"Pig butchering," generative AI, and spear-phishing have all transformed digital warfare.

Source: Daniren vua Alamy Stock Photo

As the kinetic war between Russia and Ukraine persists, a parallel battle is being waged in cyberspace, where hackers are targeting critical infrastructure, government entities, and individual service personnel.

The cyber campaigns focus on espionage, disruption, and social engineering to weaken Ukrainian defenses and sow discord, with efforts to compromise personal data and infiltrate secure communication channels like Signal and Telegram.

Russian-aligned cyber actors, including advanced persistent threat (APT) groups like Gamaredon, have intensified their attacks since Russia's 2022 invasion of Ukraine.

Despite Ukrainian efforts to bolster cybersecurity, Russian hackers continue to refine their tools, and Russian cyber warfare tactics are varied and persistent, according to Ukraine's State Service of Special Communications and Information Protection (SSSCIP) September report.

These are just a few of the latest examples of cyberwarfare between the two states, though other additional malware perpetrators and cyberattack units, including Sandworm (aka APT44), continue to proliferate. 

**Messaging Apps Target Service Members**

One recent campaign involves the Russia-aligned UAC-0184 group targeting Ukrainian military personnel through messaging apps, including Signal. 

Hackers impersonate familiar contacts, sending malicious files disguised as combat footage or recruitment material to infect devices with malware.

Dan Black, manager, Mandiant Cyber Espionage Analysis, Google Cloud, says common technologies like smartphones and tablets have become essential tools for military personnel on the front lines, providing real-time intelligence and other critical support capabilities.

"But their utility cuts both ways," he cautions.

Because they provide such valuable capability, penetrating these devices can provide an adversary a surreptitious lens into various types of sensitive battlefield information that can have grave, even lethal, consequences for targets if compromised. 

Abu Qureshi, head of threat research for BforeAI, explains targeted cyberattacks aimed at military personnel through messaging apps can severely compromise operational security.

"By intercepting communications or distributing malware through trusted communication channels, attackers can extract sensitive data on the physical locations of personnel," Qureshi says. "This can lead to real-world consequences."

Malachi Walker, security adviser for DomainTools, adds a targeted cyberattack such as what’s being seen in the Russian/Ukrainian war is like pig-butchering attacks the team has observed in the financial service sector, where an attacker builds a personal relationship with their victim, gaining their trust over a period to gain a payout.

"Seeing this tactic used in warfare, rather than for financial gain, impacts the operational security of a military unit," Walker explains.

He says while a financially motivated pig-butchering attack can only leave one victim, using this technique in a war setting could place an entire group of soldiers in danger.

Adam Gavish, co-founder and CEO at DoControl, says what's particularly concerning is that many of these troops have access to sensitive intelligence and critical systems.

"A successful attack could potentially compromise not just individual soldiers, but entire military operations or strategies," he says.

The ripple effects of a single breach could harm many, making these personalized attacks especially dangerous.

"All of this can significantly impact combat effectiveness, readiness, and overall military capabilities," Gavish says.

**Russian-Speaking Users Targeted**

Meanwhile, the DCRat Trojan has been deployed through HTML smuggling, marking a shift in delivery methods to target Russian-speaking users. 

HTML smuggling techniques can bypass traditional security measures by nesting attacks within obfuscation layers like files, posing a significant threat to critical industries during conflicts.

Walker explains the use of HTML smuggling may not be the sole cause for change in the threat landscape, but it is indicative of an ongoing change that his team has observed in the past two years.

"The evolution of cyberattacks and malware, particularly those that have an intersection with the use of generative AI, have lowered the barrier for entry for threat actors, leading to more threats and a greater volume of attacks," he says.

DCRat and other similar malware can infiltrate systems controlling power grids, oil pipelines, and even nuclear facilities, which could severely disrupt the safety of any nation. "In the context of targeting Russian-speaking users and Russian companies, such attacks could have an impact that extends to other countries and companies and leads to further distrust," Walker adds.

He notes not all Russian companies are sanctioned by NATO-allied countries and those not sanctioned could be the most appealing targets as it would allow these threat actors to extend their reach.

These impacts can have a global impact including the delay of delivery for essential goods and the compromise of critical industries like energy, healthcare, financial services, and transportation.

Stephen Kowski, field chief technology officer (CTO) at SlashNext Email Security+, says this method of attack highlights the need for more sophisticated defense strategies that go beyond conventional antivirus solutions. 

"When looking at this phishing technique you need live analysis of malicious content within the file and that is why you cannot rely on signature-based, feeds-based phishing protection alone," he explains. 

He adds securing industrial control systems is paramount in preventing disruptions that could amplify physical attacks.

"A comprehensive approach involving regular security audits, network segmentation, and robust access controls can help safeguard energy infrastructure against supply chain attacks," Kowski says. 

**Game on for Gamaredon **

An ESET report released last month focused on the 2022 and 2023 campaigns of Gamaredon, one of the most active groups in Ukraine.

The group has been conducting spear-phishing campaigns and using custom malware to breach Ukrainian government institutions, with the attacks undergoing constant evolution — for example, shifting to PowerShell and VBScript-based attacks.

DoControl's Gavish says Gamaredon's persistent approach, while less stealthy, can be highly effective in overwhelming Ukraine's defenses through sheer volume. 

"This constant barrage of attacks ties up cybersecurity resources and increases the chances of a successful breach simply through persistence," he says. The real-world impact forces Ukraine to constantly divert resources to cyber defense. "Gamaredon's attempts to target NATO countries have significant implications for international cybersecurity cooperation," Gavish adds.

From his perspective, these types of threats highlight the need for increased information sharing and joint defense strategies among allied nations. "The situation in Ukraine serves as a stark reminder that cybersecurity is not just an IT issue — it's a matter of national security with very real-world consequences," Gavish says. 

**About the Author**

Nathan Eddy is a freelance journalist and award-winning documentary filmmaker specializing in IT security, autonomous vehicle technology, customer experience technology, and architecture and urban planning. A graduate of Northwestern University’s Medill School of Journalism, Nathan currently lives in Berlin, Germany.

Ukraine-Russia Cyber Battles Tip Over Into the Real World

Dubai Silicon Oasis, United Arab Emirates, 3rd October 2024, CyberNewsWire

**Dubai Silicon Oasis, United Arab Emirates, October 3rd, 2024, CyberNewsWire**

ANY.RUN has announced an upgrade to its Threat Intelligence Portal, enhancing its capabilities to identify and analyze emerging cyber threats. This upgrade underscores ANY.RUN’s commitment to providing comprehensive threat intelligence solutions, empowering users to navigate the ever-evolving landscape of cyber threats. 

**About Threat Intelligence Lookup** 

The main page of ANY.RUN TI portal 

Threat Intelligence Lookup is a streamlined platform designed to help users find relevant threat data extracted from ANY.RUN’s extensive database of malware analysis sessions carried out in its interactive sandbox. This tool transforms isolated data into a holistic view of both persistent and emerging threats, offering users insights into malicious activities, suspicious connections, and hidden indicators of compromise. 

Accessible through an intuitive web interface and an API for seamless integration with existing security solutions, TI Lookup allows users to examine various data points including: 

*   Processes 
*   Modules 
*   Files 
*   Network activity 
*   Registry interactions 

This comprehensive approach enables cybersecurity analysts to gain detailed context about attacks, helping them understand the nature, scope, and potential impact of threats. 

