Agregátor RSS

Autoři recenzí již mají Radeon RX 9070 GRE v rukou, Amazon zařadil do ceníku přinejmenším čtyři modely a NDA skončí ještě před zahájením Computexu. Vydání novinky je otázkou dní…

A new campaign orchestrated by a previously undocumented threat actor has targeted cryptocurrency organizations with an aim to facilitate digital asset theft using recruitment-themed social engineering and bespoke macOS malware. "These campaigns leveraged sophisticated social engineering techniques, custom macOS malware, and deep targeting of CI/CD infrastructure," Wiz researchers Shira Ayal, Ravie Lakshmananhttp://www.blogger.com/profile/[email protected]

Soundcore audio značka Ankeru, představila novou generaci true wireless sluchátek Liberty 5 Pro a Liberty 5 Pro Max. Výrobce kolem nich tentokrát nestaví jen lepší zvuk nebo silnější ANC, hlavním tahákem je zcela nový AI procesor Thus, který má výrazně zlepšit kvalitu telefonních hovorů i adaptivní ...

The rise of generative AI (genAI) technology has prompted a growing debate about the future of software-as-a-service (SaaS) business models. 

Some of the fears are overblown: enterprises are unlikely to vibe-code their own applications to replace their SaaS suppliers anytime soon, while software vendors have yet to see per-seat sales fall off due to mass automation of white-collar jobs. (In fact, some now predict the opposite will happen.)

At the same time, AI has the potential to change the way work is carried out, with AI agents empowered to interact with software applications on behalf of users. For software vendors, that could mean a future where applications are accessed less through traditional user interfaces as AI agents connect via APIs. 

It’s an inevitable shift, says Box CEO Aaron Levie, and one that requires software vendors to adapt their existing products and business models to prepare for agent workflows. 

Computerworld recently spoke with Levie about how Box — and other SaaS vendors — can adapt as agentic AI threatens to upend existing business models. (This interview has been edited for clarity.)

Discussion about a “SaaS-pocalypse” has died down recently, and software stocks have rebounded. At the same time, it seems clear the adoption of AI agents could change how workers interact with software. How can companies like Box adapt to this new environment? If AI increasingly becomes the interface users interact with, where does the long-term value lie? “People are realizing that you’re not going to rebuild a lot of the systems that people were kind of claiming you would [with vibe-coding]; it just doesn’t make sense. So, that part is sort of dissipating. However, headless software and the ability to use your systems via AI is obviously going to happen, there’s no question. 

“So, I think the conversation is shifting from ‘AI disrupts software’ to ‘AI is going to be the biggest consumer and user of software going forward.’ And for that, the main thing is: can you have a business model that allows you to actually monetize the consumption of those agents using your underlying tools? We’re fortunately built for that; we’ve had an API business model basically forever, so we’re well prepared.

“There’ll be some companies that have to pivot a little bit more significantly over time — there’s no question that will happen in a bunch of organizations. We’re big believers that AI will be the biggest user and interface for the future of software.”

How important is it for Box to retain that interaction with human workers, rather than becoming more of the underlying layer AI agents interact with? “I would say that we’re totally comfortable with that shift. When you have AI agents, you still need a place to be able to secure the data — you need to protect it, you need to govern it, you need to make sure you know who’s accessing it. None of that changes in the world of AI. In fact, if anything, it actually increases. 

“We don’t really care if it’s an agent using the data, an application using the data, a person using the data — we want to be the best content management system that connects your information to all of those applications.”

How does that perspective feed into your product development and roadmap “It basically means that we need to be a headless platform. That means customers need to be able to access their data via MCP inside of ChatGPT, inside of Claude, inside of all these systems. It means that we care as much about our APIs and access to those APIs as we now do our user experience. We have to make sure that both of those environments are as simple and clean as possible, and as usable as possible.

“It’s basically as if there’s another constituent now in our ecosystem that we have to go and pay attention to.

“We need to be the best place to manage your content, and then wherever you want to work with it from, we’re totally fine. So, if you want to work with your files from your desktop, from Claude Cowork, from ChatGPT Codex — we just want to make sure we are universally accessible across every single place that people want to work with their data.”

