Tag Archive for: ‘spy

How a Russian spyware company ‘hacked’ ChatGPT, turned it to spy on internet users

/in


How a Russian spyware company 'hacked' ChatGPT, turned it to spy on internet users

A Russian spying company that has an expertise in online hacking and spying was able to bypass OpenAI’s ChatGPT turn it into a spyware for spying on people who use the internet. The spying company was involved in sentiment analysis and hacking

In a recent investigative report, Forbes revealed that Social Links, a Russian spyware company previously banned from Meta’s platforms for alleged surveillance activities, has co-opted ChatGPT for spying on people using the internet.

This unsettling revelation of ChatGPT which involves collecting and analyzing social media data to gauge users’ sentiments, adds yet another controversial dimension to ChatGPT’s use cases.

Presenting its unconventional utilization of ChatGPT at a security conference in Paris, Social Links showcased the chatbot’s proficiency in text summarization and analysis. By feeding data, obtained through its proprietary tool, related to online discussions about a recent controversy in Spain, the company demonstrated how ChatGPT could quickly process and categorize sentiments as positive, negative, or neutral. The results were then presented using an interactive graph.

Related Articles

AI

AI in My Pocket: Humane officially launches AI-powered wearable pin, aims to replace smartphones

AI

ChatGPT Outage: Russia-backed Pro-Palestine hackers attack OpenAI, extent of damage unknown

Privacy advocates, however, find this development deeply troubling. Beyond the immediate concerns raised by this specific case, there is a broader worry about the potential for AI to amplify the capabilities of the surveillance industry.

Rory Mir, Associate Director of Community Organizing at the Electronic Frontier Foundation, expressed apprehension that AI could enable law enforcement to expand surveillance efforts, allowing smaller teams to monitor larger groups more efficiently.

Mir highlighted the existing practice of police agencies using fake…

Source…

WhatsApp Spy Mod Malware Attacked Telegram Users Over 340K Times In Oct – BW Businessworld

/in


A malware named “WhatsApp spy mod” has attacked Telegram users more than 3.4 lakh times in October alone. This malware mainly targeted users who communicate in Arabic and Azeri, according to the cybersecurity firm Kaspersky.

The malware enters the devices through third-party WhatsApp mod application, which are generally used for additional features such as scheduled messages and customisable options.

As per the report, such mod applications also contain a malicious spyware module that can compromise users personal data. When installed, such mod WhatsApp application allow the malware to run in the background and gather sensitive information from the infected device, including its IMEI number, phone number, country and network codes and more.

The malware can transfer data every five minutes. It can even record audio from the a device’s microphone and steal data from external storage. 

The highest attacks were recorded in Azerbaijan, Saudi Arabia, Yemen, Turkey and Egypt, although the malware also affected users from other countries, including the United States, Russia, the United Kingdom and Germany.

Source…

Wi-Fi encryption can be hacked and anyone can spy on your internet activity

/in


Equifax and Yahoo disclosed major security breaches recently, which are quite scary, especially the former. But security researchers are about to unveil to explain how hackers could hack any existing Wi-Fi connection and spy on all of your data.

The encrypted WPA2 protocol was just breached, putting at risk everyone who uses wireless internet at home or abroad. You can’t fix the issue yourself, but while you wait for network equipment makers to patch access points, there are several steps you can take to protect yourself.

Yes, the issue is serious, but as long as a hacker isn’t specifically looking to spy on your data, you should not worry about it.

The proof-of-concept exploit is called KRACK (or Key Reinstallation Attacks), according to Ars Technica. An advisory from US-CERT explains that the hack should be publicly disclosed on Monday:

US-CERT has become aware of several key management vulnerabilities in the 4-way handshake of the Wi-Fi Protected Access II (WPA2) security protocol. The impact of exploiting these vulnerabilities includes decryption, packet replay, TCP connection hijacking, HTTP content injection, and others. Note that as protocol-level issues, most or all correct implementations of the standard will be affected. The CERT/CC and the reporting researcher KU Leuven will be publicly disclosing these vulnerabilities on 16 October 2017.

Until access points are fixed, all Wi-Fi traffic is at risk, meaning that hackers will be able to eavesdrop on all your Wi-Fi traffic and steal data coming from all sorts of home devices that connect to the internet wirelessly.

If you’re worried about your security, various solutions can help you mitigate the problem while you wait for hardware companies to update router firmware.

You can stop using Wi-Fi until your routers are fixed, and switch to Ethernet instead. You should also consider using Virtual Private Networks (VPN) to obfuscate your internet usage, especially if you keep using Wi-Fi, and especially in those…

Source…

Apple patches exploits used in spy campaign ‘Operation Triangulation’

/in


Apple has shipped patches for the remote code execution (RCE) vulnerabilities in iOS that have already been exploited in the wild under the digital spy campaign, dubbed Operation Triangulation.

The campaign used two zero-click iMessage exploits and compromises without any user interactions based on a pair of bugs respectively in the kernel and Webkit.

Apple has attributed the discovery of these vulnerabilities to Kaspersky Lab just two weeks after the Russian cybersecurity firm reported discovering an advanced persistent threat (APT) actor launching zero-click iMessage exploits on Russian iOS devices.

Apple patches are vulnerable including the latest versions

Apple characterized the exploited vulnerabilities as problems related to memory corruption within the kernel (CVE-2023-32434), which enables an application to execute arbitrary code with kernel privileges, and an issue identified in WebKit (CVE-2023-32435), which allows code execution through web content.

To address these issues the company has rolled out patches in the latest updates of its operating systems iOS 16.5.1, iPadOS 16.5.1, iOS 15.7.7, and iPadOS 15.7.7.

The fixes have been released both for the latest version (iOS 16.5.1) and the original vulnerable version (before iOS 15.7). Apple noted that the attacks have only been seen on devices running iOS versions older than iOS 15.7.

Source…