Search This Blog
Powered by Blogger.

Blog Archive

Labels

Footer About

Footer About

Labels

Load More
Trendy Right Now

Popular Posts

Showing posts with label Cyber Attacks. Show all posts
Microsoft Outlook security
Customer Data Cyber Attacks Cyber Phishing Data Theft Hijacking Microsoft Microsoft Outlook Microsoft Outlook security

Malicious Outlook Add-In Hijack Steals 4,000 Microsoft Credentials

 

A breach transformed the AgreeTo plug-in for Microsoft Outlook - once meant for organizing meetings - into a weapon that harvested over four thousand login details. Though built by a third-party developer and offered through the official Office Add-in Store starting in late 2022, it turned against its intended purpose. Instead of simplifying calendars, it funneled user data to attackers. What began as a practical tool ended up exploited, quietly capturing credentials under false trust. 

Not every tool inside Office apps runs locally - some pull data straight from web addresses. For AgreeTo, its feature lived online through a link managed via Vercel. That address stopped receiving updates when the creator walked away, even though people kept using it. With no one fixing issues, the software faded into silence. Yet Microsoft still displayed it as available for download. Later, someone with harmful intent took control of the unused webpage. From there, they served malicious material under the app’s trusted name. A login screen mimicking Microsoft’s design appeared where the real one should have been, according to analysts at Koi Security. 

Instead of authentic access points, users faced a counterfeit form built to harvest credentials. Hidden scripts ran alongside, silently sending captured data elsewhere. After approval in Microsoft’s marketplace, the add-in escaped further checks. The company examines just the manifest when apps are submitted - nothing beyond that gets verified later. Interface components and features load externally, pulled from servers run by developers themselves. 

Since AgreeTo passed initial review, its updated files came straight from machines now under malicious control. Oversight ended once publication was complete. From inside the attacker’s data pipeline, Koi Security found over 4,000 Microsoft login details already taken. Alongside these, information such as credit card records and responses to bank verification questions had also been collected. While analyzing activity, experts noticed live attempts using the breached logins unfolding in real time. 

Opening the harmful AgreeTo add-on in Outlook displayed a counterfeit Microsoft login screen within the sidebar rather than the expected calendar tool. Resembling an authentic authentication portal, this imitation proved hard to recognize as fraudulent. Once victims submitted their details, those credentials got sent through a Telegram bot interface. Following that transfer, individuals saw the genuine Microsoft sign-in page appear - helping mask what had just occurred. Despite keeping ReadWriteItem access, which enables viewing and editing messages, there's no proof the tool tampered with any emails. 

Behind the campaign, investigators spotted a single actor running several phishing setups aimed at financial services, online connectivity firms, and email systems. Notable because it lives inside Microsoft’s official store, AgreeTo stands apart from past threats that spread via spam, phishing, or malvertising. This marks the first time a verified piece of malware has appeared on the Microsoft Marketplace, according to Oren Yomtov at Koi. He also notes it is the initial harmful Outlook extension spotted actively used outside test environments. 

A removal of AgreeTo from the store was carried out by Microsoft. Anyone keeping the add-in should uninstall it without delay, followed by a password change. Attempts to reach Microsoft for input have been made; no reply came so far.
Read more »
Windows
BYOVD Attack cloud storage Cyber Attacks Linux phishing Ransomware Reynolds Windows

New Ransomware Uses Trusted Drivers to Disable Security Defenses

 


Security monitoring teams are tracking a new ransomware strain called Reynolds that merges system sabotage and file encryption into a single delivery package. Instead of relying on separate utilities to weaken defenses, the malware installs a flawed system driver as part of the infection process, allowing it to disable protective software before encrypting data.

The method used is known in security research as Bring Your Own Vulnerable Driver, or BYOVD. This approach abuses legitimate drivers that contain known weaknesses. Because operating systems recognize these drivers as trusted components, attackers can exploit them to gain deep system access and stop endpoint protection tools with reduced risk of detection. This tactic has been repeatedly observed across multiple ransomware operations in recent years.

In the Reynolds incidents, the malware deploys the NSecKrnl driver produced by NsecSoft. This driver contains a publicly documented vulnerability tracked as CVE-2025-68947, rated 5.7 in severity. The flaw allows any running process to be forcibly terminated, which attackers use to shut down security platforms including Avast, CrowdStrike Falcon, Palo Alto Networks Cortex XDR, Sophos with HitmanPro.Alert, and Symantec Endpoint Protection. The same driver has previously been abused by a threat actor known as Silver Fox in campaigns that disabled security tools before deploying ValleyRAT. Silver Fox has also relied on other vulnerable drivers, such as truesight.sys and amsdk.sys, during similar operations.

Security analysts note that integrating defense suppression into ransomware itself is not unprecedented. A comparable approach appeared during a Ryuk ransomware incident in 2020 and later in activity linked to the Obscura ransomware family in August 2025. Folding multiple attack stages into a single payload reduces operational complexity for attackers and decreases the number of separate files defenders might detect.

Investigations into recent intrusions uncovered signs of long-term preparation. A suspicious loader that used side-loading techniques was found on victim networks several weeks before encryption occurred. Following deployment of the ransomware, a remote access program known as GotoHTTP was installed within one day, indicating an effort to preserve long-term control over compromised systems.

Parallel ransomware campaigns reveal additional shifts in attacker behavior. Large phishing operations are circulating shortcut file attachments that trigger PowerShell scripts, leading to the installation of Phorpiex malware, which then delivers GLOBAL GROUP ransomware. This ransomware conducts all operations locally and does not transmit stolen data, allowing it to function in networks without internet access. Other campaigns tied to WantToCry have exploited virtual machines provisioned through ISPsystem, a legitimate infrastructure management service, to distribute malware at scale. Some of the same hosting infrastructure has been linked to LockBit, Qilin, Conti, BlackCat, and Ursnif, as well as malware families including NetSupport RAT, PureRAT, Lampion, Lumma Stealer, and RedLine Stealer.

Researchers assess that bulletproof hosting providers are renting ISPsystem virtual machines to criminal actors by abusing a design flaw in VMmanager’s default Windows templates. Because these templates reuse identical hostnames and system identifiers, thousands of virtual machines can be created with the same fingerprint, making takedown efforts more difficult.

Ransomware groups are also expanding their business models. DragonForce now provides affiliates with a “Company Data Audit” service, which includes risk assessments, pre-written call scripts, executive-level letters, and negotiation guidance. The group operates as a cartel that allows affiliates to launch their own brands while sharing infrastructure and services.

Technical changes are shaping newer ransomware versions. LockBit 5.0 has replaced AES encryption with ChaCha20 and now targets Windows, Linux, and ESXi environments. The latest version includes file wiping capabilities, delayed execution, encryption progress tracking, improved evasion techniques, stronger in-memory operation, and reduced disk footprints. The Interlock group continues to target organizations in the United Kingdom and United States, particularly in education. One attack exploited a zero-day vulnerability in the GameDriverx64.sys anti-cheat driver, tracked as CVE-2025-61155 with a 5.5 severity score, to disable security tools using BYOVD methods. The same campaign deployed NodeSnake, also known as Interlock RAT or CORNFLAKE, with MintLoader identified as the initial access point.

Targeting strategies are also shifting toward cloud storage. Poorly configured Amazon Web Services S3 buckets are being abused through native platform functions to erase data, restrict access, overwrite files, or quietly extract sensitive information while remaining difficult to detect.

