A 23-year-old Serbian youth activist had their Android phone targeted by a zero-day exploit developed by Cellebrite to unlock the device, according to a new report from Amnesty International.

“The Android phone of one student protester was exploited and unlocked by a sophisticated zero-day exploit chain targeting Android USB drivers, developed by Cellebrite,” the international non-governmental organization said, adding the traces of the exploit were discovered in a separate case in mid-2024.

The vulnerability in question is CVE-2024-53104 (CVSS score: 7.8), a case of privilege escalation in a kernel component known as the USB Video Class (UVC) driver. A patch for the flaw was addressed in the Linux kernel in December 2024. It was subsequently addressed in Android earlier this month.

It’s believed that CVE-2024-53104 was combined with two other flaws – CVE-2024-53197 and CVE-2024-50302 – both of which have been resolved in the Linux kernel. They are yet to be included in an Android Security Bulletin.

• CVE-2024-53197 (CVSS score: N/A) – An out-of-bounds access vulnerability for Extigy and Mbox devices
• CVE-2024-50302 (CVSS score: 5.5) – A use of an uninitialized resource vulnerability that could be used to leak kernel memory

“The exploit, which targeted Linux kernel USB drivers, enabled Cellebrite customers with physical access to a locked Android device to bypass an Android phone’s lock screen and gain privileged access on the device,” Amnesty said.

“This case highlights how real-world attackers are exploiting Android’s USB attack surface, taking advantage of the broad range of legacy USB kernel drivers supported in the Linux kernel.”

The activist, who has been given the name “Vedran” to protect their privacy, was taken to a police station and his phone confiscated on December 25, 2024, after he attended a student protest in Belgrade.

Amnesty’s analysis found that the exploit was used to unlock his Samsung Galaxy A32 and that the authorities attempted to install an unknown Android application. While the exact nature of the Android app remains unclear, the modus operandi is consistent with that of prior NoviSpy spyware infections reported in mid-December 2024.

Earlier this week, Cellebrite said its tools are not designed to facilitate any type of offensive cyber activity and that it works actively to curtail the misuse of its technology.

The Israeli company also said it will no longer allow Serbia to use its software, stating “we found it appropriate to stop the use of our products by the relevant customers at this time.”

A new campaign is targeting companies in Taiwan with malware known as Winos 4.0 as part of phishing emails masquerading as the country’s National Taxation Bureau.

The campaign, detected last month by Fortinet FortiGuard Labs, marks a departure from previous attack chains that have leveraged malicious game-related applications.

“The sender claimed that the malicious file attached was a list of enterprises scheduled for tax inspection and asked the receiver to forward the information to their company’s treasurer,” security researcher Pei Han Liao said in a report shared with The Hacker News.

The attachment mimics an official document from the Ministry of Finance, urging the recipient to download the list of enterprises scheduled for tax inspection.

But in reality, the list is a ZIP file containing a malicious DLL (“lastbld2Base.dll”) that lays the groundwork for the next attack stage, leading to the execution of shellcode that’s responsible for downloading a Winos 4.0 module from a remote server (“206.238.221[.]60”) for gathering sensitive data.

The component, described as a login module, is capable of taking screenshots, logging keystrokes, altering clipboard content, monitoring connected USB devices, running shellcode, and permitting the execution of sensitive actions (e.g., cmd.exe) when security prompts from Kingsoft Security and Huorong are displayed.

Fortinet said it also observed a second attack chain that downloads an online module that can capture screenshots of WeChat and online banks.

It’s worth noting that the intrusion set distributing the Winos 4.0 malware has been assigned the monikers Void Arachne and Silver Fox, with the malware also overlapping with another remote access trojan tracked as ValleyRAT.

“They are both derived from the same source: Gh0st RAT, which was developed in China and open-sourced in 2008,” Daniel dos Santos, Head of Security Research at Forescout’s Vedere Labs, told The Hacker News.

