{"id":97148,"date":"2026-05-16T07:00:00","date_gmt":"2026-05-16T04:00:00","guid":{"rendered":"https:\/\/forklog.com\/en\/?p=97148"},"modified":"2026-05-16T09:11:39","modified_gmt":"2026-05-16T06:11:39","slug":"a-fake-openai-repository-spread-an-infostealer-mistral-ai-faced-extortion-and-other-cybersecurity-news","status":"publish","type":"post","link":"https:\/\/forklog.com\/en\/a-fake-openai-repository-spread-an-infostealer-mistral-ai-faced-extortion-and-other-cybersecurity-news\/","title":{"rendered":"A fake OpenAI repository spread an infostealer, Mistral AI faced extortion, and other cybersecurity news"},"content":{"rendered":"<p>We compiled the week\u2019s most important cybersecurity news.<\/p>\n<div class=\"wp-block-text-wrappers-keypoints article_keypoints\">\n<ul class=\"wp-block-list\">\n<li>ZachXBT unmasked the organiser of $19 million in phishing thefts.<\/li>\n<li>Three suspects were charged over a series of \u201cwrench attacks\u201d in California.<\/li>\n<li>A fake OpenAI repository spread an infostealer.<\/li>\n<li>\u201cAI slop\u201d is flooding platforms used by hackers and cyberfraudsters.<\/li>\n<\/ul>\n<\/div>\n<h2 class=\"wp-block-heading\">ZachXBT unmasks organiser of $19 million phishing heists<\/h2>\n<p>On-chain sleuth ZachXBT detailed an investigation into phishing-enabled cryptocurrency thefts exceeding $19 million.<\/p>\n<blockquote class=\"twitter-tweet\">\n<p lang=\"en\" dir=\"ltr\">1\/ Meet Dritan Kapllani Jr, a US based threat actor tied to $19M from social engineering thefts targeting crypto holders.<\/p>\n<p>Dritan flexes luxury cars, watches, private jets, &#038; clubs all over social media.<\/p>\n<p>Recently he was recorded on a call showing off a wallet with stolen funds. <a href=\"https:\/\/t.co\/iDKyUjUm4M\">pic.twitter.com\/iDKyUjUm4M<\/a><\/p>\n<p>\u2014 ZachXBT (@zachxbt) <a href=\"https:\/\/twitter.com\/zachxbt\/status\/2054170002945987029?ref_src=twsrc%5Etfw\">May 12, 2026<\/a><\/p><\/blockquote>\n<p> <script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<p>The prime suspect is US hacker Dritan Kapllani Jr. The trail began with his own carelessness.<\/p>\n<p>On 23 April 2026, during a Discord video call, Kapllani argued with a user about the size of his capital (<span data-descr=\"\u201cstack for stack\u201d\u2014a direct comparison of income or wealth with someone\" class=\"old_tooltip\">band 4 band<\/span>). To prove his point, he showed the screen of his Exodus wallet with a $3.68 million balance.<\/p>\n<p>ZachXBT analysed the transaction history of the associated Ethereum address. The funds were tied to the theft of 185 BTC on 14 March 2026. The research showed that on 15 March, Kapllani\u2019s wallet received his cut\u2014$5.3 million. By the April call he had spent or laundered roughly $1.6 million.<\/p>\n<p>The investigation also linked Kapllani to earlier incidents. A cybercriminal, John Dagita, previously <a href=\"https:\/\/forklog.com\/en\/news\/boasting-on-telegram-leads-to-unveiling-of-40-million-theft-from-us-government\">arrested<\/a> for stealing more than $40 million from the US government, aided this connection. Seeking revenge over prior disputes, he posted one of Kapllani\u2019s old addresses in Telegram.<\/p>\n<p>ZachXBT confirmed ownership: the cash-out pattern matched that used in the 185 BTC theft. He also found that in autumn 2025 the wallet processed over $5.85 million stolen in five phishing attacks.<\/p>\n<p>The investigator assisted one victim but deliberately withheld his findings until authorities acted.<\/p>\n<p>On 11 May 2026, court filings in the 185 BTC case were unsealed.<\/p>\n<p>Charges have already been filed against:<\/p>\n<ul class=\"wp-block-list\">\n<li>Trenton Johnson\u2014for direct participation in the theft. He faces up to 40 years in prison;<\/li>\n<li>a crypto influencer known as yelotree\u2014for helping launder funds through a Miami car-rental business (up to 30 years).