Could that mean changes around how you price access to your software? Do you expect a shift to usage-based pricing? “Not as much as is probably being talked about online, because seats still make sense for the employee and the end user. Even when an agent is doing work on your data, it’s still you invoking that agent. It sort of makes sense that the seat is still attached to the underlying end user employee, even though an agent is going to be doing work on your data.

“We think the seat model will be quite durable over time. What this does is just add another business model, where you have agent-only interactions; those will be primarily coming through the API, and then that will be a consumption model.”

What are your thoughts on outcome-based pricing? Is that something you look at? “We do one thing that’s close to that — we have the Box Agent that does things like data extraction. It extracts your data and we charge based on the number of pages that you want to extract data from. So there are some things that approximate outcomes, but not at the level of resolving a customer service ticket or something like that, that maybe has been talked about. We’re probably going to be more aligned to…the amount of compute that that is used.”

What are your conversations with customers around moving to a usage-based model? A lot of organizations are used to fixed monthly subscriptions — can metered AI agents become problematic? “I think it definitely can be. This is sort of a common tension in general.… We saw this with cloud computing, for instance. The difference with cloud computing is that cloud was relatively centralized, versus the use of AI and tokens are much more diffuse. That’s a big difference that companies have to think about.

“There’s always this tension: you can pre-buy and have a subscription, but then you might be overpaying for periods where you’re not using it as much. Or you can only pay for what you use, in which case you might have some volatility in the pricing of what happens.”

How are customers progressing in adopting AI agents — particularly, the move from pilot projects to production. What are some of the biggest barriers to wider deployment of agents? “We’re very much moving from coding agents to the rest of knowledge work: this is the jump that’s starting to occur. In that, one of the big questions and challenges is how companies get agents the right context and information to work with — how do they enable agents with the right level of constraints in their organization from a security and compliance standpoint? This is our kind of reason to exist, and what we’re helping our customers on.

“Overall, it’s just a transformational moment in the enterprise. Every customer that I talk to, every dinner that we have with customers, every CIO meeting I’m in, every CEO meeting I’m in, it’s all about agents.

“Agents have thrown the whole world into this kind of dynamic period of, ‘What does the shape of your organization look like? What’s the future of a manager versus an individual contributor? What are the workflows that you can go and execute on?’ There are so many different ways that this is starting to change.”

You were part of another major industry transition with the adoption of cloud computing. Are there similarities you see or major differences that customers can learn from? “The big difference between [them] is that, with cloud, you could centralize the deployment of and management of.Cloud really only affected 3% of your organization that was moving from the data center to the cloud, and then every employee got better products and experience as a result of that. The change was really kind of fairly concentrated. AI affects every single employee in the company. It’s a radically different type of transformation of what work looks like.

“There are only so many analogies you can make to cloud before quickly you realize, no, this is actually a different transformation. Maybe it’s even closer to the PC, in the sense of every single worker has to change what they’re doing to be productive. It’s not a technology delivery shift, it’s a fundamental reworking of every workflow in the enterprise. And so that’s I think what most companies are going through right now.”

