(Credit: Getty Images)
This may sound like a very simple reminder, but if you ever get an email claiming to be from the customer support team of a service you use, always contact them directly to make sure the message you got is real. Similarly, when you sign up for a new app, download it from an official website or app store. Why, you ask? Let’s take a look at the security news this week, and you’ll understand.
First of all, we reported this week that a fake Starlink app for Android turned out to be a bitcoin miner. So if you’re a Starlink user and find your Android phone has been getting pretty hot at night, you may want to make sure you have the official app from the Google Play Store, and not a knockoff. Then there’s the fake Claude Code install that turned out to be malware, targeting would-be vibe coders by gaming Google search results with sponsored placements for itself, ranking higher than the official installer and official download pages. Even worse, the fake Claude Code steals sensitive data like passwords, session cookies, and more, and is very difficult to delete.
There's also poor LastPass, which has had its share of issues, but this one’s not its fault: Fake customer service emails targeting LastPass users have been trying to steal vault access out of unsuspecting users. This is classic phishing, and we have tips to spot and avoid it, but they all involve keeping your eyes peeled. In the same vein, hackers have been targeting high-profile accounts on Signal and WhatsApp with similar phishing campaigns.
In other still concerning news, a pro-Iran hacker group called Handala claims to have wiped over 200,000 devices at a US-based medical equipment provider called Stryker, and the company has confirmed the attack. The company is facing a global outage as a result of the attack, and among the devices wiped by the hackers are company servers and computers, but notably mobile devices, including employee-owned personal devices that the company required their staff to install corporate software on (presumably in order to get a hold of them for work-related issues).
This is a good reminder to avoid installing corporate tools on your personal devices if possible (not just because it gives your employer access to your personal device, but also to avoid things like this), and if it’s not possible, check and see if your company can provide a device for that purpose. At the very least, make sure all your devices are protected with antivirus software or a security suite, and you keep your personal data backed up in case your device is lost, stolen, or wiped.
Let’s take a look at what else is going on in the infosec world this week.
AI vs. AI: McKinsey’s Chatbot Compromised in Two Hours
What happens when you put one AI against another AI? Everyone loses—except for the security researchers who conducted the experiment, who got a great story out of the whole thing. As The Register reports, researchers from security firm CodeWall put their agentic AI up against consulting company McKinsey’s own AI chatbot, and in less than two hours, the agent managed to break in, obtain full read/write access to the chatbot’s full production database, which included, “46.5 million chat messages about strategy, mergers and acquisitions, and client engagements, all in plaintext, along with 728,000 files containing confidential client data, 57,000 user accounts, and 95 system prompts controlling the AI's behavior.”
Even worse, because it had full read and write access, the agent could exfiltrate, delete, and even poison all of that data. Now, CodeWall was doing this at McKinsey’s behest; this wasn’t an unsanctioned hack. CodeWall was tasked with identifying vulnerabilities and gaps in McKinsey’s Lilli chatbot, which the consulting firm rolled out in 2023 (and is now used by most McKinsey employees and clients). Hilariously, McKinsey’s chatbot fell to a simple SQL injection attack, the kind that used to be very common around the web. The entire tale is cautionary, though: As more companies rush to embrace AI for things like corporate chatbots and internal documentation, hackers themselves are turning to AI to automate their attacks. That’s what CodeWall did here, and the researchers’ success shows that this is only the beginning.
Salesforce Issues New Security Alert Tied to Third Customer Attack Spree in Six Months
Salesforce just can’t catch a break. ShinyHunters, the same threat group behind attacks on Google, Grubhub, Pornhub, and Kering (the parent company of Gucci, Yves Saint Laurent, and Balenciaga), is apparently back with the third series of attacks in six months, again using stolen data from corporate Salesforce implementations. According to CyberScoop, Salesforce itself issued a security alert to its customers, stating that it’s investigating the attack spree and that the data isn’t from a vulnerability in Salesforce, despite what ShinyHunters claims, which also says it has data from more than 100 new companies. Instead, Salesforce says the attacks are identity-based, meaning attackers are gaining access to publicly facing systems using compromised accounts or other connected systems.
Regardless of how the data is leaking, Salesforce is advising customers to ensure their implementations are properly configured, including the guest user accounts that ShinyHunters uses to obtain sensitive data. It’s a bit of a difficult spot for the company, since it’s not a problem with their software that’s to blame, but the way that their customers have the software configured. Expect to hear more from ShinyHunters in the near future, as it starts selling or sharing the data it claims to have collected.
Second Major Hack Hits Bell Ambulance, Affecting 238,000 People
When you call an ambulance, the last thing you’re probably worried about is your personal data and who’ll end up looking at it. Unfortunately, the data of about 238,000 people associated with Bell Ambulance, a Wisconsin-based company with operations around the country, is in the hands of hackers who breached the company’s systems, according to SecurityWeek.
Even worse, this isn’t even the first time the company has been hacked. Last year, in February, the company lost over 219GB of data on over 100,000 people in a ransomware attack. The company notified the Maine Attorney General’s office of the breach (which made it public), notified the affected individuals, and offered them 12 months of identity theft protection. In a statement, Bell representatives say they’ve conducted a full investigation into the incident, secured their accounts and systems, and reset all passwords.
As we’ve mentioned before, getting hacked once actually increases the odds you’ll get hacked again, so it’s important to lock down your data as much as possible.