“Winos and ValleyRAT are variations of Gh0st RAT attributed to Silver Fox by different researchers at different points in time. Winos was a name commonly used in 2023 and 2024 while now ValleyRAT is more commonly used. The tool is constantly evolving, and it has both local Trojan/RAT capabilities as well as a command-and-control server.”

ValleyRAT, first identified in early 2023, has been recently observed using fake Chrome sites as a conduit to infect Chinese-speaking users. Similar drive-by download schemes have also been employed to deliver Gh0st RAT.

Furthermore, Winos 4.0 attack chains have incorporated what’s called a CleverSoar installer that’s executed by means of an MSI installer package distributed as fake software or gaming-related applications. Also dropped alongside Winos 4.0 via CleverSoar is the open-source Nidhogg rootkit.

“The CleverSoar installer […] checks the user’s language settings to verify if they are set to Chinese or Vietnamese,” Rapid7 noted in late November 2024. “If the language is not recognized, the installer terminates, effectively preventing infection. This behavior strongly suggests that the threat actor is primarily targeting victims in these regions.”

The disclosure comes as the Silver Fox APT has been linked to a new campaign that leverages trojanized versions of Philips DICOM viewers to deploy ValleyRAT, which is then used to drop a keylogger, and a cryptocurrency miner on victim computers. Notably, the attacks have been found to use a vulnerable version of the TrueSight driver to disable antivirus software.

“This campaign leverages trojanized DICOM viewers as lures to infect victim systems with a backdoor (ValleyRAT) for remote access and control, a keylogger to capture user activity and credentials, and a crypto miner to exploit system resources for financial gain,” Forescout said.

Cybersecurity researchers are warning of a new campaign that leverages cracked versions of software as a lure to distribute information stealers like Lumma and ACR Stealer.

The AhnLab Security Intelligence Center (ASEC) said it has observed a spike in the distribution volume of ACR Stealer since January 2025.

A notable aspect of the stealer malware is the use of a technique called dead drop resolver to extract the actual command-and-control (C2) server. This includes relying on legitimate services like Steam, Telegram’s Telegraph, Google Forms, and Google Slides.

“Threat actors enter the actual C2 domain in Base64 encoding on a specific page,” ASEC said. “The malware accesses this page, parses the string, and obtains the actual C2 domain address to perform malicious behaviors.”

ACR Stealer, previously distributed via Hijack Loader malware, is capable of harvesting a wide range of information from compromised systems, including files, web browser data, and cryptocurrency wallet extensions.

The development comes as ASEC revealed another campaign that uses files with the extension “MSC,” which can be executed by the Microsoft Management Console (MMC), to deliver the Rhadamanthys stealer malware.

“There are two types of MSC malware: one exploits the vulnerability of apds.dll (CVE-2024-43572), and the other executes the ‘command’ command using Console Taskpad,” the South Korean company said.

“The MSC file is disguised as an MS Word document. “When the ‘Open’ button is clicked, it downloads and executes a PowerShell script from an external source. The downloaded PowerShell script contains an EXE file (Rhadamanthys).”

CVE-2024-43572, also called GrimResource, was first documented by the Elastic Security Labs in June 2024 as having been exploited by malicious actors as a zero-day. It was patched by Microsoft in October 2024.

Malware campaigns have also been observed exploiting chat support platforms like Zendesk, masquerading as customers to trick unsuspecting support agents into downloading a stealer called Zhong Stealer.

According to a recent report published by Hudson Rock, over 30,000,000 computers have been infected by information stealers in the “past few years,” leading to the theft of corporate credentials and session cookies that could then be sold by cybercriminals on underground forums to other actors for profit.

The buyers could weaponize the access afforded by these credentials to stage post-exploitation actions of their own, leading to severe risks. These developments serve to highlight the role played by stealer malware as an initial access vector that provides a foothold to sensitive corporate environments.

“For as little as $10 per log (computer), cybercriminals can purchase stolen data from employees working in classified defense and military sectors,” Hudson Rock said. “Infostealer intelligence isn’t just about detecting who’s infected — it’s about understanding the full network of compromised credentials and third-party risks.”