PWNED Welcome, once again, to PWNED, the weekly column where we cover high-security hijinks that are at least partially the victim’s fault. This week, we have a trio of tales that involve incredibly unprofessional behavior, inappropriate use of corporate resources, and outright theft, all dealt with by IT. Have a story about someone leaving a gaping hole in their network? Share it with us at [email protected]. Anonymity is available upon request. Our trilogy of tech exposure comes courtesy of Zach Lewis, the current CIO and CISO at the University of Health Sciences and Pharmacy in St. Louis. Before his current role, Lewis worked for various other companies in IT roles and he has some tea to spill. At one job, Lewis was working as a sysadmin when the CEO asked for help recovering photos he had accidentally deleted from a company file share. The files were accessible to anyone at the organization, and Lewis searched archived copies in Google Picasa to restore them. Unfortunately, the pictures the CEO was missing included many that were very much NSFW. “So I was called in to sit down with him and look at it. And we're just like I restore everything. We start clicking images to make sure everything's there, just doing a random subset check,” Lewis said. “And, uh, just some pornography comes up and he's sitting right next to me. I mean, right next to me, he's just like, oh yeah, that's just some of my porn.” When he was done restoring the photos, Lewis left the room. It was clear the boss had no shame and no problem with IT seeing his explicit images or with storing them where any employee could download them. They were even mixed in with official photos and family pictures. However, knowing this was bad policy and could probably lead to a lawsuit, Lewis approached human resources and told them about the problem. The HR representative instructed him to delete all the smut from the network, even though it belonged to the big boss. He did that, and fortunately, did not face any repercussions at work for deleting the big man’s cheeky pictures. He wore a top hat In another instance, Lewis was asked to look at a coworker’s computer when the employee thought he had gotten a virus on his laptop. However, the colleague cautioned IT not to look through his files. After a little while, Lewis noticed a folder filled with other subfolders that were festooned with adult images, both of naked women and of the employee himself without clothes on. All of the photos had appropriately descriptive file names too. Perhaps most embarrassing of all for the coworker is that Lewis saw his semi-naked pictures. To be fair, he was dressed in the images, as he was wearing a top hat – but nothing else. The problem, Lewis notes, is that employees treat their work computers as if they are home computers and do not think about the implications of having personal images on something that belongs to a corporation. He suggests setting a firm policy against this kind of thing and educating workers about the policy. When workers inevitably violate the policy, it’s time for a gentle reminder. “A policy is just, you know, paper, right? It's hard to enforce that,” Lewis said. “You can talk to the user in this instance. In this most recent instance with this guy in the top hat, it was ‘hey, these are company resources’ when I gave the computer back to him.” Kids’ YouTube upload exposed a potential thief In another gig, Lewis worked at a university. When one athletics coach quit, he was supposed to leave his school-issued iPad on his desk. But when the IT department came to collect the equipment, this tablet was missing. No one could find the missing iPad, but a month later, someone uploaded a new video to the school’s YouTube channel. The video featured a different coach's kids and appeared to have been uploaded from his house. Apparently, the other coach had allegedly snatched the iPad off of the first coach’s desk and given it to his kids. The kids then used the iPad to film a funny home video and upload it to YouTube, not realizing that it was connected to the school’s official YouTube account. Lewis notified HR, who called the apparent thief in. At first, he denied that the children in the video were his offspring. However, the HR agent then showed him a photo of him and his kids on social media together and he admitted, okay, he was their dad. The coach then said he didn’t know how the iPad got into his house. But he grabbed it and returned it to IT. There are a lot of problems with the iPad situation from a security perspective. First, the iPad that wasn’t turned over clearly was not locked to the point where someone else couldn’t get into it. It had access to the school’s YouTube account, so any thief could add their own content to it and it may have even had PII (personally identifiable information) about some student athletes. Bottom line: make sure departing employees hand over equipment directly to IT. Don’t let them just leave equipment on a desk. And make sure even tablets require biometric access. ®

Introduction

In late April 2026, a client reached out to us for incident response support after discovering a miner running on users’ computers. We later discovered that the malware was being distributed via illegal movie and TV show streaming sites. The infection chain leveraged a fake update for a video player plugin. When the user attempted to watch a video, the player displayed a message saying the plugin version was outdated and asking to install an update to continue.

Clicking the link downloaded a ZIP archive with the following contents:

The archive contained a legitimate executable, HLS Installer.874.exe, alongside a malicious DLL. Launching the EXE triggered a DLL side-loading mechanism, injecting the malicious module into a legitimate program process and executing code within its context. The library contained the logic for deploying the miner and establishing persistence on the device.

At the time of the investigation, the infection risk was associated with two pirated video sites in the .ru and .top TLDs.

Link to previous campaigns

The current incident does not appear to be an isolated case. After analyzing the infection vector and the logic of the DLL, we concluded that this activity is a continuation of a campaign involving pirated digital libraries, which was previously described by another cybersecurity company.

The delivery mechanism for the malicious archive has remained virtually unchanged. Previously, the archive was downloaded in parts from the domain file[.]ipfs[.]us[.]69[.]mu, but this domain was unavailable at the time of our investigation. Instead, the threat actor employed a new website, urush1bar4[.]online.

The structure of the archive has also been preserved: inside is a legitimate executable and a large malicious DLL (see the screenshot below).

In the course of our research, we also discovered a blog post by NTT Security describing a similar delivery method for a malicious archive. In that instance, the threat actors displayed a fake browser crash page (shown below) while simultaneously downloading an archive to the device with a name starting with chromium-patch-nightly.