Industry tracking from Cyble indicates that GLOBAL GROUP is among several ransomware crews that appeared in 2025, alongside Devman, DireWolf, NOVA, J group, Warlock, BEAST, Sinobi, NightSpire, and The Gentlemen. ReliaQuest reported that Sinobi’s data leak activity increased by 306 percent in the final quarter of 2025, ranking it third behind Qilin and Akira. LockBit’s resurgence included 110 victim listings in December alone. Researchers estimate that ransomware actors claimed 4,737 attacks in 2025, compared with 4,701 in 2024. Incidents centered only on data theft rose to 6,182, reflecting a 23 percent increase. Coveware reported that average ransom demands reached $591,988 in late 2025, driven by a small number of exceptionally large settlements, and warned that attackers may shift back toward encryption-based extortion to increase pressure on victims.

Read more »
United Kingdom
Botnet construction Cyber Attacks Prometei Russia United Kingdom

UK Construction Company’s Windows Server Infiltrated by Prometei Botnet

 



In January 2026, a construction company in the United Kingdom found an unwelcome presence inside one of its Windows servers. Cybersecurity analysts from eSentire’s Threat Response Unit (TRU) determined that the intruder was a long-running malware network known as Prometei, a botnet with links to Russian threat activity and active since at least 2016.

Although Prometei has been widely observed conducting covert cryptocurrency mining, the investigation showed that this malware can do much more than simply generate digital currency. In this case, it was also capable of capturing passwords and potentially enabling remote control of the affected system.

According to the analysis shared with cybersecurity media, this attack did not involve complex hacking techniques. The initial intrusion appears to have occurred because the attackers were able to successfully log into the server using Remote Desktop Protocol (RDP) with weak or default login credentials. Remote Desktop, a tool used to access computers over a network, can be exploited easily if account passwords are simple.

Prometei is not a single program that drops onto a system. Instead, it operates as a collection of tools designed to carry out multiple functions once it gains access. When the malware first infects a machine, it adds a new service with a name such as “UPlugPlay,” and it creates a file called sqhost.exe to ensure that it relaunches automatically every time the server restarts.

Once these persistence mechanisms are in place, the malware downloads its main functional component, often called zsvc.exe, from a command server linked to an entity identified in analysis as Primesoftex Ltd. This payload is transmitted in encrypted form and disguised to avoid detection.

After establishing itself, Prometei collects basic technical information about the infected system by using legitimate Windows utilities. It then employs credential-harvesting techniques that resemble the behaviour of publicly known tools, capturing passwords stored on the server and within the network. In the course of this activity, Prometei commonly leverages the TOR anonymity network to conceal its command and control communications, making it harder for defenders to trace its actions.

Prometei also has built-in countermeasures to evade analysis and detection. For example, the malware checks for the presence of a specific file called mshlpda32.dll. If this file is absent, instead of crashing or revealing obvious malicious behaviour, the malware executes benign-looking operations that mimic routine system tasks. This is a deliberate method to confuse security researchers and automated analysis tools that attempt to study the malware in safe environments.

In a further twist, once Prometei has established a foothold, it also deploys a utility referred to as netdefender.exe. This component monitors failed login attempts and blocks them, effectively locking out other potential attackers. While this might seem beneficial, its purpose is to ensure that the malicious operator retains exclusive control of the compromised server.

To protect systems from similar threats, cybersecurity experts urge organisations to replace default passwords with complex, unique credentials. They recommend implementing multi-factor authentication for remote access services, keeping software up to date with security patches, and monitoring login activity for unusual access attempts. eSentire has also released specialised analysis tools that allow defenders to unpack Prometei’s components and study its behaviour in controlled settings.


Read more »
Singapore Telecoms
China Nexus Cyber Attacks cyber espionage Singapore Telecoms

Singapore Telecoms Hit by China-Linked Cyber Espionage

 

Singapore’s cyber watchdog has disclosed that an advanced cyber espionage group — UNC3886, with which APT10 and Red October have been linked — was behind attacks that targeted the four major telecom operators last year. The affected companies were Singtel, StarHub, M1 and Simba Telecom, which collectively provide the backbone of Singapore’s communications infrastructure. The authorities said this is the first time they have publicly acknowledged that the group’s targets have included telecommunications networks, highlighting how these systems are increasingly viewed as vital to national security. 

Although the hackers were able to gain access to some areas of the operators' networks, the Cyber Security Agency of Singapore said that no disruptions were caused to services and that no data belonging to customers was stolen. The breaches were deemed to be orchestrated to be stealthy, rather than loud, investigators said, with the hackers taking a sideways route through compromised networks inside chosen segments, rather than triggering massive outages. Officials stressed the incident was isolated and that there is no indication that the end users were directly affected and cautioned that the breaches are a serious security issue even if the attacks didn’t seem to affect them. 

The hackers were able to extract a limited amount of technical information from the telecom environments, primarily network‑related data such as configuration details and system metadata. Singapore’s cyber agency believes this information was stolen to support the group’s longer‑term operational objectives, including planning future intrusions, improving their understanding of the infrastructure and identifying potential weak points. While the volume of exfiltrated data was described as small, officials cautioned that even narrow slices of high‑value technical data can significantly enhance a sophisticated actor’s capabilities.

Google‑owned cybersecurity firm Mandiant has profiled UNC3886 as a highly advanced “China‑nexus” espionage group that has previously targeted defence, technology and telecommunications organisations in both the United States and Asia. Beijing routinely rejects allegations that it conducts or sponsors cyber espionage, insisting that China opposes all forms of cyberattacks and is itself a victim of malicious cyber activity. The Chinese Embassy in Singapore did not immediately respond to requests for comment on the latest disclosures about UNC3886.

In a joint statement, Singtel, StarHub, M1 and Simba Telecom acknowledged that they regularly face a wide spectrum of cyber threats, ranging from distributed denial‑of‑service attacks and malware to phishing campaigns and more persistent, stealthy intrusions. The operators said they employ “defence‑in‑depth” strategies, combining layered security controls with continuous monitoring and prompt remediation when suspicious activity is detected. They added that they work closely with government agencies and industry experts to strengthen the resilience of Singapore’s telecom infrastructure as cyber adversaries grow more capable.
Read more »
KEV
CISA CISA advisory CISA KEV catalog CVE CVE vulnerability CVEs Cyber Attacks Cyber Security Ransomware Attacks cybersecurity vulnerability KEV

CISA Warns of Actively Exploited SmarterMail Flaw Used in Ransomware Attacks

 

CISA includes a fresh SmarterMail weakness in its KEV list - this marks the third such addition linked to the messaging system within fourteen days. Identified as CVE-2026-24423, the security gap faces real-world abuse during ransom operations. Evidence points to sustained interest in compromising SmarterTools’ broadly adopted software suite. 

Another entry joins a pair of prior SmarterMail flaws listed in the KEV database since January 26. One was tagged CVE-2025-52691 - marked by unchecked uploads of hazardous files. The second, assigned CVE-2026-23760, let attackers skip login checks entirely. Analysis came first from experts at watchTowr, who unpacked how each could be triggered. Once those specifics emerged, several security teams observed active attacks; the login flaw saw more frequent abuse. Although both were dissected publicly, it was the broken verification that drew wider misuse. 

A security issue labeled CVE-2026-24423 arises because a key part of SmarterMail - the ConnectToHub API - lacks proper access checks. Versions before v100.0.9511 are exposed, letting outsiders run harmful code remotely. Instead of requiring login details, hackers exploit it by submitting a modified POST message. This leads to direct command control on the target machine through intentional input manipulation. 