**Expanded Search Capabilities** 

In addition to the enhancements to Threat Intelligence Lookup, ANY.RUN has significantly expanded its search capabilities, now offering over 40 parameters for querying its extensive database. This upgrade allows users to filter searches by file hashes, IP addresses, domain names, and more, facilitating a more targeted and efficient investigation of potential threats. 

**How TI Lookup Helps in Investigating Emerging Threats** 

ANY.RUN showcased the effectiveness of its TI Lookup feature through a practical use case. By utilizing a single suspicious IP address, users can efficiently identify associated malware.  

Search by the IP address in ANY.RUN TI Lookup 

For instance, investigating the IP address by submitting the query **destinationIP:”185.196.9.26″** revealed connections to Redline malware, which is used to steal login credentials and other sensitive data. 

The close integration between the ANY.RUN sandbox and Threat Intelligence Lookup allows users to directly access recorded sandbox sessions where the specific IP address was detected. By accessing the sandbox session, users can examine the malware’s actions in a secure environment. 

Analysis of the Redline stealer in the ANY.RUN sandbox 

One of the significant advantages of TI Lookup is its ability to provide immediate insights into threat behavior, collecting crucial data such as Indicators of Compromise (IOCs) and Tactics, Techniques, and Procedures (TTPs). 

With these significant upgrades, ANY.RUN reaffirms its position as a leader in threat intelligence solutions, equipping cybersecurity analysts with the tools necessary to combat emerging threats effectively. 

Users who want to experience ANY.RUN’s enhanced Threat Intelligence portal firsthand can sign up for a 14-day free trial to unlock powerful tools for detecting, analyzing, and combating emerging cyber threats. 

**Contact**

**The ANY.RUN team**  
**ANYRUN FZCO**  
**\[email protected\]**  
**+1 657-366-5050**

ANY.RUN Upgrades Threat Intelligence to Identify Emerging Threats

Although the veto was a setback, it highlights key debates in the emerging field of AI governance and the potential for California to shape the future of AI regulation.

Debrup Ghosh, Principal Product Manager, F5 Inc.

October 3, 2024

4 Min Read

Source: marcos alvarado via Alamy Stock Photo

COMMENTARY

On Sept. 29, California Gov. Gavin Newsom vetoed Senate Bill 1047, the Safe and Secure Innovation for Frontier Artificial Intelligence Models Act. This bill aimed to create a comprehensive regulatory framework for AI models, seeking to balance public safety with innovation. Although the veto was a setback for the bill, it highlights key debates in the emerging field of AI governance and the potential for California to shape the future of AI regulation.

**California's Influence on Tech Legislation**

As the home of Silicon Valley, California has long been a leader in technology regulation, with its policies often setting the precedent for other states. For example, the California Consumer Privacy Act (CCPA) inspired similar data protection laws in Virginia and Colorado. With the rapid advancement of AI technology, California's efforts in AI governance could have a lasting impact on both national and international regulatory frameworks, while also catalyzing federal lawmakers to consider nationwide AI regulations, similar to how California's auto emissions standards influenced federal policies.

**What's at Stake**

Gov. Newsom's veto highlights several critical issues. First, the bill solely focused on large-scale models that might overlook the dangers posed by smaller, specialized AI systems. The governor emphasized the need for regulations based on empirical evidence of actual risks rather than the size or cost of AI models. Second, he cautioned that stringent regulations could stifle innovation, particularly if they did not keep pace with the rapidly evolving AI landscape. The governor advocated for a flexible approach that could adapt to new developments. Third, Newsom stressed the importance of considering whether AI systems are deployed in high-risk environments or involve critical decision-making with sensitive data, areas the bill did not specifically address.

**Looking Ahead**

Although this might seem like a setback to some, the veto allows California to continue its thought leadership in shaping modern technology policy. To move forward and reconcile differences, the California legislature and Governor's office can undertake several collaborative efforts:

*   Establish a joint task force comprising representatives from the governor's office, legislators, AI experts, industry leaders, and AI ethics experts. This group can facilitate open discussions to understand each other's concerns and priorities.
    
*   Incorporate insights from academia, research organizations, and the public. Transparency in the legislative process can build trust and ensure diverse perspectives are considered.
    
*   Shift the regulatory focus from the size and computational resources of AI models to the actual risks associated with specific applications. This aligns with the governor's call for evidence-based policymaking.
    
*   Draft legislation that includes provisions for regular review and updates, allowing the regulatory framework to evolve alongside rapid technological advancements in AI.
    

**European Union: AI Act**

California legislators can benchmark existing AI legislation such as the EU Artificial Intelligence Act. The EU's AI Act is a pioneering, comprehensive legal framework designed to foster trustworthy AI while supporting innovation. It adopts a risk-based approach, categorizing AI systems into four levels: unacceptable, high, limited, and minimal risk. Unacceptable risk practices are prohibited, while high-risk AI applications in areas like education, employment, and law enforcement face stringent requirements. The act mandates transparency, requiring users to be informed when interacting with AI systems such as chatbots. It also introduces obligations for general-purpose models, focusing on risk management and transparency.

The AI Act's strengths include comprehensive coverage, ensuring all forms of AI are regulated uniformly, and its emphasis on protecting fundamental rights by categorizing AI based on risk levels. It encourages innovation by reducing regulatory burdens for low-risk AI applications, thus fostering technological development. However, the act's complexity and cost may be burdensome for small and midsize enterprises, and there's a potential risk of regulatory overreach, possibly hindering innovation.

**Conclusion**

California is at the forefront of tackling the challenges and opportunities posed by advanced AI models. Collaboration between government and industry stakeholders is essential in shaping a regulatory framework that keeps pace with the rapid evolution of AI technology. By working together with industry and other thought leaders, legislators can craft a flexible, evidence-based framework that ensures public safety while encouraging innovation. Like past tech regulations, California can set a strong precedent for responsible AI governance, with its influence likely extending beyond state lines. As AI continues to evolve, the world will closely monitor California's efforts, and true success will depend on protecting the public without stifling AI's transformative potential.

**About the Author**

Principal Product Manager, F5 Inc.

Debrup Ghosh is a seasoned product management leader with extensive experience in cybersecurity, SaaS, and AI-driven solutions. Currently a principal product manager at F5 Networks, he leads the development of cutting-edge Web application and API protection (WAAP) products with a focus on AI/ML innovations. Debrup has a proven track record of driving product success at major companies including Synopsys, Verizon, and Michelin. His leadership has earned him multiple global awards, including the 2024 Stevie Awards. A recognized thought leader, his insights have been featured in media outlets such as CNN and Forbes. Debrup holds an MBA from the University of California, Irvine, and a bachelor of technology from the National Institute of Technology, Tiruchirappalli.

The Future of AI Safety: California's Vetoed Bill &amp; What Comes Next

Google has revealed the various security guardrails that have been incorporated into its latest Pixel devices to counter the rising threat posed by baseband security attacks.
The cellular baseband (i.e., modem) refers to a processor on the device that's responsible for handling all connectivity, such as LTE, 4G, and 5G, with a mobile phone cell tower or base station over a radio interface.
"This

Mobile Security / Technology

Google has revealed the various security guardrails that have been incorporated into its latest Pixel devices to counter the rising threat posed by baseband security attacks.

