Tag Archive for: exploit

GPT-4 can exploit zero-day security vulnerabilities all by itself, a new study finds

/in


A hot potato: GPT-4 stands as the newest multimodal large language model (LLM) crafted by OpenAI. This foundational model, currently accessible to customers as part of the paid ChatGPT Plus line, exhibits notable prowess in identifying security vulnerabilities without requiring external human assistance.

Researchers recently demonstrated the ability to manipulate (LLMs) and chatbot technology for highly malicious purposes, such as propagating a self-replicating computer worm. A new study now sheds light on how GPT-4, the most advanced chatbot currently available on the market, can exploit extremely dangerous security vulnerabilities simply by examining the details of a flaw.

According to the study, LLMs have become increasingly powerful, yet they lack ethical principles to guide their actions. The researchers tested various models, including OpenAI’s commercial offerings, open-source LLMs, and vulnerability scanners like ZAP and Metasploit. They found that advanced AI agents can “autonomously exploit” zero-day vulnerabilities in real-world systems, provided they have access to detailed descriptions of such flaws.

In the study, LLMs were pitted against a database of 15 zero-day vulnerabilities related to website bugs, container flaws, and vulnerable Python packages. The researchers noted that more than half of these vulnerabilities were classified as “high” or “critical” severity in their respective CVE descriptions. Moreover, there were no available bug fixes or patches at the time of testing.

The study, authored by four computer scientists from the University of Illinois Urbana-Champaign (UIUC), aimed to build on previous research into chatbots’ potential to automate computer attacks. Their findings revealed that GPT-4 was able to exploit 87 percent of the tested vulnerabilities, whereas other models, including GPT-3.5, had a success rate of zero percent.

UIUC assistant professor Daniel Kang highlighted GPT-4’s capability to autonomously exploit 0-day flaws, even when open-source scanners fail to detect them. With OpenAI already working on GPT-5, Kang foresees “LLM agents” becoming potent tools for democratizing vulnerability exploitation and cybercrime among script-kiddies…

Source…

Trust Wallet Warns About iOS Zero-Day Exploit

/in


Jimmy Aki

Last updated:

| 1 min read

An individual scrolling through his phone to check for trust wallet app

Popular crypto wallet provider Trust Wallet disclosed on April 15 that it received “credible intel” about a high-risk zero-day exploit being sold on the Dark Web to target iOS users.

According to the software developer, this flaw could allow hackers to gain unauthorized access to users’ personal data.

Trust Wallet Reports Personal Information Sale on Dark Web


Trust Wallet shared its discovery in an X post, explaining the dangers of the zero-day exploit targeted at iMessage.

A zero-day exploit is a cyber attack that takes advantage of a previously unknown vulnerability in software. These exploits can go undetected for an extended period and are used to gain unauthorized access to systems and steal data. As detailed in the X post, iOS users and the entire crypto ecosystem could be at risk.

Trust Wallet CEO Eowyn Chen also shared a screenshot on X that reportedly depicts a zero-day exploit for sale on the Dark Web for $2 million.

Trust Wallet
Source: Eowyn Chen

Neither the crypto wallet provider nor its CEO disclosed where this information came from or if there were any casualties, however.

Source…

‘Disable iMessage ASAP’—‘High-Risk’ Alert Issued Over ‘Credible’ iPhone Dark Web Exploit

/in


Trust Wallet, a crypto wallet owned by the crypto exchange Binance, has issued a warning that hackers may be targeting iPhone’s iMessage.

Subscribe now to Forbes’ CryptoAsset & Blockchain Advisor and “uncover blockchain blockbusters poised for 1,000% plus gains” ahead of bitcoin’s looming halving earthquake!

The so-called “zero-day” exploit could allow attackers to steal users information, messages and cryptocurrency—though the exploit itself could be a scam.

Sign up now for the free CryptoCodexA daily five-minute newsletter for traders, investors and the crypto-curious that will get you up to date and keep you ahead of the bitcoin and crypto market bull run

MORE FROM FORBES‘It’s Going To Zero’-Legendary Billionaire Predicts ‘Rapid, Cataclysmic’ U.S. Dollar Collapse And A $5 Trillion Post-Halving Bitcoin Price BoomBy Billy Bambrough

“We have credible intel regarding a high-risk, zero-day exploit targeting iMessage on the dark web,” Trust Wallet’s X account posted. “This can infiltrate your iPhone without clicking any link. High-value targets are likely. Each use raises detection risk.”

So-called zero-day exploits mean the developer, in this case Apple, has no time to fix the vulnerability.

Trust Wallet recommended users take “action to guard against this iMessage exploit,” advising people to “disable iMessage ASAP until Apple patches this.”

However, the hacking software is being sold on a dark web site called CodeBreach Lab for $2 million worth of bitcoin. There is no evidence that it works or that anyone has bought it, as TechCrunch pointed out.

“Threat intel detected an iOS iMessage zero-day exploit for sale in the dark web,” Trust Wallet’s chief executive Eowyn Chen posted to X.

“It is a zero-click exploit to take over control of the phone via iMessages. Its asking price is $2 million. This would make sense for very high value individual targets, as more the zero-day is used, more likely it is caught in the wild by…

Source…

TheMoon Botnet Facilitates Faceless To Exploit EoL Devices

/in


In a digital landscape fraught with threats, vigilance is paramount. The cybercriminals are exploiting End-of-Life devices to perpetrate their malicious activities. Recently, Black Lotus Labs, the formidable threat intelligence arm of Lumen Technologies, has cast light upon a looming menace: TheMoon botnet

This insidious entity, lurking within the shadows of outdated small office/home office (SOHO) routers and IoT devices, has resurfaced in a revamped form, bolstering a cybercriminal infrastructure known as Faceless.

 

TheMoon Botnet Unveiled


In their relentless pursuit of cyber anonymity, criminal elements have coalesced around the MoonBotnet cyber threat, leveraging its capabilities to fuel the nefarious operations of Faceless. TheMoon botnet, quietly amassing over 40,000 bots across 88 countries in a mere two months, serves as the cornerstone of this proxy service, enabling malefactors to clandestinely channel malicious traffic through compromised devices.

Mark Dehus, Senior Director of Threat Intelligence at Lumen Black Lotus Labs, underscores the gravity of the situation, elucidating how these cybercriminals exploit outdated routers to orchestrate their felonious endeavors. This symbiotic relationship between TheMoon and Faceless underscores the urgency for businesses to fortify their digital perimeters. Thus, securing home routers is essential to safeguarding personal and sensitive information from cyber threats.

 

Illuminating the Modus Operandi


At its core, TheMoon botnet empowers Faceless users with the cloak of anonymity, allowing them to masquerade as legitimate entities while perpetrating cyber mischief. This anonymity, devoid of any customer identification requirements, emboldens malicious actors to orchestrate TheMoon botnet attacks on vulnerable devices, siphoning valuable data with reckless abandon.

Criminal proxies powered by TheMoon botnet pose a significant threat to cybersecurity worldwide. In the face of this burgeoning threat landscape, preemptive measures become imperative. Consumers and businesses alike must adopt a proactive stance in safeguarding their digital assets. To do this, they must:

  • Routinely reboot SOHO routers and promptly install…

Source…