Search This Blog
Powered by Blogger.

Blog Archive

Labels

Footer About

Footer About

Labels

Load More
Trendy Right Now

Popular Posts

Showing posts with label Cyber Security. Show all posts
Threat Intelligence
Active Defense Cyber Security Cybercrime Groups Deception Security Honeypot Technology Incident response Network Intrusion Synthetic Data Threat Intelligence

Targeted Cyberattack Foiled by Resecurity Honeypot


 

There has been a targeted intrusion attempt against the internal environment of Resecurity in November 2025, which has been revealed in detail by the cyber security company. In order to expose the adversaries behind this attack, the company deliberately turned the attack into a counterintelligence operation by using advanced deception techniques.

In response to a threat actor using a low-privilege employee account in order to gain access to an enterprise network, Resecurity’s incident response team redirected the intrusion into a controlled synthetic data honeypot that resembles a realistic enterprise network within which the intrusion could be detected. 

A real-time analysis of the attackers’ infrastructure, as well as their tradecraft, was not only possible with this move, but it also triggered the involvement of law enforcement after a number of evidences linked the activity to an Egyptian-based threat actor and infrastructure associated with the ShinyHunter cybercrime group, which has subsequently been shown to have claimed responsibility for the data breach falsely. 

Resecurity demonstrated how modern deception platforms, with the help of synthetic datasets generated by artificial intelligence, combined with carefully curated artifacts gathered from previously leaked dark web material, can transform reconnaissance attempts by financially motivated cybercriminals into actionable intelligence.

The active defense strategies are becoming increasingly important in today's cybersecurity operations as they do not expose customer or proprietary data.

The Resecurity team reported that threat actors operating under the nickname "Scattered Lapsus$ Hunters" publicly claimed on Telegram that they had accessed the company's systems and stolen sensitive information, such as employee information, internal communications, threat intelligence reports, client data, and more. This claim has been strongly denied by the firm. 

In addition to the screenshots shared by the group, it was later confirmed that they came from a honeypot environment that had been built specifically for Resecurity instead of Resecurity's production infrastructure. 

On the 21st of November 2025, the company's digital forensics and incident response team observed suspicious probes of publicly available services, as well as targeted attempts to access a restricted employee account. This activity was detected by the company's digital forensics and incident response team. 

There were initial traces of reconnaissance traffic to Egyptian IP addresses, such as 156.193.212.244 and 102.41.112.148. As a result of the use of commercial VPN services, Resecurity shifted from containment to observation, rather than blocking the intrusion.

Defenders created a carefully staged honeytrap account filled with synthetic data in order to observe the attackers' tactics, techniques, and procedures, rather than blocking the intrusion. 

A total of 28,000 fake consumer profiles were created in the decoy environment, along with nearly 190,000 mock payment transactions generated from publicly available patterns that contained fake Stripe records as well as fake email addresses that were derived from credential “combo lists.” 

In order to further enhance the authenticity of the data, Resecurity reactivated a retired Mattermost collaboration platform, and seeded it with outdated 2023 logs, thereby convincing the attackers that the system was indeed genuine. 

There were approximately 188,000 automated requests routed through residential proxy networks in an attempt by the attackers to harvest the synthetic dataset between December 12 and December 24. This effort ultimately failed when repeated connection failures revealed operational security shortcomings and revealed some of the attackers' real infrastructure in the process of repeated connection failures exposing vulnerabilities in the security of the system. 

A recent press release issued by Resecurity denies the breach allegation, stating that the systems cited by the threat actors were never part of its production environment, but were rather deliberately exposed honeypot assets designed to attract and observe malicious activity from a distance.

After receiving external inquiries, the company’s digital forensics and incident response teams first detected reconnaissance activity on November 21, 2025, after a threat actor began probing publicly accessible services on November 20, 2025, in a report published on December 24 and shared with reporters. 

Telemetry gathered early in the investigation revealed a number of indications that the network had been compromised, including connections coming from Egyptian IP addresses, as well as traffic being routed through Mullvas VPN infrastructure. 

A controlled honeypot account has been deployed by Resecurity inside an isolated environment as a response to the attack instead of a move to containment immediately. As a result, the attacker was able to authenticate to and interact with systems populated completely with false employee, customer, and payment information while their actions were closely monitored by Resecurity. 

