The LockBit ransomware group claimed to have attacked the U.S. Federal Reserve, stating they would leak 33 terabytes of its data. However, analysis revealed that the data released on their website actually came from a financial services company in Arkansas, not the Federal Reserve.
In this episode of State of Cybercrime, co-hosts Matthew Radolec and David Gibson dive into the details around LockBit, and cover other news including:
+ The MOVEit authentication bypass flaw
+ Developments in the Polyfill supply chain attack affecting millions of websites
+ Updates on the targeted campaign against Snowflake
+A massive insider breach of a Pennsylvania healthcare system
+ Two new attack methods threat actors are adopting
+ The new OpenSSH unauthenticated RCE vuln that gives root privileges to + Linux systems
[00:00:00]
Matt Radolec: Well hello, everybody. Thanks so much for joining us again today.
David Gibson: Hey there, how are you?
Matt Radolec: I'm outstanding. My name is Matt Radolec. I'm joined by our co host, David Gibson, and we are so pumped to talk with you guys for another episode of State of Cybercrime. I see a bunch of people chiming in, letting us know where we're chatting to and connecting with you from today.
I'm at home in Maryland. What about you, David?
David Gibson: I'm at home in Connecticut.
Matt Radolec: Wow, and looks like we got people from all over. I saw a couple from Holland, from Houston, from Philly, from Toronto, from Denver, from [00:01:00] Minneapolis, someone else from D. C. Somebody from Saskatchewan, yeah. I don't know if
David Gibson: I believe that one.
Matt Radolec: It's so great to have you here today. We're going to crack right into it, and we'll go through a bunch of our usual segments, but always good to connect and really see just how far the show reaches each week.
Oh, somebody from Lisbon, Portugal, wow.
David Gibson: Excellent.
Matt Radolec: We'll go through a Oh, go ahead, David. Yeah, we'll go through it.
David Gibson: I was just going to say, what's on our agenda?
Matt Radolec: Go through a bunch of
of our usual segments today. We'll definitely cover whether or not there's any good news. We'll talk about all the latest happenings in AI. We'll jump on the highway to the danger zone and talk about some threat actors and some attacks that you should be worried about.
We'll cover some vulnerable vulnerabilities. And then, as always, we save some time at the end for a little bit of feedback from you and some Q& A from our audience, as we really do enjoy interacting with you. So feel free anytime during the show today to drop some things in the chat or the Q& A and we'll try to get to them as quick as we can.
So with that, let's jump into it.
David Gibson: Awesome. What's the name of our first segment here, man?
Matt Radolec: Yeah, this is Is There Any Good News? And if I [00:02:00] had it autoplay, then we would get to hear that. That too, so I probably should fix that.
David Gibson: Yeah, there we go. Layer movie there.
That's what we were waiting for.
Matt Radolec: Our first segment is we like to cover all the good news and the good things happening in cyber. For those of you who join us for the first time, there's often a ton of doom and gloom. Everybody's got a lot to say and it's usually not very good. Yeah, let's crack into it.
David Gibson: Excellent. Operation Morpheus is our first topic, and that, I think it's well named but this was a coordinated effort by law enforcement from Australia, Canada, Germany, the Netherlands Poland, the U. S., And it was led by the UK National Crime Agency but essentially what they did was over several years, it looks like they identified almost 700 IP addresses that were on the other end of Cobalt Strike beacons, malicious Cobalt Strike beacons which attackers can use To achieve command and control, right?
Command, I guess the first stage is you [00:03:00] deploy a beacon. By the way, this was a red team tool that was kind of, I guess appropriated by attackers and modified so that they could use it for their own ends, but essentially a dropper on a victim host that then beacons out, to a command and control server where they can drop another payload and do more stuff.
I think this is a win for the good guys. Almost 700, actually it looks like about, they identified 700 IP addresses on 690 and so far almost 600, 593 of the addresses have been taken down. Few more to go there, but that's a lot fewer bad guy servers than there were before, right?
Matt Radolec: Yeah, and I still, to this day, the Cobalt Strike framework, when the source code got leaked online where we are still paying the damages for that one. Even here in 2024, I think that leak happened, Maybe even close to a decade ago or eight or nine years ago.
