ESET Research
An AI chatbot inadvertently sparks a cybercrime boom, ransomware bandits loot organizations without deploying ransomware, and a new botnet enslaves Android TV boxes.
January 31, 2024
•
,
2 minutes. read
In this episode of the ESET Research Podcast, we analyze the most interesting findings from ESET’s H2 2023 Threat Report, including malicious actors trying to capitalize on the AI hype, likely the biggest cyber incident observed all year, and a new threat lurking in the world. the Android and IoT space.
The rapid growth of AI chatbots such as ChatGPT has triggered a parallel rise in cybercrime. The blocking of more than 675,000 attempts to access malicious domains mimicking this popular chatbot in 2023 indicates that cybercriminals have found fertile ground.
Some of these domains present themselves as bringable web applications, requiring users to share their OpenAI API keys. But these apps could steal the keys, leading to unexpected charges for using the API. To avoid this, it is crucial to never share your API key.
The cybercrime landscape is not limited to AI enthusiasts. The Cl0p ransomware group carried out a massive attack earlier this year by exploiting a zero-day vulnerability in the MOVEit transfer software. More than 2,600 organizations were affected, and the estimated financial damage reached a staggering $14 billion. Cl0p leaked the stolen information via the dark web, torrents and the clear web, intensifying the pressure on victims.
Meanwhile, the world of IoT was grappling with its share of problems. In 2023, the Pandora botnet emerged, compromising Android devices, including Android TV boxes. This malware, based on the leaked source code of the Mirai malware, can be distributed via malicious firmware updates or through applications offering pirated content.
Faced with these cyber threats, users should exercise caution when downloading apps, especially those promising free content. Keeping devices up to date and using reputable security solutions provide an essential layer of protection against cybercrime.
For all these topics and much more from ESET Threat Reportlisten to the latest episode of the ESET Research podcast, hosted by Arye Goretski. This time, he directed his questions to one of the report’s authors, Security Awareness Specialist. Rene Holt.
For the full H2 2023 report, including other topics such as a new Android spyware family, an update on the demise of the Mozi botnet, the rise of cryptostealer Lumma Stealer and the latest developments in the Magecart scene , read the full report. here.
Discussed:
- ChatGPT 1:07
- MOVEit hack 5:46
- Pandora Botnet 8:57