This scenario resembles the current scheme involving the fake video player plugin update. Given the previously described activity, it’s safe to assume that this campaign has been active since at least 2022. Throughout this entire period, the threat actor has been updating both the downloadable malware and individual parts of the infection mechanism.

Potential distribution scale

As in previous episodes of the campaign, infections occur via highly popular websites. As of late April 2026, sites linked to the campaign typically displayed extremely high monthly traffic. For instance, the audience for the smallest of the free digital libraries stood at 11,000 users, while the largest reached 4.7 million. For pirated movie and TV show streaming sites, this figure ranged from 2.1 million to 27.4 million. In April, the total number of visits to websites where the malware described in this study was detected reached 40 million.

The popularity of these sites increases the potential scale of the miner’s distribution. Furthermore, the campaign is not limited to a single type of platform: the malicious archive is being distributed through both online digital libraries and movie and TV show streaming sites. This broadens the potential range of victims and makes it more difficult to attribute the threat to a single infection vector.

The downloadable archive

The current version of the downloadable malware is a ZIP archive containing a legitimate EXE file and a malicious DLL. When the executable runs, the library side-loads into its process, triggering the malicious logic.

The technical analysis that follows covers the current version of this malware. This version was first observed in April 2025 and has been distributed unmodified for over a year.

DLL analysis

Most of the data inside the DLL carries no meaningful weight and was randomly generated just to inflate the file size and impede analysis.

Amidst the large volume of junk code inside the DLL, there is a single function that triggers a stack overflow during execution:

Based on the code, the size of the stackBuf buffer on the stack is only 64 bytes, and the SmashStack function overwrites this buffer without validating the length of the input data.

This overflow constructs a ROP chain that decrypts the next stage. After decryption, it transfers execution to code located within the modified DOS header of the PE file:

The header was intentionally modified to make it into valid shellcode:

pop r10 push r10 call $+5 pop rcx sub rcx, 9 mov rax, rcx add rax, 5C1000h call rax retn

This shellcode passes control to a function located at offset 0x5C1000 from the base of the PE file. This function then reflectively loads the same PE file into memory.

Going forward, we will refer to this decrypted PE file as the main module.

Main module

The module’s behavior across its different operational stages is detailed below:

The main module is a modified fork of the SilentCryptoMiner project. We have previously analyzed miners leveraging this project in other posts: Scam Information and Event Management and Undercover miner: how YouTubers get pressed into distributing SilentCryptoMiner as a restriction bypass tool. However, this specific fork has not been documented anywhere before, which is why we decided to break down its unique features in detail in this article.

Upon an initial run, the main module checks whether it has permission to proceed with execution. To do this, it collects the following data from the victim’s device:

• Processor information
• The serial number of the C:/ drive
• Whether the process was launched with elevated privileges
• The process start time in Unix timestamp format

The information is transmitted as a single large DNS query using the DNS tunneling technique. An example of the DNS query is shown below:

The attackers disguise the DNS query as legitimate traffic through low-level packet crafting and by using a domain name ending in microsoft.com. However, the IP address to which the query is actually sent has no relation to Microsoft.

DNS query crafting code

The execution of the main module proceeds only if the following byte sequence is detected in the response: 01 02 03 04. Following a successful check, the main module launches, and the subsequent logic is adjusted depending on whether the process has elevated privileges on the compromised host.
Let’s look at both scenarios:

1. The process is launched with elevated privileges.

In this case, preparatory steps precede the miner launch:

• The malware adds Windows Defender exclusions for EXE and DLL files, as well as for the %USERPROFILE%, %PROGRAMDATA%, and %WINDIR% folders.
• It kills Microsoft’s Malicious Software Removal Tool (MSRT) by calling ZwSetInformationFile with the FileDispositionInformation type, which causes the mrt.exe file to be deleted upon closing. To prevent MSRT from being automatically installed during the next update, the DontOfferThroughWUAU parameter is created with a value of 1 under the HKLM\Software\Policies\Microsoft\MRT registry key.
• Automatic hibernation and sleep mode are disabled for when the device is running on both AC power and battery.

powercfg /x -hibernate-timeout-ac 0 powercfg /x -hibernate-timeout-dc 0 powercfg /x -standby-timeout-ac 0 powercfg /x -standby-timeout-dc 0

This is done to maximize the miner’s potential runtime on the device.