<\/li>\n<\/ul>\n<p>Kapllani flaunts a lavish lifestyle on social media, showcasing private jets and luxury cars. He had long avoided arrest\u2014something the sleuth links to routine deferrals of prosecutions involving minors. Now that he has turned 18, ZachXBT expects charges soon.<\/p>\n<h2 class=\"wp-block-heading\">Three suspects charged over a series of \u201cwrench attacks\u201d in California<\/h2>\n<p>US prosecutors <a href=\"https:\/\/www.justice.gov\/usao-ndca\/pr\/three-tennessee-men-indicted-robbery-kidnapping-and-conspiracy-charges-related-6\">charged<\/a> Elija Armstrong, Nino Chindavong and Jayden Rucker with robbery, kidnapping and conspiracy in connection with a string of cryptocurrency thefts.<\/p>\n<p>According to the case file, the trio moved from Tennessee to California. To enter victims\u2019 homes, they posed as couriers.<\/p>\n<p>In November 2025 in San Francisco, a \u201ccourier\u201d carrying a box attacked a recipient at an apartment entrance. The victim was bound with tape, pistol-whipped and forced under threats to transfer $10 million in bitcoin and $3 million in Ethereum.<\/p>\n<p>In another \u201cwrench attack\u201d, the victim lost $6.5 million in crypto.<\/p>\n<p>Armstrong and Rucker were arrested in Los Angeles on 31 December 2025; Chindavong was detained in Sunnyvale on 22 December 2025. They face:<\/p>\n<ul class=\"wp-block-list\">\n<li>up to 20 years in prison for robbery and attempted kidnapping;<\/li>\n<li>life imprisonment for conspiracy to kidnap;<\/li>\n<li>fines of $250,000 on each count.<\/li>\n<\/ul>\n<p>According to <a href=\"https:\/\/indd.adobe.com\/view\/6d3da0d7-c0a0-4b26-baf8-e2f2383c0d32\">CertiK<\/a>, there were 72 \u201cwrench attacks\u201d worldwide in 2025, up 75% on the previous year. Losses reached a record $41 million.<\/p>\n<h2 class=\"wp-block-heading\">A fake OpenAI repository spread an infostealer<\/h2>\n<p>A malicious Hugging Face repository impersonated OpenAI\u2019s Privacy Filter project to deliver an infostealer, researchers at <a href=\"https:\/\/www.hiddenlayer.com\/research\/malware-found-in-trending-hugging-face-repository-open-oss-privacy-filter\">HiddenLayer<\/a> reported.<\/p>\n<p>Hugging Face is a platform where developers and researchers share AI models, datasets and machine-learning tools.<\/p>\n<p>According to the team, scammers used a lookalike name in the Open-OSS\/privacy-filter repository, which contained a loader.py file that launched Windows-targeting data-theft malware.<\/p>\n<figure class=\"wp-block-image size-full\"><img decoding=\"async\" src=\"https:\/\/forklog.com\/wp-content\/uploads\/img-6edea1f5440ef162-4474732448417793.webp\" alt=\"image\" class=\"wp-image-280032\"\/><figcaption class=\"wp-element-caption\">Source: HiddenLayer.<\/figcaption><\/figure>\n<p>The Python script included bogus AI-related code to appear benign. In the background it disabled SSL key checks, decoded a URL pointing to an external resource, then fetched and executed a PowerShell command.<\/p>\n<p>Running in a hidden window, the code downloaded a batch file, start.bat, which escalated privileges and fetched the final payload while adding it to Microsoft Defender exclusions. The payload was a Rust-written infostealer capable of taking screenshots. It stole:<\/p>\n<ul class=\"wp-block-list\">\n<li>cookies, saved passwords, encryption keys and browsing history from Chromium- and Gecko-based browsers;<\/li>\n<li>Discord tokens, local databases and master keys;<\/li>\n<li>crypto wallets and their browser extensions;<\/li>\n<li>SSH, FTP and VPN credentials and configuration files, including FileZilla;<\/li>\n<li>system information.<\/li>\n<\/ul>\n<p>The researchers noted that the vast majority of the 667 accounts that \u201cliked\u201d the malicious repository appeared automatically generated. The reported 244,000 downloads could also have been artificially inflated.