Category: Full Text Articles – Audio Posts

On November 29th, 2024, Black Friday, shoppers flooded online stores to grab the best deals of the year. But while consumers were busy filling their carts, cyber criminals were also seizing the opportunity to exploit the shopping frenzy. Our system detected a significant surge in Gozi malware activity, targeting financial institutions across North America.

The Black Friday connection

Black Friday creates an ideal environment for cyber criminals to thrive. The combination of skyrocketing transaction volumes, a surge in online activity and often lax security awareness among users provides fertile ground for launching attacks. Gozi malware, a well-known banking Trojan, exploits this seasonal chaos to target unsuspecting users and financial institutions alike.

This year’s Black Friday activity was particularly concerning, with a notable increase in web-inject attacks. These sophisticated techniques compromised online banking sessions, enabling the theft of credentials, financial information and other sensitive data.

The campaign is not expected to stop there. With the subsequent year-end shopping rush, Gozi malware is poised to continue its onslaught. Cyber criminals are likely to capitalize on the desperation of last-minute shoppers seeking the best holiday deals, amplifying the malware’s reach and impact.

These ongoing attacks emphasize the need for vigilance and proactive security measures. Whether you’re a consumer enjoying the convenience of online shopping or a business managing increased transaction volumes, understanding the evolving tactics of cyber criminals is critical to staying ahead of the threat.

What is Gozi malware?

Gozi, also known as Ursnif and ISFB, is a modular banking Trojan that has been active since the mid-2000s. It is infamous for its ability to steal banking credentials, monitor user activity and execute advanced web-injects during online banking sessions. Over the years, it has evolved to include features like anti-debugging mechanisms and encrypted communication and is also used for targeted attacks on specific regions and financial institutions.

Observations from our system

During Black Friday, our telemetry revealed the following trends:

• Targeted campaigns: Gozi operators appeared to focus on North American banks, aligning their campaigns with the peak shopping hours.
• Increase in attack volume: The malware’s web-inject functionality was heavily used, indicating a rise in compromised banking sessions.

Why the surge?

The Black Friday spike in Gozi activity can be attributed to:

• Volume of transactions: The sheer number of financial transactions increases the probability of successful attacks.
• Weakened defenses: Many businesses prioritize frictionless user experience, uptime and sales during Black Friday, potentially delaying or weakening their security measures.
• Human behavior: Consumers are more likely to overlook suspicious activity when rushing to grab deals.

What we found

The provided script demonstrates a sophisticated web injection attack used to compromise online banking sessions. It dynamically injects malicious code into the legitimate banking page, allowing attackers to manipulate the session without the victim’s knowledge. The malicious script operates in the background to steal sensitive data, such as credentials, and is designed to evade detection by immediately removing itself from the page after execution. By blending with the legitimate page and erasing evidence, the attack becomes nearly invisible to both users and traditional security measures. This highlights the growing sophistication of web-inject attacks and underscores the need for advanced monitoring systems and robust security measures to detect and prevent such threats.

Figure 1: Sample of Gozi injection

From the screenshot below, it appears that the attacker left minimal evidence, likely attempting to test the mechanism and ensure everything is functioning correctly:

Figure 2: Attacker preparation

We believe the web-inject is still a work in progress, with potential future updates and enhancements to the code likely.

If you’d like to learn more about Gozi malware, you can find additional information here.

Final thoughts

As cyber criminals continue to exploit global events like Black Friday, staying vigilant is more crucial than ever. The resurgence of Gozi malware activity highlights the importance of proactive security measures for both businesses and individuals. While the current attacks are predominantly targeting North America, we suspect this campaign will soon expand to Europe, leveraging the holiday shopping season to further its impact.

While we enjoy the convenience of online shopping, it’s vital to stay aware of the ever-present cyber threats lurking in the digital landscape. By adopting robust security practices and remaining cautious, we can reduce the risks and protect ourselves against these sophisticated attacks. Cybersecurity is not just a technical challenge—it’s a shared responsibility.

How to avoid Gozi malware

Here are some recommendations to avoid Gozi malware and protect yourself from similar threats:

• Be wary of email links. Exercise caution when opening email attachments or clicking on links, especially if they come from unknown or suspicious sources. Be particularly vigilant for phishing emails that may attempt to trick you into downloading malware.
• Increase your password security. Create strong and unique passwords for all your online accounts, including cryptocurrency exchanges and wallets. Avoid using easily guessable information and consider using a reliable password manager to securely store and manage your passwords.
• Remain vigilant online. Pay attention to any unusual behavior or unexpected requests when accessing websites, especially financial or cryptocurrency-related platforms. If you encounter unexpected pop-ups, requests for additional personal information or changes in website appearance, it could be a sign of a web-inject attempting to deceive you.
• Stay informed about the latest cybersecurity threats and best practices. Familiarize yourself with common techniques used by cyber criminals, such as phishing scams and social engineering, to avoid falling victim to their tactics.

One of the best tools to detect Gozi malware and protect your organization is IBM Security Trusteer Pinpoint Detect. The tool uses artificial intelligence and machine learning to protect digital channels against account takeover and fraudulent transactions and detect user devices infected with high-risk malware. Learn more here.

