Tuesday, July 16, 2024

650,000+ Malicious Domains Registered Resembling ChatGPT

Hackers abuse the ChatGPT name for malicious domains to exploit the credibility associated with the ChatGPT model, deceiving users into trusting fraudulent websites. 

Leveraging the model’s reputation enables them to trick individuals into:-

  • Revealing sensitive information
  • Downloading malicious content

H2 2023’s ransomware from ESET highlight isn’t typical, as it’s the “MOVEit hack” by the Russian ransomware group Cl0p, and here below, we have mentioned all the other names of Cl0p:-

  • Lace Tempest
  • FIN11
  • TA505
  • Evil Corp

This ransomware group is well-known for using ransomware in large-scale hacks; this time, their massive campaign used a zero-day vulnerability (CVE-2023-34362) in MOVEit on May 27.

Free Webinar

Fastrack Compliance: The Path to ZERO-Vulnerability

Compounding the problem are zero-day vulnerabilities like the MOVEit SQLi, Zimbra XSS, and 300+ such vulnerabilities that get discovered each month. Delays in fixing these vulnerabilities lead to compliance issues, these delay can be minimized with a unique feature on AppTrana that helps you to get “Zero vulnerability report” within 72 hours.

The flaw, held since 2021, enabled unauthorized access, showcasing Cl0p’s evolution beyond traditional ransomware exploits. Recently, the cybersecurity researchers at ESET discovered more than 650,000 malicious domains registered resembling ChatGPT.

Massive Ransomware Attacks

The Russian ransomware group, Cl0p, hit global firms and US agencies in this attack. A notable change is that now they leak data on the open web if the ransom isn’t paid, it’s a tactic shared with the ALPHV ransomware gang.

The FBI notes ransomware evolving with multi-variant attacks like:-

  • Deployment of multiple ransomware variants
  • Use of wipers following data theft and encryption

In IoT, cybersecurity researchers find and disable the Mozi botnet with a discovered kill switch.

The Mozi botnet, which has been among the largest in three years, fell suddenly, prompting questions on kill switch use by developers or Chinese authorities. 

Besides this, the new threat, Android/Pandora, hits the following types of Android devices for DDoS attacks in the same landscape:-

  • Smart TVs
  • TV boxes
  • Mobile devices

Cybersecurity researchers pinpoint the campaigns hitting ChatGPT users and numerous tries to access shady domains like-

  • chapgpt

Apart from this, the threats include insecure handling of OpenAI API keys, stressing the need for key privacy protection.

Cybersecurity analysts discovered a significant surge in the use of Android spyware like “SpinOk.” H2 2023 sees a surge in three-year-old JS/Agent and persistent Magecart attacks on unpatched websites. 

Moreover, the prevention is possible with better security measures by developers and admins.

Cryptostealers surge with Lumma Stealer, a malware-as-a-service infostealer targeting crypto wallets. But, Bitcoin’s value rises without matching the increased cryptocurrency threats. 

All these evolutions in the cybersecurity landscape highlight the diverse threat tactics.


Latest articles

HardBit Ransomware Using Passphrase Protection To Evade Detection

In 2022, HardBit Ransomware emerged as version 4.0. Unlike typical ransomware groups, this ransomware...

New Poco RAT Weaponizing 7zip Files Using Google Drive

The hackers weaponize 7zip files to pass through security measures and deliver malware effectively.These...

New ShadowRoot Ransomware Attacking Business Via Weaponized PDF’s

X-Labs identified basic ransomware targeting Turkish businesses, delivered via PDF attachments in suspicious emails...

Hacktivist Groups Preparing for DDoS Attacks Targeting Paris Olympics

Cyble Research & Intelligence Labs (CRIL) researchers have identified a cyber threat targeting the...

Critical Cellopoint Secure Email Gateway Flaw Let Attackers Execute Arbitrary Code

A critical vulnerability has been discovered in the Cellopoint Secure Email Gateway, identified as...

Singapore Banks to Phase out OTPs for Bank Account Logins Within 3 Months

The Monetary Authority of Singapore (MAS) and The Association of Banks in Singapore (ABS)...

GuardZoo Android Malware Attacking military personnel via WhatsApp To Steal Sensitive Data

A Houthi-aligned group has been deploying Android surveillanceware called GuardZoo since October 2019 to...
Tushar Subhra Dutta
Tushar Subhra Dutta
Tushar is a Cyber security content editor with a passion for creating captivating and informative content. With years of experience under his belt in Cyber Security, he is covering Cyber Security News, technology and other news.

Free Webinar

Low Rate DDoS Attack

9 of 10 sites on the AppTrana network have faced a DDoS attack in the last 30 days.
Some DDoS attacks could readily be blocked by rate-limiting, IP reputation checks and other basic mitigation methods.
More than 50% of the DDoS attacks are employing botnets to send slow DDoS attacks where millions of IPs are being employed to send one or two requests per minute..
Key takeaways include:

  • The mechanics of a low-DDoS attack
  • Fundamentals of behavioural AI and rate-limiting
  • Surgical mitigation actions to minimize false positives
  • Role of managed services in DDoS monitoring

Related Articles