Weekly Cybersecurity Roundup: Feb 3, 2025 — Feb 9, 2025

Cybersecurity, government experts are aghast at security failures in DOGE takeover

Recent developments involving Elon Musk’s Department of Government Efficiency (DOGE) have raised significant concerns among cybersecurity and government experts regarding potential security lapses. Critics argue that DOGE’s rapid integration into federal systems has bypassed established protocols designed to protect sensitive information.

Key Concerns:

• Access to Sensitive Systems: DOGE personnel have reportedly gained access to critical government systems, including those of the United States Agency for International Development (USAID), without proper security clearances. This unauthorized access has led to the suspension of USAID security officials who attempted to prevent such breaches.
• Judicial Intervention: A federal judge has temporarily restricted DOGE’s access to sensitive Treasury payment systems following a lawsuit by 19 Democratic attorneys general. The lawsuit cites concerns over potential cybersecurity risks and the unauthorized disclosure of confidential information.
• Expert Criticism: Cybersecurity professionals have expressed alarm at DOGE’s disregard for established security protocols, likening the situation to an ongoing data breach. The appointment of inexperienced individuals to positions with access to sensitive data has further exacerbated these concerns.

Sources: Politico, Cyberscoop

DeepSeek App Transmits Sensitive User and Device Data Without Encryption

Recent security assessments have revealed significant vulnerabilities in the DeepSeek mobile application, particularly concerning its handling of user and device data. Notably, the app transmits sensitive information over the internet without encryption, exposing it to potential interception and manipulation.

Key Findings:

• Unencrypted Data Transmission: DeepSeek’s iOS app sends registration and device data without encryption, making it susceptible to passive and active attacks.
• Weak Encryption Practices: The app employs outdated encryption methods, such as the insecure symmetric algorithm 3DES, utilizes hard-coded encryption keys, and reuses initialization vectors, further compromising data security.
• Disabling of App Transport Security (ATS): DeepSeek globally disables ATS, an iOS feature designed to prevent the transmission of sensitive data over unencrypted channels, thereby increasing the risk of data exposure.
• Data Transmission to ByteDance-Linked Servers: User data is sent to servers managed by Volcano Engine, a cloud platform owned by ByteDance, the parent company of TikTok, raising concerns about data privacy and potential unauthorized access.

Security Implications:

These vulnerabilities not only expose users to potential data breaches but also raise national security concerns. Lawmakers have proposed banning the DeepSeek app from U.S. government devices due to fears that user data could be accessed by the Chinese government.

Sources: WSJ, The Hacker News, NowSecure

LLM Hijackers Quickly Incorporate DeepSeek API Keys

Recent security incidents have highlighted the rapid exploitation of DeepSeek’s API keys by unauthorized actors, a practice now termed “LLMjacking.” This involves hijackers gaining illicit access to large language models (LLMs) like DeepSeek, allowing them to utilize these platforms without incurring costs themselves.

Key Developments:

• Database Exposure: A publicly accessible database belonging to DeepSeek was discovered, containing over a million log entries with sensitive information, including chat histories, secret keys, and backend details. This exposure provided attackers with the means to extract API keys and other confidential data.
• Rapid Integration by Hijackers: Following the leak, unauthorized actors swiftly incorporated the stolen DeepSeek API keys into their operations. This quick adaptation underscores the agility of these hijackers in exploiting newly available resources.
• Monetization of Unauthorized Access: The hijacked API keys have been utilized to offer unauthorized access to DeepSeek’s services, with some instances selling such access for approximately $30 per month. This not only results in financial losses for DeepSeek but also poses significant security risks.

Sources: Hackread, Dark Reading, WIZ

DeepSeek AI tools impersonated by infostealer malware on PyPI

Recent reports have identified that threat actors are exploiting the rising popularity of DeepSeek AI by distributing malicious packages on the Python Package Index (PyPI). These packages impersonate legitimate DeepSeek developer tools but are designed to steal sensitive information from users.