Over the past year, threat actors have also been ramping up efforts to spread a variety of malware families, including stealers and remote access trojans (RATs), through a technique called ClickFix that often entails redirecting users to fake CAPTCHA verification pages instructing them to copy and execute nefarious PowerShell commands.

One such payload dropped is I2PRAT, which employs the I2P anonymization network to anonymize its final C2 server.

“The malware is an advanced threat composed of multiple layers, each incorporating sophisticated mechanisms,” Sekoia said. “The use of an anonymization network complicates tracking and hinders the identification of the threat’s magnitude and spread in the wild.”

OpenAI on Friday revealed that it banned a set of accounts that used its ChatGPT tool to develop a suspected artificial intelligence (AI)-powered surveillance tool.

The social media listening tool is said to likely originate from China and is powered by one of Meta’s Llama models, with the accounts in question using the AI company’s models to generate detailed descriptions and analyze documents for an apparatus capable of collecting real-time data and reports about anti-China protests in the West and sharing the insights with Chinese authorities.

The campaign has been codenamed Peer Review owing to the “network’s behavior in promoting and reviewing surveillance tooling,” researchers Ben Nimmo, Albert Zhang, Matthew Richard, and Nathaniel Hartley noted, adding the tool is designed to ingest and analyze posts and comments from platforms such as X, Facebook, YouTube, Instagram, Telegram, and Reddit.

In one instance flagged by the company, the actors used ChatGPT to debug and modify source code that’s believed to run the monitoring software, referred to as “Qianyue Overseas Public Opinion AI Assistant.”

Besides using its model as a research tool to surface publicly available information about think tanks in the United States, and government officials and politicians in countries like Australia, Cambodia and the United States, the cluster has also been found to leverage ChatGPT access to read, translate and analyze screenshots of English-language documents.

Some of the images were announcements of Uyghur rights protests in various Western cities, and were likely copied from social media. It’s currently not known if these images were authentic.

OpenAI also said it disrupted several other clusters that were found abusing ChatGPT for various malicious activities –

• Deceptive Employment Scheme – A network from North Korea linked to the fraudulent IT worker scheme that was involved in the creation of personal documentation for fictitious job applicants, such as resumés, online job profiles and cover letters, as well as come up convincing responses to explain unusual behaviors like avoiding video calls, accessing corporate systems from unauthorized countries or working irregular hours. Some of the bogus job applications were then shared on LinkedIn.
• Sponsored Discontent – A network likely of Chinese origin that was involved in the creation of social media content in English and long-form articles in Spanish that were critical of the United States, and subsequently published by Latin American news websites in Peru, Mexico, and Ecuador. Some of the activity overlaps with a known activity cluster dubbed Spamouflage.
• Romance-baiting Scam – A network of accounts that was involved in the translation and generation of comments in Japanese, Chinese, and English for posting on social media platforms including Facebook, X and Instagram in connection with suspected Cambodia-origin romance and investment scams.
• Iranian Influence Nexus – A network of five accounts that was involved in the generation of X posts and articles that were pro-Palestinian, pro-Hamas, and pro-Iran, and anti-Israel and anti-U.S., and shared on websites associated with an Iranian influence operations tracked as the International Union of Virtual Media (IUVM) and Storm-2035. One among the banned accounts was used to create content for both the operations, indicative of a “previously unreported relationship.”
• Kimsuky and BlueNoroff – A network of accounts operated by North Korean threat actors that was involved in gathering information related to cyber intrusion tools and cryptocurrency-related topics, and debugging code for Remote Desktop Protocol (RDP) brute-force attacks
• Youth Initiative Covert Influence Operation – A network of accounts that was involved in the creation of English-language articles for a website named “Empowering Ghana” and social media comments targeting the Ghana presidential election
• Task Scam – A network of accounts likely originating from Cambodia that was involved in the translation of comments between Urdu and English as part of a scam that lures unsuspecting people into jobs performing simple tasks (e.g., liking videos or writing reviews) in exchange for earning a non-existent commission, accessing which requires victims to part with their own money.

