News

ICBC ransomware attack and ChatGPT outage

Dan Virgillito
November 13, 2023 by
Dan Virgillito

ICBC suffers ransomware attack, OpenAI links ongoing ChatGPT outages to DDoS campaign and Google Ads CPU-Z malware. Catch all this and more in this week’s edition of Cybersecurity Weekly

See Infosec IQ in action

See Infosec IQ in action

From gamified security awareness to award-winning training, phishing simulations, culture assessments and more, we want to show you what makes Infosec IQ an industry leader.
 

1. ICBC discloses ransomware attack that reportedly disrupted U.S. Treasuries 

On November 8, the Industrial & Commercial Bank of China (ICBC) suffered a ransomware attack that disrupted its financial services. The attack specifically affected U.S. Treasury market trades and repo financing transactions. Equity traders also faced significant disruptions due to the bank’s ability to connect to  DTCC/NSCC. ICBC responded by isolating the affected systems and launched an investigation with security experts.

Read more »

2. OpenAI links recent ChatGPT outages to DDoS attacks 

OpenAI has linked recent outages affecting ChatGPT and its developer tools to a Distributed Denial-of-Service (DDoS) attack. ChatGPT users faced sporadic access issues on November 8, receiving messages about the service being at capacity. Initially, OpenAI CEO Sam Altman attributed the problem to high interest in new features. However, the company later updated its incident report to reveal the outages happened due to a DDoS.

Read more »

3. Threat actor abuses Google Ads to distribute malware-laden CPU-Z installer

Malwarebytes recently discovered a cyberattack using Google Ads to distribute a trojanized CPU-Z tool carrying the Redline malware. The campaign involved a fake Windows news site clone hosting the malicious ad. Users who clicked were led to download a signed CPU-Z installer embedded with malware. This installer launched the Redline Stealer, designed to steal sensitive data. Google has since removed these ads and acted against the accounts responsible.

Read more » 

4. Microsoft reveals hackers exploited zero-day flaw SysAid IT support in Cl0p ransomware campaign

SysAid has alerted its customers to patch their systems against a zero-day vulnerability exploited to deploy ransomware. Discovered after a tip from Microsoft, the flaw enables remote code execution where the threat actor behind the attack conducts a multi-stage attack using a WebShell and other payloads. The hacker is reportedly using this vulnerability to install Cl0p ransomware. SysAid advises updating to version 23.3.36 and conducting thorough network assessments to avoid further compromises.

Read more »

5. North Korea hacking group blamed for infiltrating Macs with ObjCShellz malware

The North Korean-backed BlueNoroff group recently launched a new macOS malware targeting Apple customers. Dubbed ObjCShellz, it enables remote shell access on compromised devices. ObjCShellz impacts Intel and Arm Macs and executes commands on infected systems in the post-exploitation stage. Security analysts suggest this malware is part of a broader attack involving social engineering.

Read more »

See Infosec IQ in action

See Infosec IQ in action

From gamified security awareness to award-winning training, phishing simulations, culture assessments and more, we want to show you what makes Infosec IQ an industry leader.
 

Dan Virgillito
Dan Virgillito

Dan Virgillito is a blogger and content strategist with experience in cyber security, social media and tech news.