Artificial intelligence that generates malicious code can easily attack novice hackers 사진 확대 AI image generated by ChatGPT. When a user requests “create ransomware code” in a typical interactive artificial intelligence (AI) chat window that looks like ChatGPT, hundreds of lines of code that can make malicious software appear in an instant. The AI’s output...Read More
An Armenian national is in federal custody and faces charges stemming from their alleged involvement in a spree of attacks in 2019 and 2020 involving Ryuk ransomware, the Justice Department said Wednesday. Karen Serobovich Vardanyan, 33, was extradited from Ukraine to the United States on June 18 and pleaded not guilty to the charges in...Read More
A new Ransomware-as-a-Service (RaaS) operation named ‘Global Group’ has surfaced on underground forums, positioning itself as a rebranded successor to the Black Lock and Mamona ransomware campaigns. According to an in-depth analysis by EclecticIQ, the threat actor behind this group, who uses the moniker “$$$,” has launched an advanced extortion platform with artificial intelligence–powered ransom...Read More
A sophisticated cyberattack campaign has emerged in July 2025, weaponizing Microsoft Teams calls to deploy the latest iteration of Matanbuchus ransomware. The attack begins with adversaries impersonating IT helpdesk personnel through external Teams calls, leveraging social engineering tactics to convince employees to execute malicious scripts. During these fraudulent support sessions, attackers activate Quick Assist and...Read More
Jul 16, 2025Ravie LakshmananThreat Intelligence / Vulnerability Cybersecurity researchers have flagged a new variant of a known malware loader called Matanbuchus that packs in significant features to enhance its stealth and evade detection. Matanbuchus is the name given to a malware-as-a-service (MaaS) offering that can act as a conduit for next-stage payloads, including Cobalt Strike...Read More
Publicly disclosed ransomware attacks targeting the retail sector globally have surged by 58% in Q2 2025 compared to Q1, with UK-based firms bearing the brunt of this targeting, according to new data from BlackFog. The findings follow a spate of high-profile retailers reporting attacks during April-June 2025. This includes the trio of ransomware attacks on...Read More
A threat actor has been deploying a previously unseen malware called OVERSTEP that modifies the boot process of fully-patched but no longer supported SonicWall Secure Mobile Access appliances. The backdoor is a user-mode rootkit that allows hackers to hide malicious components, maintain persistent access on the device, and steal sensitive credentials. Researchers at Google Threat...Read More
Italian police have dismantled a Romanian ransomware gang that targeted civil rights groups, design and film production companies, as well as international nonprofits in northern Italy, authorities said this week. The group, known as “Diskstation,” is accused of encrypting victims’ systems and demanding large cryptocurrency ransoms to restore access to their data, Italy’s Postal and...Read More
Index Engines has a newly patented process for continuous training of AI/ML models on real-world attack patterns. The company supplies a CyberSense product that uses AI and machine learning analysis to check changes in unstructured data content over time in order to detect suspicious behavior and ransomware-related corruption. Storage suppliers using CyberSense include Hitachi Vantara,...Read More
Data protection and cyber recovery solutions company Index Engines Inc. today announced a newly granted patent for its artificial intelligence-powered process that automates the collection, detection and behavioral analysis of ransomware. The patented process, developed in the company’s CyberSense Research Lab, enables automated ingestion and detonation of real ransomware samples in a secure environment. The...Read More
