Deepfake | Breaking Cybersecurity News | The Hacker News

Multiple threat activity clusters with ties to North Korea (aka Democratic People's Republic of Korea or DPRK) have been linked to attacks targeting organizations and individuals in the Web3 and cryptocurrency space. "The focus on Web3 and cryptocurrency appears to be primarily financially motivated due to the heavy sanctions that have been placed on North Korea," Google-owned Mandiant said in its M-Trends report for 2025 shared with The Hacker News. "These activities aim to generate financial gains, reportedly funding North Korea's weapons of mass destruction (WMD) program and other strategic assets." The cybersecurity firm said DPRK-nexus threat actors have developed custom tools written in a variety of languages such as Golang, C++, and Rust, and are capable of infecting Windows, Linux, and macOS operating systems. At least three threat activity clusters it tracks as UNC1069, UNC4899, and UNC5342 have been found to target members of the cryptocurren...

Social engineering is advancing fast, at the speed of generative AI. This is offering bad actors multiple new tools and techniques for researching, scoping, and exploiting organizations. In a recent communication, the FBI pointed out: 'As technology continues to evolve, so do cybercriminals' tactics.' This article explores some of the impacts of this GenAI-fueled acceleration. And examines what it means for IT leaders responsible for managing defenses and mitigating vulnerabilities. More realism, better pretexting, and multi-lingual attack scenarios Traditional social engineering methods usually involve impersonating someone the target knows. The attacker may hide behind email to communicate, adding some psychological triggers to boost the chances of a successful breach. Maybe a request to act urgently, so the target is less likely to pause and develop doubts. Or making the email come from an employee's CEO, hoping the employee's respect for authority means they won't question...

The problem is simple: all breaches start with initial access, and initial access comes down to two primary attack vectors – credentials and devices. This is not news; every report you can find on the threat landscape depicts the same picture.  The solution is more complex. For this article, we'll focus on the device threat vector. The risk they pose is significant, which is why device management tools like Mobile Device Management (MDM) and Endpoint Detection and Response (EDR) are essential components of an organization's security infrastructure. However, relying solely on these tools to manage device risk actually creates a false sense of security. Instead of the blunt tools of device management, organizations are looking for solutions that deliver device trust . Device trust provides a comprehensive, risk-based approach to device security enforcement, closing the large gaps left behind by traditional device management solutions. Here are 5 of those limitations and how to ov...

Social engineering has long been an effective tactic because of how it focuses on human vulnerabilities. There's no brute-force 'spray and pray' password guessing. No scouring systems for unpatched software. Instead, it simply relies on manipulating emotions such as trust, fear, and respect for authority, usually with the goal of gaining access to sensitive information or protected systems. Traditionally that meant researching and manually engaging individual targets, which took up time and resources. However, the advent of AI has now made it possible to launch social engineering attacks in different ways, at scale, and often without psychological expertise. This article will cover five ways that AI is powering a new wave of social engineering attacks. The audio deepfake that may have influenced Slovakia elections Ahead of Slovakian parliamentary elections in 2023, a recording emerged that appeared to feature candidate Michal Simecka in conversation with a well-known journalist, M...

Google has revealed that bad actors are leveraging techniques like landing page cloaking to conduct scams by impersonating legitimate sites. "Cloaking is specifically designed to prevent moderation systems and teams from reviewing policy-violating content which enables them to deploy the scam directly to users," Laurie Richardson, VP and Head of Trust and Safety at Google, said . "The landing pages often mimic well-known sites and create a sense of urgency to manipulate users into purchasing counterfeit products or unrealistic products." Cloaking refers to the practice of serving different content to search engines like Google and users with the ultimate goal of manipulating search rankings and deceiving users. The tech giant said it has also observed a cloaking trend wherein users clicking on ads are redirected via tracking templates to scareware sites that claim their devices are compromised with malware and lead them to other phony customer support sites, w...

Artificial Intelligence (AI) has rapidly evolved from a futuristic concept to a potent weapon in the hands of bad actors. Today, AI-based attacks are not just theoretical threats—they're happening across industries and outpacing traditional defense mechanisms.  The solution, however, is not futuristic. It turns out a properly designed identity security platform is able to deliver defenses against AI impersonation fraud. Read more about how a secure-by-design identity platform can eliminate AI deepfake fraud and serve as a critical component in this new era of cyber defense.  The Growing Threat of AI Impersonation Fraud Recent incidents highlight the alarming potential of AI-powered fraud: A staggering $25 million was fraudulently transferred during a video call where deepfakes impersonated multiple executives. KnowBe4, a cybersecurity leader, was duped by deepfakes during hiring interviews, allowing a North Korean attacker to be onboarded to the organization. CEO of ...