The development comes as AI tools are being increasingly used by bad actors to facilitate cyber-enabled disinformation campaigns and other malicious operations.

Last month, Google Threat Intelligence Group (GTIG) revealed that over 57 distinct threat actors with ties to China, Iran, North Korea, and Russia used its Gemini AI chatbot to improve multiple phases of the attack cycle and conduct research into topical events, or perform content creation, translation, and localization.

“The unique insights that AI companies can glean from threat actors are particularly valuable if they are shared with upstream providers, such as hosting and software developers, downstream distribution platforms, such as social media companies, and open-source researchers,” OpenAI said.

“Equally, the insights that upstream and downstream providers and researchers have into threat actors open up new avenues of detection and enforcement for AI companies.”

Cryptocurrency exchange Bybit on Friday revealed that a “sophisticated” attack led to the theft of over $1.46 billion worth of cryptocurrency from one of its Ethereum cold (offline) wallets, making it the largest ever single crypto heist in history.

“The incident occurred when our ETH multisig cold wallet executed a transfer to our warm wallet. Unfortunately, this transaction was manipulated through a sophisticated attack that masked the signing interface, displaying the correct address while altering the underlying smart contract logic,” Bybit said in a post on X.

“As a result, the attacker was able to gain control of the affected ETH cold wallet and transfer its holdings to an unidentified address.”

In a separate statement posted on the social media platform, Bybit’s CEO Ben Zhou emphasized that all other cold wallets are secure. The company further said it has reported the case to the appropriate authorities.

While there is no official confirmation from Bybit yet, Elliptic and Arkham Intelligence confirmed that the digital theft is the work of the infamous Lazarus Group. The incident makes it the biggest-ever cryptocurrency heist reported to date, dwarfing that of Ronin Network ($624 million), Poly Network ($611 million), and BNB Bridge ($586 million).

Independent researcher ZachXBT said they “connected the Bybit hack on-chain to the Phemex hack,” the latter of which took place late last month.

The North Korea-based threat actor is one of the most prolific hacking groups, orchestrating dozens of cryptocurrency heists to generate illicit revenue for the sanctions-hit nation. Last year, Google described North Korea as “arguably the world’s leading cyber criminal enterprise.”

In 2024, it’s estimated to have stolen $1.34 billion across 47 cryptocurrency hacks, accounting for 61% of all ill-gotten crypto during the time period, according to blockchain intelligence firm Chainalysis.

“Cryptocurrency heists are on the rise due to the lucrative nature of their rewards, the challenges associated with attribution to malicious actors, and the opportunities presented by nascent familiarity with cryptocurrency and Web3 technologies among many organizations,” Google-owned Mandiant said last month.

Apple is removing its Advanced Data Protection (ADP) feature for iCloud from the United Kingdom with immediate effect following government demands for backdoor access to encrypted user data.

The development was first reported by Bloomberg.

ADP for iCloud is an optional setting that ensures that users’ trusted devices retain sole access to the encryption keys used to unlock data stored in its cloud. This includes iCloud Backup, Photos, Notes, Reminders, Safari Bookmarks, voice memos, and data associated with its own apps.

“We are gravely disappointed that the protections provided by ADP will not be available to our customers in the UK given the continuing rise of data breaches and other threats to customer privacy,” the company was quoted as saying to Bloomberg.

“ADP protects iCloud data with end-to-end encryption, which means the data can only be decrypted by the user who owns it, and only on their trusted devices.”

Customers who are already using ADP will need to manually disable it for an as-yet-unspecified period of time, per the report, as Apple “does not have the ability to automatically disable it on their behalf.”

The unprecedented development comes merely weeks after reports emerged that the U.K. government had ordered Apple to build a backdoor to access any Apple user’s iCloud content.

Per The Washington Post, the demand, issued by the U.K. Home Office under the Investigatory Powers Act (IPA) aka the Snoopers’ Charter, “requires blanket capability to view fully encrypted material, not merely assistance in cracking a specific account.”

