27M Stolen Credentials Seized 🚨 + The Mac Malware That Tricks AI Security Tools
Two major stories from today's cybersecurity news — one is a rare win for defenders, and the other is a warning that attackers are getting smarter in unsettling new ways.
🔓 Massive Malware Network Taken Down — 27 Million Stolen Credentials Recovered
Law enforcement and cybersecurity companies just dealt a significant blow to two of the internet's most prolific criminal operations: the Amadey and StealC malware networks. These tools were essentially "malware-as-a-service" — criminal groups could rent them to steal passwords, financial details, and other sensitive information from victims around the world.
The takedown was enormous in scale: 326 servers seized, 142 malicious domains shut down, and approximately $47 million in cryptocurrency frozen. Most importantly, investigators recovered 27 million stolen credentials — login information that was either already sold on the dark web or waiting to be used in future attacks.
Microsoft and its partners also cut off access to over 200 command-and-control servers, essentially pulling the plug on thousands of infected computers that were still under criminal control. If you've ever reused passwords across sites, now is a great time to check if your accounts were affected using a tool like Have I Been Pwned.
🍏 New Mac Malware Is Designed to Fool AI-Powered Security Tools
Security researchers at SentinelOne have discovered a new macOS malware called GasLight — and it represents a genuinely novel threat. Not only does it steal your data and create a backdoor into your computer, but it also contains a clever trick designed specifically to fool the AI-powered tools that security analysts use to study malware.
Hidden inside GasLight are 38 fake "system error" messages — things like fake out-of-memory alerts, disk failure warnings, and token expiry notices. When an AI analysis tool examines the malware, these fake messages confuse it into thinking there's a system problem, causing the AI to stop its investigation prematurely. It's essentially malware that's learned how to gaslight the very tools designed to catch it.
This matters beyond just Mac users: it signals that malicious actors are now actively studying and exploiting how AI security tools work. As the security industry leans more heavily on AI for threat detection, attackers are already adapting. Mac users should keep their systems updated and rely on endpoint security tools from reputable vendors who are aware of these emerging evasion techniques.
Stay ahead of threats with GOCO Security at gocosecurity.com.
.jpg)
Comments
Post a Comment