Separate findings came from teams at watchTowr, CODE WHITE GmbH, and VulnCheck. As noted by Cale Black of VulnCheck, the affected endpoint skips any login checks - opening a way to set up server directory links remotely. Because that setup pulls instructions directly from an outside machine under attacker influence, control is effectively handed over. Those instructions appear as support routines inside the system. Once SmarterMail reads them, they run unchecked on whatever platform hosts the software. 

Starting at the ConnectToHub endpoint, the process handles a remote address sent via one particular parameter. Afterward, communication initiates from the SmarterMail server toward a machine controlled by the attacker. That system replies - not with ordinary data - but with settings containing command inputs meant to run. Provided minimal checks are satisfied, execution follows without further barriers. Control over the compromised environment expands widely under these conditions. 

By February 26, 2026, U.S. federal civilian agencies must fix the vulnerability - this stems from ongoing attacks involving ransomware. Though only binding for federal bodies, its listing in CISA’s KEV catalog hints at wider exposure across any organization using affected SmarterMail versions. Not just government systems face potential harm; real-world misuse raises stakes beyond official mandates. 

Right now, updating to the newest SmarterMail release is a top priority, according to analysts watching threats closely. Instead of waiting, teams managing large systems should examine log data - especially activity tied to the open ConnectToHub interface, since probes might show up as odd patterns in API traffic. What stands out is how quickly multiple flaws in SmarterMail entered official exploit databases, signaling that delays in patching could lead to real breaches. Because of this, those overseeing network access must act fast while rethinking how exposed their mail platforms really are.
Read more »
Sandworm
Cyber Attacks Cyberattacks DynoWiper Energy Grid Poland Russian APT44 Sandworm

Sandworm Hackers Fail in DynoWiper Attack on Poland's Power Grid

 

A recently disclosed cyberattack against Poland’s energy infrastructure has been linked to the Russian state-backed hacking group Sandworm, highlighting the persistent threat facing Europe’s critical sectors. The incident occurred between December 29 and 30, 2025, and reportedly targeted elements of the country’s power grid, including combined heat and power plants and systems managing electricity from renewable sources such as wind and solar. Although the attackers attempted to deploy a new destructive data wiper known as DynoWiper, Polish authorities say the operation ultimately failed to cause large-scale disruption.

Sandworm, also tracked as UAC-0113, APT44, and Seashell Blizzard, has a long history of conducting disruptive and destructive cyber operations aligned with Russian strategic interests. Active since at least 2009 and believed to be part of Russia’s GRU Military Unit 74455, the group is infamous for past campaigns, including an attack on Ukraine’s energy grid roughly a decade ago that temporarily cut power to about 230,000 people. The latest activity in Poland fits a broader pattern of Sandworm’s focus on critical infrastructure, particularly in countries supporting Ukraine or opposing Russian policies.

In the Polish case, security firm ESET linked Sandworm to the attack and identified the destructive malware used as DynoWiper, a previously unknown data-wiping tool. Data wipers are designed to iterate through a filesystem and delete or corrupt files, rendering the operating system unusable and forcing victims to rebuild systems from backups or perform complete reinstalls. ESET says DynoWiper is detected as Win32/KillFiles.NMO and has a specific SHA-1 hash, though no public samples have yet appeared on common malware analysis platforms such as VirusTotal or Any.Run.

Polish officials reported that the attackers focused on two combined heat and power plants, as well as a management system responsible for controlling energy generated from wind turbines and photovoltaic farms. Prime Minister Donald Tusk stated that “everything indicates” the operation was carried out by groups directly linked to Russian services, underscoring the political and geopolitical context surrounding the intrusion. While authorities did not provide detailed information on the extent of the compromise or the attackers’ dwell time, they emphasized that the attempt to cause destructive impact was thwarted.

Despite the failed outcome, cybersecurity experts warn that the incident should serve as a serious wake-up call for defenders across Europe. Team Cymru’s Senior Threat Intel Advisor Will Thomas has urged security teams to review Microsoft’s February 2025 report on Sandworm to better understand the group’s tactics, techniques, and procedures. With Sandworm also tied to destructive wiper attacks on Ukraine’s education, government, and grain sectors in mid and late 2025, the Polish incident reinforces the need for robust backups, network segmentation, and proactive threat hunting in all critical infrastructure environments.
Read more »
Russia
Cyber Attacks Cyberattack Cybersecurity Threats Germany Russia

A New Twist on Old Cyber Tricks

 


Germany’s domestic intelligence and cybersecurity agencies have warned of a covert espionage campaign that turns secure messaging apps into tools of surveillance without exploiting any technical flaws. The Federal Office for the Protection of the Constitution and the Federal Office for Information Security said the operation relies instead on social engineering carried out through the Signal messaging service. In a joint advisory, the agencies said the campaign targets senior figures in politics, the military and diplomacy, as well as investigative journalists in Germany and elsewhere in Europe. 

By hijacking messenger accounts, attackers can gain access not only to private conversations but also to contact networks and group chats, potentially widening the scope of compromise. The operation does not involve malware or the exploitation of vulnerabilities in Signal. Instead, attackers impersonate official support channels, posing as “Signal Support” or a so-called security chatbot. 

Targets are urged to share a PIN or verification code sent by text message, often under the pretext that their account will otherwise be lost. Once the victim complies, the attackers can register the account on a device they control and monitor incoming messages while impersonating the user. In an alternative approach, victims are tricked into scanning a QR code linked to Signal’s device-linking feature. 

This grants attackers access to recent messages and contact lists while allowing the victim to continue using the app, unaware that their communications are being mirrored elsewhere. German authorities warned that similar tactics could be applied to WhatsApp, which uses comparable features for account linking and two-step verification. 

They urged users not to engage with unsolicited support messages and to enable registration locks and regularly review linked devices. Although the perpetrators have not been formally identified, the agencies noted that comparable campaigns have previously been attributed to Russia-aligned threat groups. Reports last year from Microsoft and the Google Threat Intelligence Group documented similar methods used against diplomatic and political targets. 

The warning comes amid a flurry of state-linked cyber activity across Europe. Norway’s security services recently accused Chinese-backed groups of penetrating multiple organisations by exploiting vulnerable network equipment, while also citing Russian monitoring of military targets and Iranian cyber operations against dissidents. 

Separately, CERT Polska said a Russian-linked group was likely behind attacks on energy facilities that relied on exposed network devices lacking multi-factor authentication. 

Taken together, the incidents highlight a shift in cyber espionage away from technical exploits towards psychological manipulation. As secure messaging becomes ubiquitous among officials and journalists, the weakest link increasingly lies not in encryption, but in the trust users place in what appears to be help.
Read more »
Notepad++
Chinese Actors Cyber Attacks Cyberattack Databreach Notepad++

A Quiet Breach of a Familiar Tool, Notepad++

For six months last year the update system of Notepad++, one of the world’s most widely used Windows text editors, was quietly subverted by hackers linked by investigators to the Chinese state. The attackers used their access not to disrupt the software openly, but to deliver malicious versions of it to carefully chosen targets. 

According to a statement published this week on the project’s official website, the intrusion began in June with an infrastructure-level compromise that allowed attackers to intercept and redirect update traffic meant for notepad-plus-plus.org. Selected users were silently diverted to rogue update servers and served backdoored versions of the application. Control over the update infrastructure was not fully restored until December. 

