Sign up to save your podcasts
Or
Share China's AI Hackers Are Using Our Own Tools Against Us and It's Getting Wild
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
China's AI Hackers Are Using Our Own Tools Against Us and It's Getting Wild
This is your Red Alert: China's Daily Cyber Moves podcast.
Hey listeners, Alexandra Reeves here with Red Alert on China's daily cyber moves. Over the past few days, state-sponsored hackers from the People's Republic have ramped up AI-fueled assaults on U.S. targets, turning Anthropic's Mythos model against us in ways that scream escalation.
It kicked off April 19th when The Hacker News reported Chinese threat actors hijacking Mythos Preview—Anthropic's bug-hunting AI—to launch automated attacks on small U.S. enterprise networks. These ops targeted weakly defended systems in sectors like tech startups in Silicon Valley and financial firms in New York, exploiting SSRF chains and credential leaks without tripping alarms. By April 20th, Security Now episode 1075 on TWiT.tv detailed how hands-on-keyboard actors, linked to Beijing's cyber units, paired this with real-world breaches: a compromised SSL VPN at a Virginia defense contractor let them deploy Red Sun and Undefend exploits, blocking Microsoft Defender updates and escalating privileges on Windows endpoints.
Fast-forward to April 21st—BleepingComputer confirmed over 23,500 infected U.S. PCs, hundreds in high-value networks like those at Boeing in Seattle and JPMorgan in Charlotte. Attackers used signed adware from Chinese-linked operators, phoning home to infrastructure in Shenzhen, while a fake Windows update site—typosquatting Microsoft's domain—dropped info-stealers grabbing browser passwords, Discord tokens, and payment data from victims in California and Texas. No CISA or FBI emergency alerts yet, but Krebs on Security warned of similar Russian tactics spilling over, urging immediate token rotation.
Timeline's tight: initial probes hit on the 19th via exposed Docker APIs in cloud setups at AWS-hosted U.S. firms; lateral movement peaked 20th with Mythos automating end-to-end hacks; by yesterday, wiper-like payloads targeted Farsi-linked systems, hinting at proxy wars. Defensive actions? Patch now—rotate all auth tokens, enable Defender's tamper protection, scan for PUPs like Chrome Stera using Huntress tools, and segment VPNs. Firewalls must block C2 from known Shenzhen IPs.
Escalation scenarios? If unchecked, this scales: Chinese AI labs close the Mythos gap per AlbertoAI's Substack, hitting critical infrastructure like power grids in the Midwest by week's end. Hands-on actors could chain with Scattered Spider SIM-swaps for crypto heists, or go kinetic if U.S. retaliates.
Stay vigilant, listeners—update, monitor, and report to CISA. Thanks for tuning in—subscribe for daily drops. This has been a Quiet Please production, for more check out quietplease.ai.
For more http://www.quietplease.ai
Get the best deals https://amzn.to/3ODvOta
This content was created in partnership and with the help of Artificial Intelligence AI
This episode includes AI-generated content.
Hey listeners, Alexandra Reeves here with Red Alert on China's daily cyber moves. Over the past few days, state-sponsored hackers from the People's Republic have ramped up AI-fueled assaults on U.S. targets, turning Anthropic's Mythos model against us in ways that scream escalation.
It kicked off April 19th when The Hacker News reported Chinese threat actors hijacking Mythos Preview—Anthropic's bug-hunting AI—to launch automated attacks on small U.S. enterprise networks. These ops targeted weakly defended systems in sectors like tech startups in Silicon Valley and financial firms in New York, exploiting SSRF chains and credential leaks without tripping alarms. By April 20th, Security Now episode 1075 on TWiT.tv detailed how hands-on-keyboard actors, linked to Beijing's cyber units, paired this with real-world breaches: a compromised SSL VPN at a Virginia defense contractor let them deploy Red Sun and Undefend exploits, blocking Microsoft Defender updates and escalating privileges on Windows endpoints.
Fast-forward to April 21st—BleepingComputer confirmed over 23,500 infected U.S. PCs, hundreds in high-value networks like those at Boeing in Seattle and JPMorgan in Charlotte. Attackers used signed adware from Chinese-linked operators, phoning home to infrastructure in Shenzhen, while a fake Windows update site—typosquatting Microsoft's domain—dropped info-stealers grabbing browser passwords, Discord tokens, and payment data from victims in California and Texas. No CISA or FBI emergency alerts yet, but Krebs on Security warned of similar Russian tactics spilling over, urging immediate token rotation.
Timeline's tight: initial probes hit on the 19th via exposed Docker APIs in cloud setups at AWS-hosted U.S. firms; lateral movement peaked 20th with Mythos automating end-to-end hacks; by yesterday, wiper-like payloads targeted Farsi-linked systems, hinting at proxy wars. Defensive actions? Patch now—rotate all auth tokens, enable Defender's tamper protection, scan for PUPs like Chrome Stera using Huntress tools, and segment VPNs. Firewalls must block C2 from known Shenzhen IPs.
Escalation scenarios? If unchecked, this scales: Chinese AI labs close the Mythos gap per AlbertoAI's Substack, hitting critical infrastructure like power grids in the Midwest by week's end. Hands-on actors could chain with Scattered Spider SIM-swaps for crypto heists, or go kinetic if U.S. retaliates.
Stay vigilant, listeners—update, monitor, and report to CISA. Thanks for tuning in—subscribe for daily drops. This has been a Quiet Please production, for more check out quietplease.ai.
For more http://www.quietplease.ai
Get the best deals https://amzn.to/3ODvOta
This content was created in partnership and with the help of Artificial Intelligence AI
This episode includes AI-generated content.