IOC

/usbank/inj[.]php

/in/sella/sella[.]php

/in/paypal/p[.]php

/in/ebay/ebay[.]php

/in/poste/po[.]php

/in/ubibanca/ub[.]php

/in/amazon/a[.]php

/in/clienti.chebanca/ch[.]php

/in/credem/cr[.]php

frcorporateonline/inj[.]php

hsbcnet/inj[.]php

/lancher/in

The post Black Friday chaos: The return of Gozi malware appeared first on Security Intelligence.

Russian President Vladimir Putin has claimed that “the People’s Republic of China and the Russian Federation are allies in every sense of the word.” While the two sides have yet to formalize an alliance, bilateral defense industrial cooperation at the technical level has become all too clear.

Chinese direct exports to Russia since the start of the Kremlin’s full-scale invasion of Ukraine have included timely and militarily consequential shipments, including significant volumes of trench-digging equipment that coincided with Russia’s construction of the Surovikin Line of defensive fortifications in southern and eastern Ukraine. Recent data show China has dramatically increased direct shipments of electric components, circuit boards, and modules to Russia, hinting at changes in the Kremlin’s prosecution of the conflict. 

In addition to tackling Russia’s procurement networks and understanding the “axis of evasion” used by Moscow to counteract Western sanctions, Western policymakers should take note of how Russia and China are deepening military cooperation, including via trade in sensitive goods and technologies. 

Chinese exports to Russia are changing in important ways

Beijing’s support for Moscow’s defense industrial base is reflected in aggregate trade totals. Year-to-date direct bilateral trade rests at just under $202 billion, up about 2.5 percent from prior-year levels. Additionally, substantial China-to-Russia trade occurs indirectly, including via third-parties in Belarus and Central Asian countries. To be sure, Chinese firms are trading with Russia for several reasons, including a desire to exploit opportunities and “fill the void” after Western companies exited Russia. But there is an undeniable geopolitical saliency to this trade, especially since Russia’s share of world imports has fallen considerably, with China constituting the major exception.

Indeed, as significant as top-line trade figures are, they don’t tell the whole story. Significant China-to-Russia trade consists of militarily sensitive trade in items identified by the United States, European Union, Japan, and the United Kingdom as the Common High-Priority List, or CHPL. Items on the CHPL include microchips for weapons guidance systems, ball bearings used for tank production, and more.

Common High-Priority List items

Tier 1: Items of the highest concern due to their critical role in the production of advanced Russian precision-guided weapons systems, Russia’s lack of domestic production, and limited global manufacturers.

Tier 2: Additional electronics items for which Russia may have some domestic production capability but a preference to source from the United States and its partners and allies.

Tier 3.A: Further electronic components used in Russian weapons systems, with a broader range of suppliers.

Tier 3.B: Mechanical and other components utilized in Russian weapons systems.

Tier 4.A: Manufacturing, production, and quality testing equipment for electric components, circuit boards, and modules.

Source: US Department of Commerce Bureau of Industry and Security

Reported Chinese data show that direct bilateral trade in CHPL items has surged since the beginning of Russia’s full-scale invasion of Ukraine. Parenthetically, while direct China-to-Russia exports are important, analysts should also consider the totality of Beijing’s support for Moscow by examining indirect trade in CHPL items.

Total CHPL trade levels—importantly, as measured in values rather than volumes—show that militarily sensitive trade stands well above pre-war levels. This comparison is distorted by Tier 3.A, however, which has comprised approximately 47 percent of shipments by value for year-to-date 2024 data. Instead, it is more appropriate to take a pre-war baseline and compare relative changes from “normal” times. 

This procedure is not without flaws: The COVID-19 pandemic and pre-war stockpiling of military industrial goods by Russia complicate identifying a relevant base period for comparison. Nevertheless, using January 2022 as a base period is likely the most appropriate way to examine how China’s CHPL exports to Russia have shifted since the beginning of the invasion. 

Breaking out exports on a tier-by-tier basis shows how direct China-to-Russia shipments have changed since February 2022. After rising substantially throughout 2022 and 2023, shipments of the highest-priority goods (Tier 1) have declined somewhat in recent months, when compared to pre-war levels. Meanwhile, Chinese direct exports of components and circuits (Tier 4.A) and Computer Numerically Controlled (CNC) machine tools and components (Tier 4.B) remain highly elevated, while exports of the former have surged in recent months. 

Shipments of Tier 4.A goods (i.e., manufacturing, production, and quality testing equipment for electric components, circuit boards, and modules) have risen sharply since the summer. Crucially, military circuit board applications include missile guidance systems, electronic warfare systems, communication systems, and more. There are also noteworthy correlations between spikes in these shipments and waves of Russian missile launches. Moscow’s receipt of Tier 4.A goods from China may have given it greater assurances that its missile supply chains would remain intact, enabling it to launch larger and more frequent attacks on Ukrainian targets. 

