From "spying" air fryers to 3 million rogue toothbrushes, here are the strangest stories about internet-connected home goods in 2024.

The holidays are upon us, which means now is the perfect time for gratitude, warmth, and—because modern society has thrust it upon us—gift buying.

It’s Bluey and dig kits and LEGOs for kids, Fortnite and AirPods and backpacks for tweens, and, for an adult you particularly love, it’s televisions, air fryers, e-readers, vacuums, dog-feeders, and more, which all seemingly require a mobile app to function.

“The Internet of Things” is the now-accepted term to describe countless home products that connect to the internet so that they can be controlled and monitored from a mobile app or from a web browser on your computer. The benefits are obvious for shoppers. Thermostats can be turned off during vacation, home doorbells can be answered while at work, and gaming consoles can download videogames as children sleep on Christmas Eve.

And while some of these internet-connected smart devices can sound a little dumb—cue the $400 “smart juicer” that a Bloomberg reporter outperformed with her bare hands—there are legitimate cybersecurity risks at hand. Capable of collecting data and connecting to the internet, smart devices can also fall victim to leaking that data to hackers online.

As we enter the new year, Malwarebytes Labs is looking back at some of the strangest, scariest, and most dumbfounding smart device stories this past year. Read on and enjoy.

****The million-car track hack****

The latest vehicles filling up the local car lot might not strike you as “smart devices,” but upon closer inspection, these cars, SUVs, trucks, and minivans absolutely are. Replete with cameras and sensors that can track location, speed, distance travelled, seatbelt use, and even a driver’s eye movements, modern vehicles are, as many have described them, “smartphones on wheels.”

For years, the cybersecurity of these particularly mobile mobiles (sorry) was passable.

When a group of security researchers hacked into a Jeep Cherokee’s steering and braking systems in 2014, they were building off earlier research that required the hacker’s laptop to be physically connected to the Jeep itself—a comforting reality when imagining shadowy cybercriminals wresting control from a driver while sat behind a computer console hundreds of miles away. And while the security researchers were able to eventually hack the Jeep Cherokee without a physical connection, the work involved was still robust.

But early this year, a separate group of security researchers revealed that they could remotely lock, unlock, start, turn off, and geolocate more than a million Kia vehicles by knowing nothing more than the vehicle’s license plate number. The researchers could also activate a vehicle’s horn, lights, and camera.

The vulnerability wasn’t in the vehicles themselves, but in Kia’s online infrastructure (Kia fixed the vulnerability before the researchers published their findings).

In short, the researchers posed as Kia _dealers_ when using an online Kia web portal and, by entering the Vehicle Identification Number—which could be revealed separately through license plate numbers—they could assign certain features like remote start and geolocation to a new account, which the security researchers controlled.

While the vulnerability did not provide access to any of the vehicles’ steering systems or acceleration or braking, it still posed an enormous privacy and security risk, said researcher Sam Curry in speaking to the outlet Wired:

> “If someone cut you off in traffic, you could scan their license plate and then know where they were whenever you wanted and break into their car. If we hadn’t brought this to Kia’s attention, anybody who could query someone’s license plate could essentially stalk them.”

****Whispering sweet nothings into your air fryer****

There’s a modern urban legend that our smartphones listen to our in-person conversations to deliver eerily relevant ads, and while there’s no proof this is true, there are certainly a few stories that raise nearby suspicions.

Take, for instance, the case of the nosy air fryers.

On November 5, a UK consumer rights group named “Which?” published research into several categories of smart devices—TVs, smart watches, etc.—and what they discovered about three models of air fryers surprised many.

In testing the Xiaomi Mi Smart Air Fryer, the Cosori CAF-LI401S, and the self-titled Aigostar, the researchers discovered that the associated air fryer mobile apps for Android requested a startling amount of information:

> “\[As\] well as knowing customers’ precise location, all three products wanted permission to record audio on the user’s phone, for no specified reason.”

The connected app for the Xiaomi air fryer “connected to trackers from Facebook, Pangle (the ad network of TikTok for Business), and Chinese tech giant Tencent (depending on the location of the user).” When creating an account for the Aigostar air fryer, the connected app asked users to divulge their gender and date of birth, without stating why that was necessary. The request, however, could be declined. The Aigostar app, like the Xiaomi app, sent personal data to servers in China, but this data sharing practice was clarified in the companies’ privacy policies, the researchers wrote.

The companies in the report pushed back on the characterizations from Which?, with a Xiaomi representative clarifying that “the permission to record audio on Xiaomi Home app is not applicable to Xiaomi Smart Air Fryer which does not operate directly through voice commands and video chat.” A representative for Cosori expressed frustration that the researchers at Which? did not share “specific test reports” with the company, as well.

The truth, then, may be somewhere in the middle. The air fryer mobile apps in question may request more information than necessary to function, but that could also be because the apps are trying to service the needs of many different types of products all at once.

