Connect with us

Technology

Group-IB reveals Hi-Tech Crime Trends 23/24: surge in ransomware against backdrop of growing AI, macOS threats

Published

on

SINGAPORE, Feb. 29, 2024 /PRNewswire/ — Group-IB, a leading creator of cybersecurity technologies to investigate, prevent, and fight digital crime, is proud to announce the launch of its new report Hi-Tech Crime Trends 2023/2024, the latest edition of the company’s annual round-up of the most pressing global cyber threats to organizations and individuals. In the research, Group-IB analysts reveal how the unholy alliance between ransomware groups and Initial Access Brokers (IABs) is still the powerful engine for cybercriminal industry, evidenced by the 74% year-on-year increase in the number of companies that had their data uploaded on dedicated leak sites (DLS). Global threat actors also demonstrated increased interest in Apple platforms, exemplified by the fivefold increase in underground sales related to macOS information stealers.

The growing appetite of nation-state sponsored threat actors, also known as advanced persistent threat (APT) groups, has shown that no region is immune to cyber threats. Group-IB experts discovered a 70% increase in the number of public posts offering zero-day exploits for sale, and also identified cybercriminals’ malicious use of legitimate services and artificial intelligence (AI) infused technologies as the main cyber risks for 2024.

The first edition of Hi-Tech Crime Trends was launched 12 years ago, and the information contained in the report enables businesses, NGOs, governments, and law enforcement agencies around the world to fight cybercrime and help potential victims. For the first time, Hi-Tech Crime Trends includes a section outlining the intricate relationship between artificial intelligence (AI) and cybersecurity threats, outlining how this new technology is being leveraged by cybercriminals, including the misuse of large language models (LLM) such as ChatGPT, and the potential risks to corporate data through AI integration.

Nothing artificial about this threat

Threat actors have already shown how AI can help them develop malware only with a limited knowledge of programming languages, brainstorm new TTPs, compose convincing text to be used in social engineering attacks, and also increase their operational productivity.

Large language models (LLM) such as ChatGPT remain in widespread use, and Group-IB analysts have observed continued interest on underground forums in ChatGPT jailbreaking and specialized generative pre-trained transformer (GPT) development, looking for ways to bypass ChatGPT’s security controls. Group-IB experts have also noticed how, since mid-2023, four ChatGPT-style tools have been developed for the purpose of assisting cybercriminal activity: WolfGPT, DarkBARD, FraudGPT, and WormGPT – all with different functionalities.

FraudGPT and WormGPT are highly discussed tools on underground forums and Telegram channels, tailored for social engineering and phishing. Conversely, tools like WolfGPT, focusing on code or exploits, are less popular due to training complexities and usability issues. Yet, their advancement poses risks for sophisticated attacks.

Group-IB’s Hi-Tech Crime Trends 2023/2024 also highlighted the sale of compromised ChatGPT credentials on the dark web, building upon past research. With more employees relying on ChatGPT for work optimization and its storage of past interactions, compromised logins could expose sensitive information, posing significant security risks for businesses.

From January 2023 to October 2023, Group-IB detected more than 225,000 logs up for sale on the dark web containing compromised ChatGPT credentials. Group-IB’s Threat Intelligence platform found these compromised credentials within the logs of information-stealing malware traded on illicit dark web marketplaces.

Notably, the number of compromised hosts with access to ChatGPT detected by Threat Intelligence between June 2023 and October 2023 was more than 130,000, an increase of 36% compared to the preceding five-month period (January-May 2023). The number of available logs containing ChatGPT logs peaked in the final month of the study – in October 2023 – when 33,080 were registered. Group-IB’s analysis found that the majority of the logs containing ChatGPT accounts were breached by the LummaC2 information stealer.

Double trouble: ransomware gangs and initial access brokers wreak havoc

Group-IB’s Threat Intelligence unit constantly monitors all ransomware activity and detected 4,583 companies that had their information, files, and data published on ransomware DLSs in 2023. This marks a growth of 74% compared to the previous year, when 2,629 such posts were made. Group-IB researchers note that the number of total ransomware attacks worldwide is likely to be much larger, with probable instances of organizations paying the ransom or groups deciding not to go ahead with their threat of publishing data on a DLS.

Companies based in North America most commonly appeared in the DLS posts of ransomware groups, accounting for 2,487 (or 54%) of the annual total, and more than double the corresponding figure in 2022 (1,192 companies). Roughly 26% of posts on ransomware DLSs related to companies from Europe (1,186, up 52% YoY) and 10% were from the APAC region (463, up 39% YoY).

