February 2024 has seen the first AI Worm in a test environment, with the ability to steal data and self-propagate. Microsoft has come under fire, with a confirmed internal system breach and the release of a detailed guide for common attack and defense techniques for Microsoft MCM / SCCM.
Lastly, if you have Ubiquiti EdgeRouters in your environment – remove them. Adversaries have developed a targeted hijacking technique that is turning these devices into large-scale botnets and enabling adversary access into your network.
New/Improved Techniques
The First AI Worm
A group comprising of researchers from the US and Israel have created an AI worm that can steal data, spread malware, send itself via email, and spread through other systems using self-replicating prompts. Dubbed Morris II, after the first computer worm know as ‘Morris’ from 1988, the study has demonstrated that attackers can input prompts into popular Large Language Models (LLMs) that allow the model to replicate the crafted input as an output, allowing them to engage in malicious activities to deliver payloads, and exploit the connectivity within the underlying environment.
In a demonstration against two AI powered email assistants, researchers were able to have the worm exfiltrate personal data and spread itself to other email accounts through the impacted email address contacts. The researchers were also able to extract data in black-box testing, using text and image prompts, and a variety of GenAI/ LLMs. When approached for a response, Google refused to comment while a representative for Open AI said the company is committed to ensuring that their systems are resilient, and that developers should use methods to ensure that their models do not accept or execute harmful or malicious inputs. Although the research team took their findings to OpenAI and Google they also advise that they do not believe that this is an exploitation of the poor architecture design for the GenAI ecosystem, rather than a vulnerability in the GenAI service.
MCM/SCCM Misconfiguration Repository
Security researchers have compiled a new repository of common attack and defence techniques against misconfigurations in Microsoft deployment tools. Microsoft Configuration Manager (MCM), formerly known as System Center Configuration Manager (SCCM) was first released in 1994 and is still widely deployed in most Active Directory environments. Like Active Directory, it often carries 30 years of technical debt and compounding misconfigurations. MCM/SCCM is designed for the wide-scale deployment of applications, updates, operating systems, and compliance settings, provides real-time management of servers and endpoints, and has been identified as a vector for attackers since DEFCON 20 in 2012.
The repository is designed to serve as a central knowledge base for all known misconfigurations and provides defence and hardening guidance. The curated repository is based on the MITRE ATT&CK framework and includes common misconfigurations, findings from penetration tests, security research, and red hat operations, and encourages others to submit both proven and theoretical MCM-focused attack and defence techniques and strategies. This should help businesses to reduce vulnerable misconfigurations and the overall security risk when deploying configurations across their enterprise systems.
Attacks / Threats
[China] i-SOON Data Leak Confirms Hacking Connections.
Chinese based private information technology and security services company i-SOON have been found to be collecting data and offering hacking services targeting foreign governments, confirming the long held suspicious that the company is a state-affiliated hacking group. An extensive collection of documents linked to the company, including internal communications and technical documentation, were released on GitHub by what appears to be a disgruntled employee, with employees of I-SOON corroborating the leak when approached by the Associated Press.
Although the released files do not contain any new novel attacks, they do provide a unique insight into the inner workings of the Chinese-state affiliated groups and have been used to retroactively tie the company to previous attacks and other hacking groups. The leak reveals a number of proprietary tools created by i-SOON that have been used by other APT groups, as well as target lists of primarily Asian countries, including a $60,000 USD contract to hack into the Vietnamese government. The low price for hacking a foreign government is believed to be indicative of the internal competition among the state-supported groups (and potentially an inditement of the cybersecurity maturity in the region), while the mainstay of the company appears to be remote access trojan (RAT) malware disguised as legitimate products and building of personal information databases.
[Global] Microsoft Source Code Stolen
Microsoft admitted in January that the Russian state-sponsored hacking group known as Midnight Blizzard / NOBELIUM had breached their corporate email servers in November 2023, after conducting a password spray attack that allowed them to access a legacy non-production test tenant account, that was not protected by Multifactor Authentication (MFA). The test account had access to an OAuth application with elevated access to Microsoft’s corporate environment, enabling access to a limited number of Microsoft’s corporate email accounts for over a month.