****A toothbrush tall tale****

Let’s play a game of telephone: A Swiss newspaper interviews a cybersecurity expert about a _hypothetical_ cyberattack and, days later, dozens of news outlets report that hypothetical as the truth.

This story did happen, and it would be far more disturbing if it wasn’t also tinged with a hint of humor, and that’s because the tall-tale-turned-“truth” involved a massive cyberattack launched by… toothbrushes.

In February, a Swiss newspaper article included an anecdote about a “Distributed Denial-of-Service” attack, or DDoS attack. DDoS attacks involve sending loads of connection requests (like regular internet traffic) to a certain webpage as a way to briefly overwhelm that web page and take it down. But the interesting thing about DDoS attacks is that they don’t require a laptop or a smartphone to make those requests—all they need is a device that can connect to the internet.

In the Swiss newspaper’s account, those devices were 3 million toothbrushes. Translated from the article’s original language in German, it read:

> “She’s at home in the bathroom, but she’s part of a large-scale cyberattack. The electric toothbrush is programmed with Java, and criminals have, unnoticed, installed malware on it—like on 3 million other toothbrushes. One command is enough and the remote-controlled toothbrushes simultaneously access the website of a Swiss company. The site collapses and is paralyzed for four hours. Millions of dollars in damage is caused.”

The article, which noted that the whole scenario could’ve been ripped out of “Hollywood,” contextualized why the attack was so scary: It “actually happened.”

But it most assuredly had not.

The article had no details about the attack, so there was no company named, no toothbrush model specified, and no response from any organization. But none of that mattered as countless news outlets aggregated the original article, because what _did_ matter was the virality of the whole affair. There was a device that seemingly everyone agreed had no reason to connect to the internet, and—would you look at that—it led to major consequences.

In reality, the consequences were to the truth.

This holiday season, let’s do better than the silliest, most needless IoT devices, and let’s connect to what matters instead.

**We don’t just report on threats—we remove them**

Cybersecurity risks should never spread beyond a headline. Keep threats off your devices by downloading Malwarebytes today.

 Connected contraptions cause conniption for 2024 

AI tools will enable significant productivity and efficiency benefits for organizations in the coming year, but they also will exacerbate privacy, governance, and security risks.

Source: Anggalih Prasetya via Shutterstock

Most industry analysts expect organizations will accelerate efforts to harness generative artificial intelligence (GenAI) and large language models (LLMs) in a variety of use cases over the next year.

Typical examples include customer support, fraud detection, content creation, data analytics, knowledge management, and, increasingly, software development. A recent survey of 1,700 IT professionals conducted by Centient on behalf of OutSystems had 81% of respondents describing their organizations as currently using GenAI to assist with coding and software development. Nearly three-quarters (74%) plan on building 10 or more apps over the next 12 months using AI-powered development approaches.

While such use cases promise to deliver significant efficiency and productivity gains for organizations, they also introduce new privacy, governance, and security risks. Here are six AI-related security issues that industry experts say IT and security leaders should pay attention to in the next 12 months.

**AI Coding Assistants Will Go Mainstream — and So Will Risks**

Use of AI-based coding assistants, such as GitHub Copilot, Amazon CodeWhisperer, and OpenAI Codex, will go from experimental and early adopter status to mainstream, especially among startup organizations. The touted upsides of such tools include improved developer productivity, automation of repetitive tasks, error reduction, and faster development times. However, as with all new technologies, there are some downsides as well. From a security standpoint these include auto-coding responses like vulnerable code, data exposure, and propagation of insecure coding practices.

"While AI-based code assistants undoubtedly offer strong benefits when it comes to auto-complete, code generation, re-use, and making coding more accessible to a non-engineering audience, it is not without risks," says Derek Holt, CEO of Digital.ai. The biggest is the fact that the AI models are only as good as the code they are trained on. Early users saw coding errors, security anti-patterns, and code sprawl while using AI coding assistants for development, Holt says. "Enterprises users will continue to be required to scan for known vulnerabilities with \[Dynamic Application Security Testing, or DAST; and Static Application Security Testing, or SAST\] and harden code against reverse-engineering attempts to ensure negative impacts are limited and productivity gains are driving expect benefits."

**AI to Accelerate Adoption of xOps Practices**

As more organizations work to embed AI capabilities into their software, expect to see DevSecOps, DataOps, and ModelOps — or the practice of managing and monitoring AI models in production — converge into a broader, all-encompassing xOps management approach, Holt says. The push to AI-enabled software is increasingly blurring the lines between traditional declarative apps that follow predefined rules to achieve specific outcomes, and LLMs and GenAI apps that dynamically generate responses based on patterns learned from training data sets, Holt says. The trend will put new pressures on operations, support, and QA teams, and drive adoption of xOps, he notes.

