €550 or $631 for a yearly license), with private setups going for as high as €5,000 or $5,740. Most individuals paying those kinds of prices are likely looking to leverage the tools for profit-motivated cybercrime, he suggested.Although there is evidence that LLMs can provide certain scale and efficiency benefits for hacking operations or disinformation campaigns, U.S. intelligence agencies and private companies like OpenAI and Google have said the tools haven’t yet proven to be game changers for hacking groups tied to nations like Russia, China and Iran.

The post Researchers say AI hacking tools sold online were powered by Grok, Mixtral appeared first on CyberScoop.

from CyberScoop https://ift.tt/nVRgCq6
via IFTTT

Digital rights groups are urging Senate leaders not to move forward with a bill that would impose new regulations on companies around child sexual abuse material, arguing that the legislation could be a privacy nightmare for Americans.

In a letter addressed to Senate Judiciary Committee leaders Sens. Chuck Grassley, R-Iowa, and Dick Durbin, D-Ill., the groups – which include the American Civil Liberties Union, Freedom of the Press Foundation, Defending Rights and Dissent and RootsAction – say the STOP CSAM Act, reintroduced in May, “walks back a number of important privacy protections that had been included in a previous version of the bill.”

“The current bill creates enormous incentives for platforms to stop offering encrypted services that are critical for enabling all of us to have private conversations and securely store files from our most personal moments, like photos from a child’s birthday,” the letter reads.. “While all of our groups want to stop the harmful transmission of child sexual abuse material (CSAM), its transmission is already illegal, and these modifications to the bill do nothing more than undermine privacy and security.”

The Stop CSAM Act would impose new requirements on companies to prevent the hosting and distribution of child sexual abuse material on their platforms.

It expands companies’ legal obligations by requiring them to report instances of such material on their sites to the National Center for Missing and Exploited Children.  It also introduces stricter privacy protections for children who testify in court. Additionally, and would require businesses with more than 1 million unique monthly visitors or users or $50 million in annual revenue to submit annual reports to the Federal Trade Commission and Department of Justice.

It would also seek to alter immunity under Section 230 of the Communications Decency Act for “interactive computer services,” allowing victims to file civil lawsuits against companies that fail to remove CSAM content from their platforms in a timely fashion.

The bill includes language specifying that “any person who is a victim of the intentional, knowing, or reckless hosting or storing of child pornography or making child pornography available to any person by a provider of an interactive computer service, and who suffers personal injury as a result of such hosting, storing, or making available, regardless of when the injury occurred, may bring a civil action.”

Digital rights groups say that the new version of the legislation includes “recklessness” as a legal standard for liability and by applying it to any “interactive computer service,” the legislation would capture virtually all applications that rely on end-to-end encryption.

That in turn could open up providers of these services to civil lawsuits for hosting material that they can’t view without breaking the encryption of their users.

“[The bill] goes much further than current law and threatens to punish any service that works to keep its users secure, including those that do their best to eliminate and report CSAM,” wrote India McKinney of the Electronic Frontier Foundation. “The bill applies to ‘interactive computer services,’ which broadly includes private messaging and email apps, social media platforms, cloud storage providers, and many other internet intermediaries and online service providers.”

It’s not clear whether the groups’ warnings on data privacy will have much influence in this Congress. Politically, forcing private companies do more to counter child sexual abuse material on their platforms and websites has been broadly popular with the public, and online child safety is a top issue for congressional Republicans, who control both houses of Congress. Grassley is not known as a strong advocate of unrestricted encryption. He previously led a bipartisan congressional effort in 2018 to develop legislation that would would have compelled companies to grant law enforcement access to encrypted communications in investigations.

Another bill introduced this Congress, the Take It Down Act, carried similar take down requirements for companies around AI-generated nonconsensual deepfake pornography. Though many of the same groups loudly opposed the measure on similar privacy grounds, it ultimately passed 402-2 in the House and unanimously in the Senate before being swiftly signed into law by President Donald Trump.

