Cybersecurity News & Trends – 04-06-2023

April is fully underway, and SonicWall has continued to captivate media. American Security Today cited data from the 2023 Cyber Threat Report while DL News and TechNewsWorld quoted SonicWall’s senior manager of product security, Immanuel Chavoya.

In industry news, Dark Reading has a story on a security researcher tricking ChatGPT into creating an undetectable malware tool. TechCrunch provides insight into the Western Digital data breach. Hacker News breaks down Operation Cookie Monster and the fall of Genesis Market. Bleeping Computer dives into details on an IRS-approved tax software spreading malware.

Remember to keep your passwords close and your eyes peeled — cybersecurity is everyone’s responsibility.

SonicWall News

North Korea accelerates nuclear missile programme with ‘treasure sword’ — $1.7bn from crypto heists

DL News, SonicWall News: “As for individual crypto investors, they should be aware of the risks of having their assets in these exchanges,” said Chavoya. “North Korean crypto hacking is so important to the Kim regime that it is going to continue scaling despite tighter restrictions,” Chavoya said.

Hackers Are Cashing in With Hijacked IP Addresses

TechNewsWorld, SonicWall News: These apps are often promoted via referral programs, with many notable “influencers” promoting them for passive income opportunities, said Immanuel Chavoya, the senior manager of product security at SonicWall, a network firewall maker in Milpitas, Calif.

Behavior-Based Security Training to Stem Tide of Cybersecurity Breaches

American Security Today, SonicWall News: In the first half of 2022, SonicWall detected 270,228 never-before-seen malware variants. That’s an average of 1,500 new variants per day.

Silence gets you nowhere in a data breach

TechCrunch, SonicWall News: Attackers are increasingly targeting smaller businesses – as outlined in the 2023 SonicWall Cyber Threat Report – due to the fact they are seen as easier targets than large companies. This means that your startup is likely to get compromised at some point.

SonicWall CEO: Success will come from listening to partners

Microscope, SonicWall News: “I kind of flipped the sales team upside down to really make the team aligned with our partners,” he said. “Our partners are a force multiplier, one of our key differentiators. Not diminishing our product capabilities, but from the-go-to market standpoint, I really leaned into better aligning, and better listening to our channels where they were going with their businesses, requirements, needs and pain points.

Malware attacks on IoT and cryptojacking are growing in 2022

Computer Weekly (Spain), SonicWall News: Despite the 21% drop in ransomware globally, 2022 was the second year with the highest number of attack attempts with 493.3 million, SonicWall, which also reported a 2% increase in malware, 87% in IoT malware and 43% in cryptojacking.

DC Health Link Breach Exposes Private Information of Lawmakers

InformationWeek, SonicWall News: The healthcare industry is a popular target for breaches. Care providers and insurance companies safeguard valuable data. “Threat actors believe that healthcare providers and related organizations have no option but to pay the ransom, as restoring operations can mean the difference between life and death,” Immanuel Chavoya, threat detection and response strategist at cybersecurity company SonicWall, points out.

Ferrari in Italy targeted in cyber attack

MotorTrader, SonicWall News: In the UK, dealer groups Pendragon and Arnold have been targeted for cyber crime. According to the cyber security 2023 SonicWall Threat Report the UK is the 2nd most attacked country in the world, after the US. It said ransomware attacks last year doubled.

Covert Cyberattacks on The Rise as Attackers Shift Tactics for Maximum Impact

HelpNetSecurity, SonicWall News: 2022 was the second-highest year on record for global ransomware attempts, as well as an 87% increase in IoT malware and a record number of cryptojacking attacks (139.3 million), according to SonicWall.

2023 Could Be the Biggest Ever Year for Cybercrime

TechRadarPro, SonicWall News: 2023 could very well be the biggest year ever for cybercriminals, new figures have claimed. According to SonicWall’s latest figures, cybercrime is on the rise across the board, but trends are slowly shifting which is something IT security teams should keep in mind. More precisely, hackers are opting for a “slow and low” approach, keeping stealthy while trying to achieve financially-motivated goals.

Spikes In IoT Malware, Cryptojacking Offset Decline in Ransomware In 2022

MSSP Alert, SonicWall News: SonicWall researchers recorded the second-highest year on record for global ransomware attempts but it was an 87% increase in Internet of Things (IoT) malware and a record number of cryptojacking attacks (139.3 million) that signaled a shift in the overall threat landscape in 2022, the company said in a new report.

Cybercrime Spiked In 2022 — And This Year Could Be Worse

Digital Trends, SonicWall News: Last year saw a massive spike in cybercrime, with some types of malicious digital activity rising by as much as 87%. It doesn’t bode well — but there were a couple of relative bright spots. That information comes from a new report published by cybersecurity firm SonicWall. It makes for interesting reading, especially since one of the biggest rises came from an unusual source — and one of the most feared types of malware saw a hefty drop.