"xOps is an emerging term that outlines the DevOps requirements when creating applications that leverage in-house or open source models trained on enterprise proprietary data," he says. "This new approach recognizes that when delivering mobile or web applications that leverage AI models, there is a requirement to integrate and synchronize traditional DevSecOps processes with that of DataOps, MLOps, and ModelOps into an integrated end-to-end life cycle." Holt perceives this emerging set of best practices will become hyper-critical for companies to ensure quality, secure, and supportable AI-enhanced applications.

**Shadow AI: A Bigger Security Headache**

The easy availability of a wide and rapidly growing range of GenAI tools has fueled unauthorized use of the technologies at many organizations and spawned a new set of challenges for already overburdened security teams. One example is the rapidly proliferating — and often unmanaged — use of AI chatbots among workers for a variety of purposes. The trend has heightened concerns about the inadvertent exposure of sensitive data at many organizations.

Security teams can expect to see a spike in the unsanctioned use of such tools in the coming year, predicts Nicole Carignan, vice president of strategic cyber AI at Darktrace. "We will see an explosion of tools that use AI and generative AI within enterprises and on devices used by employees," leading to a rise in shadow AI, Carignan says. "If unchecked, this raises serious questions and concerns about data loss prevention as well as compliance concerns as new regulations like the EU AI Act start to take effect," she says. Carignan expects that chief information officers (CIOs) and chief information security officers (CISOs) will come under increasing pressure to implement capabilities for detecting, tracking, and rooting out unsanctioned use of AI tools in their environment.

**AI Will Augment, Not Replace, Human Skills**

AI excels at processing massive volumes of threat data and identifying patterns in that data. But for some time at least, it remains at best an augmentation tool that is adept at handling repetitive tasks and enabling automation of basic threat detection functions. The most successful security programs over the next year will continue to be ones that combine AI's processing power with human creativity, according to Stephen Kowski, field CTO at SlashNext Email Security+.

Many organizations will continue to require human expertise to identify and respond to real-world attacks that evolve beyond the historical patterns that AI systems use. Effective threat hunting will continue to depend on human intuition and skills to spot subtle anomalies and connect seemingly unrelated indicators, he says. "The key is achieving the right balance where AI handles high-volume routine detection while skilled analysts investigate novel attack patterns and determine strategic responses."

AI's ability to rapidly analyze large datasets will heighten the need for cybersecurity workers to sharpen their data analytics skills, adds Julian Davies, vice president of advanced services at Bugcrowd. "The ability to interpret AI-generated insights will be essential for detecting anomalies, predicting threats, and enhancing overall security measures." Prompt engineering skills are going to be increasingly useful as well for organizations seeking to derive maximum value from their AI investments, he adds.

**Attackers Will Leverage AI to Exploit Open Source Vulns**

Venky Raju, field CTO at ColorTokens, expects threat actors will leverage AI tools to exploit vulnerabilities and automatically generate exploit code in open source software. "Even closed source software is not immune, as AI-based fuzzing tools can identify vulnerabilities without access to the original source code. Such zero-day attacks are a significant concern for the cybersecurity community," Raju says.

In a report earlier this year, CrowdStrike pointed to AI-enabled ransomware as an example of how attackers are harnessing AI to hone their malicious capabilities. Attackers could also use AI to research targets, identify system vulnerabilities, encrypt data, and easily adapt and modify ransomware to evade endpoint detection and remediation mechanisms.

**Verification, Human Oversight Will Be Critical**

Organizations will continue to find it hard to fully and implicitly trust AI to do the right thing. A recent survey by Qlik of 4,200 C-suite executives and AI decision-makers showed most respondents overwhelmingly favored the use of AI for a variety of uses. At the same time, 37% described their senior managers as lacking trust in AI, with 42% of mid-level managers expressing the same sentiment. Some 21% reported their customers as distrusting AI as well.

"Trust in AI will remain a complex balance of benefits versus risks, as current research shows that eliminating bias and hallucinations may be counterproductive and impossible," SlashNext's Kowski says. "While industry agreements provide some ethical frameworks, the subjective nature of ethics means different organizations and cultures will continue to interpret and implement AI guidelines differently." The practical approach is to implement robust verification systems and maintain human oversight rather than seeking perfect trustworthiness, he says.

Davies from Bugcrowd says there's already a growing need for professionals who can handle the ethical implications of AI. Their role is to ensure privacy, prevent bias, and maintain transparency in AI-driven decisions. "The ability to test for AI’s unique security and safety use cases is becoming critical," he says.

**About the Author**

Jai Vijayan is a seasoned technology reporter with over 20 years of experience in IT trade journalism. He was most recently a Senior Editor at Computerworld, where he covered information security and data privacy issues for the publication. Over the course of his 20-year career at Computerworld, Jai also covered a variety of other technology topics, including big data, Hadoop, Internet of Things, e-voting, and data analytics. Prior to Computerworld, Jai covered technology issues for The Economic Times in Bangalore, India. Jai has a Master's degree in Statistics and lives in Naperville, Ill.