The cellular baseband (i.e., modem) refers to a processor on the device that's responsible for handling all connectivity, such as LTE, 4G, and 5G, with a mobile phone cell tower or base station over a radio interface.

"This function inherently involves processing external inputs, which may originate from untrusted sources," Sherk Chung and Stephan Chen from the Pixel team, and Roger Piqueras Jover and Ivan Lozano from the company's Android team said in a blog post shared with The Hacker News.

"For instance, malicious actors can employ false base stations to inject fabricated or manipulated network packets. In certain protocols like IMS (IP Multimedia Subsystem), this can be executed remotely from any global location using an IMS client."

What's more, the firmware powering the cellular baseband could also be vulnerable to bugs and errors that, if successfully exploited, could undermine the security of the device, particularly in scenarios where they lead to remote code execution.

In a Black Hat USA presentation last August, a team of Google security engineers described the modem as both a "fundamental" and "critical" smartphone component with access to sensitive data and one that's remote accessible with various radio technologies.

Threats to the baseband are not theoretical. In October 2023, research published by Amnesty International found that the Intellexa alliance behind Predator had developed a tool called Triton to exploit vulnerabilities in Exynos baseband software used in Samsung devices to deliver the mercenary spyware as part of highly targeted attacks.

The attack involves conducting a covert downgrade attack that forces the targeted device to connect to the legacy 2G network by means of a cell-site simulator, following which a 2G base station transceiver (BTS) is used to distribute the nefarious payload.

Google has since introduced a new security feature in Android 14 that allows IT administrators to turn off support for 2G cellular networks in their managed devices. It has also highlighted the role played by Clang sanitizers (IntSan and BoundSan) in hardening the security of the cellular baseband in Android.

Then earlier this year, the tech giant revealed it's working with ecosystem partners to add new ways of alerting Android users if their cellular network connection is unencrypted and if a bogus cellular base station or surveillance tool is recording their location using a device identifier.

The company has also outlined the steps it's taking to combat threat actors' use of cell-site simulators like Stingrays to inject SMS messages directly into Android phones, otherwise called SMS Blaster fraud.

"This method to inject messages entirely bypasses the carrier network, thus bypassing all the sophisticated network-based anti-spam and anti-fraud filters," Google noted in August. "SMS Blasters expose a fake LTE or 5G network which executes a single function: downgrading the user's connection to a legacy 2G protocol."

Some of the other defenses the company has added to its new Pixel 9 lineup include stack canaries, control-flow integrity (CFI), and auto-initialization of stack variables to zero to avoid leakage of sensitive data or act as an avenue to gain code execution.

"Stack canaries are like tripwires set up to ensure code executes in the expected order," it said. "If a hacker tries to exploit a vulnerability in the stack to change the flow of execution without being mindful of the canary, the canary "trips," alerting the system to a potential attack."

"Similar to stack canaries, CFI makes sure code execution is constrained along a limited number of paths. If an attacker tries to deviate from the allowed set of execution paths, CFI causes the modem to restart rather than take the unallowed execution path.

Found this article interesting? Follow us on Twitter __ and LinkedIn to read more exclusive content we post.

Android 14 Adds New Security Features to Block 2G Exploits and Baseband Attacks

Smart glasses that use facial recognition can instantly reveal the identity of someone you're looking at.

Like something out of Black Mirror, two students have demonstrated a way to use smart glasses and facial recognition technology to immediately reveal people’s names, phone numbers, and addresses.

The Harvard students have dubbed the system I-XRAY and it works like this: When you look at someone’s face through the glasses—they used Ray-Ban Meta smart glasses—a connected Artificial Intelligence (AI) platform will look up that face on the internet and pull up all the information it can find about the person.

The Ray-Ban Meta glasses have the ability to livestream video to Instagram. A program monitors that stream and uses the AI to identify faces. It extracts a picture which is then fed into public databases. Depending on the online presence of the person, this can reveal their name, address, phone number, and even relatives.

And as if it wasn’t creepy enough already, it only takes a few seconds before that information shows up on the user’s phone.

If you’d like to see this system in action, one of the students posted a tweet on X that shows you pretty much how effective it can be.

Facial recognition is a technology that has quickly evolved. That’s not always a bad thing, but it poses a privacy issue when the consensus from the person in the database is missing. Many people have become used to being monitored a lot of the time that they spend outside, especially in large cities. But when facial recognition adds an extra layer of tracking, or immediate recognition, it becomes worrying.

In 2021 we wrote:

> “For an individual to identify another individual would require access to a large database or an enormous amount of luck.”

But, thanks to the advancement of AI, this is no longer true. Identification can be done in seconds, for almost everybody that has an online presence, and just from public databases.

In the demo, the students claim they were able to identify dozens of people without their knowledge, although in some cases the system gave the wrong name.

It’s quite obvious that in the wrong hands this could be used to defraud or track people. The students have no intention of sharing their code, but they are not the first ones to come up with the idea or even make it work.

In 2022, a company called Clearview AI was permanently banned from selling its faceprint database within the United States. The facial recognition software and surveillance company was known for scraping images of people from social networking sites, particularly Facebook, YouTube, Venmo, and other websites. Clearview’s app was able to show you additional photos of a person—after taking a snap of them—along with links to where these appeared. Now, Clearview sells its product to law enforcement, and it’s also explored a pair of smart glasses that would run its facial recognition technology.

Also in 2022, a company called PimEyes was accused of “surveillance and stalking on a scale previously unimaginable.” PimEyes is an online face search engine that searches the internet to find pictures of particular faces. The search engine uses Artificial Intelligence (AI) for facial recognition combined with reverse image search technology to find other photos of a person published online, based on a picture submitted by the user.

In 2023, the New York Times published a story about “the technology Facebook and Google didn’t dare release” about how the two companies stopped development of technology that used facial recognition to identify people.

What’s changed since then:

*   The glasses look like any other Ray Ban so you’ll be clueless about getting identified
*   Facial recognition has been perfected even more
*   AI can be used to quickly gather and analyze data.

Sadly, there’s not a huge amount you can do to stop someone looking you up in this way. However, there are ways to limit how much information is out there about you. Be careful about how much information you post about yourself online, and as much as possible make sure social media posts aren’t publicly accessible.

You can also check and remove yourself from people databases. The students suggested a few that you can opt-out of.

****Remove yourself from Reverse Face Search Engines****

The major, most accurate reverse face search engines, Pimeyes and Facecheck.id, offer free services to remove yourself. 

*   Pimeyes
*   Facecheck ID

****Remove yourself from People Search Engines****

Most people don’t realize that from just a name, one can often identify the person’s home address, phone number, and relatives’ names. Here are some of the major people search engines:

*   FastPeopleSearch
*   CheckThem
*   Instant Checkmate
*   Extensive list compiled by the New York Times

**Scrub your data**

If you’re in the US, you can also use **Malwarebytes Personal Data Remover** to help find and remove your personal information from data broker sites.

 Not Black Mirror: Meta&#8217;s smart glasses used to reveal someone&#8217;s identity just by looking at them 

Organizations that get relieved of credentials to their cloud environments can quickly find themselves part of a disturbing new trend: Cybercriminals using stolen cloud credentials to operate and resell sexualized AI-powered chat services. Researchers say these illicit chat bots, which use custom jailbreaks to bypass content filtering, often veer into darker role-playing scenarios, including child sexual exploitation and rape.

