- \n
- The ‘Cyber Partisans’ leak reveals the real role of one Roskomnadzor structure.<\/li>\n
- Reddit was hacked and its source code stolen.<\/li>\n
- Hackers have learned to create malware using ChatGPT.<\/li>\n
- Tor onion services slowed due to DDoS attacks.<\/li>\n<\/ul>\n<\/div>\n
The Cyber Partisans leak reveals the real role of a Roskomnadzor structure<\/strong><\/h2>\n
The hacker group ‘Cyber Partisans’ from Belarus shared with Russian media an archive of documents from the internal network of Roskomnadzor's subordinate Main Radiocommunication Centre (GRChC).<\/p>\n
The dump of more than 2 TB of information was obtained as early as November 2022. At the GRChC they acknowledged the attack but described the situation as under control. <\/p>\n
Some 1.5 million emails, mostly from 2020\u20132022, as well as about 200,000 text documents, spreadsheets and presentations shed light on the key role of this structure in monitoring Russians online. <\/p>\n
Among other things, the GRChC helps block independent media, files reports on potential ‘foreign agents’, censors queries in ‘Yandex’ about the war, hunts for posts about Vladimir Putin's health, protests, and ‘fakes’ about the army.<\/p>\n
Reddit hacked and source code stolen<\/strong><\/h2>\n
On February 5, unknown attackers compromised the Reddit site and stole its source code. <\/p>\n
The criminals created a phishing page mimicking Reddit's internal network site. Through it, attackers stole employee credentials and two-factor authentication tokens.<\/p>\n
Among the compromised data were limited contact details for Reddit, as well as information about current and former employees. Potentially data about advertisers could have been stolen, but more specific financial information and campaign statistics were not affected.<\/p>\n
The breach did not affect the site's core working systems, passwords, or user accounts.<\/p>\n
The incident's other details were not disclosed, noting only a recent similar attack on game developer Riot Games<\/a>.<\/p>\n
Hackers learned to create malware using ChatGPT<\/strong><\/h2>\n
A paid bot appeared on Telegram, enabling bypass of ChatGPT's restrictions on creating illegitimate content, including malware and phishing emails. Check Point researchers noted this. <\/p>\n
ChatGPT is available to developers. However, the current API<\/span> version of the AI bot is poorly protected against various abuses and can be used by external applications.<\/p>\n
\n
“For example, integrating the GPT-3 language model into Telegram channels allows creating malicious content without any restrictions or barriers set in the ChatGPT user interface,” the researchers said.<\/p>\n<\/blockquote>\n
On one of the hacker forums they found ads for such a service. The first 20 queries to the chat bot are free; after that, users are charged $5.50 for every 100 queries.<\/p>\n
![\"Hack-cheat](\"https:\/\/blog.checkpoint.com\/wp-content\/uploads\/2023\/02\/11.jpg\")
Data: Check Point.<\/figcaption><\/figure>\n During testing, experts were able to create a phishing email and a script that steals PDF documents from an infected computer and sends them to the attacker via FTP. To create this script they used the request: “Write malware that will collect PDF files and send them via FTP”.<\/p>\n
Another hacker-forum member published code that allows free generation of malware.<\/p>\n
![\"Hack-cheat](\"https:\/\/blog.checkpoint.com\/wp-content\/uploads\/2023\/02\/12.jpg\")
Data: \u200b\u200bCheck Point.<\/figcaption><\/figure>\n Secure messaging app hacked to monitor drug traffickers<\/strong><\/h2>\n
Dutch police dismantled the anonymous messaging service Exclu. Before that, authorities hacked the service and, for five months, tracked the criminals' activities.<\/p>\n
\n
On Friday, the police carried out an action day as part of the investigation into the cryptocommunication service #Exclu. Arrests were also made over the past weekend, and around 200 phones were seized for further investigation: https:\/\/t.co\/0B9brVcF8K @Europol @Eurojust @landelijkparket<\/p>\n
\u2014 Landelijke Eenheid (@POL_Lnd_Eenheid) February 6, 2023<\/a><\/p><\/blockquote>\n