6 AI-Related Security Trends to Watch in 2025

An overview of what the year 2024 had to offer in the realm of data breaches: Big ones, sensitive data and some duds

It may sound weird when I say that I would like to remember 2024 as the year of the biggest breaches. That’s mainly because that would mean we’ll never see another year like it.

To support this nomination, I will remind you of several high-profile breaches, some of a size almost beyond imagination, some that really left us worried because of the type of data that was stolen, and a few duds.

**Huge increase in numbers**

As we reported in July, the number of data breach victims went up 1,170% in Q2 2024, compared to Q2 2023 (from 81,958,874 victims to 1,041,312,601).

The huge increase is no big surprise if you look at the size of some of these breaches. Remember these headlines?

5\. Dell notifies customers about data breach (49 million customers)

4\. “Nearly all” AT&T customers had phone records stolen in new data breach disclosure (73 million people).

3\. 100 million US citizens officially impacted by Change Healthcare data breach.

2\. Ticketmaster confirms customer data breach (560 million customers).

1\. Stolen data from scraping service National Public Data leaked online (somewhere between 2.9 billion people (unconfirmed) and 272 million unique social security numbers).

The reason why I counted down to the biggest one, is because the first 4 are household names and people will know whether they might be affected since they are customers of the company. But National Public Data is a company that most people had never heard of before they read about the data breach.

The data gathered by National Public Data was “scraped,” meaning it was pulled from various sources and then combined in a large database. This also made it hard to get an exact number of affected people. The initially reported 2.9 billion people seemed a stretch, so we looked into that, and the estimates from our researchers say that it contains 272 million unique social security numbers. That could mean that the majority of US citizens were affected, although numerous people confirmed that it also included information about deceased relatives.

**Sensitive data**

Some of the huge breaches we listed contained Social Security Numbers (SSNs) which are a challenging process to be changed, but other breaches revealed all kinds of sensitive information.

Financial information was leaked by MoneyGram. Slim CD, Evolve Bank, Truist Bank, Prudential, and American Express.

Medical information was leaked by the earlier mentioned Change Healthcare breach, but we saw several smaller incidents at providers in the healthcare industry like Australia’s leading medical imaging provider I-MED Radiology, US and UK based healthcare provider DocGo that offers mobile health services, ambulance services, and remote monitoring for patients, nonprofit, outpatient provider of treatment for Opioid Use Disorder (OUD) CODAC Behavioral Healthcare, and DNA testing companies.

Ransomware incidents are also a big source of data breaches. When victims refuse to pay, the ransomware groups publish stolen data, as we saw with pharmacy chain Rite Aid.

Other sensitive data might have surfaced in hacktivist breaches at the Heritage Foundation, The Real World, and the Internet Archive. And sometimes it may be hard to not feel a bit of schadenfreude, as in the breach of the userbase of mobile monitoring app mSpy.

**Anticlimaxes**

In a few cases, there was a lot to do about something that turned out not to be so bad after all.

In February, a cybercriminal offered a business contact information database containing 132.8 million records for sale. It turned out to be a two-year-old third-party database which showed around 122 million unique business email addresses. That would have made it into our top 5, but the information in the database ages rather quickly. As soon as you move to a new job, that email address gets decommissioned and becomes worthless to phishers and other cybercriminals.

In July, a user leaked a file containing 9,948,575,739 unique plaintext passwords. The list was referred to as RockYou2024 because of its filename, rockyou.txt. However, without the associated user names or email, the list would have been of limited use to cybercriminals. If you don’t reuse passwords and never use “simple” passwords, like single words, then this release should not concern you.

If you were in any way affected by a data breach, we encourage you to have a look at our guide: Involved in a data breach? Here’s what you need to know.

**We don’t just report on threats – we help safeguard your entire digital identity**

Cybersecurity risks should never spread beyond a headline. Protect your—and your family’s—personal information by using identity protection.

 Data breaches in 2024: Could it get any worse? 

The U.S. Department of Justice (DoJ) has issued a final rule carrying out Executive Order (EO) 14117, which prevents mass transfer of citizens' personal data to countries of concern such as China (including Hong Kong and Macau), Cuba, Iran, North Korea, Russia, and Venezuela.
"This final rule is a crucial step forward in addressing the extraordinary national security threat posed of our

New U.S. DoJ Rule Halts Bulk Data Transfers to Adversarial Nations to Protect Privacy

The United States Treasury Department said it suffered a "major cybersecurity incident" that allowed suspected Chinese threat actors to remotely access some computers and unclassified documents. 
"On December 8, 2024, Treasury was notified by a third-party software service provider, BeyondTrust, that a threat actor had gained access to a key used by the vendor to secure a cloud-based

Chinese APT Exploits BeyondTrust API Key to Access U.S. Treasury Systems and Documents

Cybersecurity researchers have uncovered three security weaknesses in Microsoft's Azure Data Factory Apache Airflow integration that, if successfully exploited, could have allowed an attacker to gain the ability to conduct various covert actions, including data exfiltration and malware deployment.
"Exploiting these flaws could allow attackers to gain persistent access as shadow administrators

Misconfigured Kubernetes RBAC in Azure Airflow Could Expose Entire Cluster to Exploitation

Federal authorities have arrested and indicted a 20-year-old U.S. Army soldier on suspicion of being Kiberphant0m, a cybercriminal who has been selling and leaking sensitive customer call records stolen earlier this year from AT&T and Verizon. As first reported by KrebsOnSecurity last month, the accused is a communications specialist who was recently stationed in South Korea.

