Chinese Hackers Target US ISPs, Telegram Reverses Stance Agrees to Share User Data: Your Cybersecurity Roundup

Cybersecurity news headline graphic on Chinese hackers and Telegram.

AI-Generated Malware Dropper Detected in Wild

HP researchers have intercepted a novel email campaign that employed an AI-generated dropper to deliver a standard malware payload. This marks a significant development, demonstrating the growing use of AI in cybercrime.

The campaign leveraged an encrypted HTML attachment to bypass detection and deliver a VBScript and AsyncRAT infostealer. The VBScript, surprisingly well-structured and commented, was likely generated by AI, indicating a potential new trend in malware creation.

While the specific attacker’s level of expertise remains uncertain, the use of AI in this attack highlights the evolving threat landscape. AI-generated malware can be more sophisticated and harder to detect, making it a growing concern for security professionals.

Chinese Hackers Target US ISPs in Evasive Campaign

A new report reveals that Chinese state-backed threat actors have successfully compromised a handful of US internet service providers (ISPs). The campaign, attributed to the Salt Typhoon group, aimed to gain a foothold in target networks and gather sensitive information.

The attackers exploited vulnerabilities in Cisco Systems routers, key components of internet infrastructure, to infiltrate the ISPs. Once inside, they sought to establish a persistent presence and harvest valuable data.

Telegram Reverses Stance, Agrees to Share User Data with Authorities

In a significant policy shift, Telegram has announced that it will disclose user IP addresses and phone numbers to authorities upon receipt of valid legal requests. This reversal comes amid growing concerns about the platform’s role in facilitating criminal activities.

While Telegram previously resisted such disclosures, the company has now agreed to cooperate with law enforcement agencies in investigations involving criminal violations of its terms of service. This move is likely influenced by the recent arrest of Telegram CEO Pavel Durov in France and the Ukrainian government’s decision to ban Telegram for government officials.