Conversely, direct China-to-Russia shipments of other CHPL tiers declined over the early part of 2024 amid tighter US sanctions announced in December 2023.

China-to-Russia exports of Tiers 3.A and 3.B have recovered from recent lows—and rebounded significantly for Tier 2 exports (additional electronic items).

Parenthetically, similar trends are largely observed for China-to-Russia indirect CHPL trade via Central Asia and Belarus, with some important distinctions. 

Chinese shipments of Tier 4.B (CNC machine tools and components) to Central Asia and Belarus have exploded since the beginning of the invasion. Shipments of Tier 4.B have risen by more than 1,500 percent since January 2022. Russian procurement agents are sourcing CNC machine tools via the indirect route.

Additionally, there has been an astonishing rise in Chinese shipments of Tier 3.B goods to Central Asia and Belarus. Russia now uses the indirect route to procure mechanical components, especially ball bearings used for vehicles such as armored personnel carriers, tanks and trains.

Overcoming the devil’s deal

Throughout Russia’s full-scale invasion, Beijing has consistently provided Moscow with the defense industrial support it needs in its attempt to subjugate Ukraine, with senior US policymakers reporting that Beijing’s assistance has stepped up in recent months. In exchange for vital military industrial assistance, China is reportedly receiving some of Russia’s most sensitive military technologies, including those involving submarine operations, aviation stealth technologies, and more.

The results of this devil’s deal between Russia and China are plain. Hundreds of thousands of casualties have resulted from Putin’s invasion; women and children are being trafficked internationally or by Putin’s thugs; and, after the Kremlin ruled that non-Russian Orthodox churches were deemed undesirable, Ukrainian Protestant and Catholic churches, pastors, and congregants face a violent crackdown from Russian security services. Moreover, in exchange for enabling Putin’s attempt to plunder Ukraine, Beijing is receiving military technologies it could one day use to attack the sailors, airmen, and marines of the United States and its allies.

Deepening ties between the Russian and Chinese defense complexes is something that should concern Western policymakers. While Moscow and Beijing do not share identical interests or objectives, the two sides are increasingly sharing technology and defense industrial capabilities in ways that severely impact US and Western interests. 

---

Joseph Webster is a senior fellow at the Atlantic Council’s Global Energy Center and its Indo-Pacific Security Initiative. He is also an editor of the independent China-Russia Report. This analysis reflects his own personal opinion.

The post Trade data reveal the inner workings of Russia and China’s defense industrial cooperation appeared first on Atlantic Council.

Nicaragua’s President Daniel Ortega  proposed a constitutional reform that would officially make him and his wife, current Vice President Rosario Murillo, “copresidents” of the Central American nation.

While the initiative has to pass through the country’s legislature, Ortega and Murillo’s Sandinista party control the congress and all government institutions, so it is likely to be approved.

The proposal also looks to expand the presidential term to six years from five. Ortega put forward also another bill that would make it illegal for anyone to enforce sanctions from the United States or other foreign bodies “within Nicaraguan territory.

President Daniel Ortega of Nicaragua has proposed constitutional reforms aimed at consolidating his administration’s power and extending its tenure. The key components of these reforms include:

Establishing a Co-Presidency: The reforms propose elevating Vice President Rosario Murillo, who is also Ortega’s wife, to the position of “co-president,” thereby formalizing shared executive authority. 

Extending Presidential Terms: The presidential term would be extended from five to six years, postponing the next election cycle and potentially prolonging the current administration’s hold on power. 

Expanding Presidential Powers: The reforms seek to enhance presidential authority over other branches of government, further centralizing power within the executive branch. 

Creating a Volunteer Police Force: The establishment of a “volunteer police” force is proposed to support the National Police, potentially increasing the administration’s capacity to enforce its policies. 

These reforms are designed to entrench Ortega and Murillo’s control over Nicaragua’s political system, undermining democratic institutions and perpetuating authoritarian rule

The Organization of American States general secretary’s office condemned the proposed constitutional reforms. 

The ‘reform’ document is illegitimate in form and content, it merely constitutes an aberrant form of institutionalization of the matrimonial dictatorship in the Central American country and is a definitive attack on the democratic rule of law,” it said in a statement.

The proposals come amid an ongoing crackdown by the Ortega government since mass social protests in 2018 that the government violently repressed.

Nicaragua’s government has imprisoned adversaries, religious leaders, journalists and more, then exiled them, stripping hundreds of their Nicaraguan citizenship and possessions. Since 2018, it has shuttered more than 5,000 organizations, largely religious, and forced thousands to flee the country.

Dissident groups including the Nicaraguan University Alliance quickly railed against the measures, calling them an extension of that clampdown.

They are institutionalizing nepotism and repression, destroying the rule of law. Democracy faces its greatest threat.

Ortega’s proposed reforms is nothing but a rubber stamping formalization of a decision to guarantee presidential succession for Murillo and their family. Ortega has referred to Murillo previously in recent years as his copresident.

While rejection of international sanctions would have no immediate impact, Orozco said it could put the country at “high financial risk” and risk further penalties from the U.S. Treasury Department. 