Industry News

ChatGPT Tricked into Creating Undetectable Malware

Every time we think OpenAI’s ChatGPT has hit a wall, something new happens and makes us reassess its potential – for both good and evil. This week, a security researcher has somehow fooled ChatGPT’s anti-malicious-use protocols and convinced the artificial intelligence to create an undetectable steganography malware. According to Dark Reading, the researcher had zero experience writing malware. The user simply coaxed ChatGPT into performing multiple simple prompts that eventually resulted in an undetectable malicious tool that can search devices for specific documents and then export them to Google Drive. The researcher pointed out that the exploit ChatGPT created is not new, so don’t be overly concerned just yet. It’s still incredible that the chatbot was able to produce this piece of malware in approximately four hours. When the researcher put the tool into Virus Total, only five vendors out of 60 flagged the tool as suspicious. He asked ChatGPT to tweak the code, and, after several tweaks, zero vendors in Virus Total flagged the tool as suspicious. The reality is that AI’s will only get better at producing malicious tools. Fortunately, there are just as many people working to produce AI’s that can detect malicious codes, such as SonicWall’s own Real-Time Deep Memory Inspection (RTDMI).

Western Digital Loses Data to Hackers

California-based data storage company Western Digital experienced a network security incident last week that resulted in stolen data. On Monday, Western Digital announced that threat actors had infiltrated multiple company systems. As soon as they realized that this was going on, they brought in outside security and forensic experts to assess the situation. The investigation is still in the preliminary stages, so the full extent of the damages may not be known for some time. The company did say this may cause disruptions to business operations as they press forward. According to TechCrunch, no known threat actor group has taken credit for the breach as of yet.

FBI Arrests 119 Cybercriminals Linked to Genesis Market

Genesis Market, a dark web market known for selling stolen credentials, has been dismantled in an effort involving authorities from 17 countries. The bust led to 119 arrests and 208 searches in 13 countries. Genesis Market was created in early 2018 and quickly became a cybercriminal haven. The multi-country operation to take it down was codenamed “Operation Cookie Monster.” According to Hacker News, Genesis Market had over 80 million illegally acquired credentials listed for sale. The credentials were linked to email addresses, bank accounts, social media accounts and more. Genesis Market also sold device fingerprints to help cybercriminals skirt anti-fraud measures and truly take on the online identity of the victims. According to court documents pertaining to the case, the FBI infiltrated Genesis Market’s backend servers in late 2020 and again in Spring 2022. During that time, the FBI was able to retrieve information on 59,000 users of the market. As of now, a mirror of the website is still running, and multiple similar illegal marketplaces continue to exist. This is still a major global victory for those fighting against cybercrime.

Tax Tool Approved by IRS Sending out Malware

A popular tax return software, eFile.com, has been caught sending out malware to its users. eFile is authorized by the United States’ Internal Revenue Service as an approved tax software. This revelation coming during tax season as millions of Americans finalize their taxes causes even more concern. Bleeping Computer was able to confirm the existence of the malware file known as “popper.js” through its own research. The first signs of concern appeared on a Reddit thread where some users believed that eFile had been compromised. Bleeping Computer analyzed the malware and noted that it is a backdoor malware which allows bad actors to access the compromised device remotely. At this time, the website is no longer sending out the malicious code.

SonicWall Blog

RSA 2023: What “Stronger Together” Means With SonicWall – Amber Wolff

Cybersecurity: Preventing Disaster from Being Online – Ray Wyman Jr

SonicWall Earns 5-Star Rating in 2023 Partner Program Guide for the Seventh Straight Year – Bret Fitzgerald

Global Threat Data, Worldwide Coverage: The 2023 SonicWall Cyber Threat Report – Amber Wolff

U.S. National Cybersecurity Strategy Represents Paradigm Shift in IT Security – Darryl Jenkins

SonicWall Data Shows Attacks on Schools Skyrocketing – Amber Wolff

Recognizing Outstanding Partner and Distributor Performance in 2022 – Bob VanKirk

Latest Threat Intelligence Reveals Rising Tide of Cryptojacking – Amber Wolff

Latest Threat Intelligence Tracks Shifting Cyber Frontlines in 2022 – Amber Wolff

New SMA Release Updates OpenSSL Library, Includes Key Security Features – Jai Balasubramaniyan

SonicWall Recognizes Bill Conner for Transition of Business, Impact on Cybersecurity Industry – Bret Fitzgerald

SonicWall’s Jason Carter and Matt Brennan Earn 2023 CRN Channel Chief Recognition – Bret Fitzgerald

Jordan Riddles

Junior Copywriter | SonicWall

Jordan Riddles is a Junior Copywriter for SonicWall. He has a background in content creation and editing, and he lives in Tulsa, Oklahoma. Jordan is a graduate of Northeastern State University in Tahlequah, Oklahoma, with a focus in English and creative writing. In his spare time, he loves reading, cooking and disc golfing.