Specifically, the synthetic datasets were designed to replicate the actual enterprise data structures, including over 190,000 fictitious consumer profiles and over 28,000 dummy payment transactions that were formatted to adhere to Stripe's official API specifications, as defined in the Stripe API documentation. 

In the early months of the operation, the attacker used residential proxy networks extensively to generate more than 188,000 requests for data exfiltration, which occurred between December 12 and December 24 as an automated data exfiltration operation. 

During this period, Resecurity collected detailed telemetry on the adversary's tactics, techniques, and supporting infrastructure, resulting in several operational security failures that were caused by proxy disruptions that briefly exposed confirmed IP addresses, which led to multiple operational security failures. 

As the deception continued, investigators introduced additional synthetic datasets, which led to even more mistakes that narrowed the attribution and helped determine the servers that orchestrated the activity, leading to an increase in errors. 

In the aftermath of sharing the intelligence with law enforcement partners, a foreign agency collaborating with Resecurity issued a subpoena request, which resulted in Resecurity receiving a subpoena. 

Following this initial breach, the attackers continued to make claims on Telegram, and their data was also shared with third-party breach analysts, but these statements, along with the new claims, were found to lack any verifiable evidence of actual compromise of real client systems. Independent review found that no evidence of the breach existed. 

Upon further examination, it was determined that the Telegram channel used to distribute these claims had been suspended, as did follow-on assertions from the ShinyHunters group, which were also determined to be derived from a honeytrap environment.

The actors, unknowingly, gained access to a decoy account and infrastructure, which was enough to confirm their fall into the honeytrap. Nevertheless, the incident demonstrates both the growing sophistication of modern deception technology as well as the importance of embedding them within a broader, more resilient security framework in order to maximize their effectiveness. 

A honeypot and synthetic data environment can be a valuable tool for observing attacker behavior. However, security leaders emphasize that the most effective way to use these tools is to combine them with strong foundational controls, including continuous vulnerability management, zero trust access models, multifactor authentication, employee awareness training, and disciplined network segmentation. 

Resecurity represents an evolution in defensive strategy from a reactive and reactionary model to one where organizations are taking a proactive approach in the fight against cyberthreats by gathering intelligence, disrupting the operations of adversaries, and reducing real-world risk in the process. 

There is no doubt that the ability to observe, mislead, and anticipate hostile activity, before meaningful damage occurs, is becoming an increasingly important element of enterprise defenses in the age of cyber threats as they continue to evolve at an incredible rate.

Together, the episodes present a rare, transparent view of how modern cyber attacks unfold-and how they can be strategically neutralized in order to avoid escalation of risk to data and real systems. 

Ultimately, Resecurity's claims serve more as an illustration of how threat actors are increasingly relying on perception, publicity, and speed to shape narratives before facts are even known to have been uncovered, than they serve as evidence that a successful breach occurred. 

Defenders of the case should take this lesson to heart: visibility and control can play a key role in preventing a crisis. It has become increasingly important for organizations to be able to verify, contextualize, and counter the false claims that are made by their adversaries as they implement technical capabilities combined with psychological tactics in an attempt to breach their systems. 

The Resecurity incident exemplifies how disciplined preparation and intelligence-led defense can help turn an attempted compromise into strategic advantage in an environment where trust and reputation are often the first targets. They do this quiet, methodically, and without revealing what really matters when a compromise occurs.
Read more »
zero click
Android Apple Cyber Security Google iPhone Meta Spyware zero click

What Happens When Spyware Hits a Phone and How to Stay Safe

 



Although advanced spyware attacks do not affect most smartphone users, cybersecurity researchers stress that awareness is essential as these tools continue to spread globally. Even individuals who are not public figures are advised to remain cautious.

In December, hundreds of iPhone and Android users received official threat alerts stating that their devices had been targeted by spyware. Shortly after these notifications, Apple and Google released security patches addressing vulnerabilities that experts believe were exploited to install the malware on a small number of phones.

Spyware poses an extreme risk because it allows attackers to monitor nearly every activity on a smartphone. This includes access to calls, messages, keystrokes, screenshots, notifications, and even encrypted platforms such as WhatsApp and Signal. Despite its intrusive capabilities, spyware is usually deployed in targeted operations against journalists, political figures, activists, and business leaders in sensitive industries.

High-profile cases have demonstrated the seriousness of these attacks. Former Amazon chief executive Jeff Bezos and Hanan Elatr, the wife of murdered Saudi dissident Jamal Khashoggi, were both compromised through Pegasus spyware developed by the NSO Group. These incidents illustrate how personal data can be accessed without user awareness.