The constitutional reform to the presidency is part of a long-term plan for the administration to stay in power, and was pushed forward as a way to avoid provoking the incoming administration of U.S. President-elect Donald Trump.

Trump may not prioritize crackdowns on democratic freedoms in places like Nicaragua, but also isn’t likely to tolerate provocations.

“The procedure, apart from circumventing the popular will, the rule of law, creates the pathway to give Ortega extra time to stay in power. 

President Daniel Ortega’s decision to propose constitutional reforms at this juncture appears to be motivated by a combination of political, strategic, and personal factors:

1. Consolidating Power Amid Political Decline

Ortega faces increasing isolation internationally, with sanctions from the U.S. and the European Union targeting his administration for human rights abuses and authoritarian practices. By formalizing a “co-presidency” with his wife and vice president, Rosario Murillo, he strengthens his family’s grip on power, ensuring continuity in governance even if his personal health or popularity wanes.

Nicaragua’s domestic political opposition has been largely dismantled through repression, but dissent remains. The reforms further centralize authority, leaving little room for institutional checks or challenges.

2. Neutralizing Succession Questions

Speculation about Ortega’s health and the future of his regime may be fueling these reforms. Elevating Murillo as “co-president” cements her position as his political successor, quelling uncertainty and potential rivalries within the ruling Sandinista National Liberation Front (FSLN).

3. Preempting Electoral Risks

Extending presidential terms and restructuring electoral timelines would delay upcoming elections, giving Ortega more time to consolidate control and potentially manipulate future electoral processes. It minimizes the risk of facing opposition movements coalescing before a scheduled vote.

4. Enhancing Security Apparatus

The proposal to establish a “volunteer police force” under government control reflects Ortega’s strategy to bolster state security and surveillance capabilities. This move preempts potential unrest, ensuring his regime can quickly suppress dissent, especially in urban centers.

5. International Pressure and Timing

The timing of these reforms may also reflect Ortega’s awareness of shifting geopolitical dynamics. With global attention divided by other crises (e.g., conflicts in Ukraine and the Middle East), Ortega may see an opportunity to implement controversial changes with less immediate backlash from the international community.

6. Legacy Building

By creating a framework for a dual leadership model, Ortega ensures that his family and political ideology remain entrenched in Nicaraguan politics, positioning his regime as a long-lasting pillar of the Sandinista revolution.

In sum, Ortega’s proposed reforms are a strategic response to both internal vulnerabilities and external pressures, designed to solidify his family’s control over Nicaragua and ensure his regime’s survival in the face of growing domestic and international challenges.

The proposed constitutional reforms by President Daniel Ortega could have significant and far-reaching consequences for Nicaragua, both domestically and internationally:

Domestic Consequences

1. Increased Authoritarianism

Consolidation of Power: The reforms would formalize Ortega’s and Murillo’s control over the executive branch, leaving little room for institutional checks and balances. This further entrenches an authoritarian regime.

Erosion of Democratic Institutions: By centralizing authority and undermining political competition, the reforms would dismantle remaining democratic norms and processes, turning Nicaragua into a de facto one-party state.

2. Suppression of Opposition

Expanded Security Apparatus: The creation of a “volunteer police force” would enhance the regime’s ability to monitor and suppress dissent, likely leading to increased political repression and human rights violations.

Intimidation of Civil Society: Opposition parties, activists, and independent media could face heightened surveillance and crackdowns, further silencing dissent.

3. Economic Decline

Loss of Investor Confidence: The reforms signal political instability and authoritarian consolidation, deterring foreign investment and exacerbating Nicaragua’s economic challenges.

Sanctions and Isolation: The international community, particularly the U.S. and EU, may respond with intensified sanctions, worsening the economic hardship for ordinary citizens.

4. Political Polarization and Social Unrest

Public Backlash: The reforms could provoke protests and civil unrest, especially among marginalized groups and youth. However, Ortega’s enhanced security measures may suppress such movements with force.

Weakening of Civic Trust: Further dismantling democratic norms could deepen cynicism and alienation among Nicaraguans, undermining long-term social cohesion.

International Consequences

1. Heightened Geopolitical Tensions

Strained U.S.-Nicaragua Relations: The reforms will likely lead to a deterioration in relations with the United States, which has already imposed sanctions on Ortega’s regime for human rights abuses and electoral manipulation.

Regional Destabilization: Ortega’s actions could inspire similar moves by authoritarian leaders in Latin America, weakening democratic norms across the region.

2. Increased Isolation

Loss of Multilateral Support: Nicaragua risks further alienation from international organizations like the Organization of American States (OAS) and the United Nations, which have already criticized Ortega’s human rights record.

Reliance on Authoritarian Allies: Ortega may deepen ties with countries like Russia, China, and Venezuela, aligning Nicaragua more closely with authoritarian states and away from Western democracies.

3. Migration Pressures

Exodus of Nicaraguans: Continued political repression and economic decline could drive more Nicaraguans to seek refuge in neighboring countries, particularly Costa Rica, as well as the United States. This would exacerbate regional migration challenges.