The developers said the attackers exploited weaknesses in how older versions of Notepad++ verified updates. By manipulating traffic between users and the update servers, they were able to substitute legitimate downloads with malicious ones. 

Although update packages were signed, earlier design choices meant those signatures were not always robustly checked, creating an opening for tampering by a well-resourced adversary. Security researchers say the campaign was highly targeted. 

The attackers installed a previously unknown backdoor, dubbed Chrysalis, which Rapid7 described as a custom and feature-rich tool designed for persistent access rather than short-term disruption. Such sophistication suggests strategic objectives rather than criminal opportunism. 

Independent researcher Kevin Beaumont reported that several organisations with interests in East Asia experienced hands-on intrusions linked to compromised Notepad++ installations, indicating that attackers were able to take direct control of affected systems. 

He had raised concerns months earlier after a Notepad++ update quietly strengthened its updater against hijacking. The episode underlines a broader vulnerability in the global software supply chain. Open-source tools such as Notepad++ are deeply embedded in corporate and government systems, yet are often maintained with limited resources. That imbalance makes them attractive targets for state-backed hackers seeking discreet access rather than noisy disruption. 

Notepad++ developers have urged users to update manually to the latest version and large organisations to consider restricting automated updates. The incident also serves as a reminder that even modest, familiar software can become a conduit for serious espionage when its infrastructure is neglected.
Read more »
Exposed Credentials
8-Minute Attack AI Cloud Breach AWS Hijack Cyber Attacks Exposed Credentials

AI Hijacks AWS Cloud in 8 Minutes via Exposed Keys

 

An AI-assisted cyberattack hijacked a company's AWS cloud infrastructure in just eight minutes after attackers discovered exposed test credentials in a public S3 bucket, demonstrating how configuration errors can fuel lightning-fast breaches in the era of automated threats. This incident, uncovered by Sysdig's Threat Research Team on November 28, 2025, exposed vulnerabilities in cloud access management and the growing role of large language models (LLMs) in offensive operations.

The breach began with a simple oversight: credentials named with "AI" references sat openly in an S3 bucket, ripe for discovery during routine scans. Despite a ReadOnlyAccess policy limiting initial access, the intruder launched a massive enumeration campaign, probing Secrets Manager, RDS databases, and CloudWatch logs to blueprint the entire environment without raising alarms. This reconnaissance phase set the stage for rapid escalation, underscoring how even restricted keys can serve as footholds for deeper intrusions.

Attackers then pivoted to code injection on Lambda functions, iteratively tampering with one called EC2-init until they commandeered an account named "frick," granting full administrative privileges. They compromised 19 distinct AWS principals, enabling abuse of Bedrock AI models like Claude 3.5 Sonnet and DeepSeek R1, alongside attempts to launch a "stevan-gpu-monster" GPU instance that could have racked up £18,000 ($23,600) in monthly costs. Sysdig researchers identified LLM hallmarks, including Serbian-commented code, hallucinated AWS IDs like "123456789012," and phantom GitHub references, confirming AI's hand in accelerating the assault.

To evade detection, the threat actor cycled through an IP rotator and 19 identities, attempting lateral movement via default roles like OrganizationAccountAccessRole in a multi-account setup. This stealthy persistence highlights evolving tactics where AI not only speeds execution but also enhances obfuscation, turning minutes-long attacks into prolonged threats if undetected.

Experts warn that mundane errors like exposed keys—not novel exploits—drive such incidents, urging organizations to ditch static credentials for short-lived IAM roles, harden automated accounts, and monitor for anomalous enumeration spikes. As breaches shrink from days to minutes, AI-aware defenses must match this pace to protect cloud assets effectively.
Read more »
Malware attacks
Cyber Attacks CyberSecurity Ransomware Attacks Finance Sector financial attack malicious PDF files Malware attacks

PDFSider Malware Used in Fortune 100 Finance Ransomware Attack

 

A Fortune 100 finance company was targeted by ransomware actors using a new Windows malware strain called PDFSider, built to quietly deliver malicious code during intrusions. Rather than relying on brute force, the attackers used social engineering, posing as IT support staff and convincing employees to launch Microsoft Quick Assist, enabling remote access. Resecurity researchers identified the malware during incident response, describing it as a stealth backdoor engineered to avoid detection while maintaining long-term control, with traits typically associated with advanced, high-skill intrusion activity. 

Resecurity previously told BleepingComputer that PDFSider had appeared in attacks connected to Qilin ransomware, but researchers emphasize it is not limited to a single group. Their threat hunting indicates the backdoor is now actively used by multiple ransomware operators as a delivery mechanism for follow-on payloads, suggesting it is spreading across criminal ecosystems rather than remaining a niche tool. 

The infection chain begins with spearphishing emails containing a ZIP archive. Inside is a legitimate, digitally signed executable for PDF24 Creator, developed by Miron Geek Software GmbH, paired with a malicious DLL named cryptbase.dll. Since the application expects that DLL, it loads the attacker’s version instead. This technique, known as DLL side-loading, allows the malicious code to execute under the cover of a trusted program, helping it evade security controls that focus on the signed executable rather than the substituted library.  
In some cases, attackers increase the likelihood of execution using decoy documents crafted to appear relevant to targets. One example involved a file claiming authorship from a Chinese government entity. Once launched, the malicious DLL inherits the same privileges as the legitimate executable that loaded it, increasing the attacker’s ability to operate within the system. 

Resecurity notes that while the EXE remains validly signed, attackers exploited weaknesses in the PDF24 software to load the malware and bypass EDR tools more effectively. The firm also warns that AI-assisted coding is making it easier for cybercriminals to identify and exploit vulnerable software at scale. After execution, PDFSider runs primarily in memory to reduce disk traces, using anonymous pipes to issue commands through CMD. 

Each infected device is assigned a unique identifier, system details are collected, and the data is exfiltrated to an attacker-controlled VPS through DNS traffic on port 53. For command-and-control security, PDFSider uses Botan 3.0.0 and encrypts communications with AES-256-GCM, decrypting inbound data only in memory to limit its footprint. It also applies AEAD authentication in GCM mode, a cryptographic approach commonly seen in stealthy remote shell backdoors designed for targeted operations. 

The malware includes anti-analysis checks such as RAM size validation and debugger detection, terminating early when it suspects sandboxing. Based on its behavior and design, Resecurity assesses PDFSider as closer to espionage-grade tradecraft than typical financially motivated ransomware tooling, built to quietly preserve covert access, execute remote commands flexibly, and keep communications protected.
Read more »
Windows
Audit ClawHub Cyber Attacks macOS Windows

Experts Find Malicious ClawHub Skills Stealing Data from OpenClaw


Koi Security’s security audit of 2,857 skills on ClawHub found 341 malicious skills via multiple campaigns. Users are exposed to new supply chain threats. 

ClawHub is a marketplace made to help OpenClaw users in finding and installing third-party skills. It is a part of the OpenClaw project, a self-hosted artificial intelligence (AI) assistant aka Moltbot and Clawdbot. 

Koi Security's analysis with OpenClaw bot “Alex” revealed that 335 skills use malicious pre-requisite to install an Apple macOS stealer called (Atomic Stealer). The activity goes by the code name ClawHavoc. 

According to Koi research Oren Yomtov, "You install what looks like a legitimate skill – maybe solana-wallet-tracker or youtube-summarize-pro. The skill's documentation looks professional. But there's a 'Prerequisites' section that says you need to install something first.”

Instruction steps:

Windows users are asked to download file “openclaw-agent.zip” from a GitHub repository.

macOS users are asked to copy an installation script hosted at glot[.]io and paste it in the Terminal application. 