So it's great though, to see, you know, law enforcement come together and these cross border, cross continent, even collaborations between cyber agencies definitely shows progress towards, taking down the hackers, the attacker groups and [00:04:00] their infrastructure. But that's not the only good news we've got, David.
A lot of people. Get excited or worried when they hear about ransomware groups like Scattered Spider. They were responsible for a large attack campaign called Octopus. I don't know if you remember us talking about that. Targeted hundreds of organizations like Twilio and Cloudfare and they were behind that.
But the one that really got, the story that really got Scattered Spider under the eyes of law enforcement, and really the world, was the attack on MGM. And it was after that attack that the FBI. led an offer for a reward for information that would lead to the arrest of those involved in Scattered Spider.
Now what's interesting, there's a little bit of an inception happening here. Scattered Spider actually used the Black Cat and Alpha V ransomware to take on MGM Resorts. So at the time, even we said we thought it was Black Cat and Alpha V that was behind the attack, but it looks like it was Scattered Spider.
Just a few months after the FBI offered their reward, a 22 year old British man got arrested in Majorca. Trying to board a flight to [00:05:00] Italy. This man was in possession of right around 30 million in Bitcoin and is suspected to be the leader of the Scattered Spider Ransomware Group. This arrest was due to a coordination between the Spanish police and the U. S. Federal Bureau of Investigation. It does continue to look like that if you start to do this cybercrime, you might have to do the time.
David Gibson: When you've got 30 million in Bitcoin, can you fit that on a carry on or do you have to check that?
Matt Radolec: There's this thing, it's a digital currency, David, so you could probably fit it in your pocket, I would imagine.
Alright, got it. Let's jump on to our next segment here. And this is our newest segment. And it's one that, it's the topic that everybody loves to talk about. AI. I mean, come on, nobody is tired of hearing about AI. And saying AI Vey to yourselves is probably what you're doing right now. So we'll cover the good, the bad, and the ugly as it happens and relates to AI and our eventual demise to the robot overlords.
First up is prompt engineers gotta win and mankind's hope for ethical AI has lost again. Researchers are banging away at generative AI [00:06:00] prompts to find loopholes. How this skeleton key loophole works is you're going to ask the AI model to augment rather than completely change its behavioral guidelines.
So in the case of asking for something like how to make a Molotov cocktail, in this case, the prompt engineer asked, but said, Hey, look, I know you're not supposed to do this, but if you give me the response with a warning label, then you can give it to me for educational purposes, right? And that's exactly what happened, right?
You're able to trick these Generative AI co pilots into providing you with responses that they otherwise wouldn't. And this Skeleton Key didn't only work on Microsoft CoPilot, though. It also worked on Meta's Llama3, Google's Gemini Pro, ChatGPT 3. 3. 5, OpenAI's ChatGPT 4, Mistral Large, Anthropic Cloud, Opus, Cohere Commander R They're really all seem to be vulnerable to this.
And, David, when we were talking about this, you really brought up how this might not be something that we can stop because there's always going to be ways that we can ask for information that, if, asked in the right way, you're going to get the [00:07:00] response, but if used in the wrong way, it could be, malicious or potentially harmful.
Do you want to talk more about like your thoughts on that? Or really what is it what is good enough in terms of stopping AI from providing these types of results?
David Gibson: AI helps you get at information, and information can be used for good or not so good. I think it's going to be hard to know what the spirit of the, is behind asking the question and how somebody wants to use the information that they're getting.
The same information that could be used to, save somebody could also be used to hurt them. It's and I think it, we've got a tall order. Ahead of us, I think, it probably, it's going to involve a lot of a lot of sophisticated analytics on what people are actually doing with the AI and what the intent is, but I feel like, just like any tool can be used for good or evil it's it's going to be hard to know what the intent is, what the, Outcome of providing that information is going to be, you could be an evil genius, right?
Or a genius that does a lot of good in the world. It's same [00:08:00] webware.
Matt Radolec: At that point, is it any different from running a Google search? Or, an internet web search? Because if we're talking about the law enforcement angle or the court case angle, they use the searches that you made in your search history.
These, all these famous cases of like people killing their spouses. And right before they did it, they Googled how to hide a body or. How to, kill someone quietly or something like this. Are we going to see, prompts as the next iteration of what comes up, in court around how gained access to harmful information?
