SecurityBrief India - Technology news for CISOs & cybersecurity decision-makers
India
Guides
#
cloud security
#
cybersecurity
#
endpoint protection
#
firewall
#
ransomware
Search
Story image
#
Advanced Persistent Threat Protection
#
Blockchain
#
Cryptocurrency
ESET report exposes rise of AI attacks & Android spyware
Thu, 21st Dec 2023
Author image
By Shannon Williams, Journalist
Follow us

The latest ESET Threat Report unveils key cybersecurity trends and incidents for the period June to November 2023, highlighting an environment riddled with significant security incidents, AI-themed attacks and Android spyware cases.

The report draws attention to several major cyber threats, including a surprising attack from the infamous cybercriminal group, Cl0p. Renowned for its large-scale ransomware attacks, the group deviated from its typical modus operandi in the prominent MOVEit hack, opting not to deploy ransomware. ESET Director of Threat Detection, Ji Krop, noted, "A key shift in Cl0p's strategy was its move to leak stolen information to public websites in cases where the ransom was not paid", a trend also seen with the ALPHV ransomware gang.

Another area of concern highlighted in the report is the escalating number of spyware cases affecting Android technology, with the SpinOk threat lifting the tally for this period. The report states that SpinOk spyware is distributed as a software development kit and is found within various legitimate Android applications.

In the realm of AI, ESET identified dedicated campaigns targeting users of AI tools such as ChatGPT and the OpenAI API. Also within the AI context, ESET researchers noted a sizeable number of efforts to access maligned domains resembling ChatGPT, suggesting potential threats to the privacy of OpenAI API users.

"Amidst the prevalent discussion regarding AI-enabled attacks, we have identified specific campaigns targeting users of tools like ChatGPT," said ESET's Jiří Kropáč.

"We also noticed a considerable number of attempts to access malicious domains with names resembling “chapgpt”, seemingly in reference to the ChatGPT chatbot. 

"Threats encountered via these domains also include web apps that insecurely handle OpenAI API keys, emphasising the importance of protecting the privacy of your OpenAI API keys."

The Threat Report also focused on the IoT landscape, signalling a new threat against IoT devices labelled Android/Pandora. This malware compromises Android devices including smart TVs, TV boxes, and mobile devices, and leverages them for DDoS attacks. On a brighter note, researchers at ESET have found a kill switch that was used to successfully neutralise the Mozi IoT botnet.

While ESET observed an elevated value of Bitcoin, they reported an uncharacteristic absence of a corresponding increase in cryptocurrency threats. Conversely, cryptostealers saw an uptick due to the emergence of the malware-as-a-service infostealer known as Lumma Stealer, focused on cryptocurrency wallets.

The ESET Threat Report provides a critical view of the current digital threat landscape, noting anything from malware campaigns to changes in cybercriminal tactics. Such snapshot can offer valuable insights for individuals and organisations eager to navigate an increasingly intricate web of digital threats and work towards secure and safe technological use.

Related stories
Smarttech247 & SentinelOne launch AI-powered cybersecurity for SMEs
AI tools linked to data exposure in 1 in 5 UK organisations
AI & ML form critical defence against digital deception
Telegram users targeted in cryptocurrency scam, Kaspersky reports
KnowBe4 to acquire Egress for enhanced AI-driven cybersecurity
Top stories
Zscaler introduces enhanced ZDX service for improved IT operations
The importance of cybersecurity training for software developers
HID acknowledged as Leader in Gartner Magic Quadrant for Indoor Location Services
Exclusive: How Darktrace is tackling AI-driven cybersecurity
Record ransomware attacks in March 2024, report finds