Taiwan Bans DeepSeek AI Over National Security Concerns, Citing Data Leakage Risks - Related to scanbox, over, bans, leakage, push

Crazy Evil Gang Targets Crypto with StealC, AMOS, and Angel Drainer Malware

A Russian-speaking cybercrime gang known as Crazy Evil has been linked to over 10 active social media scams that leverage a wide range of tailored lures to deceive victims and trick them into installing malware such as StealC, Atomic macOS Stealer (aka AMOS), and Angel Drainer.

"Specializing in identity fraud, cryptocurrency theft, and information-stealing malware, Crazy Evil employs a well-coordinated network of traffers — social engineering experts tasked with redirecting legitimate traffic to malicious phishing pages," Recorded Future's Insikt Group expressed in an analysis.

The use of a diverse malware arsenal cryptoscam group is a sign that the threat actor is targeting people of both Windows and macOS systems, posing a risk to the decentralized finance ecosystem.

"They monetise the traffic to these botnet operators who intend to compromise people either widely, or specifically to a region, or an operating system," French cybersecurity business Sekoia mentioned in a deep-dive research about traffer services in August 2022.

"The main challenge facing traffer is therefore to generate high-quality traffic without bots, undetected or analysed by security vendors, and eventually filtered by traffic type. In other words, traffers' activity is a form of lead generation."

Unlike other scams that revolve around setting up counterfeit shopping sites to facilitate fraudulent transactions, Crazy Evil focuses on the theft of digital assets involving non-fungible tokens (NFTs), cryptocurrencies, payment cards, and online banking accounts. It is estimated to have generated over $5 million in illicit revenue and compromised tens of thousands of devices globally.

"Crazy Evil explicitly victimizes the cryptocurrency space with bespoke spear-phishing lures," Recorded Future expressed. "Crazy Evil traffers sometimes take days or weeks of reconnaissance time to scope operations, identify targets, and initiate engagements."

Besides orchestrating attack chains that deliver information stealers and wallet drainers, the group's administrators claim to offer instruction manuals and guidance for its taffers and crypter services for malicious payloads and boast of an affiliate structure to delegate the operations.

Crazy Evil is the second cybercrime group after Telekopye to be exposed in recent years, and it centers its operations around Telegram. Newly recruited affiliates are directed by a threat actor-controlled Telegram bot to other private channels -.

Payments , which announces earnings for traffers.

, which announces earnings for traffers Logbar , which provides an audit trail of information stealer attacks, details about stolen data, and if the targets are repeat victims.

, which provides an audit trail of information stealer attacks, details about stolen data, and if the targets are repeat victims Info , which provides regular administrative and technical updates for traffers.

, which provides regular administrative and technical updates for traffers Global Chat, which serves as a main communication space for discussions ranging from work to memes.

The cybercrime group has been found to comprise six sub-teams, AVLAND, TYPED, DELAND, ZOOMLAND, DEFI, and KEVLAND, each of which has been attributed to a specific scam that involves duping victims into installing the tool from phony websites -.

AVLAND (aka AVS | RG or AVENGE), which leverages job offer and investment scams to propagate StealC and AMOS stealers under the guise of a Web3 communication tool named Voxium ("voxiumcalls[.]com").

(aka AVS | RG or AVENGE), which leverages job offer and investment scams to propagate StealC and AMOS stealers under the guise of a Web3 communication tool named Voxium ("voxiumcalls[.]com") TYPED , which propagates the AMOS stealer under the guise of an artificial intelligence software named TyperDex ("typerdex[.]ai").

, which propagates the AMOS stealer under the guise of an artificial intelligence software named TyperDex ("typerdex[.]ai") DELAND , which propagates the AMOS stealer under the guise of a community development platform named DeMeet ("demeet[.]app").

, which propagates the AMOS stealer under the guise of a community development platform named DeMeet ("demeet[.]app") ZOOMLAND , which leverages generic scams impersonating Zoom and WeChat ("app-whechat[.]com") to propagate the AMOS stealer.

, which leverages generic scams impersonating Zoom and WeChat ("app-whechat[.]com") to propagate the AMOS stealer DEFI , which propagates the AMOS stealer under the guise of a digital asset management platform named Selenium Finance ("selenium[.]fi").

