Recent cybersecurity events include a significant data leak impacting the Iranian state-sponsored hacking group Charming Kitten, the extradition of a key member of the Raccoon Infostealer operation to the United States, and the discovery of a novel attack method targeting AI features in popular web browsers.

Iranian State-Sponsored Group Charming Kitten Leaked

A leak on a Telegram channel exposed sensitive information belonging to the Iranian state-sponsored hacking group known as Charming Kitten, which is also tracked as APT42 and Mint Sandstorm. The leaked data, analyzed by Check Point Research, includes custom espionage tools designed for reconnaissance and data exfiltration. In addition to the malicious tools, the leak contained training materials and videos intended for new recruits of the hacking group. The exposed information also included personal details of alleged members, such as photos, names, and phone numbers.

Raccoon Infostealer Operator Extradited to U.S.

Mark Sokolovsky, a 27-year-old Ukrainian national, was extradited from the Netherlands to the United States to face charges related to his alleged role in the Raccoon Infostealer operation. Sokolovsky is accused of being a core member of the malware-as-a-service operation that infected millions of computers globally. The Raccoon Infostealer malware was designed to steal sensitive data, including login credentials and financial information, from victims’ devices. An international law enforcement effort dismantled the malware operation’s infrastructure in 2022, leading to Sokolovsky’s arrest in the Netherlands in March of that year. He was indicted in the Western District of Texas.

HashJack Attack Exploits Browser AI Features

Security researchers at Guardio Labs discovered a new attack technique named HashJack that exploits AI-powered browser features. The attack targets Google Chrome’s ‘Help me write’ feature and Microsoft Edge’s Copilot. By using a method called prompt injection, a malicious website can embed hidden instructions within its HTML code. These instructions manipulate the AI into generating malicious content, such as phishing messages or scam-related text, directly within a user’s input field. The vulnerability was reported to both Google and Microsoft, and both companies have implemented mitigations to address the issue.

Source: https://www.securityweek.com/in-other-news-hashjack-ai-browser-attack-charming-kitten-leak-hacker-unmasked/