Next, to achieve persistence, a copy is created in the C:\ProgramData\Google\Chrome directory, after which the GoogleUpdateTaskMachineQC service is registered and configured to launch automatically at system startup.

Finally, four reflexive loads are executed: the components are injected directly into the memory of the target processes without writing to disk, having bypassed standard Windows loading mechanisms. Each implant is injected into its own host process:

• RAT agent → into conhost.exe
• Watchdog → into explorer.exe
• CPU miner → into explorer.exe
• GPU miner → into explorer.exe, but only if a discrete GPU is present in the system. This is verified by enumerating all display adapters in the system.

2. The process is launched with standard privileges.

In this scenario, the miner begins repeatedly triggering User Account Control (UAC) prompts until it is successfully executed with elevated privileges. The workflow is as follows:

1. Upon initial execution, a copy is made to the %USERPROFILE%\AppData\Roaming\Sandboxie directory and relaunched from there. Simultaneously, an attempt is made to launch it with elevated privileges via UAC.
2. If execution occurs from the Sandboxie folder:

• Persistence is configured for the miner copy in this folder by adding an entry to HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run.
• Every three minutes, an attempt is made to launch with elevated privileges via UAC until the GoogleUpdateTaskMachineQC service is successfully installed.

A successful installation requires all of the following conditions to be met:

1. The GoogleUpdateTaskMachineQC service exists in the system.
2. The Start value for this service is set to 2 (Automatic).
3. The ImagePath value points to a file in the C:\ProgramData\Google\Chrome folder.
4. This file exists on disk.

Watchdog

The purpose of this component is to ensure the uninterrupted operation of the miner. At the very beginning of its execution, it copies all files from the C:\ProgramData\Google\Chrome folder and encrypts the contents of each file using a cyclic XOR algorithm with the key AFeIboiOmImJS2ypJU0pTpAO61SELkUc. After that, the encrypted contents are written into the process memory, and the following structure is created in memory for each file:

class FileContainer{ wchar_t* fullPath; // full path to file size_t* ptrSize; // pointer to file size uint8_t* xorEncryptedFile; //pointer to buffer containing encrypted file contents };

As soon as the contents of all files are saved in memory, Watchdog enters an infinite loop, where every five seconds, it checks the integrity of the installed GoogleUpdateTaskMachineQC service, just as the main module does. If the service is found to be incorrectly installed, the miner overwrites its files in the C:\ProgramData\Google\Chrome path with the contents acquired at startup.

To successfully remediate the miner, this module, which runs inside the explorer.exe process, must be terminated first.

RAT agent

This module provides remote control capabilities via four commands, which are described at the end of this section. The command-and-control addresses used to receive these commands follow this format:

• http://{domain}.space/index.php?authorization=1
• http://{domain}.site/index.php? backup version

The {domain} is calculated based on the current date. The process starts with the current year, then adds the zone identifier for the current month. All 12 months are divided into four zones. Finally, the word microsoft is appended to the resulting string. This final string is used as the input for subsequent double hashing using the MurmurHash64 algorithm. The hash output is the domain for the implant to communicate with.

At the time of writing this, the following domains were registered:

• 2025, April-July → 5d14vnfb[.]space
• 2025, August-November → r7mvjl67[.]space
• 2025, December → zgj1tam9[.]space
• 2026, January-March → jeaw520i[.]space
• 2026, April–July → qdmagva5[.]space

An example of a request to the C2 server is provided below:

As can be seen, the request contains an encrypted body consisting of data encrypted via AES-CBC with the key 0123456789abcdef0123456789abcdef and the initialization vector 000102030405060708090a0b0c0d0e0f. The data contains a list of installed programs on the system, along with processor information and the serial number of the C: drive.

This information is likely used by the backend to check for virtual or debugging environments.

The first 16 bytes of the server response body represent the initialization vector for the AES-CBC algorithm with the key 0123456789abcdef0123456789abcdef, while the remaining bytes are the data encrypted with this algorithm. The decrypted data contains a malicious payload, as well as its RSA-SHA256 signature (sign):

struct PLAINTEXT{ uint32_t len_payload; uint8_t payload[len_payload]; uint32_t len_sign; uint8_t sign[len_signature]; }

The authenticity of the message is verified via the sign signature using the server’s public key, which is embedded in the executable.