Spyware activity remains concentrated within these circles, but researchers suggest its reach may be expanding. In early December, Google issued threat notifications and disclosed findings showing that an exploit chain had been used to silently install Predator spyware. Around the same time, the U.S. Cybersecurity and Infrastructure Security Agency warned that attackers were actively exploiting mobile messaging applications using commercial surveillance tools.

One of the most dangerous techniques involved is known as a zero-click attack. In such cases, a device can be infected without the user clicking a link, opening a message, or downloading a file. According to Malwarebytes researcher Pieter Arntz, once infected, attackers can read messages, track keystrokes, capture screenshots, monitor notifications, and access banking applications. Rocky Cole of iVerify adds that spyware can also extract emails and texts, steal credentials, send messages, and access cloud accounts.

Spyware may also spread through malicious links, fake applications, infected images, browser vulnerabilities, or harmful browser extensions. Recorded Future’s Richard LaTulip notes that recent research into malicious extensions shows how tools that appear harmless can function as surveillance mechanisms. These methods, often associated with nation-state actors, are designed to remain hidden and persistent.

Governments and spyware vendors frequently claim such tools are used only for law enforcement or national security. However, Amnesty International researcher Rebecca White states that journalists, activists, and others have been unlawfully targeted worldwide, using spyware as a method of repression. Thai activist Niraphorn Onnkhaow was targeted multiple times during pro-democracy protests between 2020 and 2021, eventually withdrawing from activism due to fears her data could be misused.

Detecting spyware is challenging. Devices may show subtle signs such as overheating, performance issues, or unexpected camera or microphone activation. Official threat alerts from Apple, Google, or Meta should be treated seriously. Leaked private information can also indicate compromise.

To reduce risk, Apple offers Lockdown Mode, which limits certain functions to reduce attack surfaces. Apple security executive Ivan Krstić states that widespread iPhone malware has not been observed outside mercenary spyware campaigns. Apple has also introduced Memory Integrity Enforcement, an always-on protection designed to block memory-based exploits.

Google provides Advanced Protection for Android, enhanced in Android 16 with intrusion logging, USB safeguards, and network restrictions.

Experts recommend avoiding unknown links, limiting app installations, keeping devices updated, avoiding sideloading, and restarting phones periodically. However, confirmed infections often require replacing the device entirely. Organizations such as Amnesty International, Access Now, and Reporters Without Borders offer assistance to individuals who believe they have been targeted.

Security specialists advise staying cautious without allowing fear to disrupt normal device use.

Read more »
Grok
AI Chatbot AI Deepfakes AI Privacy AI Risks AI security risks Artificial Intelligence (AI) Grok Cyber Security Deepfake Images Grok

Grok AI Faces Global Backlash Over Nonconsensual Image Manipulation on X

 

A dispute over X's internal AI assistant, Grok, is gaining attention - questions now swirl around permission, safety measures online, yet also how synthetic media tools can be twisted. This tension surfaced when Julie Yukari, a musician aged thirty-one living in Rio de Janeiro, posted a picture of herself unwinding with her cat during New Year’s Eve celebrations. Shortly afterward, individuals on the network started instructing Grok to modify that photograph, swapping her outfit for skimpy beach attire through digital manipulation. 

What started as skepticism soon gave way to shock. Yukari had thought the system wouldn’t act on those inputs - yet it did. Images surfaced, altered, showing her with minimal clothing, spreading fast across the app. She called the episode painful, a moment that exposed quiet vulnerabilities. Consent vanished quietly, replaced by algorithms working inside familiar online spaces. 

A Reuters probe found that Yukari’s situation happens more than once. The organization uncovered multiple examples where Grok produced suggestive pictures of actual persons, some seeming underage. No reply came from X after inquiries about the report’s results. Earlier, xAI - the team developing Grok - downplayed similar claims quickly, calling traditional outlets sources of false information. 

Across the globe, unease is growing over sexually explicit images created by artificial intelligence. Officials in France have sent complaints about X to legal authorities, calling such content unlawful and deeply offensive to women. A similar move came from India’s technology ministry, which warned X it did not stop indecent material from being made or shared online. Meanwhile, agencies in the United States, like the FCC and FTC, chose silence instead of public statements. 

