{"id":18097,"date":"2024-10-26T07:00:00","date_gmt":"2024-10-26T04:00:00","guid":{"rendered":"https:\/\/forklog.com\/en\/cybersecurity-highlights-fake-defi-game-ai-scams-and-more\/"},"modified":"2024-10-26T07:00:00","modified_gmt":"2024-10-26T04:00:00","slug":"cybersecurity-highlights-fake-defi-game-ai-scams-and-more","status":"publish","type":"post","link":"https:\/\/u1f987.com\/en\/cybersecurity-highlights-fake-defi-game-ai-scams-and-more\/","title":{"rendered":"Cybersecurity Highlights: Fake DeFi Game, AI Scams, and More"},"content":{"rendered":"<p>We have compiled the most significant cybersecurity news of the week.<\/p>\n<div class=\"wp-block-text-wrappers-keypoints article_keypoints\">\n<ul class=\"wp-block-list\">\n<li>Lazarus created a fake DeFi game to steal cryptocurrencies.<\/li>\n<li>OpenAI&#8217;s Realtime API was used for scam automation.<\/li>\n<li>REvil hackers received prison sentences in St. Petersburg.<\/li>\n<\/ul>\n<\/div>\n<h2 class=\"wp-block-heading\"><strong>Lazarus Created a Fake DeFi Game to Steal Cryptocurrencies<\/strong><\/h2>\n<p>Researchers at Kaspersky Lab discovered a fake DeFi game targeting the crypto community to steal their assets. The North Korean hacker group Lazarus Group was behind its development.<\/p>\n<blockquote class=\"twitter-tweet\">\n<p lang=\"ru\" dir=\"ltr\">A new level of social engineering: the APT group Lazarus promoted a website with a game and a zero-day vulnerability exploit in Google Chrome. Details of the attack are in the new article: <a href=\"https:\/\/t.co\/SiETl5u4yx\">https:\/\/t.co\/SiETl5u4yx<\/a> <a href=\"https:\/\/t.co\/OZIvro2mtL\">pic.twitter.com\/OZIvro2mtL<\/a><\/p>\n<p>\u2014 Kaspersky (@Kaspersky_ru) <a href=\"https:\/\/twitter.com\/Kaspersky_ru\/status\/1849761704156033512?ref_src=twsrc%5Etfw\">October 25, 2024<\/a><\/p><\/blockquote>\n<p> <script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<p>The perpetrators created a fake website detankzone[.]com with a multiplayer NFT-based tank-themed game. It was based on the stolen source code of a real <span data-descr=\"Multiplayer Online Battle Arena\" class=\"old_tooltip\">MOBA<\/span> called DeFiTankLand. Analysts did not rule out that Lazarus was behind the <a href=\"https:\/\/t.me\/DFTLofficial\/8935\">theft<\/a> of the original project&#8217;s native coin DFTL2 worth $20,000 in March 2024.\u00a0<\/p>\n<p>The malicious game was promoted on various social networks, through phishing emails, and by reaching out to premium LinkedIn accounts since May.<\/p>\n<figure class=\"wp-block-image\"><img decoding=\"async\" src=\"https:\/\/lh7-qw.googleusercontent.com\/docsz\/AD_4nXcxyEBsYlKNW8Mh2-yVwL5FrX69FKBgbxuQJsX_Cf5bdOuK7vFo3wCxCXh3lj0SO7S9ivu-qLZxHdFONxnOCzxowy__oNgaHxZdei11__-ol9dUKIhb7Zu2yGLUPbAg_TPaPLb3jx3C9EZxYFeQBpNuVNnA?key=SvKK92lp6cjhdfXR-Zhs-TaW\" alt=\"Cybersecurity Highlights: Fake DeFi Game, AI Scams, and More\"\/><figcaption class=\"wp-element-caption\">Attempts by perpetrators to contact crypto market influencers. Data: Kaspersky Lab.<\/figcaption><\/figure>\n<p>The downloaded application did not work beyond the registration screen \u2014 visiting the site was enough to infect with the malicious Manuscrypt backdoor, exploiting the Google Chrome browser.<\/p>\n<p>The script gave hackers access to cookies, authentication tokens, saved passwords, and browsing history. The campaign aimed to steal cryptocurrencies.\u00a0<\/p>\n<p>Kaspersky Lab notified Google of the vulnerability, and they made the necessary changes.\u00a0<\/p>\n<h2 class=\"wp-block-heading\"><strong>OpenAI&#8217;s Realtime API Used for Scam Automation<\/strong><\/h2>\n<p>Researchers from the University of Illinois at Urbana-Champaign <a href=\"https:\/\/arxiv.org\/abs\/2410.15650\">created<\/a> AI agents capable of phone scams using the <span data-descr=\"OpenAI tool for embedding voice functions in applications, including audio input and output\" class=\"old_tooltip\">Realtime API<\/span>.