The United States was the most common target for ransomware groups, as 1,060 US-based companies were the subject of ransomware DLS posts in 2023. The next most affected countries were Germany (129), Canada (115), France (103), and Italy (100). 

In terms of affected industries, attacks as per ransomware DLS on manufacturing (580 instances) and real estate (429) companies rose year-on-year by 125% and 165%, respectively, and these key sectors were the two most targeted worldwide. Notably, Group-IB observed a 88% year-on-year increase in ransomware DLS posts related to healthcare companies, and a 65% rise in posts concerning government and military organizations.

Throughout the reporting period, Group-IB experts uncovered 27 new advertisements for ransomware-as-a-service programs on dark web forums, including well-known groups such as Qilin, as well as other collectives that have yet to be seen in the wild. As was the case in 2022, LockBit was 2023’s most prominent ransomware-as-a-service group with 1,079 posts on its DLS (24% of the annual total). In second place was BlackCat with 427 posts (9% of annual total) and third was Clop (385 posts or 9%).

Researchers also found that Initial Access Brokers (IABs) are continuing to play a significant role in the ransomware market. In 2023, they found 2,675 instances of corporate put up for sale – almost an identical figure compared with 2022, when 2,702 offers were found.

Notably, Group-IB data shows that the average price for corporate access in 2023 was $2,470, which represents a 27% reduction compared to the preceding year. Group-IB analysts believe that this drop in average price is due to a rise in the number of new sellers entering the market that have lowered the price of their offers in order to attract buyers.

Companies in the United States (29%), the United Kingdom (4%) and Brazil (4%) were the most commonly featured in IAB offers. Professional services, government and military organizations, financial services, manufacturing, and real estate were the verticals that appeared most frequently.

APTitude test

Group-IB researchers discovered that the Asia-Pacific region was the world’s main battleground for nation-state sponsored threat actors, also known as advanced persistent threat (APT) groups last year. In sum, Group-IB attributed 523 attacks to nation-state actors across the globe in 2023.

Attacks on APAC organizations accounted for 34% of the global total, with Group-IB experts asserting that this may be due to the high level of financial technology development in this global economic hub in addition to geopolitical tensions. Europe was the second-most targeted region, accounting for 22% of all APT attacks, and the Middle East and Africa (MEA) was third (16% of APT attacks in 2023).

Unsurprisingly, government and military entities were the prime target of APT attacks in 2023, accounting for 28% of the annual figure. This strengthens the theory of Group-IB’s Threat Intelligence unit that APT actors are predominantly striving to gain access to strategically important evidence and weaken government entities in their country or region of target. Financial services (6%), telecommunications (5%), manufacturing, IT and media (all 4%) were also heavily affected, Group-IB researchers found.

In the past year, prominent APT groups, including the North Korean collective Lazarus, launched new tactics. Lazarus executed the first-ever double supply chain attack, exploiting a vulnerability in X_TRADER, a software by Trading Technologies. This allowed access to the network of the widely-used 3CX Desktop App for VoIP calls, compromising a wide range of 3CX clients. Group-IB researchers also noted APT groups’ ongoing malicious use of legitimate services like Dropbox, OneDrive, Google Drive, and messengers like Telegram.

Turbulence ahead

In 2023, cyber threats shifted focus from Windows and Android to Apple platforms due to their rising popularity and market share, with iOS becoming increasingly targeted. Malware spread through the App Store, alongside increased use of Apple cloud services, contributed to this trend. By March 6, 2024, Apple is expected to allow third-party app stores for iOS apps in Europe, posing security concerns amidst 1.7 million app rejections in 2022. Threat actors have already adapted Android schemes to iOS, exemplified by GoldFactory and the GoldPickaxe.iOS malware – аctive in Thailand and Vietnam – which prompts victims to record videos of their faces and submit them to the threat actors, which could be used by the latter to gain unauthorized access to the victim’s banking accounts. Additionally, the number of sales posts on the most popular underground forums (xss[.]is and exploit[.]in) for information stealers designed to operate on macOS increased fivefold in 2023, from 8 in 2022 to 49.

Javascript sniffers, also known as malicious JavaScript code implanted in compromised websites designed to intercept payment card details from customers who make online transactions, are also likely to pose a risk to online store owners, consumers, and banks in 2024. Group-IB researchers discovered 5,037 websites compromised with JS-sniffers in 2023, of which 2,474 were unique. A total of 14 new JS-sniffer families were also discovered in 2023, highlighting the continued development of this threat.

