Hackers abuse the ChatGPT name for malicious domains to exploit the credibility associated with the ChatGPT model, deceiving users into trusting fraudulent websites.
Leveraging the model's reputation enables them to trick individuals into:-.
This ransomware group is well-known for using ransomware in large-scale hacks; this time, their massive campaign used a zero-day vulnerability in MOVEit on May 27.
The flaw, held since 2021, enabled unauthorized access, showcasing Cl0p's evolution beyond traditional ransomware exploits.
Recently, the cybersecurity researchers at ESET discovered more than 650,000 malicious domains registered resembling ChatGPT. The Russian ransomware group, Cl0p, hit global firms and US agencies in this attack.
A notable change is that now they leak data on the open web if the ransom isn't paid, it's a tactic shared with the ALPHV ransomware gang.
The FBI notes ransomware evolving with multi-variant attacks like:-.
In IoT, cybersecurity researchers find and disable the Mozi botnet with a discovered kill switch.
The Mozi botnet, which has been among the largest in three years, fell suddenly, prompting questions on kill switch use by developers or Chinese authorities.
The new threat, Android/Pandora, hits the following types of Android devices for DDoS attacks in the same landscape:-.
Cybersecurity researchers pinpoint the campaigns hitting ChatGPT users and numerous tries to access shady domains like-.
Apart from this, the threats include insecure handling of OpenAI API keys, stressing the need for key privacy protection.
The prevention is possible with better security measures by developers and admins.
Cryptostealers surge with Lumma Stealer, a malware-as-a-service infostealer targeting crypto wallets.
Bitcoin's value rises without matching the increased cryptocurrency threats.
All these evolutions in the cybersecurity landscape highlight the diverse threat tactics.
This Cyber News was published on gbhackers.com. Publication date: Tue, 02 Jan 2024 06:43:06 +0000