ESET Research Podcast: ChatGPT, the MOVEit hack, and Pandora

In this episode of the ESET Research Podcast, we dissect the most interesting findings of the ESET Threat Report H2 2023, including threat actors trying to leverage the AI hype, probably the biggest cyber incident seen in the whole year, and a new threat lurking in the Android and IoT space.

The rapid growth of AI chatbots such as ChatGPT has triggered a parallel surge in cybercrime. Blocking over 675,000 attempts in 2023 to access malicious domains imitating this popular chatbot indicates that cybercriminals have found fertile ground.

Some of these domains pose as bring-your-own-key web apps, requiring users to share their OpenAI API keys. But these apps could steal the keys, leading to unexpected charges for the use of the API. To prevent this, it’s crucial to never share your API key.

The cybercrime landscape isn’t limited to AI enthusiasts. The Cl0p ransomware group carried out a massive attack earlier this year by exploiting a zero-day vulnerability in the MOVEit transfer software. Over 2,600 organizations were affected, with the estimated financial damage reaching a staggering $14 billion. Cl0p leaked the stolen information via the dark web, torrents, and the clear web, intensifying pressure on the victims.

Meanwhile, the IoT world grappled with its own share of issues. In 2023, the Pandora botnet emerged, compromising Android devices, particularly Android TV boxes. This malware, based on the leaked source code of Mirai malware, can be delivered through malicious firmware updates or through apps offering pirated content.

In the face of these cyberthreats, users must exercise caution when downloading apps, particularly those promising free content. Keeping devices updated and using reputable security solutions offer an essential layer of protection against cybercrime.

For all these topics and more from the ESET Threat Report, listen to the latest episode of the ESET Research podcast, hosted by Aryeh Goretsky. This time, he directed his questions to one of the authors of the report, Security Awareness Specialist Ren é Holt.

For the full report from H2 2023, including other topics such as a new Android spyware family, an update on the demise of the Mozi botnet, the rise of the cryptostealer Lumma Stealer, and the latest developments in the Magecart scene, read the full report here.