I always like to say with great power comes great responsibility, and AI is, can't escape that. But, talking about AI what is this Vana AI, and does it have anything to do with Vana White and Wheel of Fortune?
David Gibson: Absolutely. It was a Wheel of Fortune hack, Noah. It's interesting. This is a little different than the Skeleton Key.
I think the Skeleton Key the way that people are thinking of it is an impromptu escape, right? So the damage would be, you'd be getting a response, you'd be getting information inside the prompt that could be potentially dangerous. This one is different in [00:09:00] that it exposes a remote code execution, so you're essentially escaping out of the AI. And actually on the last session we talked about a, how AI is made up of kind of multiple modules in some cases, and last time we talked about Hugging Face and the, Pickle module that is is one of the things that makes AI functions work. And if you have a malicious pickle you can escape the AI prompt.
And this is another one of these vulnerabilities. And essentially it exploits the ability to do a sequel hack, right? It essentially, there's a way to craft a sequel select statement so that it prints an output. And if they use that in conjunction with another library that Vana uses and just to summarize, Vana does text to SQL, right?
So the idea, you put in natural language, and it'll do the SQL prompt for you. But Vana also can generate the response in a graph, right? So it'll show you a graph, and to do that, it uses a library [00:10:00] called Plotly. And essentially, if you craft a SQL statement in a way that it prints a command, That gets passed to Plotly, and Plotly will execute that on the host it's running on.
So it reminds me a lot of a SQL injection, but it's a bit more abstract. And this is where you can craft an AI prompt that actually goes outside the boundaries of the AI prompt. Hopefully I'm making some sense there. It was really interesting. There was a really great write up on how this worked but really interesting stuff.
Matt Radolec: Yeah, and it sounds like a SQL injection vulnerability, but with a layer of abstraction to it because of what gets called by the SQL injection, so it's interesting to see these things. OWASP top 10 get applied to AI, whether it's on the language model or on the co pilot side, as a lot of the same things that work on non AI powered applications from an exploitation or vulnerability standpoint are present in these AI based applications as well.
Now in preparing for this one, did you say something about a malicious pickle, David? I
David Gibson: [00:11:00] did. I, Last time I asked the audience what would be a better band name malicious pickle or Pickle Malicious, and I did want to thank everybody for the input, so one night only.
Matt Radolec: Yeah that's probably not the only thing that we have to talk about, getting ourselves into a malicious pickle or naming the AI based ban that we'll probably never perform with.
There is this ELVIS Act and I give a lot of credit, Tennessee does tend to lead the way for artists and for musicians around protecting copyrighted work. And musicians are definitely celebrating this victory against the robots as Tennessee has impassed the Ensuring Likeness Voice and Image Security, or ELVIS Act.
David Gibson: I love that name. Yeah, I know, right?
Matt Radolec: Especially with all the title fraud stuff going on with the Elvis estate, it's very timely. So what this bill does is it expands personal rights law to include protections for songwriters, performers, and others in the music industry. It protects their voice. They're voiced from the misuse of artificial intelligence.
Really [00:12:00] it calls out voice as another form of protected art. And really the goal of the legislation is to continue to protect artists whose likeness has been cloned or reused by AI tools for reproduction. Obviously without, striking a deal or paying for the license to use that person's likeness.
So it's great to see, at least at a. So it's at a state level that we see protections for artists from, their work being reproduced or cloned or reused by AI.
David Gibson: Yeah, I I would really rather imagine a future where AI is, able to do our TPS reports or do the dishes and, we can do the art.
We can make the music rather than having the AI do the music and the art.
Matt Radolec: Yeah I think it's time now we probably should talk about something else. And we had an audience member chime in and say, isn't that a bit of a double statement? Yes, we're trying to cleverly use alliteration from time to time on the show.
And so we call this segment Vulnerable Vulnerabilities, just to make sure you know what we're talking about. Now, David, what is this first vulnerability with OpenSSH?
David Gibson: This is [00:13:00] called regression. And apparently there is a, there was a vulnerability a long time ago, and we've since Had a regression so that this old flaw was patched a while back, but it has reappeared in versions 8.