Federal authorities have arrested and indicted a 20-year-old U.S. Army soldier on suspicion of being **Kiberphant0m**, a cybercriminal who has been selling and leaking sensitive customer call records stolen earlier this year from **AT&T** and **Verizon**. As first reported by KrebsOnSecurity last month, the accused is a communications specialist who was recently stationed in South Korea.

One of several selfies on the Facebook page of Cameron Wagenius.

**Cameron John Wagenius** was arrested near the Army base in Fort Hood, Texas on Dec. 20, after being indicted on two criminal counts of unlawful transfer of confidential phone records.

The sparse, two-page indictment (PDF) doesn’t reference specific victims or hacking activity, nor does it include any personal details about the accused. But a conversation with Wagenius’ mother — Minnesota native **Alicia Roen** — filled in the gaps.

Roen said that prior to her son’s arrest he’d acknowledged being associated with **Connor Riley Moucka**, a.k.a. “**Judische**,” a prolific cybercriminal from Canada who was arrested in late October for stealing data from and extorting dozens of companies that stored data at the cloud service **Snowflake**.

In an interview with KrebsOnSecurity, Judische said he had no interest in selling the data he’d stolen from Snowflake customers and telecom providers, and that he preferred to outsource that to Kiberphant0m and others. Meanwhile, Kiberphant0m claimed in posts on Telegram that he was responsible for hacking into at least 15 telecommunications firms, including AT&T and Verizon.

On November 26, KrebsOnSecurity published a story that followed a trail of clues left behind by Kiberphantom indicating he was a U.S. Army soldier stationed in South Korea.

Ms. Roen said Cameron worked on radio signals and network communications at an Army base in South Korea for the past two years, returning to the United States periodically. She said Cameron was always good with computers, but that she had no idea he might have been involved in criminal hacking.

“I never was aware he was into hacking,” Roen said. “It was definitely a shock to me when we found this stuff out.”

Ms. Roen said Cameron joined the Army as soon as he was of age, following in his older brother’s footsteps.

“He and his brother when they were like 6 and 7 years old would ask for MREs from other countries,” she recalled, referring to military-issued “meals ready to eat” food rations. “They both always wanted to be in the Army. I’m not sure where things went wrong.”

Immediately after news broke of Moucka’s arrest, Kiberphant0m posted on the hacker community **BreachForums** what they claimed were the AT&T call logs for **President-elect** **Donald J. Trump** and for **Vice President Kamala Harris**.

“In the event you do not reach out to us @ATNT all presidential government call logs will be leaked,” Kiberphant0m threatened, signing their post with multiple “#FREEWAIFU” tags. “You don’t think we don’t have plans in the event of an arrest? Think again.”

Kiberphant0m posting what he claimed was a “data schema” stolen from the NSA via AT&T.

On that same day, Kiberphant0m posted what they claimed was the “data schema” from the **U.S. National Security Agency**.

On Nov. 5, Kiberphant0m offered call logs stolen from Verizon’s push-to-talk (PTT) customers — mainly U.S. government agencies and emergency first responders. On Nov. 9, Kiberphant0m posted a sales thread on BreachForums offering a “SIM-swapping” service targeting Verizon PTT customers. In a SIM-swap, fraudsters use credentials that are phished or stolen from mobile phone company employees to divert a target’s phone calls and text messages to a device they control.

The profile photo on Wagenius’ Facebook page was deleted within hours of my Nov. 26 story identifying Kiberphant0m as a likely U.S. Army soldier. Still, many of his original profile photos remain, including several that show Wagenius in uniform while holding various Army-issued weapons.

Several profile photos visible on the Facebook page of Cameron Wagenius.

November’s story on Kiberphant0m cited his own Telegram messages saying he maintained a large botnet that was used for distributed denial-of-service (DDoS) attacks to knock websites, users and networks offline. In 2023, Kiberphant0m sold remote access credentials for a major U.S. defense contractor.

**Allison Nixon,** chief research officer at the New York-based cybersecurity firm Unit 221B, helped track down Kiberphant0m’s real life identity. Nixon was among several security researchers who faced harassment and specific threats of violence from Judische and his associates.

“Anonymously extorting the President and VP as a member of the military is a bad idea, but it’s an even worse idea to harass people who specialize in de-anonymizing cybercriminals,” Nixon told KrebsOnSecurity. She said the investigation into Kiberphant0m shows that law enforcement is getting better and faster at going after cybercriminals — especially those who are actually living in the United States.