A sudden rise in demands for Grok to modify pictures into suggestive clothing showed up in Reuters' review. Within just ten minutes, over one00 instances appeared - mostly focused on younger females. Often, the system produced overt visual content without hesitation. At times, only part of the request was carried out. A large share vanished quickly from open access, limiting how much could be measured afterward. 

Some time ago, image-editing tools driven by artificial intelligence could already strip clothes off photos, though they mostly stayed on obscure websites or required payment. Now, because Grok is built right into a well-known social network, creating such fake visuals takes almost no work at all. Warnings had been issued earlier to X about launching these kinds of features without tight controls. 

People studying tech impacts and advocacy teams argue this situation followed clearly from those ignored alerts. From a legal standpoint, some specialists claim the event highlights deep flaws in how platforms handle harmful content and manage artificial intelligence. Rather than addressing risks early, observers note that X failed to block offensive inputs during model development while lacking strong safeguards on unauthorized image creation. 

In cases such as Yukari’s, consequences run far beyond digital space - emotions like embarrassment linger long after deletion. Although aware the depictions were fake, she still pulled away socially, weighed down by stigma. Though X hasn’t outlined specific fixes, pressure is rising for tighter rules on generative AI - especially around responsibility when companies release these tools widely. What stands out now is how little clarity exists on who answers for the outcomes.
Read more »
EU
Black Basta Black Basta Ransomware Black Basta Ransomware gang Cyber Security Cyber Security Ransomware Attacks cybercrime group EU

European Authorities Identify Black Basta Suspects as Ransomware Group Collapses

 

Two Ukrainians are now under suspicion of aiding Black Basta, a ransomware network tied to Russia, after joint work by police units in Ukraine and Germany - this step adds pressure on the hacking group’s operations. The man believed to lead the gang, Oleg Evgenievich Nefedov, aged thirty-five and holding Russian citizenship, appears on key global alerts: one issued by the EU, another by INTERPOL. Though named, he remains at large. 

A Ukrainian cybercrime unit identified two people who handled technical tasks for a ransomware network, focusing on breaking into secured systems. These individuals worked by uncovering encrypted passwords through dedicated tools. Their job was to unlock access codes so others could move deeper. With those login details, associates entered company servers without permission. They installed malicious encryption programs afterward. Victims then faced demands for money before files would be released. 

Finding hidden data drives inside apartments across Ivano-Frankivsk and Lviv opened a path toward tracking illegal transactions. Though police stayed silent on custody details, they emphasized digital trails now feed directly into active probes. 

Emerging in April 2022, Black Basta quickly rose as a leading ransomware force worldwide. Over 500 businesses in North America, Europe, and Australia faced its attacks, bringing in hundreds of millions through crypto ransoms. Instead of acting alone, the group used a service-based approach, pulling in partners who received profit cuts for launching assaults on their behalf. 

Early in 2025, internal chat records from Black Basta were made public, showing how the group operated and naming those involved. Nefedov emerged as the central figure behind the network; his known aliases included Tramp, Trump, GG, and AA. Evidence within the files suggested ties between him and high-level individuals in Russian politics. Links to state security bodies like the FSB and GRU appeared in some messages. 

Such affiliations might explain why legal action against him never moved forward. The disclosure offered rare insight into an otherwise hidden criminal ecosystem. A report from June 2024 noted a short detention of Nefedov in Yerevan, Armenia; authorities let him go afterward. Although listed internationally as a fugitive, where he is now has not been confirmed - evidence suggests Russia may be harboring him. 

Some researchers connect Nefedov to Conti, a well-known ransomware outfit that ended in 2022. When Conti broke apart, new groups appeared - Black Basta, BlackByte, and KaraKurt among them. Following the split, ex-Conti members moved into different ransomware efforts, though certain ones eventually stopped operating. A different analysis by Analyst1 showed Black Basta made frequent use of Media Land - an internet host blacklisted by U.S., British, and Australian governments in late 2025 due to its resistance to takedown requests. 

According to officials in Germany, Nefedov was responsible for choosing victims, bringing in new people, handling payment talks after attacks, then splitting the money taken with others involved. After the leaks, activity from Black Basta's systems stopped. Its public leak page vanished by February. 

