In cybersecurity, attackers and defenders are always trying to beat each other. The former seeks new ways that can circumvent the defense put in place by the latter. It might look like in the movies, but in reality, there are lives, money, and reputation at stake. At the end of the day, it's good news when the defenders come out on top.
Now, defenders are embracing the prompt injection, too
That awesome moment when you turn the weapon against the attackers and you feel so good about yourself; this is an example. For months, we have read how attackers use prompt injections to bypass LLMs guardrails. Now, defenders are using it to shut them down!
Here is how the defenders pulled it off:
Researchers from Tracebit on Monday said they found that placing prompt injections alongside passwords, cryptographic keys, and other secrets stored on Amazon Web Services was often all that was needed to shut down attacks from AI hacking agents.
The prompts direct the attacking LLM to perform an action forbidden by its guardrails, the safety barriers AI developers erect to prevent it from taking harmful actions. The LLM responds by shutting down.
New ClickLock macOS Stealer Kills Apps Every 210ms Until Victims Type Their Password
It's quite funny to read through the article. And I bet it will be frustrating for anyone who falls victim. I mean, a constant dialog box telling you to enter your password while at the same time killing some apps that will make you productive? And if you eventually type your password (which you should not), you hand over some personal details like Keychain, browser credentials, and crypto wallets to the attackers.
Here are the affected regions so far:
Group-IB's telemetry counts at least 100 targets across 33 countries since May, over half of them in Europe. Its analysts assume from the code structure that the malware is still under development. Uploaded to VirusTotal on June 9, the orchestrator script had zero detections there when Group-IB analyzed it.
New TELEPUZ Malware Spreads via ClickFix to Steal Data and Run Commands
For some while, ClickFix attacks have been in the news. This one is no different; I added it to further raise your awareness that the threat is still out there.
In the case of this TELEPUZ malware, here is how the attack works:
The ClickFix attack chain linked to TELEPUZ results in the execution of PowerShell, which downloads a second-stage payload from a remote URL and executes it.
The payload is a Go variant of the Vidar Stealer, which is known to harvest sensitive data from infected hosts and deploy secondary malware, in this case a stager binary that's responsible for launching TELEPUZ ("telepuz.dll") using "rundll32.exe."
Spirals ransomware locks down victim systems in under 24 hours
I know that it's just another ransomware. So, why is it special? Well, at the time of writing, there is only ONE confirmed victim. Therefore, by the time that you're reading this, there is possiblity of more victims.
Here is what's going on:
Spirals is written in Rust and encrypts files using a separate AES-128 key per file, each wrapped with an attacker-controlled ECDH P-256 public key. To speed up encryption, files larger than 5 MB are encrypted in chunks.
Victims were left with a ransom note, RECOVERY_SECTION.log, directing them to a Tor negotiation site and threatening to leak stolen data within six days if no payment was made.
The script, not the voice, is what makes AI voice phishing work
We have reached an age where you must not believe that the voice at the end of the end is who you think it is. If you work in an environment where you receive phone calls a lot, especially from a higher authority telling you to do some task, have a way to verify that it's really them. I will suggest, as also stated at the end of the article, something like a code word that only the two party knows, i.e., you and the person calling you.
From the article:
Industrial scam operations in Southeast Asia have run voice fraud at volume for years on labor costs nowhere near that. Vishing was economical before any of this. The change AI brings is the removal of language, staffing and geography as constraints, which is a different claim and a more defensible one.
Credits
Cover photo by Debby Hudson on Unsplash.
That's it for this week, and I'll see you next time.
Top comments (0)