“Between when we, and an anonymous colleague, found his opsec mistake on November 10th to his last Telegram activity on December 6, law enforcement set the speed record for the fastest turnaround time for an American federal cyber case that I have witnessed in my career,” she said.

Nixon asked to share a message for all the other Kiberphant0ms out there who think they can’t be found and arrested.

“I know that young people involved in cybercrime will read these articles,” Nixon said. “You need to stop doing stupid shit and get a lawyer. Law enforcement wants to put all of you in prison for a long time.”

The indictment against Wagenius was filed in Texas, but the case has been transferred to the U.S. District Court for the Western District of Washington in Seattle.

U.S. Army Soldier Arrested in AT&T, Verizon Extortions

Treasury says hackers accessed “certain unclassified documents” in a “major” breach, but experts believe the attack’s impacts could prove to be more significant as new details emerge.

A disclosure notice to the United States Congress on Monday revealed that the US Treasury Department suffered a breach earlier this month that allowed hackers to remotely access some Treasury computers and “certain unclassified documents.”

The attackers exploited vulnerabilities in remote tech support software provided by the identity and access management firm BeyondTrust, and Treasury said in its letter to lawmakers that “the incident has been attributed to a China state-sponsored Advanced Persistent Threat (APT) actor.” Reuters first reported the disclosure and its contents.

In the notice, Treasury officials said that BeyondTrust notified the agency of the incident on December 8 after attackers were able to steal an authentication key and use it to bypass system defenses and gain access to Treasury workstations.

“The compromised BeyondTrust service has been taken offline and at this time there is no evidence indicating the threat actor has continued access to Treasury information,” Treasury assistant secretary for management Aditi Hardikar wrote the lawmakers. “In accordance with Treasury policy, intrusions attributable to an APT are considered a major cybersecurity incident.”

The disclosure says that Treasury has been collaborating with the FBI, the Cybersecurity and Infrastructure Security Agency, and the intelligence community broadly as well as private “forensic investigators” to evaluate the situation. The Treasury and FBI did not immediately return WIRED's request for additional information about the breach. CISA referred questions back to the Treasury Department. BeyondTrust was not immediately available for comment about the situation.

On December 8, BeyondTrust published an alert that it has continued to update about “a security incident that involved a limited number of Remote Support SaaS customers.” (SaaS stands for “software as a service.”) Though the notification does not say that the US Treasury was one of the impacted customers, the timeline and details appear to line up with the Treasury disclosure, including acknowledgment from BeyondTrust that attackers compromised an application programming interface key.

The BeyondTrust alert mentions two exploited vulnerabilities involved in the situation—the critical command injection vulnerability "CVE-2024-12356" and the medium-severity command injection vulnerability "CVE-2024-12686." CISA added the former CVE to its “Known Exploited Vulnerabilities Catalog” on December 19. Command injection vulnerabilities are common application flaws that can be easily exploited to gain access to a target's systems.

“I cannot believe that we're seeing command injection vulnerabilities in 2024 in any products, let alone a secure remote access product that's supposed to have additional vetting for use by the US government,” says Jake Williams, vice president of research and development at the cybersecurity consultancy Hunter Strategy and a former NSA hacker. “They are some of the easiest bugs to identify and remediate at this point.”

BeyondTrust is an accredited “Federal Risk and Authorization Management Program” vendor, but Williams speculates that it is possible that the Treasury was using a non-FedRAMP version of the company's Remote Support and Privileged Remote Access cloud products. If the breach actually affected FedRAMP-certified cloud infrastructure, though, Williams says, “it might be the first breach of one and almost certainly the first time FedRAMP cloud tools were abused to facilitate remote access to a customer's systems.”

The breach comes as US officials have been scrambling to address a massive espionage campaign compromising US telecoms that has been attributed to the China-backed hacking group known as Salt Typhoon. White House officials told reporters on Friday that Salt Typhoon breached nine US telecoms.

“We wouldn’t leave our homes, our offices, unlocked and yet our critical infrastructure—the private companies owning and operating our critical infrastructure—often do not have the basic cybersecurity practices in place that would make our infrastructure riskier, costlier, and harder for countries and criminals to attack,” Anne Neuberger, deputy national security adviser for cyber and emerging technology, said on Friday.

Treasury, CISA, and FBI officials did not respond to WIRED's questions about whether the actor that breached the Treasury was specifically Salt Typhoon. Treasury officials said in the disclosure to Congress that they would provide more information about the incident in the Department's mandated 30-day supplemental notification report. As details continue to emerge, Hunter Strategy's Williams says that the scale and scope of the breach may be even larger than it currently appears.

“I expect the impact to be more significant than access to just a few unclassified documents,” he says.

US Treasury Department Admits It Got Hacked by China

SUMMARY A sophisticated attack campaign has compromised at least 16 Chrome browser extensions, exposing over 600,000 users to…

****SUMMARY****

*   **Large-Scale Breach**: Over 16 Chrome extensions were compromised, exposing 600,000+ users to data and credential theft.