Organizations that get relieved of credentials to their cloud environments can quickly find themselves part of a disturbing new trend: Cybercriminals using stolen cloud credentials to operate and resell sexualized AI-powered chat services. Researchers say these illicit chat bots, which use custom jailbreaks to bypass content filtering, often veer into darker role-playing scenarios, including child sexual exploitation and rape.

Image: Shutterstock.

Researchers at security firm **Permiso Security** say attacks against generative artificial intelligence (AI) infrastructure like **Bedrock** from Amazon Web Services (AWS) have increased markedly over the last six months, particularly when someone in the organization accidentally exposes their cloud credentials or key online, such as in a code repository like **GitHub**.

Investigating the abuse of AWS accounts for several organizations, Permiso found attackers had seized on stolen AWS credentials to interact with the **large language models** (LLMs) available on Bedrock. But they also soon discovered none of these AWS users had enabled full logging of LLM activity (by default, logs don’t include model prompts and outputs), and thus they lacked any visibility into what attackers were doing with that access.

So Permiso researchers decided to leak their own test AWS key on GitHub, while turning on logging so that they could see exactly what an attacker might ask for, and what the responses might be.

Within minutes, their bait key was scooped up and used in a service that offers AI-powered sex chats online.

“After reviewing the prompts and responses it became clear that the attacker was hosting an AI roleplaying service that leverages common jailbreak techniques to get the models to accept and respond with content that would normally be blocked,” Permiso researchers wrote in a report released today.

“Almost all of the roleplaying was of a sexual nature, with some of the content straying into darker topics such as child sexual abuse,” they continued. “Over the course of two days we saw over 75,000 successful model invocations, almost all of a sexual nature.”

**Ian Ahl**, senior vice president of threat research at Permiso, said attackers in possession of a working cloud account traditionally have used that access for run-of-the-mill financial cybercrime, such as cryptocurrency mining or spam. But over the past six months, Ahl said, Bedrock has emerged as one of the top targeted cloud services.

“Bad guy hosts a chat service, and subscribers pay them money,” Ahl said of the business model for commandeering Bedrock access to power sex chat bots. “They don’t want to pay for all the prompting that their subscribers are doing, so instead they hijack someone else’s infrastructure.”

Ahl said much of the AI-powered chat conversations initiated by the users of their honeypot AWS key were harmless roleplaying of sexual behavior.

“But a percentage of it is also geared toward very illegal stuff, like child sexual assault fantasies and rapes being played out,” Ahl said. “And these are typically things the large language models won’t be able to talk about.”

AWS’s Bedrock uses large language models from **Anthropic**, which incorporates a number of technical restrictions aimed at placing certain ethical guardrails on the use of their LLMs. But attackers can evade or “jailbreak” their way out of these restricted settings, usually by asking the AI to imagine itself in an elaborate hypothetical situation under which its normal restrictions might be relaxed or discarded altogether.

“A typical jailbreak will pose a very specific scenario, like you’re a writer who’s doing research for a book, and everyone involved is a consenting adult, even though they often end up chatting about nonconsensual things,” Ahl said.

In June 2024, security experts at **Sysdig** documented a new attack that leveraged stolen cloud credentials to target ten cloud-hosted LLMs. The attackers Sysdig wrote about gathered cloud credentials through a known security vulnerability, but the researchers also found the attackers sold LLM access to other cybercriminals while sticking the cloud account owner with an astronomical bill.

“Once initial access was obtained, they exfiltrated cloud credentials and gained access to the cloud environment, where they attempted to access local LLM models hosted by cloud providers: in this instance, a local Claude (v2/v3) LLM model from Anthropic was targeted,” Sysdig researchers wrote. “If undiscovered, this type of attack could result in over $46,000 of LLM consumption costs per day for the victim.”

Ahl said it’s not certain who is responsible for operating and selling these sex chat services, but Permiso suspects the activity may be tied to a platform cheekily named “**chub\[.\]ai**,” which offers a broad selection of pre-made AI characters with whom users can strike up a conversation. Permiso said almost every character name from the prompts they captured in their honeypot could be found at Chub.

Some of the AI chat bot characters offered by Chub. Some of these characters include the tags “rape” and “incest.”

Chub offers free registration, via its website or a mobile app. But after a few minutes of chatting with their newfound AI friends, users are asked to purchase a subscription. The site’s homepage features a banner at the top that reads: “Banned from OpenAI? Get unmetered access to uncensored alternatives for as little as $5 a month.”

Until late last week Chub offered a wide selection of characters in a category called “**NSFL**” or Not Safe for Life, a term meant to describe content that is disturbing or nauseating to the point of being emotionally scarring.

_Fortune_ profiled Chub AI in a January 2024 story that described the service as a virtual brothel advertised by illustrated girls in spaghetti strap dresses who promise a chat-based “world without feminism,” where “girls offer sexual services.” From that piece:

> Chub AI offers more than 500 such scenarios, and a growing number of other sites are enabling similar AI-powered child pornographic role-play. They are part of a broader uncensored AI economy that, according to Fortune’s interviews with 18 AI developers and founders, was spurred first by OpenAI and then accelerated by Meta’s release of its open-source Llama tool.

Fortune says Chub is run by someone using the handle “**Lore**,” who said they launched the service to help others evade content restrictions on AI platforms. Chub charges fees starting at $5 a month to use the new chatbots, and the founder told Fortune the site had generated more than $1 million in annualized revenue.

KrebsOnSecurity sought comment about Permiso’s research from AWS, which initially seemed to downplay the seriousness of the researchers’ findings. The company noted that AWS employs automated systems that will alert customers if their credentials or keys are found exposed online.

AWS explained that when a key or credential pair is flagged as exposed, it is then restricted to limit the amount of abuse that attackers can potentially commit with that access. For example, flagged credentials can’t be used to create or modify authorized accounts, or spin up new cloud resources.

Ahl said Permiso did indeed receive multiple alerts from AWS about their exposed key, including one that warned their account may have been used by an unauthorized party. But they said the restrictions AWS placed on the exposed key did nothing to stop the attackers from using it to abuse Bedrock services.

Sometime in the past few days, however, AWS responded by including Bedrock in the list of services that will be quarantined in the event an AWS key or credential pair is found compromised or exposed online. AWS confirmed that Bedrock was a new addition to its quarantine procedures.

Additionally, not long after KrebsOnSecurity began reporting this story, Chub’s website removed its NSFL section. It also appears to have removed cached copies of the site from the Wayback Machine at archive.org. Still, Permiso found that Chub’s user stats page shows the site has more than 3,000 AI conversation bots with the NSFL tag, and that 2,113 accounts were following the NSFL tag.

The user stats page at Chub shows more than 2,113 people have subscribed to its AI conversation bots with the “Not Safe for Life” designation.

Permiso said their entire two-day experiment generated a $3,500 bill from AWS. Most of that cost was tied to the 75,000 LLM invocations caused by the sex chat service that hijacked their key.

Paradoxically, Permiso found that while enabling these logs is the only way to know for sure how crooks might be using a stolen key, the cybercriminals who are reselling stolen or exposed AWS credentials for sex chats have started including programmatic checks in their code to ensure they aren’t using AWS keys that have prompt logging enabled.

“Enabling logging is actually a deterrent to these attackers because they are immediately checking to see if you have logging on,” Ahl said. “At least some of these guys will totally ignore those accounts, because they don’t want anyone to see what they’re doing.”