“As highlighted by Group-IB’s Hi-Tech Crime Trends 2023/2024 report, the rise of AI in both legitimate businesses and the cybercriminal underworld was a critical trend of 2023. With the increased misuse of ChatGPT and the development of underground LLM tools, the potential for sophisticated attacks has escalated, compounded by the alarming surge in compromised ChatGPT credentials. This along with cybercriminals’ increased interest in malware designed for macOS demonstrates that it is imperative for organizations to recognize and address this evolving threat landscape, safeguarding sensitive information and fortifying cybersecurity measures to mitigate risks posed by AI-driven cybercrime,” Dmitry Volkov, CEO at Group-IB, said.

A full round-up of the top global threats and invaluable insights from the Group-IB Threat Intelligence unit can be found in the full Hi-Tech Crime Trends 2023/2024 report.

View original content to download multimedia:https://www.prnewswire.com/news-releases/group-ib-reveals-hi-tech-crime-trends-2324-surge-in-ransomware-against-backdrop-of-growing-ai-macos-threats-302075538.html

SOURCE Group-IB

Continue Reading
Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

Technology

AI-Powered Connectivity: APAC Charts a Path to a Smarter Digital Future

Published

on

By

Asia-Pacific’s first Broadband Development Summit brings regulators and operators to Bangkok to set the agenda

BANGKOK, July 19, 2026 /PRNewswire/ — Government officials, standards bodies and telecom operators gathered in Bangkok on 14 July for the inaugural Broadband Development Summit APAC 2026, convened by the World Broadband Association (WBBA) to build consensus on AI-era networks.

Participants included the ITU, Thailand’s National Board of the Digital Economy and Society, WBBA, IAB, FNCAP, WAA, NIDA and the IPv6 Council, alongside operators Telkomsel, XLSmart, Surge, Globe, AIS, CMI and HKT and Huawei.

Denny Deng, President of Huawei Asia Pacific Carrier Business, envisions a “faster, smarter, greener” Asia-Pacific.

VOICES FROM THE SUMMIT

“To seize the opportunities of the AI era, we call on the industry to accelerate broadband evolution, advance computing-network synergy, and strengthen the cross-border connectivity. Together, let us build faster, smarter, and greener digital infrastructure for Asia-Pacific.”
— Denny Deng, President of Asia Pacific Carrier Business, Huawei

“High-speed broadband is no longer just about ‘getting online’ — it is the vital infrastructure upon which the entire AI revolution is being built. We view AI not merely as a tool, but as a primary engine for national competitiveness and a catalyst for improving the quality of life for all.”
— Wetang Phuangsup, Ph.D., Secretary-General, the National Board of the Digital Economy and Society, Thailand

“Three initiatives define the road to 2030. We must close the quality divide so the value of broadband reaches everyone. We must build AI-ready networks — 10G access, 800GE cores, intelligence end to end. And we must do it together, through shared standards.”
— Martin Creaner, Director General of WBBA

“Moving towards next-generation networks, network architectures must continue to evolve to deliver broader connectivity, superior quality, enhanced security, and greater intelligence. This evolution is essential for Net5.5G, positioning the network not simply as infrastructure, but as the foundation that enables AI, strengthens resilience and efficiency, and supports digital transformation across industries.”
— Dhruv Dhody, Industry Standardization Expert at Huawei, Chair of the IAB, IETF

“Across Asia-Pacific, fibre is extending beyond homes and offices into rooms, devices, and machines. By working together, we can accelerate fibre innovation and adoption to build truly AI-ready infrastructure.”
— Ilham Nandana, Chair of the Market Intelligence Committee, Fiber Network Council APAC (FNCAP)

“We fixed it before you feel it!  AIS is redefining premium home broadband by combining ultra-fast connectivity with AI-driven network intelligence and smart home ecosystem — delivering proactive, invisible service excellence that transforms connectivity into differentiated customer value and sustainable ARPU growth.”
— Thanit Chaiyaboonthanit, Head of Technology Department, Broadband Business, AIS

“Connecting the Unconnected: Affordable Broadband at Scale. Create equal access to global information and empower Indonesia’s digital society.”
— Shannedy Ong, CTO of Surge Indonesia

“Beyond Connectivity: Telkomsel is transforming into a true value creator. By leveraging our FBB market-leading footprint, we power growth through service excellence, customer loyalty, and a next-generation home ecosystem.”
— Stanislaus Susatyo, Director of Sales, Telkomsel Indonesia

“We stopped treating AI as an add-on feature. Instead, our approach at Globe starts with architecture, embedding intelligence into the very core of how we build, how we sell, and how we operate.
AI continuously monitors network health, customer behavior and service quality. Rather than waiting for failures, the system predicts degradation and initiates corrective actions. By maintaining minute-level awareness of network health, our systems automatically resolve 30% of all Wi-Fi issues without any human intervention.”
— Danny Theseira, Head of Broadband Business Group at Globe Telecom