Key Details:

• Malicious Packages Identified: The fraudulent packages, named “deepseeek” and “deepseekai,” were uploaded to PyPI on January 29, 2025, by an account created in June 2023 with no prior activity.
• Functionality: Upon execution, these packages collect user and system data, including environment variables such as API keys, database credentials, and infrastructure access tokens. The stolen information is then exfiltrated to a command and control server using a legitimate automation platform.
• Detection and Response: Researchers from Positive Technologies discovered the malicious packages and promptly reported them to PyPI administrators. The packages were subsequently quarantined and removed from the repository.

Security Recommendations:

• Verify Package Authenticity: Before installing any package, especially those related to popular tools like DeepSeek, ensure that the package name is correct and originates from a reputable source.
• Monitor for Suspicious Activity: Regularly check your systems for any unauthorized access or unusual behavior that may indicate a compromise.
• Implement Security Best Practices: Utilize software composition analysis tools and automated vulnerability scanning to detect and prevent the installation of malicious packages. Limiting the use of unverified packages and enabling dependency scanning tools can further enhance security.

Sources: Dark Reading, Bleeping Computer

Massive brute force attack uses 2.8 million IPs to target VPN devices

A significant brute force attack has been identified, utilizing approximately 2.8 million unique IP addresses to target various VPN and networking devices. This large-scale assault aims to compromise devices from manufacturers such as Palo Alto Networks, Ivanti, and SonicWall by systematically attempting to guess login credentials.

Attack Characteristics:

• Geographical Distribution: The attack sources are widespread, with a notable concentration of IP addresses originating from Brazil (1.1 million), followed by Turkey, Russia, Argentina, Morocco, and Mexico.
• Duration: The malicious activity has been ongoing since mid-to-late January 2025, indicating a sustained and coordinated effort by the attackers.

Potential Implications:

If successful, these brute force attempts could grant unauthorized access to critical network infrastructure, leading to data breaches, system disruptions, and potential further exploitation within affected organizations.

Sources: Cybersecurity Dive, Bleeping Computer

Notorious hacker behind 40+ cyberattacks on strategic organizations arrested

Spanish authorities have arrested an 18-year-old hacker in Calpe, Alicante, accused of conducting over 40 cyberattacks against strategic national and international organizations. The suspect targeted entities such as the Guardia Civil, the Ministry of Defense, NATO, and the United Nations.

Operating under various pseudonyms on the dark web, the hacker accessed sensitive databases containing personal information and internal documents, which were subsequently sold or shared online. In December 2024, a significant breach involved the Guardia Civil and the Ministry of Defense, leading to the joint operation “Abbadon-Theatre” by the Policía Nacional and the Guardia Civil, culminating in the arrest.

During the investigation, authorities seized multiple electronic devices and identified over 50 cryptocurrency accounts linked to the suspect, indicating a sophisticated understanding of blockchain technology. The individual faces charges including unauthorized access to computer systems, disclosure of secrets, computer damage, and money laundering.

Sources: Huffpost, cadenaser

Netgear warns users to patch critical WiFi router vulnerabilities

Netgear has recently addressed two critical security vulnerabilities affecting several of its WiFi routers and access points. The company strongly advises users to update their devices’ firmware promptly to mitigate potential risks.

Affected Models:

• WiFi 6 Access Points:
• WAX206
• WAX214v2
• WAX220
• Nighthawk Pro Gaming Routers:
• XR1000
• XR1000v2
• XR500

Vulnerabilities Details:

1. Remote Code Execution (RCE) Vulnerability (PSV-2023–0039): This flaw allows unauthenticated attackers to execute arbitrary code on the affected devices remotely.
2. Authentication Bypass Vulnerability (PSV-2021–0117): This issue permits attackers to bypass authentication mechanisms, potentially granting unauthorized access to device settings and data.

Both vulnerabilities can be exploited without user interaction and are considered low in attack complexity.

Sources: Netgear, Bleeping Computer

Cloudflare outage caused by botched blocking of phishing URL

On February 6, 2025, Cloudflare experienced a significant outage lasting approximately 59 minutes, affecting multiple services including R2 Object Storage, Stream, Images, Cache Reserve, Vectorize, and Log Delivery. The incident was triggered by human error during a routine abuse remediation process. An employee, while responding to a phishing site report hosted on Cloudflare’s R2 platform, inadvertently disabled the entire R2 Gateway service instead of targeting the specific malicious endpoint.