In a statement shared with KrebsOnSecurity, AWS said its services are operating securely, as designed, and that no customer action is needed. Here is their statement:

> “AWS services are operating securely, as designed, and no customer action is needed. The researchers devised a testing scenario that deliberately disregarded security best practices to test what may happen in a very specific scenario. No customers were put at risk. To carry out this research, security researchers ignored fundamental security best practices and publicly shared an access key on the internet to observe what would happen.”
> 
> “AWS, nonetheless, quickly and automatically identified the exposure and notified the researchers, who opted not to take action. We then identified suspected compromised activity and took additional action to further restrict the account, which stopped this abuse. We recommend customers follow security best practices, such as protecting their access keys and avoiding the use of long-term keys to the extent possible. We thank Permiso Security for engaging AWS Security.”

AWS said customers can configure model invocation logging to collect Bedrock invocation logs, model input data, and model output data for all invocations in the AWS account used in Amazon Bedrock. Customers can also use CloudTrail to monitor Amazon Bedrock API calls.

The company said AWS customers also can use services such as GuardDuty to detect potential security concerns and Billing Alarms to provide notifications of abnormal billing activity. Finally, AWS Cost Explorer is intended to give customers a way to visualize and manage Bedrock costs and usage over time.

Anthropic told KrebsOnSecurity it is always working on novel techniques to make its models more resistant to jailbreaks.

“We remain committed to implementing strict policies and advanced techniques to protect users, as well as publishing our own research so that other AI developers can learn from it,” Anthropic said in an emailed statement. “We appreciate the research community’s efforts in highlighting potential vulnerabilities.”

Anthropic said it uses feedback from child safety experts at Thorn around signals often seen in child grooming to update its classifiers, enhance its usage policies, fine tune its models, and incorporate those signals into testing of future models.

**Update: 5:01 p.m. ET:** Chub has issued a statement saying they are only hosting the role-playing characters, and that the LLMs they use run on their own infrastructure.

“Our own LLMs run on our own infrastructure,” Chub wrote in an emailed statement. “Any individuals participating in such attacks can use any number of UIs that allow user-supplied keys to connect to third-party APIs. We do not participate in, enable or condone any illegal activity whatsoever.”

A Single Cloud Compromise Can Feed an Army of AI Sex Bots

Threat actors with ties to North Korea have been observed delivering a previously undocumented backdoor and remote access trojan (RAT) called VeilShell as part of a campaign targeting Cambodia and likely other Southeast Asian countries.
The activity, dubbed SHROUDED#SLEEP by Securonix, is believed to be the handiwork of APT37, which is also known as InkySquid, Reaper, RedEyes, Ricochet Chollima,

Cyber Espionage / Threat Intelligence

Threat actors with ties to North Korea have been observed delivering a previously undocumented backdoor and remote access trojan (RAT) called VeilShell as part of a campaign targeting Cambodia and likely other Southeast Asian countries.

The activity, dubbed **SHROUDED#SLEEP** by Securonix, is believed to be the handiwork of APT37, which is also known as InkySquid, Reaper, RedEyes, Ricochet Chollima, Ruby Sleet, and ScarCruft.

Active since at least 2012, the adversarial collective is assessed to be part of North Korea's Ministry of State Security (MSS). Like with other state-aligned groups, those affiliated with North Korea, including the Lazarus Group and Kimsuky, vary in their modus operandi and likely have ever-evolving objectives based on state interests.

A key malware in its toolbox is RokRAT (aka Goldbackdoor), although the group has also developed custom tools to facilitate covert intelligence gathering.

It's currently not known how the first stage payload, a ZIP archive bearing a Windows shortcut (LNK) file, is delivered to targets. However, it's suspected that it likely involves sending spear-phishing emails.

"The \[VeilShell\] backdoor trojan allows the attacker full access to the compromised machine," researchers Den Iuzvyk and Tim Peck said in a technical report shared with The Hacker News. "Some features include data exfiltration, registry, and scheduled task creation or manipulation."

The LNK file, once launched, acts as a dropper in that it triggers the execution of PowerShell code to decode and extract next-stage components embedded into it.

This includes an innocuous lure document, a Microsoft Excel or a PDF document, that's automatically opened, distracting the user while a configuration file ("d.exe.config") and a malicious DLL ("DomainManager.dll") file are written in the background to the Windows startup folder.

Also copied to the same folder is a legitimate executable named "dfsvc.exe" that's associated with the ClickOnce technology in Microsoft .NET Framework. The file is copied as "d.exe."

What makes the attack chain stand out is the use of a lesser-known technique called AppDomainManager injection in order to execute DomainManager.dll when "d.exe" is launched at startup and the binary reads the accompanying "d.exe.config" file located in the same startup folder.

It's worth noting that this approach was recently also put to use by the China-aligned Earth Baxia actor, indicating that it is slowly gaining traction among threat actors as an alternative to DLL side-loading.

The DLL file, for its part, behaves like a simple loader to retrieve JavaScript code from a remote server, which, in turn, reaches out to a different server to obtain the VeilShell backdoor.

VeilShell is a PowerShell-based malware that's designed to contact a command-and-control (C2) server to await further instructions that allow it to gather information about files, compress a specific folder into a ZIP archive and upload it back to the C2 server, download files from a specified URL, rename and delete files, and extract ZIP archives.

"Overall, the threat actors were quite patient and methodical," the researchers noted. "Each stage of the attack features very long sleep times in an effort to avoid traditional heuristic detections. Once VeilShell is deployed it doesn't actually execute until the next system reboot."

"The SHROUDED#SLEEP campaign represents a sophisticated and stealthy operation targeting Southeast Asia leveraging multiple layers of execution, persistence mechanisms, and a versatile PowerShell-based backdoor RAT to achieve long-term control over compromised systems."

Securonix's report comes a day after Broadcom-owned Symantec revealed that the North Korean threat actor tracked as Andariel targeted three different organizations in the U.S. in August 2024 as part of a financially motivated campaign.

Found this article interesting? Follow us on Twitter __ and LinkedIn to read more exclusive content we post.

North Korean Hackers Using New VeilShell Backdoor in Stealthy Cyber Attacks

Medical imaging company I-MED left thousands of patient files exposed through re-used login credentials.

An anonymous person has disclosed that they gained online access to a radiologist’s platform that hosted patient information using stolen credentials.

I-MED Radiology is Australia’s leading medical imaging provider. Their clinics offer a range of imaging procedures including MRI, CT, x-ray, ultrasound, and nuclear medicine. The person said they found the credentials in a data set that came from another breach, meaning it’s highly likely that the account holder used the same credentials for more than one service.

Cybercriminals often use leaked credentials and try them out on other websites and services. This type of attack is called credential stuffing. Criminals with access to the credentials from Site A will then try them on sites B and C, often in automated attacks. If the user has reused their password, the accounts on those additional sites will also be compromised.

The whistleblower told Crikey they found log-in details for three accounts in the data that belonged to a hospital. The credentials gave them access to I-MED’s radiology patient portal, and with that, to files showing patients’ full names, dates of birth, sex, which scans they received, and dates of the scans.

The credentials had been available online to cybercriminals for over a year. And to make things worse the accounts had passwords three to five letters in length and were not protected by two-factor authentication (2FA). It also seemed as if these accounts were shared among several people.

This level of authentication is below par by any standard, but it’s especially unacceptable when it concerns sensitive patient data.