Potential Long-Term Implications

1. Entrenchment of Dynastic Rule

By institutionalizing Murillo’s role as co-president, the reforms pave the way for a dynastic succession, ensuring Ortega’s family maintains control even after his departure.

2. Decline in Governance Quality

The centralization of power could lead to increased corruption, inefficiency, and mismanagement, as political decisions prioritize loyalty over competence.

3. Resistance Movements

Over time, repression and economic hardship may galvanize resistance movements, either domestically or among Nicaraguans in exile. Such movements could challenge the regime in the long run, potentially leading to a cycle of instability.

In summary, Ortega’s proposed reforms are likely to solidify his regime’s control in the short term but at the cost of heightened repression, economic hardship, and international isolation. In the long term, these changes could exacerbate Nicaragua’s political and economic vulnerabilities, increasing the likelihood of unrest and weakening the country’s prospects for democratic recovery.

For the last couple of years, a lot of attention has been placed on the evolutionary state of artificial intelligence (AI) technology and its impact on cybersecurity. In many industries, the risks associated with AI-generated attacks are still present and concerning, especially with the global average of data breach costs increasing by 10% from last year.

However, according to the most recent Cloud Threat Landscape Report released by IBM’s X-Force team, the near-term threat of an AI-generated attack targeting cloud computing environments is actually moderately low. Still, projections from X-Force reveal that an increase in these sophisticated attack methods could be on the horizon.

Current status of the cloud computing market

The cloud computing market continues to grow exponentially, with experts expecting its value to reach more than $675 billion by the end of 2024. As more organizations expand their operational capabilities beyond on-premise restrictions and leverage public and private cloud infrastructure and services, adoption of AI technology is steadily increasing across multiple industry sectors.

Generative AI’s rapid integration into cloud computing platforms has created many opportunities for businesses, especially when enabling better automation and efficiency in the deployment, provisioning and scalability of IT services and SaaS applications.

However, as more businesses rely on new disruptive technologies to help them maximize the value of their cloud investments, the potential security danger that generative AI poses is something closely monitored by various cybersecurity organizations.

Read the Cloud Threat Landscape Report

Why are AI-generated attacks in the cloud currently considered lower risk?

Although AI-generated attacks are still among the top emerging risks for senior risk and assurance executives, according to a recent Gartner report, the current threat of AI technologies being exploited and leveraged in cloud infrastructure attacks is still moderately low, according to X-Force’s research.

This isn’t to say that AI technology isn’t still being regularly used in the development and distribution of highly sophisticated phishing schemes at scale. This behavior has already been observed with active malware distributors like Hive0137, who make use of large language models (LLMs) when scripting new dark web tools. Rather, the current lower risk projections are relevant to the likelihood of AI platforms being directly targeted in both cloud and on-premise environments.

One of the primary reasons for this lower risk has to do with the complex undertaking it will take for cyber criminals to breach and manipulate the underlying infrastructure of AI deployments successfully. Even if attackers put considerable resources into this effort, the still relatively low market saturation of cloud-based AI tools and solutions would likely lead to a low return on investment in time, resources and risks associated with carrying out these attacks.

Preparing for an inevitable increase in AI-driven cloud threats

While the immediate risks of AI-driven cloud threats may be lower today, this isn’t to say that organizations shouldn’t prepare for this to change in the near future.

IBM’s X-Force team has recognized correlations between the percentage of market share new technologies have across various markets and the trigger points related to their associated cybersecurity risks. According to the recent X-Force analysis, once generative AI matures and approaches 50% market saturation, it’s likely that its attack surface will become a larger target for cyber criminals.

For organizations currently utilizing AI technologies and proceeding with cloud adoption, designing more secure AI strategies is essential. This includes developing stronger identity security postures, integrating security throughout their cloud development processes and safeguarding the integrity of their data and quantum computation models.

The post Cloud Threat Landscape Report: AI-generated attacks low for the cloud appeared first on Security Intelligence.

A former Australian political leader’s son convicted of supplying narcotics and prescription drugs helped an offshore company to operate in several jurisdictions and to establish a bank account in Cyprus.

Mark Chikarovski sold huge quantities of cocaine and other drugs on the dark web under the alias “AusCokeKing” in exchange for cryptocurrency.

Chikarovski, from Sydney, is the son of former New South Wales Liberal Party leader Kerry Chikarovski. Sydney is the capital of the state of New South Wales.

Mark Chikarovski pleaded guilty to charges over his multimillion-dollar dark web narcotics supply operation, using the marketplace Abacus.

On Dec. 6, he was sentenced at a Sydney District Court to a 35-month intensive corrections order that must be served in the community, following a finding of special circumstances, including risk of self-harm.

The sentence included 18 months of home detention, 500 hours of community service and continued engagement with mental health treatment.

In sentencing, Judge Jane Culver said Chikarovski never had to physically meet his customers, making his “sophisticated” operation “far more serious than the average street dealer.”

Prosecution documents reportedly showed Chikarovski sold drugs to undercover police across 18 different transactions between February and May 2023.