Inside the malicious payload is a 4-byte code that determines the subsequent behavior of the program, along with additional data whose meaning depends on the code.

The table below lists the four remote control commands for the RAT agent module.

Code Purpose 1 Execution of an arbitrary command 2 Reflexive execution of the provided PE file within the explorer.exe process 3 Execution of the provided shellcode 4 Exit The miners

Depending on whether a discrete GPU is present in the system, either the CPU miner alone or a combination of the CPU and GPU miners is launched. The CPU miner is based on XMRig, while the GPU miner supports multiple algorithms.

Upon initial execution, both miners attempt to retrieve their startup configuration from a remote server. The potential addresses are listed below:

• “{domain}.strangled.net”
• “{domain}.ignorelist.com”
• “{domain}.ftp.sh”
• “{domain}.zanity.net”

As with the RAT agent component, the server address is generated from the current date — in this case, the server address changes every week. This results in quite a large number of domains for the 2020–2030 period; however, all of them point to the same IP address: 107[.]172[.]212[.]235. The first available domain out of the four potential domains listed above will be used.

The algorithm for retrieving the configuration from the server is completely identical to that used by the RAT agent, with the sole exception that th1s1sth3key0f4n1ntere5t1ngw0rld is used as the AES-CBC key in this scenario, and the configuration resides within the payload. The retrieved configuration is encrypted via AES-CBC using the key UXUUXUUXUUCommandULineUUXUUXUUXU and the initialization vector UUCommandULineUU. The encrypted data is then converted into a base64 string, which is passed as a command-line parameter to launch the miner inside the explorer.exe process through process hollowing.

Conclusion

Our investigation focused on an ongoing campaign distributing miners via popular illegal content sites. The threat actors leverage a variety of sites, ranging from online libraries to movie and TV show streaming platforms. There is no telling what channels they will use to distribute the malicious archive in the future. However, the current case shows that users visiting pirated websites continue to take a serious risk.

Our products detect this malware with the following Generic verdicts:

• HEUR:Trojan.Win64.DllHijack.gen
• MEM:Trojan.Win32.SEPEH.gen

Indicators of Compromise

Malicious archive download URL
urush1bar4[.]online

Malicious DLL libraries:
6A0FE6065D76715FEEBC1526D456DB73
7F624407AE489324E96A708A09C17E6F
02A43B3423367B9DDDC24CC7DFC070DF

RAT C&C:
5d14vnfb[.]space
r7mvjl67[.]space
zgj1tam9[.]space
jeaw520i[.]space
qdmagva5[.]space

Configuration retrieval address
107[.]172[.]212[.]235

UnamWebPanel control panel addresses
m4yuri[.]online
kristina[.]quest

Polovodičů je potřeba stále víc, netlačí se jen na co nejnovější technologie, ale i výrobní kapacity. To nahrává Intelu a Samsungu, kteří stahují technologickou ztrátu na TSMC.

Česká meteorologická mapa Ventusky nově zobrazuje místa pravděpodobných i potvrzených požárů. U těch prvních používá data z družicových systémů (americký FIRMS, evropský Meteosat aj.). Ověřená ohniska pak čerpá z oficiálních hasičských evidencí v USA, Kanadě nebo Austrálii. Je velká škoda, že ...

Ještě loni měl být Titan Lake ambiciózní generací, která přinese 100 jader do desktopového socketu. Tyto plány padly, nyní je z něj mobilní produkt. Jedno však zůstalo: Z CPU dlaždice vypadly Atomy…

Zařízení Steam Deck OLED bylo znovu naskladněno, ale vlivem rostoucích cen pamětí a úložišť má novou, vyšší cenovku. Steam Deck OLED 512 GB stojí nově 779 EUR (stál 569 EUR) a Steam Deck OLED 1 TB stojí 919 EUR (stál 679 EUR). Samotné zařízení se nijak nezměnilo a nové ceny tedy pouze odráží aktuální náklady na komponenty a další globální logistické výzvy, se kterými se potýká celá branže.

Over the next three to five years, both governments and the private sector will need to rapidly adapt identification and mitigation protocols as adversaries move from AI-assisted to AI-enabled sanctions evasion and proliferation financing (PF), a new research paper warns.

