Tag Archive for: claimed

OpenAI Cyberattack Claimed By Anonymous Sudan

/in


The hacker group Anonymous Sudan has declared an explicit cyber assault on OpenAI, a prominent artificial intelligence research lab. In a Telegram post, the hacker collective shared details about the OpenAI Cyberattack, demanding the dismissal of Tal Broda, the Head of the Research Platform at OpenAI, accusing him of supporting genocide.

The hackers continue to pose a threat to ChatGPT, vowing to sustain their attacks until their demands are met, specifically regarding Tal Broda and alleged dehumanizing views on Palestinians.

Open AI Cyberattack

The Cyber Express Team initiated contact with OpenAI officials to verify the claims made by Anonymous Sudan. As of the time of reporting, no official response has been received from OpenAI.

In an attempt to independently verify the OpenAI cyberattack, our team accessed the official OpenAI website and ChatGPT, finding both to be functioning properly. This raises questions about the credibility of the hacker group’s claims, leaving room for speculation about their true motives.

OpenAI Cyberattack: Past Incidents Cast Doubt on Current Claims

Looking back to November 2023, OpenAI faced a similar situation when Anonymous Sudan, in collaboration with “Skynet,” claimed responsibility for a Distributed Denial of Service (DDoS) attack on OpenAI’s login portal. Users encountered difficulties logging into ChatGPT portals, leading to concerns raised on social media platforms.

While the login issues were initially attributed to an internal software glitch, the current OpenAI cyberattack claim by Anonymous Sudan raises doubts about the possibility of a recurring cyber threat.

Sam Altman’s Return and Immediate Plans for OpenAI

Amid these challenges, Sam Altman, the CEO of OpenAI, was fired in November. To everyone’s surprise, he has now made a comeback to his leadership position.

OpenAI Cyberattack

Altman announced the formation of a new initial board, consisting of Bret Taylor as Chair, Larry Summers, and Adam D’Angelo.

“I am returning to OpenAI as CEO. Mira will return to her role as CTO. The new initial board will consist of Bret Taylor (Chair), Larry Summers, and Adam D’Angelo,” reads the official Statement.

In addition to this announcement, Altman also outlined…

Source…

Cyberattack On Indian Government Claimed By StarsX Team

/in


The StarsX Team hacker group has claimed responsibility for an alleged cyberattack on Indian government websites. The group made its announcement on a dark web forum, providing links to substantiate their claims.

The attached links contained a list of alleged victims and references to check-host.net to support their assertions. Notably, the threat actor appears to be affiliated with Indonesia, as indicated by the Indonesian flag attached to the threat actor’s name.

The claimed cyberattack specifically targeted five government websites: the Department of Justice, High Court of Punjab and Haryana, UP Police, Intellectual Property India, and the Employees’ State Insurance Corporation.

Despite these claims, a closer inspection reveals that all the mentioned websites are currently functioning normally, showing no signs of the Distributed Denial of Service (DDoS) attack alleged by the threat actor.

Claims of Cyberattack on Indian Government Websites

Cyberattack on Indian Government Websites
Source: Twitter

A DDoS attack is a malicious attempt to disrupt the normal functioning of a targeted server, service, or network by overwhelming it with a flood of internet traffic.

It involves the use of multiple compromised computers or devices to generate traffic, making it challenging for the targeted system to handle legitimate requests.

Cyberattack on Indian Government Websites
Source: Twitter

The Cyber Express reached out to some of the affected organizations to verify the alleged cyberattack on Indian government websites. As of now, no official statements or responses have been received, leaving the claims unverified.

It’s worth noting that the StarsX Team hacker group has a history of targeting multiple countries. In a post from October, the group declared its intentions, stating that they are fighting to defend Palestine’s right to independence.

The group condemned Israel, India, France, and America for alleged oppression of the Palestinian people and human rights violations. StarsX Team specifically identified these countries as their main targets.