“Huawei is driving the Optics-AI Synergy to foster their collaborative growth. Through AI-ON, operators could build an AI-centric all-optical target network and establish 1-5-20ms latency circles across the Asia Pacific region. AI-ON also supports efficient computing access and usage while delivering an ultimate network experience through gigabit/ultra-gigabit home broadband, accelerating the widespread adoption of AI services.”
— Kim Jin, Vice President & Chief Marketing Officer Optical Business Product Line, Huawei

“Connectivity is not just about technology. It is a lifeline, a platform for opportunity, and a driver of sustainable development. I believe the intersection of connectivity and artificial intelligence will shape the future of smarter, more resilient networks.”
— Dr. Cosmas Zavazava, Director of the Telecommunication Development Bureau, ITU

“Performance and user experience are the essential path to the next-generation WLAN. Based on standards and AI-driven innovation, let’s jointly explore the path to the future autonomous WLAN with all the stakeholders.”
— Dr. Crane H. Yang, Secretary-General, World WLAN Application Alliance (WAA)

“At the summit, NIDA and WBBA signed an MOU to accelerate next-generation network evolution and establish pioneering smart city benchmarks through the co-development of industry standards, the harmonization of global regulations, and the sharing of vertical industry insights.
NIDA focuses on advancing network architecture standards, while WBBA drives global consensus on broadband evolution. This natural strategic complementarity creates vast opportunities for future collaboration.”
— Joey Deng, Secretary-General of NIDA

“ION-2030 develops the global standard for next generation optical networks in the AI era. It provides exceptional AI application and service experience. The WBBA and ITU will jointly accelerate its development, and this is a unique opportunity for Asia-Pacific stakeholders to actively influence the future of optical broadband networks.”
— Dr. Marcus Brunner, Chief Expert Standardization, WBBA WG1 Chair and Vice-Chair of ETSI ISG F5G

“The transition into the AI era demands a high-quality, deterministic digital foundation. By releasing Net5.5G policy guidelines, Malaysia is accelerating the evolution of next-generation network standards based on IPv6, establishing an innovative infrastructure to unleash AI’s value and drive a prosperous digital economy for 2030.”
— Prof. Sureswaran Ramadass, Chair of APAC at IPv6 Council, Industry Partner of WBBA

“The digital economy is thriving across the Asia-Pacific region, with AI emerging as a core catalyst for intelligent transformation. China Mobile International (CMI) is driving regional growth by integrating China’s advanced AI capabilities with comprehensive communications, computing, and AI services. Moving forward, CMI will collaborate closely with industry partners to foster a shared, AI-driven future for the region.”
— Paul Lin, Managing Director of Commercial and Technology, Asia Pacific, China Mobile International

“Next-generation network infrastructure is the oxygen of the intelligent economy. By integrating cutting-edge 800G connectivity with quantum-safe security, HKT is laying the essential foundations to keep Hong Kong’s enterprises highly competitive, secure, and ready for the computing paradigm shifts of tomorrow.”
— Wilson Cheung, Vice President, Broadband Design & Cyber Security, HKT

“The evolution toward Net5.5G AI WAN is an important step in strengthening XLSMART’s transport network for the future. By progressively adopting AI-assisted operations, SRv6, SDN, service differentiation, and higher-capacity transport infrastructure, we are enhancing network intelligence, operational efficiency, and service resilience while supporting long-term sustainability. This transformation is a continuous journey that aligns with the industry’s vision of AI-native broadband networks. Through collaboration with our technology partners and the broader ecosystem, we will continue to develop capabilities that deliver better network performance and support Indonesia’s growing digital connectivity needs.”
— Regie Ginanjar, Head of Transport Autonomy & Orchestration, Transport Network Transformation, XLSMART

“For the AI era, Huawei upgrades the IP bearer network via security resilience, multi-dimensional awareness, and network autonomy. This empowers carriers to guarantee service experience, accelerate monetization, and enhance efficiency, ushering in a new chapter of intelligent connectivity.”
— Arthur Wang, Vice President of Data Communication Product Line, Huawei

A CONVERGING VIEW

Speakers agreed AI is shifting networks from connectivity to intelligent connectivity, as broadband, IP, computing and cross-border infrastructure converge to support innovation and coordination.

WBBA launched the AI-Net Certification, a global benchmark for national policy, industrial ecosystems and network intelligence. XLSmart was named first AI-Net Champion, and Indonesia was among the first with a certified operator, backed by its Net5.5G roadmap.