The report, Algorithms of Evasion: The Rise of AI-Enabled Proliferation Financing, from the Royal United Services Institute (RUSI), a UK-based defense and security think tank, defines PF as the use of funds or financial services to acquire, develop or otherwise deal in weapons of mass destruction (WMD). It states, “North Korea and Iran are now developing and deploying AI models to aid with sanctions evasion activities.”

Key findings include the fact that AI is now capable of mass producing high-quality fraudulent documents, as well as automating what the report describes as “the administrative minutia of managing extensive shell company  networks.” AI powered systems, it states, can also “analyze blockchain patterns in real time to dynamically adjust cryptocurrency mixing strategies, effectively evading detection tools.”

In addition, it says, “[tools such as generative AI] which can produce sophisticated fraudulent identification documents, for example, have helped North Korea perpetrate phishing attacks against Western companies.”

Dr. Aaron Arnold, senior associate fellow with the Centre for Finance and Security at RUSI, who authored the paper, said in an email that what prompted it was an uptick over the last year in North Korea’s use of AI to facilitate and enhance its cyber operations, in the form of phishing schemes designed to generate revenue for the country’s ballistic missile and nuclear weapons programs.

He advised enterprise IT managers who need to protect their organizations from becoming victims of sanction evasion activities that “[it] means largely adapting to a landscape where traditional human-focused security boundaries are being bypassed by automated technologies.”

For IT managers, said Arnold, “this might entail incorporating defensive AI, the use of behavior-based analytics, using ‘circuit breakers’ when there is heavy use of API or MCPs, updating personnel training, and hardening identity verification, especially for any remote hiring.” 

Distinction between AI-assisted and AI-enabled activity is ‘central’

Sanchit Vir Gogia, chief analyst at Greyhound Research, said that the RUSI report matters “because it names the right structural shift. AI is not creating sanctions evasion from thin air, it is compressing and scaling methods that already work.”

He pointed out that none of the sanction-evading techniques such as fraudulent documents, synthetic identities, shell companies, hidden beneficial ownership, crypto laundering, and others are new. “What changes is the speed, quality, volume and coordination with which these methods can now be assembled,” he said.

According to Gogia, “the distinction between AI-assisted and AI-enabled activity is central. AI-assisted evasion uses AI for discrete tasks: writing a better email, producing a cleaner document, generating a stronger false profile, translating a pitch, summarizing regulations or preparing a plausible job application. AI-enabled evasion is more serious.”

A ‘structural asymmetry’

This tactic, he said, “begins to coordinate the system itself. It links identity, documents, ownership structures, payment routes, cloud access, crypto wallets, API calls and timing. The difference is not whether AI helps someone fake a document. The difference is whether AI begins to orchestrate the deception.”

That is why the report’s findings should worry enterprise leaders, he noted: “Many organizations still assume the bad actor is mostly human, mostly linear and mostly slow. That assumption is expiring. AI lets adversaries run more attempts, with fewer errors, across more channels, in more languages, with better paperwork and greater patience than most enterprise review processes can absorb. This is not a tale of genius criminals discovering magic. It is the story of ordinary controls meeting industrialized plausibility.”

The evidence today, he pointed out, is strongest around tactics such as identity fraud, document fraud, synthetic personas, remote-worker deception, phishing, social engineering, crypto obfuscation and workflow abuse. “Fully autonomous evasion networks sit on the horizon,” he said. “They are serious, but they are not yet the everyday baseline.”

This distinction matters, said Gogia: “If enterprises obsess over cinematic autonomous agent scenarios while leaving remote hiring, vendor onboarding, payment approvals, and document review full of holes, they will lose in the most prosaic way imaginable.”

The report, he said, also gets the “asymmetry” right. “Offensive actors can learn across the ecosystem,” he said. “They can scrape open information, reuse leaked records, study enforcement patterns, test onboarding forms, inspect public procurement data, watch court filings, probe compliance thresholds and [use the information to] refine their behavior.”

Defenders, by contrast, are hemmed in by privacy rules, fragmented data, explainability requirements, jurisdictional boundaries, conservative operating models and siloed technology estates. “Offensive AI learns broadly,” he said. “Defensive AI often learns from fragments. That is the structural asymmetry.”

