Tag Archive for: involving

Chinese authorities arrest four in ransomware case involving ChatGPT

/in


Four alleged cyberattackers have been arrested in mainland China for developing ransomware with the help of ChatGPT, the first case of its sort in the country.

The South China Morning Post reported Friday that the suspects were arrested in November following a ransomware attack on an unidentified company in Zhenjiang Province, just south of Shanghai. The ransomware attack reportedly blocked the company’s systems with a ransom of 20,000 Tether ($20,000) demanded to restore access.

Upon arrest, the four accused admitted to “writing versions of ransomware, optimizing the program with the help of ChatGPT, conducting vulnerability scans, gaining access through infiltration, implanting ransomware and carrying out extortion.”

ChatGPT is banned in China, blocked by the country’s firewall and censorship regime because it can discuss verboten topics. The country has at various times announced crackdowns on citizens trying to access the service, but access is only a virtual private network away, be it the government tries to block VPNs as well.

The SCMP notes that it’s not clear whether the accused were charged over illegally accessing ChatGPT. In a separate report, China’s Global Times says that four accused possessed qualifications related to network security and had previous experience working for large-scale internet technology companies. The suggestion is that ChatGPT was simply used as a tool as part of the ransomware operation versus being key to the attack.

The arrests are not the first time ChatGPT has been involved in an arrest in China. A man arrested in Gansu Province in May allegedly generated a fake story about a train crash using ChatGPT.

The fake story alleged that nine construction workers in a city in Gansu had been killed in a train crash, with the story spreading across 25 social media accounts before being intercepted by China’s censorship regime. The man was arrested for concocting false information.

Chinese companies are developing homegrown rivals to ChatGPT. The most notable among them is Baidu Inc., the “Google of China,” which disclosed last week that its Ernie Bot service, revealed in March, has now surpassed more than 100 million…

Source…

At least S$12 million lost in fake friend call scams since January; new variant involving Android malware

/in


SINGAPORE: At least S$12 million (US$8.9 million) has been lost in fake friend call scams since January 2023, the police said on Wednesday (Jul 5), warning of a new variant involving malicious Android links.

At least 3,700 victims have fallen prey to such scams since the beginning of the year.

They would receive text messages or phone calls from unknown numbers – with or without the +65 prefix. Scammers would claim to be a friend or an acquaintance and ask the victims to guess their real identity. 

Once a name is provided, the scammer would assume the identity of the victim’s friend and ask them to update their contact details.

“The scammers would contact the victims subsequently to ask for a loan and would claim that he or she is unable to perform a banking transaction or is experiencing financial difficulties,” said the police. 

Victims would then be provided with a local bank account to transfer the money.

While there has been a “persistent trend” of such scams, the police said they have seen a new variant where scammers would send victims malicious links, asking them to help with simple tasks such as making purchases, reserving seats at a restaurant or tracking a missing phone. 

“These malicious links will lead victims to either phishing sites and/or the download of an Android Package Kit (APK) file, an application created for Android’s operating system,” said the police, adding that victims would discover unauthorised transactions after keying in their banking credentials or card details. 

Source…

Russian Man Charged for $200 Million in Ransomware Crimes Involving Crypto

/in


A Russian man has been charged by US authorities for his alleged connection to multiple ransomware schemes that netted him and other attackers nearly $200 million – much of which came through crypto. 

Some of the victims of those ransomware attacks included hospitals, schools, and police departments. 

$200 Million in Ransomware Payments

The culprit – Mikhail Pavlovich Matveev – was part of three ransomware gangs: Lockbit, Babuk and Hive. Collectively, they have obtained almost $200 million from victims after demanding funds in excess of $400 million, per figures from the Department of Justice

The Department noted that Mateev was known online by multiple aliases, including “Wazawaka”, “m1x”, “Boriselcin”, and “Uhodiransomwa.”

“These international crimes demand a coordinated response,” said Assistant Attorney General Kenneth A. Polite, Jr. of the Justice Department’s Criminal Division in the DOJ’s statement. “We will not relent in imposing consequences on the most egregious actors in the cybercrime ecosystem.”

Some of Mateev’s alleged crimes included helping deploy Babuk ransomware against the Metropolitan Police Department in Washington, D.C. in April 2021, as well as a New Jersey nonprofit behavioral healthcare organization in May 2022. 

In the former case, the criminal and his co-conspirators threatened to disclose sensitive materials to the public unless payments were made. Babuk ransomware actors have executed at least 65 attacks around the world since December 2020, demanding $49 million in payments, and receiving at least $13 million. 

In January 2022, cybersecurity journalist Brian Krebs reported that Mateev had claimed affiliation with the Darkside ransomware groups, according to Bloomberg.  Darkside was responsible for a ransomware attack against the Colonial Pipeline in 2021, which netted the attackers 63.7 BTC in forced payments. 

Crypto’s Role in Ransomware

Cryptocurrencies like Bitcoin have become popular tools for conducting ransomware attacks since 2021. Unlike traditional bank transfers, hackers can easily remain anonymous when requesting payments in Bitcoin, and such payments cannot be…

Source…

East West Family of Companies Announces Data Breach Involving Sensitive Employee Information | Console and Associates, P.C.

/in


Recently, East West Family of Companies (“East West”) confirmed that the company experienced a data breach after an unauthorized party gained access to sensitive consumer information stores on the company’s computer network. According to the East West, the breach resulted in the names and Social Security numbers of certain employees and employee dependents being compromised. On July 1, 2022, East West filed official notice of the breach and sent out data breach letters to all affected parties.

If you received a data breach notification, it is essential you understand what is at risk and what you can do about it. To learn more about how to protect yourself from becoming a victim of fraud or identity theft and what your legal options are in the wake of the East West data breach, please see our recent piece on the topic here.

What We Know About the East West Data Breach

According to an official notice filed by the company, on November 8, 2021, East West detected unauthorized access on some of its computer systems. In response, the company secured its systems and launched an investigation into the incident with the assistance of third-party cybersecurity professionals. Shortly after the breach, East West was able to restore its system operations; however, the investigation determined that an unauthorized user was able to access certain files on the company’s network between November 5, 2021 and November 8, 2021. These files contained the information of current and former employees and employees’ dependents.

Upon discovering that sensitive employee data was accessible to an unauthorized party, East West then reviewed the affected files to determine exactly what information was compromised. The company completed this review on May 9, 2022. While the breached information varies depending on the individual, it may include your name and Social Security number.

On July 1, 2022, East West sent out data breach letters to all individuals whose information was compromised as a result of the recent data security incident.

More Information About East West Family of Companies

East West Family of Companies is a commercial and residential construction company based in Denver,…

Source…