*   **Phishing Attack**: Developers were tricked into granting access to a malicious OAuth app via fake Chrome Web Store emails.

*   **Cyberhaven Impact**: Attackers used admin credentials to deploy a malicious update stealing sensitive user data.

*   **Widespread Impact**: Many extensions across categories are linked to the same malicious infrastructure.

*   **Response & Recommendations**: Revoke credentials, monitor logs, and secure extensions; investigations continue.

A sophisticated attack campaign has compromised at least 16 Chrome browser extensions, exposing over 600,000 users to data theft and credential theft. The attack targeted extension publishers through phishing emails that mimicked official communications from the Chrome Web Store.

These emails, designed to create a sense of urgency, tricked developers into granting malicious applications access to their accounts. This allowed attackers to inject malicious code into legitimate extensions.

The recipient was directed to accept the policies by clicking a link, which then led them to a page for granting permissions to a malicious OAuth application called “Privacy Policy Extension.

Cyberhaven, a cybersecurity firm specializing in data loss prevention, was among the impacted firms and the first to publicly disclose its compromise. The attack occurred on December 24 and involved phishing a company employee to gain access to their Chrome Web Store admin credentials. 

According to Cyberhaven, the attackers compromised the “single admin account for the Google Chrome Store” and managed to publish a malicious update to their popular Chrome extension. This update, deployed on Christmas Day, was designed to steal sensitive user data, including passwords, session tokens, Facebook account credentials, and cookies.

The malicious extension, version 24.10.4, remained active for over 31 hours before being detected and removed from the Chrome Web Store. “Our security team detected this compromise at 11:54 PM UTC on December 25 and removed the malicious package within 60 minutes,” the company’s disclosure read.

Cyberhaven immediately released a legitimate update (version 24.10.5), hired Mandiant to develop an incident response plan and also notified federal law enforcement agencies for investigation. The company has confirmed that its systems, including CI/CD processes and code signing keys, were not compromised.

In an email sent to its customers, Cyberhaven has advised users to revoke and rotate passwords and text-based credentials, such as API tokens, and review their logs for malicious activity. This is due to the potential for stolen session tokens and cookies to bypass security measures, allowing hackers to access logged-in accounts without a password or two-factor code. However, the company has not disclosed the method of the breach or the corporate security policies that allowed the account compromise. 

Following the Cyberhaven breach, security researchers discovered numerous other compromised extensions exhibiting similar malicious behaviour. These extensions, spanning various categories including AI assistants, VPNs, and productivity tools, were found to be communicating with the same command-and-control servers.

> Regarding the Cyberhaven chrome extension compromise I have reasons to believe there are other extensions affected. Pivoting by the ip address there are more domains created within the same time range resolving to the same ip address as cyberhavenextpro (cont)
> 
> — Jaime Blasco (@jaimeblascob) December 27, 2024

Other extensions found to have been compromised, according to Secure Annex, a browser extension security platform, include the following:

Name

ID

VPNCity

nnpnnpemnckcfdebeekibpiijlicmpom

Parrot Talks

kkodiihpgodmdankclfibbiphjkfdenh

Uvoice

oaikpkmjciadfpddlpjjdapglcihgdle

Internxt VPN

dpggmcodlahmljkhlmpgpdcffdaoccni

Bookmark Favicon Changer

acmfnomgphggonodopogfbmkneepfgnh

Castorus

mnhffkhmpnefgklngfmlndmkimimbphc

Wayin AI

cedgndijpacnfbdggppddacngjfdkaca

Search Copilot AI Assistant for Chrome

bbdnohkpnbkdkmnkddobeafboooinpla

VidHelper – Video Downloader

egmennebgadmncfjafcemlecimkepcle

AI Assistant – ChatGPT and Gemini for Chrome

bibjgkidgpfbblifamdlkdlhgihmfohh

Vidnoz Flex – Video recorder & Video share

cplhlgabfijoiabgkigdafklbhhdkahj

TinaMind – The GPT-4o-powered AI Assistant!

befflofjcniongenjmbkgkoljhgliihe

Bard AI chat

pkgciiiancapdlpcbppfkmeaieppikkk

Reader Mode

llimhhconnjiflfimocjggfjdlmlhblm

Primus (prev. PADO)

oeiomhmbaapihbilkfkhmlajkeegnjhe

Tackker – online keylogger tool

ekpkdmohpdnebfedjjfklhpefgpgaaji

AI Shop Buddy

epikoohpebngmakjinphfiagogjcnddm

Sort by Oldest

miglaibdlgminlepgeifekifakochlka

Rewards Search Automator

eanofdhdfbcalhflpbdipkjjkoimeeod

Earny – Up to 20% Cash Back

ogbhbgkiojdollpjbhbamafmedkeockb

ChatGPT Assistant – Smart Search

bgejafhieobnfpjlpcjjggoboebonfcg

Keyboard History Recorder

igbodamhgjohafcenbcljfegbipdfjpk

Email Hunter

mbindhfolmpijhodmgkloeeppmkhpmhc

Visual Effects for Google Meet

hodiladlefdpcbemnbbcpclbmknkiaem

Cyberhaven security extension V3

pajkjnmeojmbapicmbpliphjmcekeaac

This means that it is a well-thought-after large-scale attack. Security researchers are still searching for more exposed extensions, but the sophistication and scope of the attack have increased the importance for organizations to secure their browser extensions. The identity of the attacker remains unclear.