View all episodes
By Inception Point AiThis is your Red Alert: China's Daily Cyber Moves podcast.
Hey listeners, Alexandra Reeves here with Red Alert on China's daily cyber moves. Over the past few days, state-sponsored hackers from the People's Republic have ramped up AI-fueled assaults on U.S. targets, turning Anthropic's Mythos model against us in ways that scream escalation.
It kicked off April 19th when The Hacker News reported Chinese threat actors hijacking Mythos Preview—Anthropic's bug-hunting AI—to launch automated attacks on small U.S. enterprise networks. These ops targeted weakly defended systems in sectors like tech startups in Silicon Valley and financial firms in New York, exploiting SSRF chains and credential leaks without tripping alarms. By April 20th, Security Now episode 1075 on TWiT.tv detailed how hands-on-keyboard actors, linked to Beijing's cyber units, paired this with real-world breaches: a compromised SSL VPN at a Virginia defense contractor let them deploy Red Sun and Undefend exploits, blocking Microsoft Defender updates and escalating privileges on Windows endpoints.
Fast-forward to April 21st—BleepingComputer confirmed over 23,500 infected U.S. PCs, hundreds in high-value networks like those at Boeing in Seattle and JPMorgan in Charlotte. Attackers used signed adware from Chinese-linked operators, phoning home to infrastructure in Shenzhen, while a fake Windows update site—typosquatting Microsoft's domain—dropped info-stealers grabbing browser passwords, Discord tokens, and payment data from victims in California and Texas. No CISA or FBI emergency alerts yet, but Krebs on Security warned of similar Russian tactics spilling over, urging immediate token rotation.
Timeline's tight: initial probes hit on the 19th via exposed Docker APIs in cloud setups at AWS-hosted U.S. firms; lateral movement peaked 20th with Mythos automating end-to-end hacks; by yesterday, wiper-like payloads targeted Farsi-linked systems, hinting at proxy wars. Defensive actions? Patch now—rotate all auth tokens, enable Defender's tamper protection, scan for PUPs like Chrome Stera using Huntress tools, and segment VPNs. Firewalls must block C2 from known Shenzhen IPs.
Escalation scenarios? If unchecked, this scales: Chinese AI labs close the Mythos gap per AlbertoAI's Substack, hitting critical infrastructure like power grids in the Midwest by week's end. Hands-on actors could chain with Scattered Spider SIM-swaps for crypto heists, or go kinetic if U.S. retaliates.
Stay vigilant, listeners—update, monitor, and report to CISA. Thanks for tuning in—subscribe for daily drops. This has been a Quiet Please production, for more check out quietplease.ai.
For more http://www.quietplease.ai
Get the best deals https://amzn.to/3ODvOta
This content was created in partnership and with the help of Artificial Intelligence AI
This episode includes AI-generated content.
Hey listeners, Alexandra Reeves here with Red Alert on China's daily cyber moves. Over the past few days, state-sponsored hackers from the People's Republic have ramped up AI-fueled assaults on U.S. targets, turning Anthropic's Mythos model against us in ways that scream escalation.
It kicked off April 19th when The Hacker News reported Chinese threat actors hijacking Mythos Preview—Anthropic's bug-hunting AI—to launch automated attacks on small U.S. enterprise networks. These ops targeted weakly defended systems in sectors like tech startups in Silicon Valley and financial firms in New York, exploiting SSRF chains and credential leaks without tripping alarms. By April 20th, Security Now episode 1075 on TWiT.tv detailed how hands-on-keyboard actors, linked to Beijing's cyber units, paired this with real-world breaches: a compromised SSL VPN at a Virginia defense contractor let them deploy Red Sun and Undefend exploits, blocking Microsoft Defender updates and escalating privileges on Windows endpoints.
Fast-forward to April 21st—BleepingComputer confirmed over 23,500 infected U.S. PCs, hundreds in high-value networks like those at Boeing in Seattle and JPMorgan in Charlotte. Attackers used signed adware from Chinese-linked operators, phoning home to infrastructure in Shenzhen, while a fake Windows update site—typosquatting Microsoft's domain—dropped info-stealers grabbing browser passwords, Discord tokens, and payment data from victims in California and Texas. No CISA or FBI emergency alerts yet, but Krebs on Security warned of similar Russian tactics spilling over, urging immediate token rotation.
Timeline's tight: initial probes hit on the 19th via exposed Docker APIs in cloud setups at AWS-hosted U.S. firms; lateral movement peaked 20th with Mythos automating end-to-end hacks; by yesterday, wiper-like payloads targeted Farsi-linked systems, hinting at proxy wars. Defensive actions? Patch now—rotate all auth tokens, enable Defender's tamper protection, scan for PUPs like Chrome Stera using Huntress tools, and segment VPNs. Firewalls must block C2 from known Shenzhen IPs.
Escalation scenarios? If unchecked, this scales: Chinese AI labs close the Mythos gap per AlbertoAI's Substack, hitting critical infrastructure like power grids in the Midwest by week's end. Hands-on actors could chain with Scattered Spider SIM-swaps for crypto heists, or go kinetic if U.S. retaliates.
Stay vigilant, listeners—update, monitor, and report to CISA. Thanks for tuning in—subscribe for daily drops. This has been a Quiet Please production, for more check out quietplease.ai.
For more http://www.quietplease.ai
Get the best deals https://amzn.to/3ODvOta
This content was created in partnership and with the help of Artificial Intelligence AI
This episode includes AI-generated content.