<\/p>\n<h2 class=\"wp-block-heading\">\u201cAI slop\u201d is flooding platforms used by hackers and cyberfraudsters\u00a0<\/h2>\n<p>Complaints about \u201cAI slop\u201d are increasingly common in the dark web, as it seeps into discussions, guides and technical posts, <a href=\"https:\/\/www.wired.com\/story\/cybercriminals-are-complaining-about-ai-slop-flooding-their-forums\/\">Wired<\/a> reports, citing research by the University of Cambridge and the University of Strathclyde.<\/p>\n<p>Analysts reviewed about 98,000 AI-related threads on hacker forums from the launch of ChatGPT in 2022 through the end of 2025. Over that period, attitudes toward generative models shifted markedly in criminal circles.<\/p>\n<p>Where hackers once discussed using neural networks to write malware or find vulnerabilities, they now increasingly gripe about a flood of \u201cAI slop\u201d: useless posts and simplistic guides on basic topics.<\/p>\n<p>Some forum participants also complain that <span data-descr=\"large language model\" class=\"old_tooltip\">LLM<\/span> answers in Google search results depress traffic to the forums themselves, hurting their marketing.<\/p>\n<p>The researchers saw little meaningful impact on inexperienced fraudsters: AI has not lowered the barrier to entry for novices nor produced sweeping changes in cybersecurity.<\/p>\n<h2 class=\"wp-block-heading\">Belarus-linked hacking group targeted Ukrainian state bodies<\/h2>\n<p>In March 2026, a new campaign by the Ghostwriter group (also known as UNC1151 and FrostyNeighbor) targeted Ukrainian government and defence organisations, according to <a href=\"https:\/\/www.welivesecurity.com\/en\/eset-research\/frostyneighbor-fresh-mischief-digital-shenanigans\/\">ESET<\/a> researchers.<\/p>\n<p>Ghostwriter, which specialises in cyber-espionage in Eastern Europe, has been linked to Belarus.<\/p>\n<p>Attackers sent phishing PDFs masquerading as documents from Ukrtelecom. Malicious links in the files delivered the PicassoLoader malware, which then deployed the popular attack framework Cobalt Strike.<\/p>\n<p>The hackers used IP-based checks: the infected archive downloaded only if the victim was in Ukraine.<\/p>\n<p>Researchers noted the group\u2019s operational maturity. PicassoLoader can send a system \u201cfingerprint\u201d to the attackers\u2019 servers every ten minutes. Based on this, Ghostwriter operators decide whether to continue the intrusion.<\/p>\n<p>Unlike its campaigns in Poland or Lithuania, where it hits a broad spectrum of targets from logistics to healthcare, in Ukraine the group focuses exclusively on military and government sectors.<\/p>\n<h2 class=\"wp-block-heading\">TeamPCP hackers put Mistral AI repositories up for sale<\/h2>\n<p>The TeamPCP hacking group threatened to leak Mistral AI\u2019s project source code unless a buyer emerges for the stolen data, <a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/teampcp-hackers-advertise-mistral-ai-code-repos-for-sale\/\">BleepingComputer<\/a> reports.<\/p>\n<p>Mistral AI is a French artificial-intelligence firm founded by former researchers from Google DeepMind and Meta. It develops open-weight LLMs and proprietary software.<\/p>\n<p>In a post on a hacker forum, the attackers asked $25,000 for a bundle including nearly 450 repositories.<\/p>\n<p>In an official statement to BleepingComputer, Mistral AI confirmed a compromise of its code-management system. The breach followed a large-scale software supply-chain attack dubbed Mini Shai-Hulud.<\/p>\n<p>Mistral AI says the affected data are not part of its core source code.<\/p>\n<p>According to published information, the attack unfolded in stages. First, the perpetrators accessed official TanStack and Mistral AI packages using stolen CI\/CD credentials. The campaign then spread to hundreds of projects in the npm and PyPI registries, including work by UiPath, Guardrails AI and OpenSearch.<\/p>\n<p>Mistral AI acknowledged that attackers briefly inserted malicious code into some of the company\u2019s SDK packages.