Hackers have manipulated Anthropic’s Claude AI chatbot to launch ransomware campaigns, phishing schemes, and extortion operations, according to a recent company report. The attacks, which targeted at least 17 organisations, demonstrate how individuals with little or no technical expertise used AI tools to carry out sophisticated cybercrime. Anthropic revealed that its chatbot was used to...Read More
Cybersecurity company ESET has disclosed that it discovered an artificial intelligence (AI)-powered ransomware variant codenamed PromptLock. Written in Golang, the newly identified strain uses the gpt-oss:20b model from OpenAI locally via the Ollama API to generate malicious Lua scripts in real-time. The open-weight language model was released by OpenAI earlier this month. “PromptLock leverages Lua...Read More
A financially motivated threat group operating since 2021 has refined its technical tradecraft, honing its focus on cloud-based systems that allow it to expand ransomware operations beyond the scope of on-premises infrastructure, Microsoft Threat Intelligence said in a report released Wednesday. By leveraging cloud-native capabilities, Storm-0501 has exfiltrated large volumes of data with speed, destroying...Read More
Although Storm-0501 had valid credentials, it didn’t have the necessary second MFA factors, nor was it able to satisfy policy conditions. They could, however, leverage on-premises control to pivot across Active Directory domains and find a non-human synced global admin identity that lacked MFA to reset the user’s on-premises password, sign in to the Azure...Read More
In the shadowy underbelly of cybersecurity, a chilling evolution is unfolding: ransomware, long a scourge of digital networks, is now being supercharged by artificial intelligence. Cybercriminals are harnessing generative AI tools to craft more sophisticated, evasive strains of malware, marking a pivotal shift in how threats are conceived and deployed. Recent discoveries highlight this trend,...Read More
AI firm Anthropic revealed today that its advanced AI models are being actively weaponized by cybercriminals for sophisticated, end-to-end attacks. In a new threat intelligence report, the company details a disturbing trend it calls “vibe-hacking,” where a single malicious actor uses an AI agent like Claude as both a technical consultant and an active operator....Read More
A suspected ransomware attack on Miljödata, a Swedish software provider used for managing sick leave and similar HR reports, is believed to have impacted around 200 of the country’s municipal governments. The attack was detected on Saturday, according to the company’s chief executive Erik Hallén. The attackers are attempting to extort Miljödata, police told local...Read More
Researchers at cybersecurity firm ESET have discovered what they said is the “first known AI-powered ransomware” strain. Dubbed ‘PromptLock’, researchers said it uses OpenAI’s open source gpt-oss:20b model, released earlier this month, locally via the Ollama API to generate malicious Lua scripts on the fly, which it then executes. “PromptLock leverages Lua scripts generated from...Read More
The Underground ransomware gang has been coordinating recurring attacks on enterprises throughout the globe in a worrying increase in cyber risks. They have demonstrated sophisticated malware engineering that blends cutting-edge encryption techniques with focused penetration measures. First detected in July 2023, the group resurfaced in May 2024 with a revamped Dedicated Leak Site (DLS), where...Read More