More Cyberattack Claims by StarsX Team Hacker Group

Amidst the Israel-Hamas conflict, hacktivist collectives such as IRoX Team and StarsX Team have aligned themselves with opposing sides, conducting cyberattacks…

Source…

Rhysida ransomware gang claimed China Energy hack

/in


Rhysida ransomware gang claimed China Energy hack

Pierluigi Paganini
November 25, 2023

The Rhysida ransomware group claimed to have hacked the Chinese state-owned energy conglomerate China Energy Engineering Corporation.

The Rhysida ransomware gang added the China Energy Engineering Corporation to the list of victims on its Tor leak site.

The China Energy Engineering Corporation (CEEC) is a state-owned company in China that operates in the energy and infrastructure sectors.

One of the country’s largest integrated energy companies, it holds a prominent position in the industry.

CEEC actively participates in developing and constructing a diverse range of energy projects, encompassing coal, hydropower, nuclear, and renewable energy initiatives.

It also engages in international projects, contributing to the global energy landscape.

The ransomware group claims to have stolen a substantial trove of ‘impressive data’ and is auctioning it for 50 BTC. The Rhysida ransomware operators plan to sell the stolen data to a single buyer. The gang will publicly release the data over the seven days following the announcement.

Recently, the Rhysida ransomware gang added the British Library to the list of victims on its Tor leak site.

Last week, FBI and CISA published a joint Cybersecurity Advisory (CSA) to warn of Rhysida ransomware attacks. The advisory is part of the ongoing #StopRansomware effort, disseminating information about tactics, techniques, and procedures (TTPs) and indicators of compromise (IOCs) associated with ransomware groups.

The report includes IOCs and TTPs identified through investigations as recently as September 2023.

The Rhysida ransomware group has been active since May 2023. According to the gang’s Tor leak site, at least 62 companies are victims of the operation.

The ransomware gang hit organizations in multiple industries, including the education, healthcare, manufacturing, information technology, and government sectors. The victims of the group are “targets of opportunity.”

“Threat actors leveraging Rhysida ransomware are known to impact “targets of opportunity,” including victims in the education, healthcare, manufacturing, information…

Source…

Boeing claimed by LockBit ransom gang

/in


Leading global aerospace, commercial jetliner manufacturer, and US military and defense contractor The Boeing Company is being claimed by the LockBit ransomware gang.

The Russian-linked ransomware group posted Boeing as its latest conquest Friday around 2 p.m. ET on its dark leak site.


“We are assessing this claim,” a Boeing
spokesperson told Cybernews in a brief statement Friday just after 4:40 p.m. ET.

LockBit says it has a tremendous amount of sensitive data that will be published if the company does not contact the group by a November 2nd deadline of 1:23 pm UTC – roughly six days from Friday.

“For now, we will not send lists or samples to protect the company BUT we will not keep it like that until the deadline,” LockBit posted.

“All available data will be published!” the group stated.

Boeing Lockbit 2
LockBit leak site


LockBit has not provided the amount of data allegedly exfiltrated from Boeing but lists the company and its subsidiaries as worth 60 billion dollars. The company reportedly employs over 150,000 people.

The global aviation and space technology leader “develops, manufactures, sells, services, and supports commercial jetliners, military aircraft, satellites, missile defense, human space flight, and launch systems and services worldwide,” LockBit posted.

According to malware researchers vx-underground, who discussed the attack with the gangs’ leaders, Lockbit claims they haven’t spoken to Boeing yet and refused to disclose what type of data might have been exfiltrated.

However, attackers say they breached the company via a zero-day exploit, although no further details on the nature of the supposed vulnerability were disclosed.

Researchers also noticed that Lockbit gave Boeing six days to begin negotiation, while typically victim’s are given ten day to reach out to cybercriminals.

Interestingly, Boeing was delisted from the gang’s blog sometime between October 30 and October 31. Delisting a company from the dark web blog can signify that the company has started negotiating with the cybercrooks or even agreed to submit to the demands of the criminals.

We have reached out to Boeing for clarification on the company’s removal from the dark web blog.

Source…