When queried, I-Med said:

> “We have… further strengthened our system surveillance and are working with cyber experts to respond.”

The news about the leak comes at a bad time for I-MED, following recent accusations that it allowed a startup to use patient data to train an Artificial Intelligence (AI) without consent.

**Protecting yourself after a data breach**

There are some actions you can take if you are, or suspect you may have been, the victim of a data breach.

*   **Check the vendor’s advice.** Every breach is different, so check with the vendor to find out what’s happened, and follow any specific advice they offer.
*   **Change your password.** You can make a stolen password useless to thieves by changing it. Choose a strong password that you don’t use for anything else. Better yet, let a password manager choose one for you.
*   **Enable two-factor authentication (2FA).** If you can, use a FIDO2-compliant hardware key, laptop or phone as your second factor. Some forms of two-factor authentication (2FA) can be phished just as easily as a password. 2FA that relies on a FIDO2 device can’t be phished.
*   **Watch out for fake vendors.** The thieves may contact you posing as the vendor. Check the vendor website to see if they are contacting victims, and verify the identity of anyone who contacts you using a different communication channel.
*   **Take your time.** Phishing attacks often impersonate people or brands you know, and use themes that require urgent attention, such as missed deliveries, account suspensions, and security alerts.
*   **Consider not storing your card details**. It’s definitely more convenient to get sites to remember your card details for you, but we highly recommend not storing that information on websites.
*   **Set up identity monitoring.** Identity monitoring alerts you if your personal information is found being traded illegally online, and helps you recover after.

If you want to find out what personal data of yours has been exposed online, you can use our free Digital Footprint scan. Fill in the email address you’re curious about (it’s best to submit the one you most frequently use) and we’ll send you a free report.

 Radiology provider exposed tens of thousands of patient files 

The malware, called "BabyLockerKZ," has primarily affected users in Europe and South America.

*   Cisco Talos has discovered a financially motivated threat actor, active since 2022, recently observed delivering a MedusaLocker ransomware variant. 
*   Intelligence collected by Talos on tools regularly employed by the threat actor allows us to see an estimate of the amount and countries of origin of this group’s victims. This actor has been active since at least late 2022 and targets organizations worldwide, although the number of victims was higher than average in EU countries until mid-2023 and, since then, in South American countries.
*   This threat actor was observed distributing a MedusaLocker ransomware variant known as “BabyLockerKZ.” This variant is compiled with a PDB path containing the word “paid\_memes” which is also present in other tools observed during the attacks, presumably by the same author.
*   Talos has new information on the attacker’s tools, including BabyLockerKz and attacker TTPs and IOCs to assist in detecting and preventing further attacks.

Talos has recently observed an attack leading to the deployment of a MedusaLocker ransomware variant known as “BabyLockerKZ.” The distinguishable techniques — including consistently storing the same set of tools in the same location on compromised systems, the use of tools that have the PDB path with the string “paid\_memes,” and the use of a lateral movement tool named “checker” — used in the attack led us to take a deeper look to try to understand more about this threat actor. 

This attacker uses several publicly known attack tools and living-off-the-land binaries (LoLBins), a set of tools built by the same developer (possibly the attacker) to assist in credential theft and lateral movement in compromised organizations. These tools are mostly wrappers around publicly available tools that include additional functionality to streamline the attack process and provide graphical or command-line interfaces. 

The same developer built the MedusaLocker variant used in the initial attack. This variant that uses the same chat and leak site URLs contains several differences to the original MedusaLocker ransomware, such as a different autorun key or an extra public and private key set stored in the registry. Based on the name of the autorun key, the attackers call this variant “BabyLockerKZ.” 

We assess with medium confidence that the actor is financially motivated, likely working as an IAB or an affiliate of a ransomware cartel, and has been carrying out attacks since at least 2022. Our telemetry indicates that the actor opportunistically targeted many victims worldwide. In late 2022 and early 2023, most victims were in European countries, but since the first quarter of 2023, the group’s focus shifted toward South American countries and, as a result, the number of victims per month almost doubled.

**Tracking BabyLockerKZ across the globe**

Intelligence collected by Talos on tools regularly employed by the threat actor allows us to estimate the number of, and the countries of origin of the victims. Although this is unlikely to capture all of the adversary’s activities, it still provides a look at a specific window of activity.

The actor has been active since at least October 2022. At that time, the targets were mostly located in European countries such as France, Germany, Spain or Italy. During the second  quarter of 2023, the attack volume per month almost doubled, and the group shifted its focus toward South American countries such as Brazil, Mexico, Argentina and Colombia, as shown in the chart below. The attacks kept a steady volume of around 200 unique IPs compromised per month until the first quarter of 2024 when the attacks decreased.

The actor has consistently compromised a large number of organizations, often more than 100 per month, since at least 2022. This reveals the professional and highly aggressive nature of the attacks and is coherent with the activity we would expect from an IAB or ransomware affiliate.

During the attack leading to the deployment of the BabyLockerKZt, the adversary used several publicly known attack tools and others that could be unique to this actor. The group frequently used the Music, Pictures or Documents user folders of compromised systems to store attack tools. For example, the following paths were used to store tools during this attack:

*   c:\\users\\<user>\\music\\advanced\_port\_scanner\_2.5.3869.exe
*   c:\\users\\<user>\\music\\hrsword\\hrsword install.bat
*   c:\\users\\<user>\\music\\killav\\build.004\\disabler.exe
*   c:/users/<user>/music/checker/checker(222).exe
*   c:/users/<user>/music/checker/invoke-thehash.ps1
*   c:/users/<user>/music/checker/checker (222).exe
*   c:/users/<user>/music/checker/invoke-smbexec.ps1
*   c:/users/<user>/music/checker/invoke-wmiexec.ps1
*   c:/users/<user>/appdata/roaming/ntsystem/ntlhost.exe.exe
*   c:/users/<user>/appdata/local/temp/advanced port scanner 2/advanced\_port\_scanner.exe
*   c:/users/<user>/appdata/local/temp/is-juad3.tmp/advanced\_port\_scanner\_2.5.3869.tmp

These are similar to a previous attack leading to MedusaLocker ransomware, documented by ASEC in February 2023, which our telemetry suggests was a more active period for this threat actor.

Some of the publicly known tools used by the attacker are:

*   HRSword\_v5.0.1.1.rar: A tool used to disable AV and EDR software.
*   Advanced\_Port\_Scanner\_2.5.3869.exe: A network-scanning tool with several additional features to map internal networks and devices.
*   Netscan.exe: SoftPerfect Network Scanner: A tool similar to Advanced Port Scanner.
*   Processhacker.exe: Process Monitoring and administration software. Allows a TA to enumerate and control processes running on the infected endpoint.
*   PCHunter64.exe: A tool similar to processhacker.
*   Mimikatz: A tool to dump Windows user credentials from memory.

While most of the tools the attacker uses are publicly available, they also use some tools that are not widely distributed that streamline the attack process by automating the interaction between popular attack tools (e.g., Mimikatz, Invoke-the-hash, PSEXEC, RDP) and by adding convenient functionality and interfaces. One of these tools, called “Checker” used in an attack that deployed BabyLockerKZ, consisted of pivotal characteristics of BabyLockerKZ, the “Checker” tool has a PDB path containing the string “**paid\_memes**”. Pivoting off this string, we identified files on VirusTotal, of which most are BabyLockerKZ samples. We also discovered several other tools, which we’ll outline below.