He explained that the regulatory landscape also amplifies the problem, in that regulatory bodies “still speak in separate dialects. [For example] the EU AI Act pushes organizations toward stronger obligations for high-risk AI. NIST-style frameworks push risk management, transparency, and governance.”

A trust architecture problem

Financial Action Task Force (FATF) expectations push national risk assessment and counter-proliferation controls, he noted, while banking regulators focus on model risk, accountability and operational resilience. “None of these streams is irrelevant. The trouble is that criminals do not organize themselves around regulatory workstreams. They organize around outcomes.”

What that means, said Gogia, “is that enterprise cannot wait for a clean global rulebook. It will not arrive in time. CIOs, CISOs, compliance officers and boards need a working governance model now. They need privacy-preserving analytics, controlled data environments, audit trails, legal safeguards and clear model-risk accountability.”

He said that enterprise IT managers should treat the situation as a trust architecture problem rather than a narrow sanctions-screening problem. “The uncomfortable truth is that AI is not simply helping bad actors write better phishing emails or forge tidier documents,” he noted. “It is helping them manufacture legitimacy across a chain of enterprise workflows.”

Likely outcome an ‘AI arms race’

Report author Arnold also noted that there are signs that cyber criminals have discovered new AI technologies and abilities that legitimate enterprises could adopt for legitimate applications.

History, he said, “is replete with [criminals] developing novel solutions to tough problems, [which are] later adopted by law enforcement. Much of our anti-financial crime policy is effectively a response to bad actors exploiting systems or using technology in novel ways to perpetrate crimes. In this scenario, I think an ‘AI arms race’ between enforcement authorities and bad actors is the most likely outcome.”

Gogia added, “the baddies are not teaching enterprises how to invent AI. They are teaching enterprises where trust is leaking. That is the lesson worth taking seriously.”

This article originally appeared on CIO.com.

A production Linux server gets rebuilt from an old image. A contractor leaves. A CI/CD job is retired. Months later, the same SSH public keys are still sitting in authorized_keys, silently trusted by root or a service account nobody owns anymore.

Přehled dubnových vydání Jaderných novin: stav vydání jádra, citáty týdne a seznam článků týkajících se jádra.

Poslanci přehlasovali Senát a protlačili snížení minimálních záloh na důchodové pojištění pro OSVČ. Popisujeme, komu vznikne jaký přeplatek a kdo se k penězům dostane dříve.

Při skončení nájmu vrací pronajímatel složenou kauci, pokud není třeba ji započíst na dluhy nájemce. Jenže kauce se úročí a soudy ve sporech dospívají až k nesmyslně vysokému úročení.

Navážeme na minulý díl, a protože většina z vás se dříve či později potká s MS SQL serverem, začneme jednoduchou ukázkou instalace linuxové varianty MS SQL serveru a více si vysvětlíme chování balíčku a nástroje Docker.

Osmibitové počítače Atari mohou skládat obraz ze čtrnácti textových popř. grafických režimů. Ovšem navíc jsou k dispozici takzvané režimy GTIA, jež zobrazují až šestnáct barev z palety 128 nebo 256 barev.

V posledních dnech se scházejí indicie naznačující vydání cenově (nej)dostupnějšího osmijádrového X3D procesoru pro socket AM5. Bude jím Ryzen 7 7700X3D, patrně níže taktovaná verze Ryzen 7 7800X3D…

Threat actors are targeting systems with high-performance computers in an ongoing cryptojacking campaign spread through a coordinated SEO poisoning operation that also manipulated AI chatbot recommendations. [...]

Over the decades, there has been no shortage of sites using clever techniques to covertly track visitors’ browsing histories, device fingerprints, and keystrokes and mouse movements in real time. Even Meta and Yandex were recently caught joining in the privacy-invasive free-for-all.

Now sites have a new way to spy on their visitors: measuring subtle interactions with their solid-state drives. The technique, named FROST (fingerprinting remotely using OPFS-based SSD timing), allows sites to monitor other sites a visitor is viewing and what apps are open on their devices.

A side channel based on contention

The technique, laid out in a research paper, exploits a side channel, a form of leak resulting from physical manifestations such as electromagnetic emanations, data caches, or the time required to complete a task. By measuring the manifestations, attackers can decrypt encrypted traffic and infer other confidential data.

Read full article

Comments