|
The US Department of Justice charged three Iranian nationals as part of an effort to hack into the emails and computers used by President Donald Trump's campaign staff and other political connections.
The Washington Post reported that DOJ officials filed charges against Masoud Jalili, Seyyed Ali Aghamiri and Yasar Balaghi in an indictment filed Thursday in the US District Court for the District of Columbia. The indictment alleges the three men "prepared for and engaged in a wide-ranging hacking campaign" against current and former US officials, political campaigns and the media.
According to the indictment Jalili, Aghamiri and Balaghi's "activity is part of Iran's continuing efforts to [...] erode confidence in the US electoral process." They also face possible charges such as providing material support to a designated foreign terrorist organization, wire fraud and aggravated identity theft.
The suspects are accused of running a targeted hacking campaign committed in Iran over a four-year period. Their victims include current and former officials with the US State Department, the Central Intelligence Agency, the US Ambassador to Israel and an Iranian human rights organization.
Then last May, the three hackers successfully gained access to accounts belonging to Trump campaign officials. (Attempts to breach Biden campaign staff were, apparently, unsuccessful.) President Joe Biden's campaign staffers as well as news outlets like The Washington Post and Politico received unsolicited emails from an AOL account owned by "Robert" that contained materials stolen from the Trump campaign. They included
|
|
According to recent reports, there have been several active malware attacks spotted with code that's at least partially generated by AI.
BleepingComputer chronicles multiple attacks using suspected AI-written code, with reports from Proofpoint and HP making the case that these tools were generated in ways that no longer need the technical expertise normally required for large-scale malware attacks. You could call it the democratization of hacking.
The attacks used fairly straightforward vectors, HTML, VBScript, and JavaScript, with code that was more broad and less targeted. So, these attacks are most effective when set up as a download hidden within a ZIP file (or some other conventional attack method).
It's the kind of thing power users are already wary about — or at least should be — with decades of these kinds of attacks long before AI code emerged. Complex and specifically targeted attacks, like the recent PKfail disaster, are probably outside of the reach of broad code generation like this for now.
But there's still cause for concern. These tools could exponentially increase the prevalence of simpler attacks on web users, requiring extra diligence from users (especially on Windows) and making virus and malware protection even more crucial.
I'm more worried about the combination of sk
|
|
