HomeMalware & ThreatsNew amateur ransomware group FunkSec leverages AI to create malware

New amateur ransomware group FunkSec leverages AI to create malware

Published on

spot_img

In a recent report by cybersecurity firm Check Point, a new ransomware group called FunkSec has been identified as the top threat actor in December, with over 80 victims in just one month. The group, consisting of likely inexperienced hackers, has been targeting victims mainly in the U.S., India, Italy, Brazil, Israel, Spain, and Mongolia.

FunkSec has been demanding unusually low ransoms, sometimes as low as $10,000, from its victims and selling stolen data to third parties at discounted prices. Despite the list of victims posted on its website, including a travel booking company, an energy management service, and a company selling household appliances, none of them have publicly confirmed the alleged attacks.

The latest version of FunkSec’s ransomware, named FunkSec V1, was uploaded from Algeria, indicating the likely location of its creator. The use of artificial intelligence in developing the malware suggests a level of sophistication beyond the group’s apparent lack of technical expertise. AI was used to write code comments in perfect English, a stark contrast to the basic English used on the group’s other platforms. Additionally, FunkSec released an AI chatbot to support its operations.

Despite their unclear motivations, FunkSec’s activities seem to align with both hacktivism and cybercrime. In addition to ransomware, the group offers services for distributed denial-of-service (DDoS) attacks, remote desktop management, and password generation — common tools associated with hacktivist activities.

Members of FunkSec have been linked to hacktivist activities in the past, with affiliations to movements like “Free Palestine” and attempts to associate with now-defunct hacktivist entities such as Ghost Algeria and Cyb3r Fl00d. However, researchers believe these associations are more about boosting FunkSec’s credibility by aligning with well-known names rather than indicating direct collaboration.

The authenticity of FunkSec’s leaked datasets has been called into question, as they appear to be recycled from previous hacktivism campaigns. This raises doubts about the legitimacy of their disclosures. Despite their rapid emergence and high number of victims, the true intentions and goals of FunkSec remain unclear. It is crucial for organizations and individuals to remain vigilant and take necessary security measures to protect against such ransomware attacks.

Source link

Latest articles

Medibank to Appeal Court Decision on Cybercrime Reports – TipRanks

Medibank, one of Australia's largest health insurers, is set to appeal a recent court...

Detecting Misuse of Fast Flux DNS with Ease

Last week, a series of cybersecurity incidents and breaches were reported around the world,...

Cyberhaven Secures $100M Funding for AI Security

Silicon Valley-based data security startup Cyberhaven has successfully secured $100 million in its Series...

SolarWinds Introduces New Incident Management Tool from Squadcast

SolarWinds, a prominent IT service management and observability tools company, recently made headlines with...

More like this

Medibank to Appeal Court Decision on Cybercrime Reports – TipRanks

Medibank, one of Australia's largest health insurers, is set to appeal a recent court...

Detecting Misuse of Fast Flux DNS with Ease

Last week, a series of cybersecurity incidents and breaches were reported around the world,...

Cyberhaven Secures $100M Funding for AI Security

Silicon Valley-based data security startup Cyberhaven has successfully secured $100 million in its Series...