<\/p>\n<p><iframe loading=\"lazy\" width=\"560\" height=\"315\" src=\"https:\/\/www.youtube.com\/embed\/MeQ3zt6EcoQ?si=WjGD2KNQYthbvc3N\" title=\"YouTube video player\" frameborder=\"0\" allow=\"accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture; web-share\" referrerpolicy=\"strict-origin-when-cross-origin\" allowfullscreen><\/iframe><\/p>\n<p>The development consisted of the OpenAI GPT-4o model, the Playwright browser automation tool, related code, and scam instructions. The researchers implemented the idea in 1051 lines of code, most of which dealt with real-time voice API processing.\u00a0<\/p>\n<p>Various types of scams were tested, including theft of funds from a bank account\/cryptocurrency wallet; theft of gift codes and credentials.<\/p>\n<p>The success rate and cost of attacks varied. Gmail credential theft had a 60% success rate, required five actions, lasted 122 seconds, and cost $0.28 in API fees. Bank account transfers had a 20% success rate, required 26 actions, lasted 183 seconds, and cost $2.51.<\/p>\n<p>The average overall success rate was 36%, and the average cost was $0.75.\u00a0<\/p>\n<h2 class=\"wp-block-heading\"><strong>Four REvil Hackers Sentenced in St. Petersburg<\/strong><\/h2>\n<p>On October 25, the St. Petersburg Garrison Military Court sentenced four defendants in the REvil hacker group case, as reported by <a href=\"https:\/\/www.kommersant.ru\/doc\/7263987?from=78_top_main_3\">Kommersant<\/a>.\u00a0<\/p>\n<p>Artem Zayets, Alexey Malozemov, Daniil Puzyrevsky, and Ruslan Khansvyarov were found guilty of illegal handling of payment means. The latter two were also charged with using and distributing malicious programs.<\/p>\n<p>Zayets and Malozemov received four and a half and five years in a general regime colony, respectively. Khansvyarov and Puzyrevsky were sentenced to five and a half and six years.<\/p>\n<p>Initially, 14 people were detained in the REvil case, but only eight defendants eventually faced trial. A new criminal case was opened against four others \u2014 Andrey Bessonov, Mikhail Golovachuk, Roman Muromsky, and Dmitry Korotaev \u2014 under the article on illegal access to computer information.<\/p>\n<p>All defendants have been in custody since early 2022, and they did not plead guilty. Over 300 million rubles, $950,000, more than \u20ac1 million, and 19.9 BTC were seized.<\/p>\n<h2 class=\"wp-block-heading\"><strong>WhatsApp Introduces Encrypted Database for Contact Synchronization<\/strong><\/h2>\n<p>WhatsApp messenger introduced a new encrypted data storage system <span data-descr=\"Identity Proof Linked Storage\" class=\"old_tooltip\">IPLS<\/span>, maintaining confidentiality and designed for managing contacts.<\/p>\n<blockquote class=\"twitter-tweet\">\n<p lang=\"en\" dir=\"ltr\">WhatsApp&#8217;s latest feature is a novel encrypted storage system called Identity Proof Linked Storage (IPLS)<\/p>\n<p>Learn how IPLS allows you to privately add and manage your contacts on WhatsApp across linked devices. <a href=\"https:\/\/t.co\/ck9me0ZQL3\">https:\/\/t.co\/ck9me0ZQL3<\/a> <a href=\"https:\/\/t.co\/UsSxj1YCfW\">pic.twitter.com\/UsSxj1YCfW<\/a><\/p>\n<p>\u2014 Engineering at Meta (@fb_engineering) <a href=\"https:\/\/twitter.com\/fb_engineering\/status\/1848718660946563414?ref_src=twsrc%5Etfw\">October 22, 2024<\/a><\/p><\/blockquote>\n<p> <script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<p>The update reduces the risk of losing the contact list if the phone is lost and adds data synchronization between different devices.<\/p>\n<p>With IPLS, WhatsApp contact lists are tied to the account rather than the device, making it easier to manage them when changing devices.<\/p>\n<p>The system also allows different contact lists for multiple accounts on one gadget, isolating them from others.