In this week’s bulletin, we will look at how hackers burst the iPhone’s “unhackable” bubble, a global automaker suffered a data breach, and how ChatGPT remained in the news for the wrong reasons. Stay informed to maintain your phishing protection measures consistent.
Forensics Confirm Involvement of North Korean Hackers in 3CX Supply Chain Attack
VoIP IPBX software development firm 3CX recently reported a supply chain attack where cybercriminals had targeted and infected its desktop apps’ macOS and Windows versions. Now, the forensic analysis has revealed additional details of a new malware family and threat actor attribution.
- Mandiant published a report based on the forensic analysis revealing that the UNC4736 group had targeted 3CX systems with multiple malware strains, accompanying Gopuram and AppleJeus malware.
- For targeting Windows devices, attackers used Taxhaul (or TxRLoader), which they used to deploy a second-stage payload called Coldcat.
- The experts named the backdoor used for targeting macOS machines SIMPLESEA. Mandiant did not confirm if it is a new malware or overlaps with any existing malware family.
Cybercriminals Hack iPhones to Drop QuaDream’s KingsPawn Spyware
An Israeli firm QuaDream has developed a new commercial spyware KingsPawn which cybercriminals are using to target the iPhones of high-risk individuals.
Image sourced from nordvpn.com
The attackers abused a zero-day flaw ENDOFDAYS in iPhones running iOS 1.4 to 14.4.2 and launched attacks between January and November 2021. They leveraged invisible and backdated iCloud calendar invitations.
Hackers begin the attack by sending backdated iCloud calendar invitations to targeted iOS devices. The iPhones add these invites to the victim’s calendar without any prompt or notification. It further allows cybercriminals to execute ENDOFDAYS exploit without interacting with the users, who remain unaware of the attack.
The compromised iPhones belonged to users of North America, Central Asia, Europe, the Middle East, and Southeast Asia. Furthermore, the victims mainly included NGO workers, journalists, and political opposition figures.
CERT-In – Indonesian Hackers Can Target Indian Government Websites
CERT-In issued an ‘Urgent- High Alert’ anticipating possible attacks on over 12,000 Central and state government websites. The agency warned all central and state departments to remain alert and report any suspicious activities.
After the alert, the departments, including defense, law enforcement agencies, critical installations, and vital establishments, braced up to thwart the attacks.
CERT-In said in the alert, ” An Indonesian hacktivist group is claiming to target 12,000 Indian websites, and the cybercriminals are launching DoS/DDoS attacks.”
The agency claims the attackers also released a list of Central and state government websites. It has communicated to all concerned departments and wings to stay alert and initiate preventive measures.
Hyundai Suffered A Data Breach Impacting French And Italian Customers
Hyundai recently suffered a data breach impacting Italian and French car owners and individuals who booked a test drive. Threat actors accessed the victims’ e-mail addresses, telephone numbers, physical addresses, and vehicle chassis numbers.
The company sent a data breach letter to the impacted individuals, informing them that an unauthorized third party had accessed their customer database. Additionally, Hyundai Italy hired external cybersecurity experts to determine the incident’s scope and notified the privacy watchdog.
In response to the incident, Hyundai has taken the impacted systems offline. It also warned affected individuals to remain cautious about unsolicited contact attempts via text message or e-mail.
FBI Warns People Against Using Public Charging Stations
The FBI says you must think twice before plugging your devices into public charging stations.
It posted on Twitter, “Avoid using free charging stations in hotels, airports or shopping centers. Cybercriminals have figured out ways to utilize public USB ports to inject malware and monitoring software onto your devices.”
“Cybersecurity experts warn that threat actors can load malware onto public USB charging stations and maliciously access devices while they are getting charged,” the FCC says. If your mobile gets infected by malware through a dirty USB port, it can export passwords and personal data to cyber criminals or lock your device.
“Cybercriminals can use the information to access your online accounts or sell it on the dark web,” the FCC added.
Samsung Employees Unknowingly Leak Company Data By Using ChatGPT
Samsung employees unwittingly shared internal documents, including source code and meeting notes, with the popular chatbot service. ChatGPT uses data entered by the users to train itself and build experience, and there is a risk that the popular chatbot can make it available to other users. So how did the trained Samsung engineers commit such a mistake?
They asked the chatbot to assess their company source code and optimize test sequences for fault identification in the chips they were designing. According to Techradar, in less than a month, Samsung suffered three data leaks because their employees leaked sensitive information via ChatGPT.
“In another case, a Samsung employee used ChatGPT for converting meeting notes into a presentation, which contained contents that Samsung would not have liked to share with external third parties,” reported TechRadar.