Search This Blog

Powered by Blogger.

Blog Archive

Labels

Showing posts with label Cybersecurity Warning. Show all posts

Experts Warn: AI Chatbots a ‘Treasure Trove’ for Criminals, Avoid 'Free Accounts

 

Cybersecurity experts have informed The U.S. Sun that chatbots represent a "treasure trove" ripe for exploitation by criminals. The intelligence of artificial intelligence chatbots is advancing rapidly, becoming more accessible and efficient.

Because these AI systems mimic human conversation so well, there's a temptation to trust them and divulge sensitive information.

Jake Moore, Global Cybersecurity Advisor at ESET, explained that while the AI "models" behind chatbots are generally secure, there are hidden dangers.

"With companies like OpenAI and Microsoft leading the development of chatbots, they closely protect their networks and algorithms," Jake stated. "If these were compromised, it would jeopardize their business future."

A New Threat Landscape

Jake pointed out that the primary risk lies in the potential exposure of the information you share with chatbots.

The details you share during chatbot interactions are stored somewhere, similar to how texts, emails, or backup files are stored. The security of these interactions depends on how well they are stored. "The data you input into chatbots is stored on a server and, despite encryption, could become as valuable as personal search histories to cybercriminals," Jake explained.

"There is already a significant amount of personal information being shared. With the anticipated launch of OpenAI's search engine, even more sensitive data will be at risk in a new and attractive space for criminals."

Jake emphasized the importance of using chatbots that encrypt your conversations. Encryption scrambles data, making it unreadable to unauthorized users.

Fortunately, OpenAI guarantees that all ChatGPT conversations are end-to-end encrypted, whether you're a free or paid user. Avoid sharing personal thoughts and intimate details, as they could be accessed by others. 

However, some apps may charge for encryption or not offer it at all. Even encrypted conversations may be used to train chatbot models, although ChatGPT allows users to opt-out and delete their data.

"People must be careful about what they input into chatbots, especially in free accounts that don’t anonymize or encrypt data," Jake advised.

Further, security expert Dr. Martin J. Kraemer from KnowBe4 emphasized the need for caution.

"Never share sensitive information with a chatbot," Dr. Kraemer advised. "You may need to share certain details like a flight booking code with an airline chatbot, but that should be an exception. It's safer to call directly instead of using a chatbot. Never share your password or other authentication details with a chatbot. Also, avoid sharing personal thoughts and intimate details, as these could be accessed by others."

The Lazarus Hacking Group's Covert Strategy: Utilizing MagicLine4NX Software in a Global Supply-Chain Assault

 

In a joint effort, the National Cyber Security Centre (NCSC) and South Korea's National Intelligence Service (NIS) have issued a serious warning about the activities of the Lazarus hacking group, associated with North Korea. The group is exploiting a zero-day vulnerability found in the widely-used MagicLine4NX software, leading to a series of sophisticated supply-chain attacks affecting various entities globally.

The MagicLine4NX software, developed by Dream Security in South Korea, is a crucial joint certificate program for secure logins and digital transactions. Exploiting a vulnerability in this software, cyber actors gained unauthorized access to the intranets of targeted organizations, breaching security authentication systems in the process.

The joint advisory revealed, "Cyber actors utilized the software vulnerabilities to gain unauthorized access to the intranet of a target organization. They exploited the MagicLine4NX security authentication program for initial intrusion and a zero-day vulnerability in network-linked systems to move laterally, accessing sensitive information."

The intricate attack chain began with a watering hole attack, a tactic where hackers compromise websites frequented by specific users. In this case, state-sponsored hackers infiltrated a media outlet's website, embedding malicious scripts into an article. The attack specifically targeted visitors using certain IP ranges. When visitors employed the MagicLine4NX authentication software and accessed the compromised website, the embedded code executed, providing hackers with complete control over the system.

Subsequently, the attackers accessed an internet-side server from a network-connected PC, exploiting system vulnerabilities. They then spread the malicious code to a business-side server via a network-linked system's data synchronization function.

Despite security measures, the threat actors persisted in attempting to infiltrate business PCs with the aim of extracting sensitive information. The malware established a connection to two C2 servers—one serving as a gateway within the network-linked system and the other located externally on the internet. The report noted, "The malicious code attempted to move data from the internal server to the external server but was thwarted by the security policy. Had it succeeded, substantial internal network information might have been compromised."

The warning emphasized the severity of such attacks, citing previous supply chain intrusions by North Korea-linked APT groups. Notably, the Labyrinth Chollima APT targeted VoIP software maker 3CX, leading cybersecurity vendors to detect the popular software as malware. In a separate incident, Microsoft Threat Intelligence researchers exposed a supply chain attack by APT Diamond Sleet (ZINC), affecting over 100 devices across Japan, Taiwan, Canada, and the United States.

As cybersecurity agencies work to contain these threats, the increasing sophistication of these attacks underscores the urgent need for heightened vigilance and robust security measures against supply-chain vulnerabilities.