With the removal of ADP in the region, Apple now only offers standard data protection for iCloud, which encrypts users’ data but stores the encryption keys in its own data centers, thereby making it accessible to law enforcement subject to a warrant.

Last week, U.S. Senator Ron Wyden and Member of Congress Andy Biggs sent a letter to Tulsi Gabbard, the Director of National Intelligence, urging the U.K. to retract its order, citing it threatens the privacy and security of both the American people and the U.S. government.

“If the U.K. does not immediately reverse this dangerous effort, we urge you to reevaluate U.S.-U.K. cybersecurity arrangements and programs as well as U.S. intelligence sharing with the U.K.,” they added.

Multiple Russia-aligned threat actors have been observed targeting individuals of interest via the privacy-focused messaging app Signal to gain unauthorized access to their accounts.

“The most novel and widely used technique underpinning Russian-aligned attempts to compromise Signal accounts is the abuse of the app’s legitimate ‘linked devices’ feature that enables Signal to be used on multiple devices concurrently,” the Google Threat Intelligence Group (GTIG) said in a report.

In the attacks spotted by the tech giant’s threat intelligence teams, the threat actors, including one it’s tracking as UNC5792, have resorted to malicious QR codes that, when scanned, will link a victim’s account to an actor-controlled Signal instance.

As a result, future messages get delivered synchronously to both the victim and the threat actor in real-time, thereby granting threat actors a persistent way to eavesdrop on the victim’s conversations. Google said UAC-0195 partially overlaps with a hacking group known as UAC-0195.

These QR codes are known to masquerade as group invites, security alerts, or legitimate device pairing instructions from the Signal website. Alternatively, the malicious device-linking QR codes have been found to be embedded in phishing pages that purport to be specialized applications used by the Ukrainian military.

“UNC5792 has hosted modified Signal group invitations on actor-controlled infrastructure designed to appear identical to a legitimate Signal group invite,” Google said.

Another threat actor linked to the targeting of Signal is UNC4221 (aka UAC-0185), which has targeted Signal accounts used by Ukrainian military personnel by means of a custom phishing kit that’s designed to mimic certain aspects of the Kropyva application used by the Armed Forces of Ukraine for artillery guidance.

Also used is a lightweight JavaScript payload dubbed PINPOINT that can collect basic user information and geolocation data through phishing pages.

Outside of UNC5792 and UNC4221, some of the other adversarial collectives that have trained their sights on Signal are Sandworm (aka APT44), which has utilized a Windows Batch script named WAVESIGN; Turla, which has operated a lightweight PowerShell script; and UNC1151, which has put to use the Robocopy utility to exfiltrate Signal messages from an infected desktop.

The disclosure from Google comes a little over a month after the Microsoft Threat Intelligence team attributed the Russian threat actor known as Star Blizzard to a spear-phishing campaign that leverages a similar device-linking feature to hijack WhatsApp accounts.

Last week, Microsoft and Volexity also revealed that multiple Russian threat actors are leveraging a technique called device code phishing to log into victims’ accounts by targeting them via messaging apps like WhatsApp, Signal, and Microsoft Teams.

“The operational emphasis on Signal from multiple threat actors in recent months serves as an important warning for the growing threat to secure messaging applications that is certain to intensify in the near-term,” Google said.

“As reflected in wide ranging efforts to compromise Signal accounts, this threat to secure messaging applications is not limited to remote cyber operations such as phishing and malware delivery, but also critically includes close-access operations where a threat actor can secure brief access to a target’s unlocked device.”

The disclosure also follows the discovery of a new search engine optimization (SEO) poisoning campaign that uses fake download pages impersonating popular applications like Signal, LINE, Gmail, and Google Translate to deliver backdoored executables aimed at Chinese-speaking users.

“The executables delivered through fake download pages follow a consistent execution pattern involving temporary file extraction, process injection, security modifications, and network communications,” Hunt.io said, adding the samples exhibit infostealer-like functionality associated with a malware strain referred to as MicroClip.