Checker (E:\\**paid\_memes**\\wmi\_smb\_rdp\_checker\\Release\\checker.pdb) is an app that bundles several other freely available apps and provides a GUI for management of credentials as the attackers proceed with lateral movement. In particular it contains a set of tools:

*   Remote Desktop Plus
*   PSEXEC
*   MIMIKATZ

And a set of scripts based on the Invoke-TheHash tool.

The tool also contains a GUI, as shown below, and a database to store the credentials.

As the image illustrates, the tool can be used to scan IPs for valid credentials using several protocols/techniques (PSEXEC, RDP, SMB and WMI) and is prepared to import data from lists of hosts and some of the tools in the attacker toolset, such as Mimikatz, as well as an advanced port scanner. The tool can also decrypt hashes and offers the convenience of a GUI to store a database of the hosts and respective credentials that have been obtained or verified.

**PTH project**

The PTH (D:\\Projects\\**paid\_memes**\\PTH\\Release\\PTH.pdb) name suggests the pass-the-hash technique to use NTLM hashes to authenticate remotely without having to crack the password. Looking at its resources it embeds:

*   Invoke-SMBClient.ps1
*   Invoke-SMBEnum.ps1
*   Invoke-SMBExec.ps1
*   Invoke-TheHash.ps1
*   Invoke-WMIExec.ps1

These were also used in the checker tool and are part of Invoke-TheHash. According to the author: 

_“Invoke-TheHash contains PowerShell functions for performing pass the hash WMI and SMB tasks. WMI and SMB connections are accessed through the .NET TCPClient. Authentication is performed by passing an NTLM hash into the NTLMv2 authentication protocol. Local administrator privilege is not required client-side.”_

MIMIK (D:\\Projects\\**paid\_memes**\\mimik\\Release\\stub\_mimik.pdb) is a wrapper around Mimikatz and rclone that can be used to steal credentials and automatically upload them to an attacker-controlled server. The following image shows the terminal output for the tool.

The following command lines are examples of commands executed via the tool:

*   64.exe privilege::debug sekurlsa::logonPasswords token::elevate lsadump::sam full exit 
*   C:\\Users\\user\\Desktop\\64.exe 64.exe "privilege::debug" "sekurlsa::logonPasswords" "token::elevate" "lsadump::sam full" exit 
*   64.exe "privilege::debug" "sekurlsa::logonPasswords" "token::elevate" "lsadump::sam full" exit
*   C:\\Users\\user\\Desktop\\rclone.exe rclone rcd --rc-no-auth --bwlimit=30M
*   C:\\Users\\user\\Desktop\\rclone.exe rclone rc operations/stat

**BabyLockerKZ**

BabyLockerKZ is a variant of MedusaLocker that has been around at least since late 2023 and has been analyzed by other researchers, although not specifically called out as a MedusaLocker variant with this name. 

A Cynet blog post on the malware used the name “Hazard” for a MedusaLocker variant (named after the extension used for encrypted files) and mentions the existence of the BabyLockerKZ registry key. 

Another post from Whitehat mentions the existence of PAIDMEMES PUBLIC and PRIVATE registry keys on a MedusaLocker sample. 

This variant has not been given much attention outside of that, though, possibly because it’s highly similar to MedusaLocker or because it uses the same chat and leak sites as MedusaLocker. But there are several notable differences between BabyLockerKZ and MedusaLocker, such as:

*   No {8761ABBD-7F85-42EE-B272-A76179687C63} mutex.
*   No MDSLK reg key.
*   The PAIDMEMES Public and private keys.
*   The BabyLockerKZ run key.

The use of the PAIDMEMES public and private keys is unclear. In their post, Whitehat mentioned that they believe the keys aren’t necessary for the encryption process, as the Linux version doesn’t use them. Further research into the use of these keys might be a topic for another blog post.

**Coverage**

Ways our customers can detect and block this threat are listed below.

Cisco Secure Endpoint (formerly AMP for Endpoints) is ideally suited to prevent the execution of the malware detailed in this post. Try Secure Endpoint for free here.

Cisco Secure Web Appliance web scanning prevents access to malicious websites and detects malware used in these attacks.

Cisco Secure Email (formerly Cisco Email Security) can block malicious emails sent by threat actors as part of their campaign. You can try Secure Email for free here.

Cisco Secure Firewall (formerly Next-Generation Firewall and Firepower NGFW) appliances such as Threat Defense Virtual, Adaptive Security Appliance and Meraki MX can detect malicious activity associated with this threat.

Cisco Secure Network/Cloud Analytics (Stealthwatch/Stealthwatch Cloud) analyzes network traffic automatically and alerts users of potentially unwanted activity on every connected device.

Cisco Secure Malware Analytics (Threat Grid) identifies malicious binaries and builds protection into all Cisco Secure products.

Umbrella, Cisco’s secure internet gateway (SIG), blocks users from connecting to malicious domains, IPs and URLs, whether users are on or off the corporate network. Sign up for a free trial of Umbrella here.

Cisco Secure Web Appliance (formerly Web Security Appliance) automatically blocks potentially dangerous sites and tests suspicious sites before users access them. 

Additional protections with context to your specific environment and threat data are available from the Firewall Management Center.

Cisco Duo provides multi-factor authentication for users to ensure only those authorized are accessing your network. 

**Open-source Snort Subscriber Rule Set** customers can stay up to date by downloading the latest rule pack available for purchase on Snort.org. SIDs for this threat: Snort3 Rules: 1:300998:1:0 Snort2 Rules: 1:63928:1:0, 1:63929:1:0

**ClamAV** detections are also available for this threat:  
Win.Ransomware.MedusaLocker-10035000-1  
Win.Tool.PassTheHash-10034996-0  
Win.Ransomware.MedusaLocker-10035000-0