\u00a0<\/p>\n<h2 class=\"wp-block-heading\"><strong>Linux Removes Russian Developers from Leadership Roles<\/strong><\/h2>\n<p>Linux developer Greg Kroah-Hartman removed 11 individuals associated with Russia from the list of those responsible for developing components of the operating system&#8217;s kernel. He cited &#8220;various compliance requirements,&#8221; writes <a href=\"https:\/\/www.kommersant.ru\/doc\/7249816\">Kommersant<\/a>.<\/p>\n<p>Russians can no longer make changes to the Linux kernel as maintainers, but they can still propose them as regular developers.\u00a0<\/p>\n<p>Most of the affected individuals are employees of SberDevices, Open Mobile Platforms, NetUp, and Metrotek. Their representatives are awaiting clarification from Western colleagues, who have always declared principles of openness.\u00a0<\/p>\n<p>Also on ForkLog:<\/p>\n<ul class=\"wp-block-list\">\n<li>Experts suggested a $20 million hack of a US government crypto wallet.<\/li>\n<li>ZachXBT estimated Coinbase user losses from scams at $100-150 million over the year.<\/li>\n<li>The Russian Prosecutor General&#8217;s Office will implement AI to combat criminal bitcoin turnover.<\/li>\n<li>Report: Iranian exchanges are linked to authorities and involved in sanctions evasion.<\/li>\n<li>The thief of $4.5 million from Indexed Finance transferred part of the funds to Tornado Cash.<\/li>\n<li>The former CEO of the Mine Digital crypto exchange was accused of stealing $1.5 million from a client.<\/li>\n<li>Crypto-fiat gateway Transak reported a client database compromise.<\/li>\n<li>Experts: the threat of a quantum attack on cryptocurrencies is exaggerated.<\/li>\n<li>In Japan, a fraudster was caught thanks to Monero transaction analysis.<\/li>\n<li>The Bitmama case with reduced damage was sent to the prosecutor&#8217;s office.<\/li>\n<li>Media: former WEX head Dmitry Vasiliev was detained in Poland.<\/li>\n<li>An Indian resident received five years in prison for stealing $20 million from Coinbase users.<\/li>\n<\/ul>\n<h2 class=\"wp-block-heading\"><strong>What to Read This Weekend?<\/strong><\/h2>\n<p>We explain what silent bitcoin payments are and how they help user anonymity.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>We have compiled the most significant cybersecurity news of the week. Lazarus created a fake DeFi game to steal cryptocurrencies. OpenAI&#8217;s Realtime API was used for scam automation. REvil hackers received prison sentences in St. Petersburg. Lazarus Created a Fake DeFi Game to Steal Cryptocurrencies Researchers at Kaspersky Lab discovered a fake DeFi game targeting [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":18096,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"select":"","news_style_id":"","cryptorium_level":"","_short_excerpt_text":"","creation_source":"","_metatest_mainpost_news_update":false,"footnotes":""},"categories":[3],"tags":[1238,1233],"class_list":["post-18097","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-news-and-analysis","tag-cybersecurity-digest","tag-industry-digests"],"aioseo_notices":[],"amp_enabled":true,"views":"19","promo_type":"","layout_type":"","short_excerpt":"","is_update":"","_links":{"self":[{"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/posts\/18097","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/comments?post=18097"}],"version-history":[{"count":0,"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/posts\/18097\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/media\/18096"}],"wp:attachment":[{"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/media?parent=18097"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/categories?post=18097"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/tags?post=18097"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}