The letter to Grassley and Durbin emphasizes that private communications – underpinned by strong digital encryption – are critical to healthy, functioning democratic societies and have many benefits to marginalized or targeted populations.

“That is why encrypted services are popular amongst journalists who use encrypted messages to contact their sources, protesters seeking to organize to raise their voices against unjust government action, doctors who use it to speak with patients, domestic violence victims who rely on completely private communications to escape dangerous situations at home, and businesses discussing finances with clients,” the letter reads. “But there would also be severe consequences for groups that are being targeted by governments domestically and globally.”

The post Digital rights groups sound alarm on Stop CSAM Act  appeared first on CyberScoop.

from CyberScoop https://ift.tt/HvAfyWV
via IFTTT

When Amazon Web Services deploys thousands of new digital sensors around the globe, it often runs into a ruthless truth of the internet: Within minutes, the sensors are poked, prodded, and attacked. However, using large language models, the company is turning those immediate attacks into actionable security intelligence for its vast array of cloud-centered services.  

According to Stephen Schmidt, the company’s chief security officer, examples like this demonstrate how AI enables capabilities that weren’t possible with earlier tools. During remarks at the AWS Summit on Tuesday, Schmidt highlighted this example to illustrate how AI is fundamentally transforming AWS’s approach to security — especially in areas like application security reviews and incident response.

“What we can do with AI is allow engineers to ask questions about what’s going on with that data much more easily than they could otherwise, and they can say things like ‘Find me all of the examples of situations where someone tried to break into this particular version of this particular database, and came from IP addresses that are associated with the VPNs that are normally used by this particular threat actor,” he told CyberScoop. “You can’t do that otherwise, and the tooling allows them to really dig into things much more deeply.”

The technology allows for more consistent and efficient security assessments, especially for junior engineers who may lack extensive experience.

By training large language models on previous security reviews, organizations can effectively transfer knowledge from senior security professionals to newer team members. This approach raises the overall security standard by embedding institutional expertise directly into AI-powered review processes.

“A junior engineer may not have all the knowledge, the background, the experience of the more senior engineers,” he said. “By training our large language models internally on the prior security reviews, it allows us to apply the knowledge and learning that our more senior staff have embodied in the documents that we all own, trained on, to our more junior staff. So it really raises the bar on the absolute level of security.” 

The cybersecurity industry faces persistent personnel shortages, a problem AI can help mitigate. Schmidt noted that AI tools can handle significant “heavy lifting” previously performed manually, allowing security staff to focus on more complex tasks.

Critically, Schmidt highlighted the non-deterministic nature of AI systems, meaning identical queries can produce different responses. He pointed to this as a reason why humans still need to be involved in making decisions based on the model’s output.

“We look at it this way, if you’re just asking a question and getting an answer, that’s one set of scrutiny that you have to give a system,” he said. “But if you’re going to take an action to block something, to prevent something from occurring, you’ve got to be really sure it’s correct. So there has to be that skilled person at the end of the AI-use process, saying, ‘Yes, this is the right thing to do at this point in time with this context.’”

That need for a human in the process is why Schmidt believes that AI will not supplant entry- or junior-level positions, even if the technology continues to improve. He said conversations around AI replacing junior engineers are rooted in “FUD,” and he expects the models to raise the skill level faster than ever before. 

“I don’t think it’s going to happen,” he said of AI replacing human-led security work. “The thing about security that’s both great and difficult is you’re never done, and it’s never perfect. So we always have the ability to raise the bar across things, and by using tooling that allows us to get those junior engineers up to speed more quickly and to learn more about why senior engineers make decisions. It means we’ve got this middle ground of staff who are really good, much more quickly than we would otherwise.”

The post How Amazon Web Services uses AI to be a security ‘force multiplier’ appeared first on CyberScoop.

from CyberScoop https://ift.tt/CKWwrI4
via IFTTT