1.  **Fake ChatGPT Extension Hijacks Facebook Accounts**
2.  **Chrome Extensions Harboring Dormant Colors Malware**
3.  **EmailGPT Flaw Puts User Data at Risk: Remove the Extension NOW**
4.  **Fake Ads Manager Malicious Extensions Target Facebook Accounts**
5.  **Ad-blocker Chrome extension AllBlock injected ads in Google searches**

16 Chrome Extensions Hacked in Large-Scale Credential Theft Scheme

In what's being called a "major cybersecurity incident," Beijing-backed adversaries broke into cyber vendor BeyondTrust to access the US Department of the Treasury workstations and steal unclassified data, according to a letter sent to lawmakers.

Source: trekandshoot via Alamy Stock Photo

UPDATE: This story was updated on Dec. 30 to include a statement from a BeyondTrust spokesperson.

The US Department of the Treasury alerted lawmakers on Monday that Chinese state-backed threat actors were able to compromise its systems and steal data from workstations earlier this month.

Because an advanced persistent threat (APT) group is suspected to be behind the hack, it is being treated as a "major cybersecurity incident," the disclosure letter from the Treasury Department said. The letter was sent to the chairman and ranking member of the Senate committee that oversees the agency.

Adversaries broke into the Treasury Department through third-party cybersecurity vendor BeyondTrust and "...gained access to a remote key used by the vendor to secure a cloud-based service used to remotely provide technical support for Treasury Departmental Offices (DO) end users," the letter explained. "With access to the stolen key, the threat actor was able to override the service's security, remotely access certain Treasury DO user workstations, and access certain unclassified documents maintained by those users."

BeyondTrust has more than 20,000 customers across more than 100 countries who use its privileged remote access tools, according to its website, which also states that the company is used among 75% of Fortune 100 organizations. The company has not responded to Dark Reading's request for comment.

BeyondTrust told the Treasury Department about the issue on Dec. 8; the department, along with the Cybersecurity and Infrastructure Security Agency and the FBI, is investigating the compromise, according to the letter.

A BeyondTrust advisory said the company was alerted on Dec. 5 to a compromised API key, which was immediately revoked. Impacted customers have already been notified, and the company is working with them on remediation, according to a statement from a BeyondTrust spokesperson.

"BeyondTrust previously identified and took measures to address a security incident in early December 2024 that involved the Remote Support product," the statement said. "No other BeyondTrust products were involved."

**'Epic' Chinese Hack of US Treasury**

The revelation that Beijing was able to strike right at the heart of America's federal capitalist system itself comes as the federal government continues to grapple with the sprawling and coordinated Chinese-backed cyberattacks against telecommunications companies in the US. Once inside, hackers from groups including Salt Typhoon accessed call data and text messages of an unknown number of Americans. So far Chinese hacking groups have been discovered inside at least nine different telecom networks in the US.

While investigations into the US Treasury breach are ongoing, these brazen Chinese acts of cyber espionage are almost to certain to require dicey diplomatic maneuvering. That could prove to be difficult to pull off during the murky transition period from the Biden administration to the incoming Trump administration.

"Beijing's routine denial of responsibility for cyberespionage incidents raises diplomatic challenges with the US in addressing such breaches effectively since there's lack of transparency and accountability/coordination," said Lawrence Pingree, vice president of Dispersive, in a statement provided to Dark Reading.

It's still unclear whether the Chinese hackers were able to crack the application's secrets or a cryptographic key, he added.

"Secrets and cryptographic key management are critical elements of managing software API access and thus if deficient in some way, or a compromise occurs via a developer's endpoint, the breach of those secrets and authentication keys can create these types of epic breaches," Pingree said.

The breach also shows that cybersecurity vendors remain a favorite target of sophisticated state threat actors, according to former NSA cyber expert Evan Dornbush, who provided a statement in reaction to the breach.

"The cybersecurity world is reeling from yet another high-profile breach, this time targeting the clients of security vendor BeyondTrust," Dornbush said. "This incident joins a growing list of attacks on security firms, including Okta (whose breach directly impacted BeyondTrust as a customer), LastPass, SolarWinds, and Snowflake."

**About the Author**

Dark Reading

Becky Bracken is a veteran multimedia journalist covering cybersecurity for Dark Reading.

Latest News