He advertised the drugs online as being “premium European imports” and offered cocaine at a “spring sale” price of about $200 (AU$299) and “limited edition meth.”

Chikarovski’s defense said that he turned to using illicit drugs to cope with a childhood marked by dysfunction and the pressure of living in the public eye.

Police say Chikarovski had been selling MDMA, crystal methamphetamine and prescription drugs, as well as cocaine, on the dark web.

Chikarovski was caught wearing blue latex gloves stuffing drugs into an Australia Post envelope at an apartment in Sydney’s Bondi Junction suburb when detectives arrested him in May 2023.

Detectives discovered large quantities of drugs, two Porsche SUVs, about $20,000 (AU$30,000) in cash and $178,000 (AU$269,000) worth of cryptocurrency during raids on the apartment and a home in the Vaucluse area.

A ‘sophisticated’ operation

Australian police say Chikarovski and his wife, Hannah, led a lavish lifestyle despite him having no discernible income.

Chikarovski’s defense barrister Phillip Boulten SC later denied in court that his client’s drug trafficking operation was “particularly sophisticated.”

Now, documents obtained by the International Consortium of Investigative Journalists reveal that Chikarovski was a client of the Geneva, Switzerland, and Dubai, United Arab Emirates, offices of SFM Corporate Services.

Chikarovski is identified in the SFM documents as the contact for a shell company called ​​Aquay Holdings Ltd.

The records show that Chikarovski paid fees over several years to SFM for the provision of a UAE address and nominee director and shareholder services for Aquay Holdings.

SFM Corporate Services is a global firm that markets itself as a one-stop shop for those seeking to form offshore companies quickly. It featured widely in ICIJ’s Pandora Papers investigation.

Chikarovski was billed by SFM after it established Aquay’s position in the UAE and Seychelles using nominee director and shareholder services, the ICIJ documents show.

SFM billed Chikarovski for Aquay employing a registered agent in Ras al-Khaimah in the UAE, a confederation with a thriving trade in financial secrecy, shell companies and opaque free zones.

SFM also billed Chikarovski when the shell company established a second bank account in Cyprus.

SFM did not respond to requests for comment from ICIJ and the Australian Broadcasting Corporation (ABC).

Chikarovski, via his lawyer, Philip Boulten SC, did not respond to a separate request for comment for this story from the ABC.

Australian police say they know that Chikarovski was involved in the international drug business from at least 2017. Aquay was operating from at least 2015 until at least 2019, SFM documents show.

Police say the 38-year-old received cryptocurrency in exchange for prohibited drugs on thousands of occasions since 2017.

Chikarovski provided SFM with a copy of his passport, and a phone bill and a water bill with a Paddington, Sydney, address.

The UAE is now home to several international drug dealers, many considered high-value targets by police.

Chikarovski, who was remanded to prison before his sentencing, recently sold a $10 million (AU$15 million) home with harbor views in the Sydney suburb of Vaucluse to a businessman from China.

In a letter of apology to the court, Chikarovski said he started selling drugs online because he “lacked the liquidity” to clear his own drug debts and had faced threats of violence.

That was disputed by the prosecutor, who said that at the time of the offending, Chikarovski had two Porsche Cayennes, about $40,000 (AU$60,000) in private school fees, and a $1.4 million (AU$2.2 million) mortgage.

Contributor: Ben Schneiders (Australian Broadcasting Corporation)

By the time I arrived in northwestern Kazakhstan, three of my interviews had been canceled, one of my interpreters had quit, and I had run out of cash (to the dismay of a hotel employee who was weighing whether to give me my room key or wait until I scurried back from an ATM).

I had been traveling through Kazakhstan for eight days, reporting on the oil and gas fields that feed the Caspian pipeline, a 939-mile oil transport route stretching from Kazakhstan to Russia. My research was part of a new ICIJ investigation, dubbed Caspian Cabals, which traces the role of the Western oil companies that own the pipeline and operate the fields in environmental devastation and alleged financial corruption.

Before I landed in Kazakhstan, I spent five months reading about the toll the oil and gas industry had taken on a small community in the northwest. Nearly a decade ago, the village, called Berezovka, had ceased to exist after a mysterious health crisis in the local school. On a single day, about 20 children and a handful of teachers became dizzy, lost consciousness or suffered seizures. Villagers blamed toxic emissions from Karachaganak, a nearby oil and gas field operated by Shell, Eni, Chevron, Russia’s Lukoil and Kazakhstan’s state oil company KazMunayGas.

In response to questions, a spokesperson from the joint venture of oil companies, Karachaganak Petroleum Operating (KPO), said that Kazakh authorities had “excluded any involvement of the KPO consortium into the intoxications of children and adults in the former Berezovka village.”

But residents and activists doubted those findings. By 2017, the Kazakh government had relocated all of Berezovka’s roughly 1,300 residents to surrounding communities, and by 2022, the oil companies had begun to bulldoze the village itself, with all its homes, farmland, and school and community buildings. But reading old news reports and parsing Russian- and Kazakh-language videos in my office in ICIJ’s Washington headquarters 5,000 miles away could only take me so far. To really understand how the Berezovites were affected, I needed to go there.