Still, security analysts note such criminal networks frequently reappear under different names or combine forces elsewhere. Data collected by ReliaQuest together with Trend Micro points toward ex-members possibly joining CACTUS. A sharp increase in victims claimed by CACTUS emerged right when Black Basta faded.
Read more »
malicious extensions
Chrome Extensions Cookies Cyber Security cybersecurity risks Google Chrome security malicious extensions

Malicious Chrome Extensions Target Enterprise HR and ERP Platforms to Steal Credentials

 

One after another, suspicious Chrome add-ons began appearing under false pretenses - each masquerading as helpful utilities. These were pulled from public view only after Socket, a cybersecurity group, traced them back to a single pattern of abuse. Instead of boosting efficiency, they harvested data from corporate systems like Workday, NetSuite, and SAP SuccessFactors. Installation counts climbed past 2,300 across five distinct apps before takedown. Behind the scenes, threat actors leveraged legitimate-looking interfaces to gain access where it mattered most. 

One investigation found that certain browser add-ons aimed to breach corporate systems, either by capturing login details or disrupting protective measures. Though appearing under distinct titles and author profiles, these tools carried matching coding patterns, operational frameworks, and selection methods - pointing to coordination behind their release. A person using the handle databycloud1104 was linked to four of them; another version emerged through a separate label called Software Access. 

Appearing alongside standard business applications, these extensions asked for permissions typical of corporate tools. One moment they promised better control over company accounts, the next they emphasized locking down admin functions. Positioned as productivity aids, several highlighted dashboard interfaces meant to streamline operations across teams. Instead of standing out, their behavior mirrored genuine enterprise solutions. Claiming to boost efficiency or tighten security, each framed its purpose around workplace demands. Not every feature list matched actual functionality, yet on the surface everything seemed aligned with professional needs. 

Yet the investigation revealed every extension hid its actual operations. Although privacy notices were present, they omitted details about gathering user data, retrieving login information, or tracking admin actions. Without visibility, these tools carried out harmful behaviors - such as stealing authentication cookies, altering webpage elements, or taking over active sessions - all while appearing legitimate. What seemed harmless operated differently beneath the surface. 

Repeated extraction of authentication cookies called "__session" occurred across multiple extensions. Despite user logout actions, those credentials kept reaching external servers controlled by attackers. Access to corporate systems remained uninterrupted due to timed transmissions. Traditional sign-in protections failed because live session data was continuously harvested elsewhere. 

Notably, two add-ons - Tool Access 11 and Data By Cloud 2 - took more aggressive steps. Instead of merely monitoring, they interfered directly with key security areas in Workday. Through recognition of page titles, these tools erased information or rerouted admins before reaching control panels. Pages related to login rules appeared blank or led elsewhere. Controls involving active sessions faced similar disruptions. Even IP-based safeguards vanished unexpectedly. Managing passwords became problematic under their influence. Deactivating compromised accounts grew harder. Audit trails for suspicious activity disappeared without notice. As a result, teams lost vital ground when trying to spot intrusions or contain damage. 

What stood out was the Software Access extension’s ability to handle cookies in both directions. Not only did it take cookies from users, but also inserted ones provided by attackers straight into browsers. Because of this, unauthorized individuals gained access to active sessions - no login details or extra verification steps required. The outcome? Full control over corporate accounts within moments. 

Even with few users impacted, Socket highlighted how compromised business logins might enable wider intrusions - such as spreading ransomware or extracting major datasets. After the discovery, the company alerted Google; soon after, the malicious add-ons vanished from the Chrome Web Store. Those who downloaded them should inform internal security staff while resetting access codes across exposed systems to reduce exposure. Though limited in reach, the breach carries serious downstream implications if left unchecked.
Read more »
Innovation
AI Deepfakes Artificial Intelligence Cyber Security Cyber Threats Financial Data Innovation

Why Cybersecurity Threats in 2026 Will Be Harder to See, Faster to Spread, And Easier to Believe

 


The approach to cybersecurity in 2026 will be shaped not only by technological innovation but also by how deeply digital systems are embedded in everyday life. As cloud services, artificial intelligence tools, connected devices, and online communication platforms become routine, they also expand the surface area for cyber exploitation.

Cyber threats are no longer limited to technical breaches behind the scenes. They increasingly influence what people believe, how they behave online, and which systems they trust. While some risks are still emerging, others are already circulating quietly through commonly used apps, services, and platforms, often without users realizing it.

