Global Cyber Pulse 25th September 2024

September 25, 2024 | Cybersecurity
By Ashwani Mishra, Editor-Technology, 63SATS

The OpenAI X account was hacked to spread a cryptocurrency scam, Iran was linked to a

cyberattack aimed at dividing Sweden over a Quran-burning incident, Kaspersky replaced its antivirus with UltraAV after shutting down U.S. operations, Kansas’s water plant was hit by a cyberattack forcing a switch to manual operations, HP uncovered AI-generated malware in an encrypted phishing attack, and AutoCanada’s ransomware attack may have exposed employee data.

Stay tuned for more news updates and trends.

OpenAI X Account Hacked to Spread Cryptocurrency Scam

An official OpenAI account on X (formerly Twitter) was compromised on Monday evening, leading to the promotion of a cryptocurrency scam.

The hacked account, @OpenAINewsroom, which provides updates from OpenAI, posted a fraudulent announcement about a new cryptocurrency called “$OPENAI.”

The scam claimed OpenAI users could claim a portion of the token, which falsely promised access to future beta programs. The post was quickly deleted, but not before causing confusion among its 54,000 followers.

Iran Linked to Cyberattack Following Quran Burning Incident in Sweden

Sweden’s intelligence agency has revealed that hackers linked to Iran’s Islamic Revolutionary Guard Corps were behind a cyberattack aimed at provoking division after a Quran-burning incident by a far-right politician. The hackers breached a Swedish SMS service, sending 15,000 messages calling for revenge against Quran burners. This attack is part of Iran’s larger effort to stoke tensions in the country, following an Islamophobic stunt in Stockholm.

Kaspersky Replaces Antivirus Software with UltraAV Amid U.S. Shutdown

Starting Thursday, Russian cybersecurity firm Kaspersky began removing its antivirus software from U.S. customers’ devices, replacing it with UltraAV’s antivirus solution without warning. This follows Kaspersky’s decision to cease operations in the U.S. due to a government ban on its software over national security concerns. The U.S. Entity List now includes Kaspersky, and sales and updates for the company’s antivirus products will be banned by September 2024.

AutoCanada Ransomware Attack Puts Employee Data at Risk

AutoCanada, a major dealership network, warned that employee data might have been exposed in a cyberattack in August, carried out by the Hunters International ransomware group. While no fraudulent activity has been detected, the company has notified potentially affected individuals. Despite operational disruptions caused by the attack, AutoCanada’s 66 dealerships remained functional, though some customer services were delayed.

Kansas Water Plant Cyberattack Forces Manual Operations

The water treatment facility in Arkansas City, Kansas, was forced into manual operations after a cyberattack was detected. City officials, along with Homeland Security and the FBI, are investigating the breach. Despite the incident, the water supply remains unaffected, and authorities are working to restore automated processes at the plant.

HP Discovers AI-Generated Malware in Encrypted Phishing Attack

In June 2024, HP researchers uncovered a phishing email using an encrypted HTML attachment with AI-generated malware. The malware, created using an AI model, stood out due to its well-structured VBScript, unusual comments, and the use of French, an atypical language for malware coding. This discovery highlights the emerging threat of AI-generated scripts in cyberattacks, presenting a new challenge for cybersecurity professionals.