ChatGPT, MOVEit hacking and Pandora

ESET Search

An AI chatbot inadvertently triggers a cybercrime boom, ransomware bandits raid organizations without deploying ransomware, and a new botnet enslaves Android TV boxes

ESET research podcast: ChatGPT, the MOVEit hack and Pandora

In this episode of the ESET Research Podcast, we break down the most interesting findings from the ESET Threat Report H2 2023, including threat actors looking to capitalize on the AI ​​hype, likely the biggest cyber incident recorded all year , and a new threat lurks the Android and IoT space.

The rapid growth of AI-powered chatbots like ChatGPT has triggered a parallel increase in cybercrime. The blocking of more than 675,000 attempts in 2023 to access malicious domains imitating this popular chatbot indicates that cybercriminals have found fertile ground.

Some of these domains present themselves as Bring Your Own Key web apps, which require users to share their OpenAI API keys. But these apps could steal your keys, resulting in unexpected charges for using the API. To avoid this, it is crucial to never share your API key.

The cybercrime landscape is not limited to AI enthusiasts. Earlier this year the Cl0p ransomware group carried out a massive attack by exploiting a zero-day vulnerability in the MOVEit transfer software. Over 2,600 organizations were affected, with estimated financial damage reaching a staggering $14 billion. Cl0p leaked the stolen information via the dark web, torrents, and clear web, intensifying the pressure on victims.

Meanwhile, the world of IoT is grappling with its share of problems. In 2023, the Pandora botnet emerged, compromising Android devices, especially Android TV boxes. This malware, based on the leaked source code of the Mirai malware, can be spread via malicious firmware updates or via apps that offer pirated content.

Faced with these cyber threats, users need to be careful when downloading apps, especially those that promise free content. Keeping your devices updated and using reliable security solutions offers an essential level of protection against cybercrime.

For all these topics and more from the ESET Threat Report, listen to the latest episode of the ESET Research podcast, hosted by Aryeh Goretsky. This time he directed his questions to one of the report’s authors, security awareness specialist René Holt.

For the full report from the second half of 2023, including other topics such as a new family of Android spyware, an update on the demise of the Mozi botnet, the rise of cryptocurrency thief Lumma Stealer, and the latest developments in the Magecart scene, read the full report Here.


  • ChatGPT 1:07
  • MOVEit hack 5:46
  • Pandora Botnet 8:57

Source link

Leave a Reply

Your email address will not be published. Required fields are marked *