Darktrace
Coverage of Darktrace in the Nexus archive.
- Gizmodo readers hit with ClickFix malware prompts after account compromise
Gizmodo confirmed a security incident where a compromised account injected a malicious script, briefly displaying ClickFix malware prompts on its site. The attack, linked to ErrTraffic's ClickFix-as-a-service, targeted users with OS-specific payloads, including NetSupport RAT for Windows and a broken macOS version. Gizmodo resolved the issue by removing the script and securing the account.
- Dragos: Despite AI use, new malware targeting water plants is ‘hype’
Dragos analysts dismissed ZionSiphon, a purported AI-generated malware targeting Israeli water infrastructure, as 'hype' due to its dysfunctional code and lack of operational technology expertise. The malware, identified by Darktrace, contains AI-generated errors and fictional configurations, rendering it inoperable despite its politically themed messaging.
- Researchers Detect ZionSiphon Malware Targeting Israeli Water, Desalination OT Systems
Researchers have identified a new malware named ZionSiphon, specifically targeting Israeli water treatment and desalination operational technology (OT) systems. The malware, detected by Darktrace, is capable of establishing persistence, modifying configuration files, and scanning for OT services.
- New Chaos Variant Targets Misconfigured Cloud Deployments, Adds SOCKS Proxy
A new variant of Chaos malware is targeting misconfigured cloud deployments, expanding its scope beyond routers and edge devices. Darktrace reported this development in a recent analysis.