5 P1 all the way up to 9. 7 P1. And apparently it affects at least any 32 bit Linux systems running GLB GLIBC. And actually, I think it's probably going to extend more than that. But the way it works is Essentially, it creates a race condition, so an attacker can try to connect to SSH, but they they don't finish the authentication, and they do that over and over again.
And apparently what happens is it calls a SIGALARM function in an unsafe way. It's they call it async. Async signal safe or not and I think to oversimplify this, it's essentially like when you're sending signals in an unsafe way, it's sending two things to [00:14:00] your printer at the same time and having it try to, print, keep printing at the same time, it overlaps the output but instead of going to paper, it's going into RAM and if the attacker does it just right, they can manage to get it.
Something that can be remotely executed or executable code in that address space. So it's POC code. It seems like it's a little bit hard to exploit. And really if somebody's trying to do this, it looks like it takes an average of six to eight hours to do those to do all those sessions and time them out and have that condition happen.
So it should be noisy a POC code, but patch SSH. Yeah, I
Matt Radolec: think the interesting one here is, they have to flood the table. It kind of reminds me of a bit like a denial of service combined with a buffer overflow, and that you're trying to flood the connection table, and then eventually one is going to be, triggered the signal alarm, which you're trying You know, it runs an unsecured library that allows you to put more code in it.
Yet again, we see the old but trusted vulnerabilities shine through or get found in other [00:15:00] systems. Now, that's not the only repeat one there. Go ahead, David.
David Gibson: I was just going to say, I think that's a really great way to put it. It's like an old SYN flood, except it's poisoning the well behind it.
Matt Radolec: Combined with poisoning the ARP table after the SYN flood, right? We were talking about that 10 or 15 years ago. Now, that's not the only sequel that we're going to talk about today, though. Hackers have found another flaw in MOVEIT, this time to, bypass authentication. It feels like over a year ago, we were talking about MOVEIT and the latest MOVEIT vulnerability.
And MOVEIT Transfer, this is a managed file transfer solution, has a new vulnerability, CVE, 2024 5806. This allows attackers to bypass the authentication in the SFTP module, which is responsible for the secure file transfers over MOVEIT using SSH. According to Census, there's a company that like scans the open internet.
There are at least 2, 700 MOVEIT devices available on the open internet to be exploited and patches are available. Combine that with talking to Shadow Server Foundation. They've actually found that attackers are actively exploiting [00:16:00] this movement vulnerability. So if you're here joining us on the show today and you haven't patched this yet, you probably should.
David Gibson: Yeah, this is another scary one and some good write ups about how this works to vulnerability in SFTP not in SFTP, but in the implementation of it.
Matt Radolec: Yeah, in the implementation of it that allows you to take over and really, exfiltrate data from moving yet again. Now, What is this polyfill?
Does this have anything to do with the stuff in those pillows you get at the carnival, or am I missing out on
David Gibson: something here, David?
This is an insulation attack. You're absolutely right. Now, this I had to, I wasn't aware about this, but apparently polyfills are libraries that help to overcome differences or deficiencies between web browsers.
Essentially you can insert these libraries so that a web browser can do the things you want it to do. Now, apparently polyfill. io was a place that stored all these libraries and a lot of different websites would call the library from polyfill. io. Now if I'm reading this right, that got [00:17:00] taken over.
And these libraries became infested with malware. And so really, people's browsers would call these libraries and then be running malicious code on their hosts. So the recommendation is remove any references on your website to polyfill. io, and you can replace those with different polyfill repositories in Cloudflare or Fastly.
Matt Radolec: And I think how this had happened was the Polyfill developers had probably mistakenly, obviously we think it's mistakenly, it wasn't intentionally malicious put some keys, their Cloudflare keys in a publicly accessible just exposed them in a publicly accessible way.
And then attackers were able to use those keys. Remove the references of, pointing back to Polyfill, point it instead at Cloudflare, Fastly references to the malicious code that then gets run on everyone that visits or intends to do it via Polyfill. So there's like some, very potentially broad impact.
Tens of millions or, even dozens of millions of websites could have been impacted by this.
David Gibson: Yeah, this is pretty big damage and definitely I would [00:18:00] mitigate that. And somebody, yeah somebody said, I know we block polyfill. io now. And I think that it's being blocked by a DNS in a couple different ways too.
But definitely would want to remove the references to it in your sites.