Threat actors are targeting macOS users because of an increase in purchase of Mac Minus to use the AI assistant 24x7. 

In the password-protected archive, the trojan has keylogging functionality to steal credentials, API keys, and other important data on the device. Besides this, the glot[.]io script includes hidden shell commands to retrieve next-stage payloads from a threat-actor controlled infrastructure. 

This results in getting another IP address ("91.92.242[.]30") to get another shell script, which is modified to address the same server to get a universal Mach-O binary that shows traits persistent with Atomic Stealer, a commodity stealer that threat actors can buy for $500-1000/month that can extract data from macOS hosts.

The issue is that anyone can post abilities to ClawHub because it is open by default. At this point, the only requirement is that a publisher have a GitHub account that is at least a week old. 

Peter Steinberger, the founder of OpenClaw, is aware of the problem with malicious abilities and has subsequently implemented a reporting option that enables users who are signed in to report a skill. According to the documentation, "Each user can have up to 20 active reports at a time," "Skills with more than 3 unique reports are auto-hidden by default.”


Read more »
Malware Campaigns
AI Prompt AI Security AI security risks AI technology Cyber Attacks LLM LLM cybersecurity Malware Campaigns

Promptware Threats Turn LLM Attacks Into Multi-Stage Malware Campaigns

 

Large language models are now embedded in everyday workplace tasks, powering automated support tools and autonomous assistants that manage calendars, write code, and handle financial actions. As these systems expand in capability and adoption, they also introduce new security weaknesses. Experts warn that threats against LLMs have evolved beyond simple prompt tricks and now resemble coordinated cyberattacks, carried out in structured stages much like traditional malware campaigns. 

This growing threat category is known as “promptware,” referring to malicious activity designed to exploit vulnerabilities in LLM-based applications. It differs from basic prompt injection, which researchers describe as only one part of a broader and more serious risk. Promptware follows a deliberate sequence: attackers gain entry using deceptive prompts, bypass safety controls to increase privileges, establish persistence, and then spread across connected services before completing their objectives.  

Because this approach mirrors conventional malware operations, long-established cybersecurity strategies can still help defend AI environments. Rather than treating LLM attacks as isolated incidents, organizations are being urged to view them as multi-phase campaigns with multiple points where defenses can interrupt progress.  

Researchers Ben Nassi, Bruce Schneier, and Oleg Brodt—affiliated with Tel Aviv University, Harvard Kennedy School, and Ben-Gurion University—argue that common assumptions about LLM misuse are outdated. They propose a five-phase model that frames promptware as a staged process unfolding over time, where each step enables the next. What may appear as sudden disruption is often the result of hidden progress through earlier phases. 

The first stage involves initial access, where malicious prompts enter through crafted user inputs or poisoned documents retrieved by the system. The next stage expands attacker control through jailbreak techniques that override alignment safeguards. These methods can include obfuscated wording, role-play scenarios, or reusable malicious suffixes that work across different model versions. 

Once inside, persistence becomes especially dangerous. Unlike traditional malware, which often relies on scheduled tasks or system changes, promptware embeds itself in the data sources LLM tools rely on. It can hide payloads in shared repositories such as email threads or corporate databases, reactivating when similar content is retrieved later. An even more serious form targets an agent’s memory directly, ensuring malicious instructions execute repeatedly without reinfection. 

The Morris II worm illustrates how these attacks can spread. Using LLM-based email assistants, it replicated by forcing the system to insert malicious content into outgoing messages. When recipients’ assistants processed the infected messages, the payload triggered again, enabling rapid and unnoticed propagation. Experts also highlight command-and-control methods that allow attackers to update payloads dynamically by embedding instructions that fetch commands from remote sources. 

These threats are no longer theoretical, with promptware already enabling data theft, fraud, device manipulation, phishing, and unauthorized financial transactions—making AI security an urgent issue for organizations.
Read more »
Record DDoS Attack
Aisuru botnet Botnet Infrastructure Cloudflare Mitigation Cyber Attacks Cyber Threats Global DDoS Trends Hyper-Volumetric DDoS IoT Botnets Network Layer Attacks Record DDoS Attack

Aisuru Botnet Drives DDoS Attack Volumes to Historic Highs


Currently, the modern internet is characterized by near-constant contention, in which defensive controls are being continuously tested against increasingly sophisticated adversaries. However, there are some instances where even experienced security teams are forced to rethink long-held assumptions about scale and resilience when an incident occurs. 


There has been an unprecedented peak of 31.4 terabits per second during a recent Distributed Denial of Service attack attributed to the Aisuru botnet, which has proven that the recent attack is firmly in that category. 

Besides marking a historical milestone, the event is revealing a sharp change in botnet orchestration, traffic amplification, and infrastructure abuse, demonstrating that threat actors are now capable of generating disruptions at levels previously thought to be theoretical. As a consequence of this attack, critical questions are raised regarding the effectiveness of current mitigation architectures and the readiness of global networks to withstand such an attack.

Aisuru-Kimwolf is at the center of this escalation, a vast array of compromised systems that has rapidly developed into the most formidable DDoS platform to date. Aisuru and its Kimwolf offshoot are estimated to have infected between one and four million hosts, consisting of a diverse array of consumer IoT devices, digital video recorders, enterprise network appliances, and virtual machines based in the cloud. 

As a result of this diversity, the botnet has been able to generate volumes of traffic which are capable of overwhelming critical infrastructure, destabilizing national connectivity, and surpassing the handling capacities of many legacy cloud-based DDoS mitigation services. As far as operational performance is concerned, Aisuru-Kimwolf has demonstrated its consistency in executing hyper-volumetric and packet-intensive campaigns at a scale previously deemed impractical. 

As documented by the botnet, the botnet is responsible for record-breaking flooding reaches 31.4 Tbps, packet rates exceeding 14.1 billion packets per second, and highly targeted DNS-based attacks, including random prefixes and so-called water torture attacks, as well as application-layer HTTP floods that exceed 200 million requests per second. 

As part of these operations, carpet bombing strategies are used across wide areas and packet headers and payload attributes are randomly randomized, a deliberate design choice meant to frustrate signature-based detection and slow automated mitigation. 

The attack usually occurs rapidly and in high intensity bursts that reach peak throughput almost instantly and subside within minutes, creating a hit-and-run attack that makes attribution and response more difficult. 

There was an increase of more than 700 percent in attack potential observed in the Aisuru-Kimwolf ecosystem between the years 2025 and 2026, demonstrating the rapid development of this ecosystem. Aisuru botnets serve as the architectural core of this ecosystem, which are responsible for this activity. 

In addition to serving as a foundational platform, Aisuru enables the development and deployment of derivative variants, including Kimwolf, which extends the botnet's reach and operational flexibility. By continuously exploiting exposed or poorly secured devices in the consumer and cloud environments, the ecosystem has created a globally distributed attack surface reflective of a larger shift in how modern botnets are designed. 

In contrast to the traditional techniques of DDoS relying solely on persistence, Aisuru-based networks emphasize scalability, rapid mobilization, and adaptive attack techniques, signalling the development of an evolving threat model that is reshaping the upper limits of large-scale DDoS attacks. 

Additionally, people have seen a clear shift from long-duration attacks to short-duration, high-intensity attacks that are designed to maximize disruptions while minimizing exposure. There has been a significant decrease in the number of attacks that persist longer than a short period of time, with only a small fraction lasting longer than that period.