Cloudflare acknowledged that this mistake resulted from a failure in multiple system-level controls and operator training. The company emphasized that no data was lost or corrupted during the incident. In response, Cloudflare is prioritizing the implementation of additional safeguards to prevent similar occurrences in the future.

This event underscores the critical importance of robust validation processes and comprehensive training in managing abuse reports, especially in large-scale cloud service environments.

Sources: Cloudflare

Microsoft Edge update adds AI-powered Scareware Blocker

Microsoft has introduced a new AI-powered “Scareware Blocker” in its Edge browser to enhance user protection against deceptive online scams. This feature employs a local machine learning model to detect and block aggressive web pages that attempt to mislead users into believing their systems are compromised.

Key Features:

• Local Machine Learning Model: The scareware blocker operates entirely on the user’s device, analyzing web pages in real-time without transmitting data to the cloud.
• Automatic Scam Mitigation: Upon identifying a potential scam, Edge will exit full-screen mode, halt any audio playback, and display a warning to the user, providing a thumbnail of the suspicious page.
• User Reporting: Users have the option to report detected scams, contributing to the enhancement of Microsoft’s Defender SmartScreen service, which proactively blocks known malicious sites.

Activation Instructions:

To enable the scareware blocker in Microsoft Edge:

1. Navigate to the browser’s settings.
2. Access the privacy settings section.
3. Locate and activate the scareware blocker feature.
4. Restart the browser to apply the changes.

This feature is currently available in preview in the latest stable release of Edge. Users are encouraged to enable it to bolster their defenses against evolving online threats.

Sources: Windows Blogs

Google says hackers abuse Gemini AI to empower their attacks

Google has identified that state-sponsored hacking groups from over 20 countries, notably China and Iran, are leveraging its AI-powered Gemini chatbot to enhance their cyberattack capabilities. These groups utilize Gemini for tasks such as writing malicious code and conducting reconnaissance on potential targets.

While the integration of AI tools like Gemini has increased the efficiency of these threat actors, it has not yet led to the development of new attack methodologies. Instead, these tools are being used to streamline existing processes, making traditional cyberattacks more effective.

Google’s Threat Intelligence Group (GTIG) is actively monitoring this adversarial use of generative AI and is implementing measures to mitigate potential abuses. The company emphasizes the importance of understanding and addressing the misuse of AI technologies to maintain cybersecurity.

This development highlights the dual-use nature of AI technologies, which can be employed for both beneficial and malicious purposes. It underscores the necessity for continuous monitoring and the establishment of robust safeguards to prevent the exploitation of AI in cyber threats.

Sources: Bleeping Computer, Google Cloud, VOA

Microsoft kills off Defender ‘Privacy Protection’ VPN feature

Microsoft has announced that it will discontinue the ‘Privacy Protection’ VPN feature within its Microsoft Defender app across all platforms — Windows, macOS, iOS, and Android — effective February 28, 2025. This decision is attributed to limited user adoption, prompting the company to reallocate resources to areas that better align with customer needs.

Key Details:

• Discontinuation Date: February 28, 2025.
• Affected Platforms: Windows, macOS, iOS, and Android.
• Reason for Removal: Low usage and a strategic shift towards other features.

Impact on Users:

• Windows, iOS, and macOS Users: No immediate action is required.
• Android Users: It is recommended to manually remove the Defender VPN profile to prevent potential network browsing issues post-discontinuation.

Steps to Remove Defender VPN Profile on Android:

1. Open the Settings app.
2. Navigate to Network & Internet and select VPN.
3. Locate the Microsoft Defender VPN profile.
4. Tap the information icon and choose Remove or Forget.

Sources: Microsoft, The Verge

Chinese cyberspies use new SSH backdoor in network device hacks

Recent reports have identified a cyber-espionage campaign attributed to the Chinese hacking group known as Evasive Panda (also referred to as DaggerFly). This campaign involves the deployment of a novel SSH backdoor targeting network appliances.