Matt Radolec: Let's jump into our last segment, the dangers. Here we usually talk about attackers, techniques, their protocols, breaches that might have happened, or even just talking about the same thing yet again. I feel like Snowflake is three episodes in a row, we're still talking about the fallout from the blizzard that was the attack on Snowflake and its customers.
The latest victim being AT& T, the lar one of the largest cell phone carriers in the world, said that they lost a lot of data, including call logs, SMS messages, for over 25 million customers, and in addition to that, Mandiant also has come out and said that they see a connection between the attacker group they think purported the attack on Snowflake and its customers, UNC5537, and Scattered Spider.
This because around 10 organizations of the 160 or so that got breached by [00:19:00] Snowflake have been contacted. in order to pay a ransom in order to not have additional data be leaked online. Some of those including companies like Ticketmaster and Neiman Marcus. And for Ticketmaster, they, I think some of the numbers so far, between 000 tickets had been fraudulently printed and reused, which actually caused real harm to people, concert goers and event goers around the world.
David Gibson: Yeah, this is by the way, I see what you did there with the Blizzard Right. And quite a bit of fallout on this one. And I think it's important to review those steps with the MFA and kind of all the tips that we've put on our, before on how to monitor the stuff.
Matt Radolec: Yeah, I think it's quite simple. When we think about a SaaS application or, database service daily as a service like Snowflake that allows connections from the outside, the way that this attack happened was quite trivial in my opinion. People reuse their usernames and passwords. It's just a fact.
If you reused your username and password, or one of your employees did, and an Infostealer malware was able to pick up their login credentials to Snowflake, and your organization didn't have multi factor authentication or trusted network access [00:20:00] blocks in place for your Snowflake, you were vulnerable to a simple password reuse attack.
And that's what happened. Hundreds of Snowflake customers got targeted by this. They didn't have MFA enabled on those accounts. They didn't have things set up in a way that only their organization's IPs could get to Snowflake. And a lot of sensitive data got leaked onto the internet. And we're only still learning just today about AT& T being included in all of that.
David Gibson: Yeah, and that's that looks like there's a lot of people in that breach, right? All their wireless customers as well?
Matt Radolec: Call logs, SMS messages, millions and millions of consumers. Now that wasn't the only little bit, it looks like LockBit is, chomping at the bit to do a little bit more in the ransomware gang as well.
David Gibson: Yeah this one was interesting, a little bit of a head scratcher. Apparently in June, LockBit had claimed to have breached the Federal Reserve and threatened to release 33 terabytes of data or some of that. It looked like, I think the Fed, offered to pay it, what an obvious moment.
Matt Radolec: Yeah, 50 grand for the data. And I have even said what's going on here? Why do they value this so little when the last time we talked about [00:21:00] this? But maybe it's because it wasn't their data.
David Gibson: Yeah, it turned out after the data was released that analysts determined it was stolen from Evolve Bank and Trust.
And they confirmed that, yep, this is their data. Apparently, an employee clicked on the malicious link back in May or so. And this is where that data came from. That's where the exposure was, a run of the mill ransomware attack that That was not really concerning the Federal Reserve.
Nonetheless, LockBit has been really busy, right? They're very active, they were associated with an attack on a Croatia hospital recently as well.
Matt Radolec: I think that pretty much wraps up everything we had planned on going through today, so let's check out and see if anything came in the chat or anything came in via the chat.
Q& A that we need to cover. I think just a couple of questions. Should polypill. io be blocked at the perimeter as one of them, David? And then one of our other audience members wants to know if we know who was behind the polyfill attack.
David Gibson: What I was reading on that is [00:22:00] that a there was, as you said, That what was really behind it was some keys that were, put in an open GitHub repository by mistake. But it also looks like there was some association with a Chinese actor, right? Did I read that correctly from your notes?
Matt Radolec: Yeah, and I'm not sure we know exactly who it is. Yeah, I think we have some suspects from Chinese APT groups, but, if you put secret and keys in the in a public domain, you probably should expect them to get misused or abused, especially if they're still valid.
David Gibson: We won the trip to Fiji.
Matt Radolec: We hope that you guys enjoyed our show today. It is made possible by you, our audience, so we super appreciate you sticking around and we look forward to seeing you on our next episode. of State of Cybercrime.