, which propagates the AMOS stealer under the guise of a digital asset management platform named Selenium Finance ("selenium[.]fi") KEVLAND, which propagates the AMOS stealer under the guise of an AI-enhanced virtual meeting software named Gatherum ("gatherum[.]ca").

"As Crazy Evil continues to achieve success, other cybercriminal entities are likely to emulate its methods, compelling security teams to remain perpetually vigilant to prevent widespread breaches and erosion of trust within the cryptocurrency, gaming, and software sectors," Recorded Future introduced.

The development comes as the cybersecurity corporation exposed a traffic distribution system (TDS) dubbed TAG-124, which overlaps with activity clusters known as LandUpdate808, 404 TDS, Kongtuke, and Chaya_002. Multiple threat groups, including those associated with Rhysida ransomware, Interlock ransomware, TA866/Asylum Ambuscade, SocGholish, D3F@ck Loader, and TA582 have been found to use the TDS in their initial infection sequences.

"TAG-124 comprises a network of compromised WordPress sites, actor-controlled payload servers, a central server, a suspected management server, an additional panel, and other components," it expressed. "If visitors fulfill specific criteria, the compromised WordPress websites display fake Google Chrome modification landing pages, which ultimately lead to malware infections."

Some of the payloads deployed as part of the attack include Remcos RAT and CleanUpLoader (aka Broomstick or Oyster), the latter of which serves as a conduit for Rhysida and Interlock ransomware.

Compromised WordPress sites, totaling more than 10,000, have also been discovered acting as a distribution channel for AMOS and SocGholish as part of what has been described as a client-side attack.

"JavaScript loaded in the browser of the user generates the fake page in an iframe," c/side researcher Himanshu Anand mentioned. "The attackers use outdated WordPress versions and plugins to make detection more difficult for websites without a client-side monitoring tool in place."

Furthermore, threat actors have leveraged the trust associated with popular platforms like GitHub to host malicious installers that lead to the deployment of Lumma Stealer and other payloads like SectopRAT, Vidar Stealer, and Cobalt Strike Beacon.

Trend Micro pointed out that the activity exhibits significant overlaps with tactics attributed to a threat actor referred to as Stargazer Goblin, which has a track record of using GitHub repositories for payload distribution. However, a crucial difference is that the infection chain begins with infected websites that redirect to malicious GitHub release links.

"The distribution method of Lumma Stealer continues to evolve, with the threat actor now using GitHub repositories to host malware," security researchers Buddy Tancio, Fe Cureg, and Jovit Samaniego expressed.

"The malware-as-a-service (MaaS) model provides malicious actors with a cost-effective and accessible means to execute complex cyberattacks and achieve their malicious objectives, easing the distribution of threats such as Lumma Stealer."

The North Korean threat actors behind the Contagious Interview campaign have been observed deliverin...

Cybersecurity researchers have disclosed details of a now-patched vulnerability impacting the Micros...

Fake travel reservations are exacting more pain from the travel weary, already dealing with the mise...

Watering Hole Attacks Push ScanBox Keylogger

Researchers uncover a watering hole attack likely carried out by APT TA423, which attempts to plant the ScanBox JavaScript-based reconnaissance tool.

A China-based threat actor has ramped up efforts to distribute the ScanBox reconnaissance framework to victims that include domestic Australian organizations and offshore energy firms in the South China Sea. The bait used by the advanced threat group (APT) is targeted messages that supposedly link back to Australian news websites.

The cyber-espionage campaigns are believed to have launched April 2022 through mid-June 2022, ’s Threat Research Team and PwC’s Threat Intelligence team.

The threat actor, , is believed to be the China-based APT TA423, also known as Red Ladon. “Proofpoint assesses with moderate confidence that this activity may be attributable to the threat actor TA423 / Red Ladon, which multiple reports assess to operate out of Hainan Island, China,” .

The APT is most in the recent past known for a recent indictment. “A 2021 indictment by the US Department of Justice assessed that TA423 / Red Ladon provides long-running support to the Hainan Province Ministry of State Security (MSS),” researchers mentioned.

MSS is the civilian intelligence, security and cyber police agency for the People’s Republic of China. It is believed responsible for counter-intelligence, foreign intelligence, political security and tied to industrial and cyber espionage efforts by China.