<\/p>\n<figure class=\"wp-block-image size-full\"><img decoding=\"async\" src=\"https:\/\/forklog.com\/wp-content\/uploads\/img-821d9196af37b5f4-4474733179114114.webp\" alt=\"image\" class=\"wp-image-280033\"\/><figcaption class=\"wp-element-caption\">Source: BleepingComputer.<\/figcaption><\/figure>\n<p>TeamPCP claims to have downloaded nearly 5GB of internal data that Mistral uses for training, fine-tuning, benchmarking and experiments.<\/p>\n<p>The hackers said they will dump the information publicly if no buyer is found within a week.<\/p>\n<p>Also on ForkLog:<\/p>\n<ul class=\"wp-block-list\">\n<li>Attackers <a href=\"https:\/\/forklog.com\/en\/news\/hackers-extract-10-million-from-thorchain\">drained<\/a> $10 million from THORChain.<\/li>\n<li>An alliance of Tether, TRON and TRM Labs <a href=\"https:\/\/forklog.com\/en\/news\/tether-tron-and-trm-labs-alliance-freezes-450-million-in-crypto-assets\">froze<\/a> $450 million in cryptoassets.<\/li>\n<li>The Ethereum Foundation <a href=\"https:\/\/forklog.com\/en\/news\/ethereum-foundation-launches-service-to-guard-against-blind-transaction-signing\">launched<\/a> a service to protect against blind transaction signing.<\/li>\n<li>CertiK <a href=\"https:\/\/forklog.com\/en\/news\/certik-reports-on-north-koreas-industrialization-of-crypto-theft\">reported<\/a> on North Korea\u2019s \u201cindustrialisation\u201d of crypto theft.<\/li>\n<li>The Roaring Kitty account was <a href=\"https:\/\/forklog.com\/en\/news\/roaring-kittys-account-hacked-to-dump-rkc-token\">hacked<\/a> to dump the RKC token.<\/li>\n<li>Google <a href=\"https:\/\/forklog.com\/en\/news\/google-reports-surge-in-ai-use-among-cybercriminals\">observed<\/a> rising interest in AI among cybercriminals.<\/li>\n<li>LayerZero <a href=\"https:\/\/forklog.com\/en\/news\/layerzero-admits-errors-following-292-million-kelp-hack\">acknowledged mistakes<\/a> after Kelp\u2019s $292 million hack.<\/li>\n<\/ul>\n<h2 class=\"wp-block-heading\">What to read this weekend?<\/h2>\n<p>In a new piece, ForkLog examines how Palantir Technologies, the principal software contractor to the US Department of Defense and intelligence agencies, \u201censures the West\u2019s obvious superiority\u201d.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>The week\u2019s most significant cybersecurity developments.<\/p>\n","protected":false},"author":1,"featured_media":97149,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"select":"1","news_style_id":"1","cryptorium_level":"","_short_excerpt_text":"Weekly roundup: ZachXBT\u2019s $19m phishing probe, wrench attacks, fake OpenAI repo, Mistral extortion.","creation_source":"","_metatest_mainpost_news_update":false,"footnotes":""},"categories":[3],"tags":[1238,1233],"class_list":["post-97148","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-news-and-analysis","tag-cybersecurity-digest","tag-industry-digests"],"aioseo_notices":[],"amp_enabled":true,"views":"5","promo_type":"1","layout_type":"1","short_excerpt":"Weekly roundup: ZachXBT\u2019s $19m phishing probe, wrench attacks, fake OpenAI repo, Mistral extortion.","is_update":"","_links":{"self":[{"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/posts\/97148","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/comments?post=97148"}],"version-history":[{"count":1,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/posts\/97148\/revisions"}],"predecessor-version":[{"id":97150,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/posts\/97148\/revisions\/97150"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/media\/97149"}],"wp:attachment":[{"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/media?parent=97148"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/categories?post=97148"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/tags?post=97148"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}