There were overwhelmingly three to five billion packets per second at peak for the majority of incidents, while the overall packet rate was overwhelmingly clustered between one and five terabits per second. It reflects a deliberate operational strategy to concentrate traffic within narrowly defined, yet extremely extreme thresholds, with the goal of promoting rapid saturation over prolonged engagement. 

Although these attacks were large in scope, Cloudflare's defenses were automatically able to identify and mitigate them without initiating internal escalation procedures, highlighting the importance of real-time, autonomous mitigation systems in combating modern DDoS threats. 

Although Cloudflare's analysis indicates a notable variation in attack sourcing during the so-called "Night Before Christmas" campaign as compared to previous waves of Aisuru botnet activity originating from compromised IoT devices and consumer routers, Cloudflare's analysis shows a significant change in attack sourcing. 

As part of that wave of activity, Android-based television devices became the primary source of traffic, which highlights how botnet ecosystems continue to engulf non-traditional endpoints. In addition to expanding attack capacity, this diversity of compromised hardware complicates defensive modeling, as traffic originates from devices which blend into legitimate consumer usage patterns, increasing the complexity of defensive modeling. 

These findings correspond to broader trends documented in Cloudflare's fourth-quarter 2025 DDoS Threat Report, which documented a 121 percent increase in attack volume compared with the previous year, totaling 47.1 million incidents. 

A Cloudflare application has been able to mitigate over 5,300 DDoS attacks a day, nearly three quarters of which occurred on the network layer and the remainder targeting HTTP application services. During the final quarter, the number of DDoS attacks accelerated further, increasing by 31 percent from the previous quarter and 58 percent from the previous year, demonstrating a continuing increase in both frequency and intensity. 

A familiar pattern of industry targeting was observed during this period, but it was becoming increasingly concentrated, with telecommunications companies, IT and managed services companies, online gambling platforms and gaming companies experiencing the greatest levels of sustained pressure. Among attack originators, Bangladesh, Ecuador, and Indonesia appeared to be the most frequently cited sites, with Argentina becoming a significant source while Russia's position declined. 

Throughout the year, organizations located in China, Hong Kong, Germany, Brazil, and the United States experienced the largest amount of DDoS attacks, reflecting the persistent focus on regions with dense digital infrastructure and high-value online services. 

According to a review of attack source distribution in the fourth quarter of 2025, there have been notable changes in the geographical origins of malicious traffic, which supports the emergence of a fluid global DDoS ecosystem.

A significant increase was recorded in attack traffic by Bangladesh during the period, displace Indonesia, which had maintained the top position throughout the previous year but subsequently fell to third place. Ecuador ranked second, while Argentina climbed twenty positions to take the fourth position, regaining its first place in attack traffic. 

In addition to Hong Kong, Ukraine, Vietnam, Taiwan, Singapore, and Peru, there were other high-ranking origins, which emphasize the wide international dispersion of attack infrastructure. The relative activity of Russia declined markedly, falling several positions, while the United States also declined, reflecting shifting operational preferences rather than a decline in regional engagement. 

According to a network-level analysis, threat actors continue to favor infrastructure that is scalable, flexible and easy to deploy. A significant part of attacks observed in the past few months have been generated by cloud computing platforms, with providers such as DigitalOcean, Microsoft, Tencent, Oracle, and Hetzner dominating the higher tiers of originating networks with their offerings. 

Throughout the trend, there has been a sustained use of on-demand virtual machines to generate high-volume attack traffic on a short notice basis. In addition to cloud services, traditional telecommunications companies remained prominent players as well, especially in parts of the Asia-Pacific region, including Vietnam, China, Malaysia, and Taiwan.

Large-scale DDoS operations are heavily reliant on both modern cloud environments and legacy carrier infrastructure. The Cloudflare global mitigation infrastructure was able to absorb the unprecedented intensity of the "Night Before Christmas" campaign without compromising service quality. 

In spite of 330 points of presence and a total mitigation capacity of 449 terabits per second, only a small fraction of the total mitigation capacity was consumed, which left the majority of defensive capacity untouched during the record-setting flood of 31.4 Tbps. 

It is noteworthy that detection and mitigation were performed autonomously, without the need for internal alerts or manual intervention, thus underscoring the importance of machine-learning-driven systems for responding to attacks that unfold at a rapid pace. 

As a whole, the campaign illustrates the widening gap between hackers’ growing capability and the defensive limitations of organizations relying on smaller-scale protection services, many of which would have been theoretically overwhelmed by an attack of this magnitude if it had taken place. 

An overall examination of the Aisuru campaign indicates that a fundamental shift has taken place in the DDoS threat landscape, with attack volumes no longer constrained by traditional assumptions about bandwidth ceilings and device types.

The implications for defenders are clear: resilience cannot be treated as a static capability, but must evolve concurrently with adversaries operating at a machine-scale and speed that is increasingly prevalent. 

Due to the complexity of the threats that are becoming more prevalent in the world, organizations have been forced to reevaluate not only their mitigation capabilities, but also the architectural assumptions that lay behind their security strategies, particularly when latency, availability, and trust are essential factors. 

Hypervolumetric attacks are becoming shorter, sharper, and more automated over time. Therefore, effective defense will be dependent on global infrastructure, real-time intelligence, and automated response mechanisms that are capable of absorbing disruptions without human intervention. Accordingly, the Aisuru incident is less of an anomaly and more of a preview of the operational baseline against which modern networks must prepare.
Read more »
URL Attack
Cyber Attacks GenAI Security Microsoft Copilot Prompt Injection URL Attack

New Reprompt URL Attack Exposed and Patched in Microsoft Copilot

 

Security researchers at Varonis have uncovered a new prompt-injection technique targeting Microsoft Copilot, highlighting how a single click could be enough to compromise sensitive user data. The attack method, named Reprompt, abuses the way Copilot and similar generative AI assistants process certain URL parameters, effectively turning a normal-looking link into a vehicle for hidden instructions. While Microsoft has since patched the flaw, the finding underscores how quickly attackers are adapting AI-specific exploitation methods.

Prompt injection attacks work by slipping hidden instructions into content that an AI model is asked to read, such as emails or web pages. Because large language models still struggle to reliably distinguish between data to analyze and commands to execute, they can be tricked into following these embedded prompts. In traditional cases, this might mean white text on a white background or minuscule fonts inside an email that the user then asks the AI to summarize, unknowingly triggering the malicious instructions.

Reprompt takes this concept a step further by moving the injection into the URL itself, specifically into a query parameter labeled “q.” Varonis demonstrated that by appending a long string of detailed instructions to an otherwise legitimate Copilot link, such as “http://copilot.microsoft.com/?q=Hello”, an attacker could cause Copilot to treat that parameter as if the user had typed it directly into the chat box. In testing, this allowed the researchers to exfiltrate sensitive data that the victim had previously shared with the AI, all triggered by a single click on a crafted link.

This behaviour is especially dangerous because many LLM-based tools interpret the q parameter as natural-language input, effectively blurring the line between navigation and instruction. A user might believe they are simply opening Copilot, but in reality they are launching a session already preloaded with hidden commands created by an attacker. Once executed, these instructions could request summaries of confidential conversations, collect personal details, or send data to external endpoints, depending on how tightly the AI is integrated with corporate systems.

