AboutDFIR.com – The Definitive Compendium Project
Digital Forensics & Incident Response

Blog Post

InfoSec News Nuggets 01/18/2023

Feds Seize WeLeakInfo.com for Selling Access to Stolen Data 

The FBI has shut down a website that offered hackers easy access to 12 billion records stolen in thousands of data breaches. On Thursday, the Justice Department announced(Opens in a new window) it had seized the internet domain to WeLeakInfo.com, a site that was cataloging data taken from more than 10,300 data breaches at various companies and websites over the years. Customers could pay as little as $2 to gain access to the massive trove of data, which was carefully indexed and searchable. In return, subscribers could look up a person’s email address to find out what previously leaked passwords, names, phone numbers, and IP addresses had been associated with it. 

 

Security experts develop method of generating ‘highly evasive’ polymorphic malware using ChatGPT 

Security researchers have demonstrated that ChatGPT can generate polymorphic malware that goes undetected by “most anti-malware products”. It took experts at CyberArk Labs weeks to create a proof-of-concept for the highly evasive malware but finally developed a way to execute payloads using text prompts on a victim’s PC. Testing the method on Windows, the researchers said a malware package could be created that contained a Python interpreter and this can be programmed to periodically query ChatGPT for new modules. These modules could contain code – in the form of text – defining the functionality of the malware, such as code injection, file encryption, or persistence. 

 

AI Research Task Force Votes to Send Final Report to Congress, President 

A majority of the National Artificial Intelligence Research Resource Task Force voted on Friday to approve the group’s report—an implementation plan and roadmap for a resource infrastructure supporting AI research—that will be sent to Congress and President Joe Biden in the next couple of weeks. The task forcelaunched in July 2021—is a result of the National AI Initiative Act of 2020, which asked the National Science Foundation, in conjunction with the White House’s Office of Science and Technology Policy, to examine the possibility of creating that resource—dubbed the  National AI Research Resource, or NAIRR—and to produce a plan outlining how this “could be established and sustained.” The task force is composed of government, academic and private sector members.  

 

Ransomware attack on maritime software impacts 1,000 ships 

About 1,000 vessels have been affected by a ransomware attack against a major software supplier for ships. Oslo-based DNV – one of the world’s largest maritime organizations – said it was hit with ransomware on the evening of January 7 and was forced to shut down the IT servers connected to their ShipManager system. “DNV is communicating daily with all 70 affected customers to update them on findings of the ongoing forensic investigations. In total around 1000 vessels are affected,” DNV said in a statement on Monday. “All users can still use the onboard, offline functionalities of the ShipManager software. There are no indications that any other software or data by DNV is affected. The server outage does not impact any other DNV services.” 

 

FTX says $415 million in crypto was hacked 

Bankrupt crypto exchange FTX said in a report to creditors on Tuesday that about $415 million in cryptocurrency had been stolen as a result of hacks. Some $323 million in crypto had been hacked from FTX’s international exchange and $90 million had been hacked from its U.S. exchange since it filed for bankruptcy on Nov. 11, CEO John Ray said in a separate statement on Tuesday. FTX founder Sam Bankman-Fried has been accused of stealing billions of dollars from FTX customers to pay debts incurred by his crypto-focused hedge fund, Alameda Research. Bankman-Fried has pleaded not guilty to fraud charges. 

 

Nissan Supplier Leaked Data on Thousands of Customers 

Nissan North America has informed thousands of customers that their personal information may have been accessed by an unauthorized third party, after a mistake by a supplier. Nearly 18,000 individuals were impacted by the incident, which occurred on June 21 but was not fully discovered until September 26 2022, according to a breach notification published by the Office of the Maine Attorney General. Nissan had provided a third-party developer with the data in order to test its software, the letter to affected customers read. “On June 21 2022, Nissan received notice that certain data it provided for software testing had inadvertently been exposed by the third-party service provider,” it continued. 

Related Posts