One major concern is the growing concentration of internet infrastructure. A substantial portion of websites and digital services now depend on a limited number of cloud providers, content delivery systems, and workplace tools. This level of uniformity makes the internet more efficient but also more fragile. When many platforms rely on the same backbone, a single disruption, vulnerability, or attack can trigger widespread consequences across millions of users at once. What was once a diverse digital ecosystem has gradually shifted toward standardization, making large-scale failures easier to exploit.

Another escalating risk is the spread of misleading narratives about online safety. Across social media platforms, discussion forums, and live-streaming environments, basic cybersecurity practices are increasingly mocked or dismissed. Advice related to privacy protection, secure passwords, or cautious digital behavior is often portrayed as unnecessary or exaggerated. This cultural shift creates ideal conditions for cybercrime. When users are encouraged to ignore protective habits, attackers face less resistance. In some cases, misleading content is actively promoted to weaken public awareness and normalize risky behavior.

Artificial intelligence is further accelerating cyber threats. AI-driven tools now allow attackers to automate tasks that once required advanced expertise, including scanning for vulnerabilities and crafting convincing phishing messages. At the same time, many users store sensitive conversations and information within browsers or AI-powered tools, often unaware that this data may be accessible to malware. As automated systems evolve, cyberattacks are becoming faster, more adaptive, and more difficult to detect or interrupt.

Trust itself has become a central target. Technologies such as voice cloning, deepfake media, and synthetic digital identities enable criminals to impersonate real individuals or create believable fake personas. These identities can bypass verification systems, open accounts, and commit fraud over long periods before being detected. As a result, confidence in digital interactions, platforms, and identity checks continues to decline.

Future computing capabilities are already influencing present-day cyber strategies. Even though advanced quantum-based attacks are not yet practical, some threat actors are collecting encrypted data now with the intention of decrypting it later. This approach puts long-term personal, financial, and institutional data at risk and underlines the need for stronger, future-ready security planning.

As digital and physical systems become increasingly interconnected, cybersecurity in 2026 will extend beyond software and hardware defenses. It will require stronger digital awareness, better judgment, and a broader understanding of how technology shapes risk in everyday life.

Read more »
Malwares
Cyber Security GootLoader Malicious Codes Malicious Files Malware attacks Malwares

GootLoader Malware Uses Malformed ZIP Archives to Evade Detection

 

A fresh tactic has emerged among cybercriminals using GootLoader, a JavaScript-driven malware installer. Instead of standard compression, they now distribute broken ZIP files designed to slip past digital defenses. These flawed archives exploit differences across decompression programs - some fail to process them, others do so partially. This mismatch lets malicious code stay concealed during scans yet run normally when opened by users. Findings detailed by Expel show that inconsistent parsing logic in software plays right into attacker hands. Hidden scripts activate only when handled by specific tools found on typical machines. 

Starting with a strange structure, these harmful ZIP files combine around 500 to 1,000 smaller archives into one large package. Because of this layered setup, standard programs like WinRAR or 7-Zip cannot properly read them - tools often relied on during malware checks. Due to the confusion they create, automatic detection systems frequently skip examining what's inside. Yet, when opened through Windows’ own built-in decompression feature, the file works without issue. 

That smooth operation lets victims unknowingly unpack dangerous content. Since 2020, GootLoader has maintained a presence among cyber threats, primarily spreading via manipulated search results and deceptive online ads. People looking for official forms or corporate paperwork may unknowingly land on hacked WordPress sites offering infected files. These corrupted archives, once opened, trigger the payload delivery mechanism embedded within the software. Acting as a gateway tool, it paves the way for additional harmful programs - ransomware being one frequent outcome. 

The chain of infection begins quietly, escalating quickly under the radar. By late 2025, Expel researchers noticed subtle upgrades, showing how the attack method keeps shifting. Instead of just stacking archives, hackers shorten key metadata inside ZIP structures - especially tampering with the end of central directory entries. That tweak triggers failures in numerous analysis programs, yet files still open in Windows Explorer. 

Inside the package, unimportant sections get scrambled too, throwing off predictable reading patterns and making automated inspection harder. Researchers refer to this method as "hashbusting," delivering a distinct ZIP file to each target. Every time someone downloads it, differences in the archive's layout and data prevent standard hash checks from working. Even the JavaScript inside changes form with each instance. Detection systems relying on repeated patterns struggle as a result. 