After Varonis disclosed the issue, Microsoft moved to close the loophole and block prompt-injection attempts delivered via URLs. According to the researchers, prompt injection through q parameters in Copilot is no longer exploitable in the same way, reducing the immediate risk for end users. Even so, Reprompt serves as a warning that AI interfaces—especially those embedded into browsers, email clients, and productivity suites—must be treated as sensitive attack surfaces, demanding continuous testing and robust safeguards against new injection techniques.
Read more »
Cyber Attacks
AI Attacks AI Prompt AI prompt injection attack AI Risks AI Systems AI technology autonomous vehicles Cyber Attacks

Visual Prompt Injection Attacks Can Hijack Self-Driving Cars and Drones

 

Indirect prompt injection happens when an AI system treats ordinary input as an instruction. This issue has already appeared in cases where bots read prompts hidden inside web pages or PDFs. Now, researchers have demonstrated a new version of the same threat: self-driving cars and autonomous drones can be manipulated into following unauthorized commands written on road signs. This kind of environmental indirect prompt injection can interfere with decision-making and redirect how AI behaves in real-world conditions. 

The potential outcomes are serious. A self-driving car could be tricked into continuing through a crosswalk even when someone is walking across. Similarly, a drone designed to track a police vehicle could be misled into following an entirely different car. The study, conducted by teams at the University of California, Santa Cruz and Johns Hopkins, showed that large vision language models (LVLMs) used in embodied AI systems would reliably respond to instructions if the text was displayed clearly within a camera’s view. 

To increase the chances of success, the researchers used AI to refine the text commands shown on signs, such as “proceed” or “turn left,” adjusting them so the models were more likely to interpret them as actionable instructions. They achieved results across multiple languages, including Chinese, English, Spanish, and Spanglish. Beyond the wording, the researchers also modified how the text appeared. Fonts, colors, and placement were altered to maximize effectiveness. 

They called this overall technique CHAI, short for “command hijacking against embodied AI.” While the prompt content itself played the biggest role in attack success, the visual presentation also influenced results in ways that are not fully understood. Testing was conducted in both virtual and physical environments. Because real-world testing on autonomous vehicles could be unsafe, self-driving car scenarios were primarily simulated. Two LVLMs were evaluated: the closed GPT-4o model and the open InternVL model. 

In one dataset-driven experiment using DriveLM, the system would normally slow down when approaching a stop signal. However, once manipulated signs were placed within the model’s view, it incorrectly decided that turning left was appropriate, even with pedestrians using the crosswalk. The researchers reported an 81.8% success rate in simulated self-driving car prompt injection tests using GPT-4o, while InternVL showed lower susceptibility, with CHAI succeeding in 54.74% of cases. Drone-based tests produced some of the most consistent outcomes. Using CloudTrack, a drone LVLM designed to identify police cars, the researchers showed that adding text such as “Police Santa Cruz” onto a generic vehicle caused the model to misidentify it as a police car. Errors occurred in up to 95.5% of similar scenarios. 

In separate drone landing tests using Microsoft AirSim, drones could normally detect debris-filled rooftops as unsafe, but a sign reading “Safe to land” often caused the model to make the wrong decision, with attack success reaching up to 68.1%. Real-world experiments supported the findings. Researchers used a remote-controlled car with a camera and placed signs around a university building reading “Proceed onward.” 

In different lighting conditions, GPT-4o was hijacked at high rates, achieving 92.5% success when signs were placed on the floor and 87.76% when placed on other cars. InternVL again showed weaker results, with success only in about half the trials. Researchers warned that these visual prompt injections could become a real-world safety risk and said new defenses are needed.
Read more »
Large-scale breaches
Cyber Attacks Cyber Breaches cybercrime group cybercrime group attack Dragos Dragos cybersecurity Dragos hacked Large-scale breaches

Dragos Links Coordinated Polish Power Grid Cyberattack to Russia-Backed ELECTRUM Group

A wave of connected cyber intrusions struck multiple points in Poland’s electricity infrastructure near the end of 2025. Dragos, an industrial control system security firm, assessed with limited certainty that the activity aligns with a Russia-linked group known as ELECTRUM. While attribution is not definitive, the techniques and patterns resemble previous operations tied to the cluster. Investigators also flagged unusual entry routes through third-party maintenance channels, with disruptions occurring amid heightened geopolitical tensions. No major blackouts followed, but systems recorded repeated probing attempts. Response teams moved quickly to isolate affected segments, and attribution was supported by forensic traces left during the breaches. Officials emphasized continued vigilance despite containment. 

At one site, critical hardware was destroyed and left unusable, marking what Dragos described as the first large-scale cyberattack focused on decentralized energy systems such as wind turbines and solar generation connected to the grid. Operational technology used in electricity distribution was accessed without authorization, and systems managing renewable output faced interference even though overall service stayed online. Communication failures also affected combined heat and power facilities. Entry was gained through systems tied to grid stability, with damage remaining localized but irreversible at one location. 

Dragos noted links between ELECTRUM and another group, KAMACITE, with overlaps consistent with the broader Sandworm ecosystem, also tracked as APT44 or Seashell Blizzard. KAMACITE is believed to specialize in initial access, using spear-phishing, stolen credentials, and attacks against exposed public-facing systems. 

After entry, KAMACITE reportedly conducts quiet reconnaissance and persistence in OT environments, creating conditions for later action. Once access is established, ELECTRUM activity is assessed to bridge IT and OT networks, deploying tooling inside operational systems. Actions attributed to ELECTRUM can include manipulating control systems or disrupting physical processes, either through direct operator interface interaction or purpose-built ICS malware depending on objectives. 

Dragos described a division of roles between the clusters that enables long-term access and flexible execution, including delayed disruption. Even without immediate damage, persistent access can create long-term risk. KAMACITE-linked activity also appears geographically unconstrained, with scanning against U.S. industrial systems reported as recently as mid-2025. 

In Poland, attackers targeted systems that connect grid operators with distributed energy resources, disrupting coordination. Roughly three dozen sites experienced operational impact. Investigators said poorly secured network devices and exploited vulnerabilities enabled entry, allowing intruders to reach Remote Terminal Units and move through communications infrastructure. Dragos said the attackers showed strong knowledge of grid systems, successfully disabling communications tools and certain OT components. 

However, the full scope remains unclear, including whether operational commands were issued or whether the focus stayed on communications disruption. Overall, Dragos assessed the incident as more opportunistic than carefully planned, with attackers attempting rapid disruption once inside by wiping Windows systems, resetting configurations, and trying to permanently brick equipment. The hardest-hit devices supported grid safety and stability monitoring. 

Dragos concluded that the damage shows OT intrusions are shifting from preparation into active attacks against systems that manage distributed generation.
Read more »
VPN Security Risks
Botnet Operations Consumer Device Exploitation Cyber Attacks Cybercrime Infrastructure Google Threat Intelligence Malware SDK Abuse Residential Proxy Networks VPN Security Risks

Google Targets Residential Proxy Services Fueled by Malware Operations

 


The underlying ecosystem of legitimate proxy and VPN providers might appear to be fragmented at the surface, but as far as Google is concerned, there is something much more coordinated and deceptive below the surface. In a recent investigation conducted by Google's Threat Intelligence Group, an extensive operation centered on an elaborate network known as IPIDEA was uncovered.

IPIDEA, the network, allegedly exercised covert control over several proxy and VPN brands that presented themselves as independent, trustworthy entities. It is now clear that these brands are managed by the very same malicious operators, who employ misleading practices to steal residential IP addresses from unwitting users and combine them with an immense proxy infrastructure, which is the result of the research. 