**Indicators of Compromise**

IOCs for this research can be found at our Github repository here

**BabylockerKZ:**

33a8024395c56fab4564b9baef1645e505e00b0b36bff6fad3aedb666022599a

b8c994e3ed7dcc9080916119ddc315533c129479f508676d7544b82b2e24745f

63eb3d2886d9cb880c9b0d54b94f3e149b3b5b6215a33a0ef63588a09dcd4499

270c3354b3ee2940b499e365eaba143fba9d458f434dc38e663dc0f08e96121e

759b96f44806578cc0836a3a2bf11c8bc553effac72f8d28b94aec78b66be906

**PTH:**

9f066975f1e02b29c7c635280f405c59704ce4f4e06b04e9ac8a7eac22acd3c7

8bc455e5de35290f8a94376357947bd72aaf6f4d452c25a8ef444e037ef76b9f

**Checker:**

d00f7cf6af68ba832b9d364f28411346cfe66fd3b1f5bcac318766add29ff7f0

1f2df15442593b159e45d16a27e4d43d3a9062da212a588ba4c048f214a0b7be

1e9246e6a35731143368eaa0ade4f3cf576d6b22e6090152f6e94f1fa3070651

6ae3a58a78be9c606009c657de4e390538b21ad951e62b6f4d31138e1a75732c

2eddfe711c32ef1668e14a10d00452c83c29e394e17c41f491550a1583c1bcac

**HOHOL1488:**

dc4840a0992b218cbedd5a7ac5c711cb98f1f9e78a8ffdea37c694061dfd34c6

48046fb0e566f5a2d184f84b76d6cadc458762556daed0ae4a3a1200afbefb54

c0c726a23111c220d022fcd01a85f9788249e42baece03f83b6059170453b801

012657c4548d9c98223caa4cc7aa52fc083d6983d42fde16ca3271412e7fe3fe

8edbb1944d94ff91ee917c31590b6d1d5690a52fc153e44355ee9749aa0f4625

364f1b7466d8e4c9f55294ecf1f874c763bcf980c59b0250c613ac366def6aca

5d5d639fdfbf632bb7d9f1bb28731217d09d36078ab5e594baf2a5a41267a5d2

**PDB list:**

d:/projects/paid\_memes/virus/release/stub.pdb

e:/locker/bin/stub\_win\_x64\_encrypter.pdb

i:/locker/bin/stub\_win\_x64\_encrypter.pdb

d:/education/locker/bin/stub\_win\_x64\_encrypter.pdb

d:/education/locker/bin/stub\_win\_x86\_encrypter.pdb

d:/projects/paid\_memes/wmi\_smb\_rdp\_checker/release/checker.pdb

d:/projects/paid\_memes/mimik/release/stub\_mimik.pdb

i:/locker/x64/release/phantom.pdb

d:/projects/paid\_memes/pth/release/pth.pdb

**Registry keys:**

HKEY\_USERS\\%SID%\\SOFTWARE\\PAIDMEMES\\PRIVATE

HKEY\_USERS\\%SID%\\SOFTWARE\\PAIDMEMES\\PUBLIC

HKEY\_CURRENT\_USER\\SOFTWARE\\PAIDMEMES\\PUBLIC

HKEY\_CURRENT\_USER\\SOFTWARE\\PAIDMEMES\\PRIVATE

HKCU\\SOFTWARE\\PAIDMEMES\\PUBLIC

HKCU\\SOFTWARE\\PAIDMEMES\\PRIVATE

HKEY\_CURRENT\_USER\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run\\BabyLockerKZ

HKCU\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run\\BabyLockerKZ

HKEY\_USERS\\%SID%\\Software\\Microsoft\\Windows\\CurrentVersion\\Run\\BabyLockerKZ

**Extension names observed being used by BabyLockerKZ samples:**

crypto125

crypto1317

crypto165

crypto41

crypto76

encrypted1

hazard11

hazard21

hazard23

hazard24

hazard25

hazard27

hazard31

hazard38

hazard49

hazard55

hazard56

hazard7

infected

lock2

lock3

lock5

locked9

lockfiles

meduza210

rapid1

rapid10

readtext13

readtext47

readtext49

recovery29

recovery70

virus2

virus3

virus57

**Encryption key BabyLockerKZ:**

PUTINHUILO1337

**MUTEX BabyLockerKZ:**

HOHOL1488

Threat actor believed to be spreading new MedusaLocker variant since 2022

The FIN7 group is mounting a sophisticated malware campaign that spans numerous websites, to lure people with a deepfake tool promising to create nudes out of photos.

Source: Mike via Adobe Stock Photo

The notorious FIN7 threat group is combining artificial intelligence (AI) with social engineering in an aggressive, adult-themed threat campaign that dangles lures for access to technology that can "deepfake" nude photos — all to fool people into installing infostealing malware.

The powerful Russian financial cybercrime group has created at least seven websites that advertise for what's called a "DeepNude Generator," which promises to use deepfake technology transform any photo into a nude representation of the person pictured, according to new research from the threat hunters at Silent Push.

People can either download the generator via the site or sign up for a "free trial," demonstrating the sophistication of the scam. But instead of receiving the tool, they end up downloading malicious payloads such as the stealers Lumma and Redline, which can be used to deliver further malware such as ransomware, the researchers said.

Given the provocative lure, organizations are vulnerable to the campaign, as it may entice  unsuspecting employees to download malicious files. "These files may directly compromise credentials via infostealers or be used for follow-on campaigns that deploy ransomware," according to a blog post about the research.

Meanwhile, FIN7 also continues to promote an existing malvertising campaign that targets corporate users with lures to content by popular brands — including  SAP Concur, Microsoft, Thomson Reuters, and FINVIZ stock screening —  to spread the NetSupport RAT and .MSIX malware, according to Silent Push. The researchers identified a number of active IPs and thus "active new websites" hosting the ploy, which asks people to download a fake "required browser extension," which is actually a malicious payload, to view content related to the brands.

Related:Thousands of DrayTek Routers at Risk From 14 Vulnerabilities

**Fin7 Evolves With the Times**

The DeepNude Generator campaign demonstrates particularly sophisticated thought and planning on the part of FIN7, which developed at least seven dedicated websites URLs —such as aiNude\[.\]ai, easynude\[.\]website, and ai-nude\[.\]cloud — to make it appear convincing.

There is also evidence that FIN7 is employing search engine optimization (SEO) to keep users engaged and to rank their honeypots higher in search results by using footer links to "Best Porn Sites" on its sites. Those links direct victims to other malicious sites dangling the same lure.

Moreover, the group invested effort in creating two website versions for promoting the deepfake tool. The first involves a DeepNude Generator "free download," and the second offers site visitors a DeepNude Generator "free trial," each with a different attack flow.  

Related:Python-Based Malware Slithers Into Systems via Legit VS Code

The first uses "a simple user flow" that uses a "free download" link leading users to a new domain featuring a Dropbox link or another source hosting a malicious payload, according to Silent Push.

The second attack flow prompts users via a "free trial" button to upload an image to test the generator. If this is done, the user is next prompted with a “trial is ready for download” message, with a corresponding pop-up requires the user to answer the question: "The link is for personal use only, do you agree?"

"If the user agrees and clicks 'download,' they are served a .zip file with a malicious payload" that leads to the Lumma Stealer, and which uses a DLL side-loading technique for execution, according to Silent Push.

**Mitigation & Defense Against Fin7**

The two campaigns demonstrate that FIN7 — a cybercrime collective also known as Carbanak, Carbon Spider, Cobalt Group, and Navigator Group that's been active since 2012 — remains an imminent threat despite many attempts by law enforcement to shut it down, or at least significantly disrupt it. It also shows a tenacity on the group's part to evolve with modern technology and psychological tactics to create more sophisticated ways to spread malware, the researchers said.

Related:Dragos Expands ICS Platform With New Acquisition

Indeed, FIN7 has long been known for its savvy combination of malware and social engineering, having mounted a slew of successful, financially motivated attacks against global organizations that have hauled in well over $1.2 billion — and counting — for the criminal enterprise.

To help organizations combat threats from FIN7 and other organized cybercriminal groups, developing indicators of attack based on the group's tactics, techniques, and procedures (TTPs) is one method. Also, training employees to be aware of these increasingly elaborate social engineering tactics that threat groups use, and blocking the download of any unknown any files from the Internet onto a machine connected to a corporate network also can help enterprises avoid compromise by sophisticated threat campaigns.

**About the Author**

Elizabeth Montalbano is a freelance writer, journalist, and therapeutic writing mentor with more than 25 years of professional experience. Her areas of expertise include technology, business, and culture. Elizabeth previously lived and worked as a full-time journalist in Phoenix, San Francisco, and New York City; she currently resides in a village on the southwest coast of Portugal. In her free time, she enjoys surfing, hiking with her dogs, traveling, playing music, yoga, and cooking.

Tag

#intel