The impact that AI has on society has steadily crept into the darkest nooks and crannies of the internet. So much so that cybercrooks are hitching free rides on the AI bandwagon by leveraging the increased demand of AI-powered software for content creators. Cybercriminal groups constantly adapt their operating methods and tools to stay a…

Here at Bitdefender, we’re constantly working on improving detection capabilities for our macOS cyber-security products; part of this effort involves revisiting old (or digging up new) samples from our malware zoo. During routine verifications, we were able to isolate multiple suspicious and undetected macOS disk image files surprisingly small for files of this kind (1.3…

Social media platforms are overflowing with scams. In the past couple of months, Bitdefender Labs has been monitoring a steep increase in fraudulent social media ads on Facebook promoting various swindles ranging from crypto-doubling to AI-generated celebrity-endorsed giveaways. Our latest analysis has spotted a consistent trend, with fraudsters continuing to exploit Meta’s ad system to…

Bitdefender Labs has been keeping up with the latest modus operandi of cybercrooks who adapt emerging technologies to siphon money from consumers. Artificial intelligence is just one of the many tools that help in the creation and successful dissemination of online schemes to extort money and sensitive information. This paper focuses on voice cloning (audio…

CVE-2024-23204 sheds light on the critical importance of continuous security vigilance. Apple’s Shortcuts application, designed to enhance user automation, can inadvertently become a potential vector for privacy breaches. This analysis aims to provide users, developers, and security professionals with insights into the nature of the vulnerability, its potential impact, and recommended mitigation measures. At a…

UPDATE: Following our initial release, we have been contacted by our fellow researchers at Jamf who were able to identify three more samples that act like first-stage payloads. They are responsible for downloading the backdoor: * e7cab6f2be47940bf36e279bbec54ec7 – Jobinfo.app.zip * 26d6a7e3507edf9953684d367dcd44bd – Jobinfo.zip * 775851f86cbde630808ff6d2cf8cedbf – Jobinfo.zip Combined with information in our previous research, the…

As of October 2023, researchers at Bitdefender Labs have been actively keeping tabs on steam-jacking attacks against high-profile YouTube accounts used to conduct a myriad of crypto doubling scams. Fast forward to 2024; our investigation into the fraudulent takeovers and usage of YouTube accounts has rendered new findings, as financially motivated threat actors meticulously evolve…

SMS services remain a critical part of telecommunications; they don’t require Internet access, and companies use them to inform their customers. This combination of features makes them incredibly useful for criminals who use the technology as a stepping stone in their never-ending campaigns. And if you think that the new RCS messaging standard will offer…