When I finally got to the hotel in Uralsk, the closest major city to Berezovka and the last stop on my three-legged tour of the country, very little was going according to plan. I needed a new approach: I had to scrap my itinerary and do some good old-fashioned door-knocking and cross my fingers that someone would answer. So I — along with a reporter and videographer from ICIJ’s media partner Radio Free Europe/Radio Liberty, a local driver and a (new) interpreter — piled into a small minivan headed toward what remained of Berezovka and the surrounding communities, armed with our notebooks, a camera and the hope that we could land a powerful story on the final days of our trip.

Araltal

Our first stop was Araltal, a small town where many former Berezovites were resettled. The road to Araltal was a bumpy one. For three hours, we zigged and zagged to avoid massive potholes and to dodge wild cattle and horses, past swaths of the Kazakh steppe. When we got to town, we hobbled out of the car, our heads throbbing from the trip, and were greeted by a row of identical red-brick houses.

We didn’t have any interviews scheduled; we didn’t even know if anyone would be home, so we just knocked on the first door we found. A woman answered and told us that she used to live in Berezovka but, startled by our camera and notebooks, refused to talk with us for more than a few minutes. She told us to try her friend, Vera Voskoboy, and waved us in her direction. But we were met with another disappointment: Vera didn’t answer her door … that is, not until we asked her neighbor to give her a call. Soon enough, a woman in a frayed dress and green headscarf opened the door and excitedly invited us in. She had a warm countenance, gold teeth and was missing a finger on her right hand. Flanked by potato plants, she agreed to an interview in her backyard garden.

Vera quickly dove into memories of her granddaughter, who first fainted at the village school 10 years ago and has had regular fainting episodes since then. Vera believed her illness was a result of Karachaganak’s emissions. “She was shaking so much,” she said with tears in her eyes, describing the first time her granddaughter had a seizure. “God forbid you should see it.” The story was distressing, but I was also overcome by a different feeling: that Vera had been waiting for someone to knock on her door and ask her to tell it.

Berezovka

Heartened by Vera’s willingness to chat with us, we hopped back into the car and moved on to Berezovka to see the abandoned community. We spent nearly an hour there, snapping photos of eerie scenes: A pile of wood that used to be a home. A horse’s corpse. A set of animal’s teeth.

As we wormed our way through the abandoned village, we were stopped by a KPO employee. He wore a hard hat, sunglasses and a bandana around his mouth. The outfit made him nearly incognito. “You’re not allowed to be here,” he said in Russian. “The land belongs to KPO.”

My Kazakhstani colleague, well-versed in the local laws, challenged him, saying it was perfectly legal for people to drive through the area.

But he persisted. “Just leave.”

After a five-minute back and forth, we departed so as not to escalate an already tense situation. But as we drove away, the worker tailed us in a white sedan. We pulled over, and my Russian-speaking colleagues confronted him with a microphone and camera. He vehemently swatted the camera away, refusing to explain why he had followed us. It was clear that the oil consortium wasn’t interested in having journalists poke around.

Eventually, he drove away and left us alone.

Zhanatalap

It was a trip of many firsts: my first time in Central Asia, my first time standing on the edge of an oil and gas field, and my first time having a traditional Kazakh meal.

Our final visit that day was about an hour from Berezovka, where we stumbled upon an elderly couple eager to explain how emissions from Karachaganak had affected them. After the interview, they insisted we join them for lunch, so we took off our shoes at the door and followed them to a red rug in their living room, where they served us sheep’s fat, apples and eggs; homemade sour cream, a popular Kazakh grain called talkan and several cups of tea. While we ate, they told us about their struggles, not the least of which is that they don’t receive enough assistance from the foreign oil companies that have damaged their environment. At times, they said, their water is oily and their air is unbreathable.

Our stomachs full, we said our goodbyes. I was glad I had scrapped my itinerary that day. That’s not to say everything went perfectly after that. We still had to endure a traffic stop for speeding, an uncomfortably long passport inspection and one too many glasses of sour camel’s milk.

But I felt a sense of relief. As I shook the couple’s hands, the Kazakh way — my second hand on top — they told me to visit again.

“We’re so excited a journalist from Washington came to see us,” the woman said.

With generative artificial intelligence (gen AI) on the frontlines of information security, red teams play an essential role in identifying vulnerabilities that others can overlook.

With the average cost of a data breach reaching an all-time high of $4.88 million in 2024, businesses need to know exactly where their vulnerabilities lie. Given the remarkable pace at which they’re adopting gen AI, there’s a good chance that some of those vulnerabilities lie in AI models themselves — or the data used to train them.

That’s where AI-specific red teaming comes in. It’s a way to test the resilience of AI systems against dynamic threat scenarios. This involves simulating real-world attack scenarios to stress-test AI systems before and after they’re deployed in a production environment. Red teaming has become vitally important in ensuring that organizations can enjoy the benefits of gen AI without adding risk.