As part of the IPIDEA ecosystem of proxy and virtual private network services, Google has taken coordinated action to dismantle what it believes to be one of the largest residential proxy networks in the world, as it moves against it. Through this effort, which is being conducted in collaboration with external partners, it is being hoped that infrastructure will be ripped apart that has historically enabled cybercrime, espionage, and large-scale fraud by making use of the false identities of ordinary internet users to disguise malicious activity behind their internet connections.

Using IPIDEA's software development kits, Google's Threat Intelligence Group was able to enroll compromised devices in botnets as well as use its proxy services to manage and exploit those compromised devices at large scale. It was Google's legal measures that disrupted these activities, resulting in the takedown of dozens of domain names that were used to route proxy traffic and control infected systems in an effort to prevent further attacks.

Although IPIDEA used to advertise themselves as a leading global proxy provider with millions of daily updated residential IP addresses, its primary website is no longer accessible, despite previously advertising itself as a leading global proxy provider. 

According to Google, the network's infrastructure had been utilized by more than 550 distinct threat groups globally up until this month, spanning cybercriminal enterprises and state-aligned actors from countries such as China, Russia, Iran, and North Korea, according to Google.

Researchers reported that a variety of activities were observed, including intrusions into SaaS environments as well as on-premises networks, password-spray campaigns, and broader espionage operations. 

A residential proxy service has become a central enabler of modern threats by giving attackers the ability to blend in with legitimate internet traffic at home and evade detection as a means of escaping detection, a statement underscored by the report. It is not known whether Google's Threat Intelligence Group has officially attributed IPIDEA's operation to a particular individual, but the artifacts that were gathered during the investigation may give some insight into the operation. 

As a result of the research, digital certificates analyzed by researchers were linked to Hong Kong-based business entities, which indicated that the network was backed up by an organizational structure. As Google claims, the operators exercised centralized control over at least 13 different proxy and virtual private network brands, including IPIDEA, 360 Proxy, ABC Proxy, Luna Proxy, and PIA S5 Proxy, which appeared to be independent services. 

A significant part of the network's expansion was fueled by the covert distribution of software development kits that were embedded in seemingly legitimate applications. This was a strategy that led users to turn their devices into residential exit nodes that could route third party traffic for a considerable period of time. 

Over 600 Android applications and over 3,000 Windows programs were found in Google's search results that contained the code for IPIDEA, many of which were marketed as utilities, games, or VPN tools. 

Even though the SDKs were marketed to developers as benign mechanisms for monetizing their applications, they often offered payouts based on the number of installs and wide compatibility between platforms, but researchers found that the underlying functionality enabled large amounts of consumer devices to be repurposed as proxy infrastructures, raising concerns about how unsuspecting users were lured into such an operation without the awareness or consent of the users themselves. 

There are many technical and commercial mechanisms underlying IPIDEA that have been examined by Google in greater detail, revealing a highly organized and adaptive proxy ecosystem rather than a single service, as portrayed by the company in its investigation. As the company pointed out, IPIDEA controlled multiple monetization software development kits, including Castar, Earn, Hex, and Packet, all of which shared similar code patterns and command-and-control infrastructures.

It was known that these SDKs used a two-tier system, through which infected devices connected first to tier-one domains and obtained instructions and connection details from a rotating pool of around 7,400 tier-two servers, a number that fluctuated daily and was determined by operational conditions. 

In addition to proxy services, the same infrastructure could also be embedded in VPN applications, like Galleon VPN, Radish VPN, and the now-defunct Aman VPN, that provided the users with functionality they expected. Additionally, devices were also enrolled as exit nodes in the proxy network at the same time. 

During its investigation, Google discovered that there were more than 3,500 Windows executables and over 600 Android applications communicating with IPIDEA-controlled domains, most of them masquerading as legitimate system utilities, games, or content apps. 

Consequently, Google and its partners began seeking legal action to dismantle the network's command-and-control and marketing domains, updated Google Play Protect so users would receive warnings and that affected applications would be automatically removed from certified devices.

In addition, he pointed out that such proxy services can pose a wider range of risks, since they can not only route third party traffic but also deliver malicious traffic to enrolled devices. According to the company, IPIDEA represents only one element of a larger ecosystem involving residential proxy abuse, encompassing not only IPIDEA but other tools such as ByteConnect and services from AISURU and Kimwolf as well. 

As a result, SDKs geared towards monetization are becoming increasingly popular as a means of exploitation of large-scale consumer devices. In the case of IPIDEA, researchers believe that there is an underlying threat to residential proxy services, which blurs the line between legitimate infrastructure and covert abuse, illustrating a broader and growing risk. 

According to Google’s research, such networks thrive when user trust is exploited, inserted into everyday applications, and consumer VPN tools, while quietly transforming personal devices into operational assets for cybercriminals as well as state-aligned actors.

Argus warns that an increasingly sophisticated technology infrastructure allows malicious traffic to blend seamlessly into normal household internet activity and that a greater level of scrutiny is needed for third-party SDKs and better safeguards around app monetization practices. This is the state of affairs with the increasing sophistication and scale of these operations.

IPIDEA has been disrupted and protections are tightened through Google Play Protect as a result of disrupting IPIDEA's infrastructure. In addition to neutralizing a single network, the company said it wanted to raise awareness that seemingly benign digital services can be weaponized and that developers, platform providers, and users must remain vigilant against hidden proxy abuse in order to prevent it from occurring.
Read more »
Security Alarms
Cyber Attacks Delta Russia Security Alarms

Cyberattack Paralyzes Russia's Delta Security Systems

 

A massive cyberattack was launched against Delta, a leading Russian smart alarm system supplier for residential, commercial, and automotive use, on 26 January 2026, causing widespread operational disruptions across the country. The attack crippled Delta’s information technology systems, bringing down websites, telephony, and critical services for tens of thousands of subscribers. Delta labeled the incident a “large-scale external attack” designed to bring operations to a standstill, with no signs of customer data compromise identified at the time.

 End users were immediately affected as car alarms failed to turn off, preventing unlocking and engine start functions in many cases. Home and commercial building alarm systems defaulted to emergency modes that could not be overridden by users, while range-based services like vehicle start functions malfunctioned, sometimes causing engines to shut down during use. Information from Telegram groups like Baza and other news sources, such as Kommersant, shed light on these operational issues, highlighting the weaknesses of IoT security devices connected to the internet. 

Delta’s marketing director, Valery Ushkov, addressed the situation through a video message, stating that the company’s infrastructure was not capable of withstanding the “well-coordinated” global attack. The prolonged recovery effort was necessary due to continued threats following the attack, forcing updates to be posted through VKontakte instead of the company’s own channels. Although Delta claimed that most services would be restored soon with professional help, disruptions continued into 27 January, eroding trust in the company’s cybersecurity efforts. 

Unverified claims emerged on a Telegram channel allegedly linked to the hackers in which they shared one of ten alleged data dumps taken from Delta's systems. Though authenticity remains unconfirmed, fears grew over the mobile app's storage of payment and tracking data, compatible with most vehicles. No hacking group has claimed responsibility, leaving speculation about DDoS, ransomware, or wipers unresolved.

The breach is part of a wave of IT issues in Russia, which included the travel booking service being down that day, although the two incidents are not related, according to officials. It illustrates vulnerabilities in IoT-based security at a time of geopolitical strain and as Delta blamed a “hostile foreign state.” The incident sparks renewed demands for more robust safeguards in critical infrastructure to mitigate real-world physical safety risks from cyber incidents.
Read more »
Subscribe to: Comments (Atom)