to responsibly disclose and coordinate the release of mitigations prior to making the discovery public. The researchers have also prepared a report that is being shared with the relevant authorities including the Internet Corporation for Assigned Names and Numbers (ICANN) and the Internet Engineering Task Force (IETF) so that they can take appropriate action to address the vulnerability.”
Raspberry Robin uses undisclosed exploits.SecurityWeek describes new activity by the financially motivated threat actor known as “Raspberry Robin.” The actor has been using several undisclosed exploits to compromise organizations for more than a year. The group has been seen targeting “a range of industry sectors and a number of different geographic areas” and “primarily focuses on stealing sensitive financial or other valuable information.”The publication cites Check Point’s belief that “the group’s continued attacks with undisclosed, unique exploits suggest that they have a unique and valuable source of discarded vulnerabilities, that could be exploited in various ways.” In terms of attribution, Check Point says, “A detailed analysis suggests that the group is likely operating from within a country with strict law enforcement and cyber defense measures.”US Justice Department shutters Warzone RAT operation.The US Justice Department and Europol announced that they had shut down the Warzone Remote Access Trojan (RAT) in a multinational law enforcement operation. The Justice Department says that between January 2022 and the present, “Warzone RAT, an apparent successor to the LuminosityLink RAT, had generated more than $775,000 in sales to thousands of customers in the United States and abroad.”The FBI searched Warzone RAT developer John Wiggins’ home in Ontario, Canada, in December 2023, while authorities executed search warrants in the United States, the United Kingdom, and Australia. Wiggins has been charged with various computer crimes and conspiracy to commit wire fraud, and the FBI has seized “nearly $210,000 in profits Wiggins and his co-conspirators made from the sale of Warzone RAT software.” __ “As the international law enforcement community, we will not stand idly by while cyber criminals like John Wiggins find new and more destructive ways to harm our citizens and global allies,” said Assistant Attorney General Kenneth A. Polite Jr.
In closing, the recent revelations around state-sponsored threat actors’ use of AI technologies demonstrates the ongoing evolution of cyber threats, serving as a reminder of the critical importance of cybersecurity vigilance and preparedness in today’s ever-changing digital landscape. The actions of the US Justice Department and other law enforcement agencies in disrupting various cyber threats further highlight the importance of international cooperation in combatting these threats. As technology continues to advance, the global community must remain committed to staying ahead of cyber threats through collaboration, innovation, and ongoing vigilance.