IBM’s X-Force Red Offensive Security service follows an iterative process with continuous testing to address vulnerabilities across four key areas:

1. Model safety and security testing
2. Gen AI application testing
3. AI platform security testing
4. MLSecOps pipeline security testing

In this article, we’ll focus on three types of adversarial attacks that target AI models and training data.

Prompt injection

Most mainstream gen AI models have safeguards built in to mitigate the risk of them producing harmful content. For example, under normal circumstances, you can’t ask ChatGPT or Copilot to write malicious code. However, methods such as prompt injection attacks and jailbreaking can make it possible to work around these safeguards.

One of the goals of AI red teaming is to deliberately make AI “misbehave” — just as attackers do. Jailbreaking is one such method that involves creative prompting to get a model to subvert its safety filters. However, while jailbreaking can theoretically help a user carry out an actual crime, most malicious actors use other attack vectors — simply because they’re far more effective.

Prompt injection attacks are much more severe. Rather than targeting the models themselves, they target the entire software supply chain by obfuscating malicious instructions in prompts that otherwise appear harmless. For instance, an attacker might use prompt injection to get an AI model to reveal sensitive information like an API key, potentially giving them back-door access to any other systems that are connected to it.

Red teams can also simulate evasion attacks, a type of adversarial attack whereby an attacker subtly modifies inputs to trick a model into classifying or misinterpreting an instruction. These modifications are usually imperceptible to humans. However, they can still manipulate an AI model into taking an undesired action. For example, this might include changing a single pixel in an input image to fool the classifier of a computer vision model, such as one intended for use in a self-driving vehicle.

Explore X-Force Red Offensive Security Services

Data poisoning

Attackers also target AI models during training and development, hence it’s essential that red teams simulate the same attacks to identify risks that could compromise the whole project. A data poisoning attack happens when an adversary introduces malicious data into the training set, thereby corrupting the learning process and embedding vulnerabilities into the model itself. The result is that the entire model becomes a potential entry point for further attacks. If training data is compromised, it’s usually necessary to retrain the model from scratch. That’s a highly resource-intensive and time-consuming operation.

Red team involvement is vital from the very beginning of the AI model development process to mitigate the risk of data poisoning. Red teams simulate real-world data poisoning attacks in a secure sandbox environment air-gapped from existing production systems. Doing so provides insights into how vulnerable the model is to data poisoning and how real threat actors might infiltrate or compromise the training process.

AI red teams can proactively identify weaknesses in data collection pipelines, too. Large language models (LLMs) often draw data from a huge number of different sources. ChatGPT, for example, was trained on a vast corpus of text data from millions of websites, books and other sources. When building a proprietary LLM, it’s crucial that organizations know exactly where they’re getting their training data from and how it’s vetted for quality. While that’s more of a job for security auditors and process reviewers, red teams can use penetration testing to assess a model’s ability to resist flaws in its data collection pipeline.

Model inversion

Proprietary AI models are usually trained, at least partially, on the organization’s own data. For instance, an LLM deployed in customer service might use the company’s customer data for training so that it can provide the most relevant outputs. Ideally, models should only be trained based on anonymized data that everyone is allowed to see. Even then, however, privacy breaches may still be a risk due to model inversion attacks and membership inference attacks.

Even after deployment, gen AI models can retain traces of the data that they were trained on. For instance, the team at Google’s DeepMind AI research laboratory successfully managed to trick ChatGPT into leaking training data using a simple prompt. Model inversion attacks can, therefore, allow malicious actors to reconstruct training data, potentially revealing confidential information in the process.

Membership inference attacks work in a similar way. In this case, an adversary tries to predict whether a particular data point was used to train the model through inference with the help of another model. This is a more sophisticated method in which an attacker first trains a separate model – known as a membership inference model — based on the output of the model they’re attacking.

For example, let’s say a model has been trained on customer purchase histories to provide personalized product recommendations. An attacker may then create a membership inference model and compare its outputs with those of the target model to infer potentially sensitive information that they might use in a targeted attack.

In either case, red teams can evaluate AI models for their ability to inadvertently leak sensitive information directly or indirectly through inference. This can help identify vulnerabilities in training data workflows themselves, such as data that hasn’t been sufficiently anonymized in accordance with the organization’s privacy policies.

Building trust in AI

Building trust in AI requires a proactive strategy, and AI red teaming plays a fundamental role. By using methods like adversarial training and simulated model inversion attacks, red teams can identify vulnerabilities that other security analysts are likely to miss.

These findings can then help AI developers prioritize and implement proactive safeguards to prevent real threat actors from exploiting the very same vulnerabilities. For businesses, the result is reduced security risk and increased trust in AI models, which are fast becoming deeply ingrained across many business-critical systems.

The post Testing the limits of generative AI: How red teaming exposes vulnerabilities in AI models appeared first on Security Intelligence.

Macron called Biden’s decision to free Ukraine’s hand with US missiles “good.” But German’Scholz said it would not follow suit.

Developing nations seek over $1 trillion to adapt to climate change and transition to greener energy 

Stefan Korshak, Kyiv Post’s military correspondent, shares his perspective on the developments in Russia’s war in Ukraine