Microsoft have recently admitted that they have also seen evidence in recent weeks that indicates that the Midnight Blizzard group have been using the information they exfiltrated from the corporate email systems to gain access to further systems, including some source code repositories. Although Microsoft insist that they have found no evidence of access to customer-facing systems, they are still investigating the scope of this latest breach. This is not the first time that this group has targeted Microsoft source code, as the group have been linked to the 2020 SolarWinds supply chain attack, which allowed the group to access source code for a number of Azure, Intune and Exchange components.
[Global] Ubiquiti EdgeRouters – FBI Advise of Russian Targeted Attacks.
The FBI, NSA, and international partners issued a joint advisory that Russian’s Main Intelligence Directorate of the General Staff (GRU – Russia’s equivalent of the U.S Defence Intelligence Agency) have a technique for hijacking the popular Ubiquiti EdgeRouter. This has allowed the Russian group, tracked as ATP28 to build extensive botnets, allowing them to maintain network access, and gain full access across Linux-based systems. In the advisory, the FBI warns that the routers are shipped with known default credentials, and have automatic updates turned off by default., which has allowed the ATP28 to easily sweep up these insecure devices into large scale botnets.
Earlier in the month the FBI disrupted a botnet of Ubiquiti EdgeRouters infected with malware from a group not previously linked with APT28. While forensically investigating hacked routers, a number of known ATP28 tools and artifacts were discovered, including scripts to steal webmail credentials, harvest NTLMv2 packets, and reroute traffic to known malicious infrastructure. The FBI provided guidance for securing hacked devices, and are seeking any further information about malicious activity on these devices.
Microsoft Finally Patch Kernel Zero-Day – Exploited Since August
Microsoft have finally patched a high-severity privilege escalation vulnerability in February, a full six months after first being informed that the flaw was being exploited by the North Korean state affiliated group Lazarus. Successful exploitation of the vulnerability allowed local attackers to gain SYSTEM level privileges in a relatively low complexity attack that didn’t require user interaction but would require the attacker to be logged onto the system with a non-privileged account. Lazarus were understood to be exploiting the flaw using an updated version of their FudModule rootkit, and investigations of impacted devices also discovered a previously unknown remote access trojan used by the group – details of which are to be released in a BlackHat Asia 2024 presentation.
Kernel-level access allows attackers to disrupt security software, conceal indications of infection, and bypass the security of PPL (Protected Process Light) as this relies on the admin-to-kernel boundary, allowing skilled malicious actors to bypass LSASS and extract credentials.
BlackCat/ALPHV Scams Affiliates
The notorious ransomware-as-a-service (RaaS) group Blackcat (otherwise known as ALPHV) has completely imploded. After a takedown attempt from the FBI, the group removed their restrictions against targeting hospitals and health care providers and increased the commission on affiliate payments to as much as 90%. In February 2024, the group claimed responsibility for breaching Change Healthcare – a payment cycle management company with revenue in the billions of dollars – the group demanded a $22 million extortion payment for a decryption key and the return of nearly 4TB of data.
Although not admitted by Change Healthcare, a crypto-currency address mapped to Blackcat received a single transaction for $22 million. The ransomware-as-a-service model relies on third-party affiliates to infect networks with ransomware, while the RaaS group itself take responsibility for coercing victims to pay and provide the lion’s share of the payment back to the affiliates. After receiving the $22 million, the BlackCat group appear to have pulled the rug, while replacing their website with an FBI takedown notice that appears to be a poorly captured screen grab of the legitimate takedown notice that appeared on their site when seize by the FBI earlier in the year. The group then announced that they would be shutting down operations and selling their source code to the highest bidder – leaving their affiliates without payment, but still holding the data from the breach.