AI from the attacker's perspective: See how cybercriminals are leveraging AI and exploiting its vulnerabilities to compromise systems, users, and even other AI applications Cybercriminals and AI: The Reality vs. Hype "AI will not replace humans in the near future. But humans who know how to use AI are going to replace those humans who don't know how to use AI," says Etay Maor, Chief Security Strategist at Cato Networks and founding member of Cato CTRL . "Similarly, attackers are also turning to AI to augment their own capabilities." Yet, there is a lot more hype than reality around AI's role in cybercrime. Headlines often sensationalize AI threats, with terms like "Chaos-GPT" and "Black Hat AI Tools," even claiming they seek to destroy humanity. However, these articles are more fear-inducing than descriptive of serious threats. For instance, when explored in underground forums, several of these so-called "AI cyber tools" were found to be nothing...

The FBI and CISA Issue Joint Advisory on New Threats and How to Stop Ransomware Note: on August 29, the FBI and CISA issued a joint advisory as part of their ongoing #StopRansomware effort to help organizations protect against ransomware. The latest advisory, AA24-242A , describes a new cybercriminal group and its attack methods. It also details three important actions to take today to mitigate cyber threats from ransomware – Installing updates as soon as they are released, requiring phishing-resistant MFA (i.e. non-SMS text-based), and training users. The growth in the number of victims of ransomware attacks and data breaches has become so profound that the new cyber defense challenge is just keeping up with the number of new attacks and disclosures from victims. This is the product of stunning advancements in cybercriminal attack methods combined with a too-slow response by many organizations in adjusting to new attack methods. As predicted, Generative AI has indeed been a game ch...

Chinese-speaking users are the target of a never-before-seen threat activity cluster codenamed Void Arachne that employs malicious Windows Installer (MSI) files for virtual private networks (VPNs) to deliver a command-and-control (C&C) framework called Winos 4.0. "The campaign also promotes compromised MSI files embedded with nudifiers and deepfake pornography-generating software, as well as AI voice and facial technologies," Trend Micro researchers Peter Girnus, Aliakbar Zahravi, and Ahmed Mohamed Ibrahim said in a technical report published today. "The campaign uses [Search Engine Optimization] poisoning tactics and social media and messaging platforms to distribute malware." The security vendor, which discovered the new threat actor group in early April 2024, said the attacks entail advertising popular software such as Google Chrome, LetsVPN, QuickVPN, and a Telegram language pack for the Simplified Chinese language to distribute Winos. Alternate attack...

A Chinese-speaking threat actor codenamed  GoldFactory  has been attributed to the development of highly sophisticated banking trojans, including a previously undocumented iOS malware called GoldPickaxe that's capable of harvesting identity documents, facial recognition data, and intercepting SMS. "The GoldPickaxe family is available for both iOS and Android platforms," Singapore-headquartered Group-IB  said  in an extensive report shared with The Hacker News. "GoldFactory is believed to be a well-organized Chinese-speaking cybercrime group with close connections to  Gigabud ." Active since at least mid-2023, GoldFactory is also responsible for another Android-based banking malware called  GoldDigger  and its enhanced variant GoldDiggerPlus as well as GoldKefu, an embedded trojan inside GoldDiggerPlus. Social engineering campaigns distributing the malware have been found to target the Asia-Pacific region, specifically Thailand and Vietnam, by masqu...

What could be more exciting than seeing yourself starring alongside your favorite actor in a movie, music video, or TV program? Yes, that's possible—well, kind of, by using a new AI-based deepfake app that has gone viral in China over this weekend, climbing to the top of the free apps list in the Chinese iOS App Store in just three days. Dubbed ZAO , the app is yet another deepfake app for iPhone that lets you superimpose your face onto actors like Leonardo DiCaprio, Kit Harrington from "Game of Thrones," and many others in video clips from their popular movies and TV shows with just a selfie uploaded by you. Developed by Chinese developer MoMo, one of China's most popular dating apps, ZAO was released on Friday (August 30) and rapidly got downloaded millions of times with users being excited about the experience for the app's realistic face-swapping videos that last for as little as 8 seconds. ZAO Deepfake Face Swap App Sparks Privacy Outcry Howeve...