Tag Archive for: chatbot

An AI Chatbot May Have Helped Create This Malware Attack

/in


A hacking group has been spotted possibly using an AI program such as ChatGPT, Google’s Gemini, or Microsoft Copilot to help refine a malware attack. 

Security firm Proofpoint today published a report about the group, dubbed “TA547,” sending phishing emails to businesses in Germany. The emails are designed to deliver the Windows-based Rhadamanthys malware, which has been around for several years. But perhaps the most interesting part of the attack is that it uses a PowerShell script that contains signs it was created with an AI-based large language model (LLM).

Hackers often exploit PowerShell since it’s a powerful tool in Windows that can be abused to automate and execute tasks. In this case, the phishing email contains a password-protected ZIP file, that when opened, will run the hacker-created PowerShell script to decode and install Rhadamanthys malware on the victim’s computer. 

While investigating the attacks, Proofpoint researchers examined the PowerShell script and found “interesting characteristics not commonly observed in code used” by human hackers, the company wrote in a blog post.  

What stuck out was the presence of the pound sign #, which can be used in PowerShell to make single line comments explaining the purpose of a line of computer code

Image of the powershell script code

(Credit: Proofpoint)

“The PowerShell script included a pound sign followed by grammatically correct and hyper specific comments above each component of the script. This is a typical output of LLM-generated coding content, and suggests TA547 used some type of LLM-enabled tool to write (or rewrite) the PowerShell, or copied the script from another source that had used it,” Proofpoint says.

Indeed, if you ask ChatGPT, Copilot, or Gemini to create a similar PowerShell script, they’ll respond in the same format, placing pound symbols along with an explanation. In contrast, a human hacker would probably avoid such comments, especially since their goal is to disguise their techniques.

Recommended by Our Editors

ChatGPT placing the pound symbols

(Credit: ChatGPT)

Still, Proofpoint can’t definitively say TA547 created the PowerShell script with the help of an AI chatbot. Nevertheless, the case illustrates how cybercriminals can harness…

Source…

Another Uber SNAFU, an AI chatbot quiz, and is juice-jacking genuine? • Graham Cluley

/in


Smashing Security podcast #317: Another Uber SNAFU, an AI chatbot quiz, and is juice-jacking genuine?

Everyone’s talking juice-jacking – but has anyone ever been juice-jacked? Uber suffers yet another data breach, but it hasn’t been hacked. And Carole hosts the “AI-a-go-go or a no-no?” quiz for Dave and Graham.

All this and much much more is discussed in the latest edition of the “Smashing Security” podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by The Cyberwire’s Dave Bittner.

Hosts:

Graham Cluley – @gcluley
Carole Theriault – @caroletheriault

Guest:

Dave Bittner – @bittner

Episode links:

Sponsored by:

  • Bitwarden – Password security you can trust. Bitwarden is an open source password manager trusted by millions of individuals, teams, and organizations worldwide for secure password storage and sharing.
  • Kolide – Kolide ensures that if your device isn’t secure it can’t access your cloud apps. It’s Zero Trust for Okta. Watch a demo today!
  • hCaptcha – hCaptcha Enterprise is the leading Security ML platform. hCaptcha adapts to detect and block even the most sophisticated attacks, keeping you ahead of evolving threats.Start your free trial today.

Support the show:

You can help the podcast by telling your friends and colleagues about “Smashing Security”, and leaving us a review on Apple Podcasts or Podchaser.

Become a supporter via Patreon or Apple Podcasts for ad-free episodes and our early-release feed!

Follow us:

Follow the show on Twitter at @SmashinSecurity, or on Mastodon, on the Smashing Security subreddit, or visit our website for more episodes.

Thanks:

Theme tune: “Vinyl Memories” by Mikael Manvelyan.
Assorted sound effects: AudioBlocks.

Found this article interesting? Follow Graham Cluley on Twitter or Mastodon to read more of the exclusive content we post.


Graham Cluley is a veteran of the anti-virus industry having worked for a number of security companies since the early 1990s when he wrote the first ever version of Dr Solomon’s Anti-Virus Toolkit for Windows. Now an independent security analyst, he regularly makes media appearances and is an international public speaker on the topic of computer security, hackers, and online privacy.

Follow him on…

Source…

Datasea (DTSS) Gains Slightly After Launching Chatbot on 5G Platform

/in


What’s Going On with DTSS?

Datasea Inc. (DTSS) stock was slightly up after the Chinese tech company announced its subsidiary Shuhai Zhangxun launched an automated communication app called Chatbot on the 5G message-marketing cloud platform. DTSS shares rose 0.65% to $3.12 per share on Tuesday afternoon.

What Does It Mean for Datasea?

Chatbox is powered by artificial intelligence deep learning and enables message sending and receiving, parsing and other services, based on natural language processing technology. It paves the way for “a replacement of apps when interacting with humans,” according to Datasea.

“During the development of Chatbot, our team leverages big data to create user identification tags and intelligent pattern matching, which significantly enhances customer satisfaction and improves conversation efficiency,” Zhixin Liu, CEO of Datasea, said. “We also provide private deployment, client data synchronization, customer profiling and individualized push notification services.”

Liu added Datasea hopes to continue “offering 5G value-added services and become a trusted partner who knows our clients best.”

Long-Term Technical Rank - 32

DTSS has a Long-Term Technical Rank of 32. Find out what this means to you and get the rest of the rankings on DTSS!

Datasea Inc is a development stage company engaged in the Internet security products. Its offers service and products such as Internet Security Equipment, New Media Advertising Service, Micro Marketing Service, Internet Service Provider (ISP) Connecting Service, Big Data Processing Service. Business activity of the group is functioned primarily through China.

Source…