Attack Methodology:

• Malware Injection: The attackers compromise network appliances and inject a malicious library named libsshd.so into the SSH daemon (sshd). This injection allows the malware to intercept SSH sessions and execute unauthorized commands.
• Persistence Mechanisms: To maintain long-term access, the threat actors employ additional binaries, such as mainpasteheader and selfrecoverheader, which ensure the malware remains active even after system reboots or software updates.

Implications:

By compromising the SSH daemon, the attackers can:

• Monitor and hijack legitimate SSH sessions.
• Execute arbitrary commands with elevated privileges.
• Exfiltrate sensitive data from the targeted network devices.

Sources: Bleepingcomputer

Zyxel won’t patch newly exploited flaws in end-of-life routers

Zyxel has announced that it will not release patches for several vulnerabilities affecting its end-of-life (EoL) routers, despite reports of these flaws being actively exploited. The company advises users to replace these outdated devices with newer models to ensure security.

Key Details:

• Vulnerabilities Identified: Security researchers have discovered multiple vulnerabilities in Zyxel’s CPE Series devices, including CVE-2024–40890 and CVE-2024–40891. These are command injection flaws that could allow attackers to execute arbitrary commands on affected devices.
• Active Exploitation: Reports indicate that these vulnerabilities are being actively exploited in the wild, posing significant risks to users of the affected models.
• Zyxel’s Response: In a security advisory, Zyxel confirmed that the impacted models have reached their end-of-life status and will not receive security patches. The company strongly recommends that users replace these legacy products with newer-generation devices to maintain optimal protection.

Recommendations for Users:

• Assess Device Status: Determine if your Zyxel router is among the affected end-of-life models.
• Upgrade Hardware: If using an EoL device, consider upgrading to a supported model that receives regular security updates.
• Implement Interim Security Measures: Until a replacement is obtained, ensure that the device’s firmware is up-to-date, disable unnecessary services, and restrict remote access to trusted IP addresses.

By taking these steps, users can mitigate potential security risks associated with the unpatched vulnerabilities in Zyxel’s discontinued routers.

Sources: Bleepingcomputer

Malicious ML Models on Hugging Face Leverage Broken Pickle Format to Evade Detection

Recent cybersecurity research has uncovered that malicious actors have uploaded compromised machine learning (ML) models to the Hugging Face platform, utilizing a technique involving “broken” pickle files to evade detection.

Technical Details:

• Pickle Serialization Format: Pickle is a Python-based serialization protocol commonly used for saving and loading ML models. However, it can execute arbitrary code during the deserialization process, posing security risks if misused.
• Evasion Technique: The malicious models were stored in the PyTorch format, which typically uses ZIP compression. In this case, the attackers employed the 7z compression format, allowing them to insert malicious Python code at the beginning of the pickle file. This manipulation caused the deserialization process to execute the malicious code before encountering errors, thereby evading Hugging Face’s Picklescan tool designed to detect such threats.

Impact:

Upon loading the compromised models, the embedded malicious code establishes a reverse shell connection to a hard-coded IP address, granting attackers unauthorized access to the victim’s system. The identified models appear to be proofs-of-concept rather than active threats, but they highlight potential vulnerabilities in the ML supply chain.

Sources: thehackernews

Critical Cisco ISE bug can let attackers run commands as root

Cisco has recently addressed two critical vulnerabilities in its Identity Services Engine (ISE) that could allow authenticated, remote attackers to execute arbitrary commands with root privileges on affected systems.

Vulnerabilities Overview:

1. CVE-2025–20124 (CVSS Score: 9.9): This vulnerability arises from insecure Java deserialization in an API of Cisco ISE. An attacker with valid credentials can exploit this flaw by sending a crafted serialized Java object to the targeted API, leading to arbitrary command execution as the root user.
2. CVE-2025–20125 (CVSS Score: 9.1): This vulnerability is due to an authorization bypass in a Cisco ISE API. An attacker with read-only credentials can exploit this by sending a crafted HTTP request to the affected API, allowing them to obtain sensitive information, modify node configurations, and restart the node.

Impact:

Successful exploitation of these vulnerabilities could grant attackers root-level access, enabling them to execute arbitrary commands, access sensitive data, and alter system configurations.

Sources: thehackernews