The campaign leverages the ScanBox framework. ScanBox is a customizable and multifunctional Javascript-based framework used by adversaries to conducting covert reconnaissance.

ScanBox has been used by adversaries for nearly a decade and is noteworthy because criminals can use the tool to conduct counter intelligence without having to plant malware on a targets system.

“ScanBox is particularly dangerous as it doesn’t require malware to be successfully deployed to disk in order to steal information – the keylogging functionality simply requires the JavaScript code to be executed by a web browser,” .

In lieu of malware, attackers can use ScanBox in conjunction with watering hole attacks. Adversaries load the malicious JavaScript onto a compromised website where the ScanBox acts as a keylogger snagging all of a user’s typed activity on the infected watering hole website.

TA423’s attacks began with phishing emails, with such titles as “Sick Leave,” “User Research” and “Request Cooperation.” Often, the emails purported to come from an employee of the “Australian Morning News,” a fictional organization. The employee implored targets to visit their “humble news website,” australianmorningnews[.]com.

The link directed targets to a web page with content copied from actual news sites, like the BBC and Sky News. In the process, it also delivered the ScanBox malware framework.

ScanBox keylogger data culled from waterholes is part of a multi-stage attack, giving attackers insight into the potential targets that will help them launch future attacks against them. This technique is often called browser fingerprinting.

The primary, initial script data a list of information about the target computer, including the operating system, language and version of Adobe Flash installed. ScanBox additionally runs a check for browser extensions, plugins and components such WebRTC.

“The module implements WebRTC, a free and open-source technology supported on all major browsers, which allows web browsers and mobile applications to perform real-time communication (RTC) over application programming interfaces (APIs). This allows ScanBox to connect to a set of pre-configured targets,” researchers explain.

Adversaries can then leverage a technology called STUN (Session Traversal Utilities for NAT). This is a standardized set of methods, including a network protocol, that allows interactive communications (including real-time voice, video, and messaging applications) to traverse network address translator (NAT) gateways, researchers explain.

“STUN is supported by the WebRTC protocol. Through a third-party STUN server located on the Internet, it allows hosts to discover the presence of a NAT, and to discover the mapped IP address and port number that the NAT has allocated for the application’s User Datagram Protocol (UDP) flows to remote hosts. ScanBox implements NAT traversal using STUN servers as part of Interactive Connectivity Establishment (ICE), a peer-to-peer communication method used for clients to communicate as directly as possible, avoiding having to communicate through NATs, firewalls, or other solutions,” .

“This means that the ScanBox module can set up ICE communications to STUN servers, and communicate with victim machines even if they are behind NAT,” they explain.

The threat actors “support the Chinese government in matters related to the South China Sea, including during the recent tensions in Taiwan,” Sherrod DeGrippo, vice president of threat research and detection at Proofpoint, explained in a statement, “This group specifically wants to know who is active in the region and, while we can’t say for certain, their focus on naval issues is likely to remain a constant priority in places like Malaysia, Singapore, Taiwan, and Australia.”.

The group has, in the past, expanded well beyond Australasia. , 2021, the group has “stolen trade secrets and confidential business information” from victims in “the United States, Austria, Cambodia, Canada, Germany, Indonesia, Malaysia, Norway, Saudi Arabia, South Africa, Switzerland and the United Kingdom. Targeted industries included, among others, aviation, defense, education, government, health care, biopharmaceutical and maritime.”.

Despite the DoJ indictment, analysts “have not observed a distinct disruption of operational tempo” from TA423, and they “collectively expect TA423 / Red Ladon to continue pursuing its intelligence-gathering and espionage mission.”.

Google has shipped patches to address 47 security flaws in its Android operating system, including o...

A Chinese hacking group is hijacking the SSH daemon on network appliances by injecting malware into ...

​Food delivery firm GrubHub disclosed a data breach impacting the personal information of an undi...

Taiwan Bans DeepSeek AI Over National Security Concerns, Citing Data Leakage Risks

Taiwan has become the latest country to ban government agencies from using Chinese startup DeepSeek's Artificial Intelligence (AI) platform, citing security risks.

"Government agencies and critical infrastructure should not use DeepSeek, because it endangers national information security," 's Ministry of Digital Affairs, per Radio Free Asia.

"DeepSeek AI service is a Chinese product. Its operation involves cross-border transmission, and information leakage and other information security concerns."