In another high-profile segment, WBBA Director General Martin Creaner presented the Gigacity Certification to KOMDIGI, SURGE, Telkomsel, AIS, TRUE, HKT and Globe, recognizing regional broadband pioneers.

 

View original content to download multimedia:https://www.prnewswire.com/apac/news-releases/ai-powered-connectivity-apac-charts-a-path-to-a-smarter-digital-future-302829032.html

SOURCE HUAWEI

Continue Reading

Technology

Laifen Expands U.S. Retail Footprint with Costco Launch of Best-Selling SE Hair Dryer

Published

on

By

Starting July 18, Costco Members Can Shop Laifen’s Award-Winning Hair Dryer in Select Warehouse Locations Across the U.S.

NEW YORK, July 18, 2026 /PRNewswire/ — Laifen, ranked the world’s No.1 high-speed hair dryer brand, today announced the launch of its best-selling SE High-Speed Hair Dryer at select Costco warehouse locations, marking the brand’s largest U.S. retail expansion to date and bringing its award-winning haircare technology to Costco members across select U.S. markets.

The launch brings Laifen’s award-winning haircare technology to Costco, making it easier for consumers to experience the brand through one of the nation’s leading membership retailers. Laifen joins Costco’s growing portfolio of premium beauty and personal care brands. The initial rollout includes select Costco warehouse locations across the United States, with a strong presence across the Western U.S., including California, the Pacific Northwest and the Southwest.

Costco’s reputation for quality and its highly selective merchandising approach make this partnership especially meaningful. The Costco launch reflects Laifen’s continued expansion beyond direct-to-consumer channels as the brand accelerates its U.S. omnichannel retail strategy. “Costco represents an important milestone in our U.S. retail strategy,” said Romeo, General Manager of International Business of Laifen. “As more consumers seek salon-quality performance at an accessible price, we’re excited to make Laifen available through one of America’s most trusted retailers.”

Engineered to deliver professional-level performance in a sleek, lightweight design, the Laifen SE is powered by the brand’s proprietary high-speed brushless motor, delivering fast drying, reduced heat damage and smoother styling. An intelligent temperature control system continuously monitors airflow to help minimize frizz while protecting hair from excessive heat.

The Costco launch represents the next phase of Laifen’s U.S. retail expansion as the brand continues to grow beyond its direct-to-consumer and online channels. By expanding into one of the nation’s most trusted retailers, Laifen aims to broaden access to its category-disrupting haircare solutions while advancing its mission to bring more thoughtful design and everyday excellence into more homes.

The Laifen SE High-Speed Hair Dryer in White will be available at select Costco locations, while Costco.com shoppers will have access to additional color options including Purple and Pink, alongside the White model.

For more information on Laifen, please visit LaifenTech.com.

About Laifen: 

Founded in 2019, Laifen is a global personal care technology brand combining high-performance engineering with modern design across hair care, oral care, and grooming categories. Ranked the world’s No. 1 high-speed hair dryer brand by Euromonitor International, Laifen first gained recognition for its self-developed 110,000 RPM high-speed brushless motor, the proprietary technology behind its award-winning hair dryers.

Building on this innovation, Laifen has expanded its portfolio to include electric toothbrushes and shavers, delivering premium technology and elevated everyday experiences to consumers worldwide. Today, Laifen products and accessories are used by over 22 million households across more than 60 countries, supported by more than 600 patents and recognized with over 50 international design and innovation awards. Driven by continuous technological breakthroughs, Laifen is committed to making cutting-edge personal care technology more accessible to consumers around the world.

View original content to download multimedia:https://www.prnewswire.com/news-releases/laifen-expands-us-retail-footprint-with-costco-launch-of-best-selling-se-hair-dryer-302828573.html

SOURCE Laifen

Continue Reading

Technology

Pillsbury Notice of Data Breach

Published

on

By

NEW YORK, July 18, 2026 /PRNewswire/ — Pillsbury Winthrop Shaw Pittman LLP (“Pillsbury”) was among many law firms targeted by sophisticated social engineering attempts in an incident last year. While the firm quickly detected and blocked the activity, an unauthorized actor was able to access some of the firm’s documents during a short window of time. Pillsbury notified any impacted clients last year and undertook a detailed process to review the accessed documents for personal information. Pillsbury then began notifying individuals whose personal information was affected. That process is now complete, and today, Pillsbury is publishing substitute notice as a final step.

For more information, please visit the substitute notice on our website at https://www.pillsburylaw.com/en/breach-notice.html

View original content to download multimedia:https://www.prnewswire.com/news-releases/pillsbury-notice-of-data-breach-302828892.html

SOURCE Pillsbury Winthrop Shaw Pittman LLP

Continue Reading

Trending