 What makes the delivery hard to catch lies in its method. Rather than sending a typical ZIP archive, attackers transmit the malicious code as an XOR-encrypted flow of data, rebuilt only after reaching the target's browser. It grows by adding copies of itself over and over, expanding until it meets a specific volume - this skirts detection meant for compressed files. After launch, the script runs using built-in Windows tools, skipping any need to unpack completely, so the attack unfolds without drawing attention. 

Once active, it stays on the machine by placing shortcuts into the Windows Startup directory - then triggers further scripts through native utilities like cscript or PowerShell. From there, data collection begins: details about the system get pulled and sent back to distant servers that control the attack, setting up what comes next without delay. 

Although often overlooked, limiting access to built-in tools such as wscript.exe helps block common attack paths. Instead of running scripts automatically, setting systems to display code in basic viewers adds another layer of protection. As seen with GootLoader’s shifts over time, attackers now twist everyday OS functions into stealthy weapons, staying active even when defenses improve.
Read more »
URL
Artificial Intelligence Cyber Security Data Exfiltration Microsoft Copilot Reprompt URL

Security Researchers Warn of ‘Reprompt’ Flaw That Turns AI Assistants Into Silent Data Leaks

 



Cybersecurity researchers have revealed a newly identified attack technique that shows how artificial intelligence chatbots can be manipulated to leak sensitive information with minimal user involvement. The method, known as Reprompt, demonstrates how attackers could extract data from AI assistants such as Microsoft Copilot through a single click on a legitimate-looking link, while bypassing standard enterprise security protections.

According to researchers, the attack requires no malicious software, plugins, or continued interaction. Once a user clicks the link, the attacker can retain control of the chatbot session even if the chat window is closed, allowing information to be quietly transmitted without the user’s awareness.

The issue was disclosed responsibly, and Microsoft has since addressed the vulnerability. The company confirmed that enterprise users of Microsoft 365 Copilot are not affected.

At a technical level, Reprompt relies on a chain of design weaknesses. Attackers first embed instructions into a Copilot web link using a standard query parameter. These instructions are crafted to bypass safeguards that are designed to prevent direct data exposure by exploiting the fact that certain protections apply only to the initial request. From there, the attacker can trigger a continuous exchange between Copilot and an external server, enabling hidden and ongoing data extraction.

In a realistic scenario, a target might receive an email containing what appears to be a legitimate Copilot link. Clicking it would cause Copilot to execute instructions embedded in the URL. The attacker could then repeatedly issue follow-up commands remotely, prompting the chatbot to summarize recently accessed files, infer personal details, or reveal contextual information. Because these later instructions are delivered dynamically, it becomes difficult to determine what data is being accessed by examining the original prompt alone.

Researchers note that this effectively turns Copilot into an invisible channel for data exfiltration, without requiring user-entered prompts, extensions, or system connectors. The underlying issue reflects a broader limitation in large language models: their inability to reliably distinguish between trusted user instructions and commands embedded in untrusted data, enabling indirect prompt injection attacks.

The Reprompt disclosure coincides with the identification of multiple other techniques targeting AI-powered tools. Some attacks exploit chatbot connections to third-party applications, enabling zero-interaction data leaks or long-term persistence by injecting instructions into AI memory. Others abuse confirmation prompts, turning human oversight mechanisms into attack vectors, particularly in development environments.

Researchers have also shown how hidden instructions can be planted in shared documents, calendar invites, or emails to extract corporate data, and how AI browsers can be manipulated to bypass built-in prompt injection defenses. Beyond software, hardware-level risks have been identified, where attackers with server access may infer sensitive information by observing timing patterns in machine learning accelerators.

Additional findings include abuses of trusted AI communication protocols to drain computing resources, trigger hidden tool actions, or inject persistent behavior, as well as spreadsheet-based attacks that generate unsafe formulas capable of exporting user data. In some cases, attackers could manipulate AI development platforms to alter spending controls or leak access credentials, enabling stealthy financial abuse.

Taken together, the research underlines that prompt injection remains a persistent and evolving risk. Experts recommend layered security defenses, limiting AI privileges, and restricting access to sensitive systems. Users are also advised to avoid clicking unsolicited AI-related links and to be cautious about sharing personal or confidential information in chatbot conversations.

As AI systems gain broader access to corporate data and greater autonomy, researchers warn that the potential impact of a single vulnerability increases substantially, underscoring the need for careful deployment, continuous monitoring, and ongoing security research.


Read more »
Subscribe to: Comments (Atom)