DeepSeek's Chinese origins have prompted authorities from various countries to look into the service's use of personal data. Last week, it was blocked in Italy, citing a lack of information regarding its data handling practices. Several companies have also prohibited access to the chatbot over similar risks.

The chatbot has captured much of the mainstream attention over the past few weeks for the fact that it's open source and is as capable as other current leading models, but built at a fraction of the cost of its peers.

But the large language models (LLMs) powering the platform have also been found to be susceptible to various jailbreak techniques, a persistent concern in such products, not to mention drawing attention for censoring responses to topics deemed sensitive by the Chinese government.

The popularity of DeepSeek has also led to it being targeted by "large-scale malicious attacks," with NSFOCUS revealing that it detected three waves of distributed denial-of-service (DDoS) attacks aimed at its API interface between January 25 and 27, 2025.

"The average attack duration was 35 minutes," it stated. "Attack methods mainly include NTP reflection attack and memcached reflection attack."

It further mentioned the DeepSeek chatbot system was targeted twice by DDoS attacks on January 20 – the day on which it launched its reasoning model DeepSeek-R1 – and January 25 that averaged around one hour using methods like NTP reflection attack and SSDP reflection attack.

The sustained activity primarily originated from the United States, the United Kingdom, and Australia, the threat intelligence firm added, describing it as a "well-planned and organized attack."

Malicious actors have also capitalized on the buzz surrounding DeepSeek to publish bogus packages on the Python Package Index (PyPI) repository that are designed to steal sensitive information from developer systems. In an ironic twist, there are indications that the Python script was written with the help of an AI assistant.

The packages, named deepseeek and deepseekai, masqueraded as a Python API client for DeepSeek and were downloaded at least 222 times prior to them being taken down on January 29, 2025. A majority of the downloads came from the [website], China, Russia, Hong Kong, and Germany.

"Functions used in these packages are designed to collect user and computer data and steal environment variables," Russian cybersecurity corporation Positive Technologies mentioned. "The author of the two packages used Pipedream, an integration platform for developers, as the command-and-control server that receives stolen data."

The development comes as the Artificial Intelligence Act went into effect in the European Union starting February 2, 2025, banning AI applications and systems that pose an unacceptable risk and subjecting high-risk applications to specific legal requirements.

In a related move, the [website] government has unveiled a new AI Code of Practice that aims to secure AI systems against hacking and sabotage through methods that include security risks from data poisoning, model obfuscation, and indirect prompt injection, as well as ensure they are being developed in a secure manner.

Meta, for its part, has outlined its Frontier AI Framework, noting that it will stop the development of AI models that are assessed to have reached a critical risk threshold and cannot be mitigated. Some of the cybersecurity-related scenarios highlighted include -.

Automated end-to-end compromise of a best-practice-protected corporate-scale environment ([website], Fully patched, MFA-protected).

Automated discovery and reliable exploitation of critical zero-day vulnerabilities in currently popular, security-best-practices software before defenders can find and patch them.

Automated end-to-end scam flows ([website], romance baiting aka pig butchering) that could result in widespread economic damage to individuals or corporations.

The risk that AI systems could be weaponized for malicious ends is not theoretical. Last week, Google's Threat Intelligence Group (GTIG) disclosed that over 57 distinct threat actors with ties to China, Iran, North Korea, and Russia have attempted to use Gemini to enable and scale their operations.

Threat actors have also been observed attempting to jailbreak AI models in an effort to bypass their safety and ethical controls. A kind of adversarial attack, it's designed to induce a model into producing an output that it has been explicitly trained not to, such as creating malware or spelling out instructions for making a bomb.

The ongoing concerns posed by jailbreak attacks have led AI organization Anthropic to devise a new line of defense called Constitutional Classifiers that it says can safeguard models against universal jailbreaks.

"These Constitutional Classifiers are input and output classifiers trained on synthetically generated data that filter the overwhelming majority of jailbreaks with minimal over-refusals and without incurring a large compute overhead," the firm stated Monday.

Cybersecurity researchers have called attention to a software supply chain attack targeting the Go e...

The maintainers of the Python Package Index (PyPI) registry have unveiled a new feature that allows...

Twitter is blasted for security and privacy lapses by the business’s former head of security who alle...