Latest news with #Rust-based
Biz Bahrain
3 days ago
- Business
- Biz Bahrain
Inside FunkSec: Kaspersky explores the evolution of AI-powered ransomware with password-gated capabilities
Kaspersky experts revealed the inner workings of FunkSec — a ransomware group that illustrates the future of mass cybercrime: AI-powered, multifunctional, highly adaptive and operating on volume with ransoms as low as $10,000 to maximize profits. Kaspersky's Global Research and Analysis Team (GReAT) constantly monitors the ransomware threat landscape, where attacks continue to rise. According to the company's latest State of Ransomware report, the share of users affected by ransomware attacks worldwide increased to 0.44% from 2023 to 2024, up by 0.02 percentage points. While this percentage may appear modest compared to other cyber threats, it reflects the fact that attackers typically prioritize high-value targets rather than mass distribution, making each incident potentially devastating. Within this evolving landscape, FunkSec has emerged as a particularly concerning threat. Active for less than a year since its emergence in late 2024, FunkSec has quickly surpassed many established actors by targeting government, technology, finance and education sectors. What sets FunkSec apart is its sophisticated technical architecture and AI-assisted development. The group packages full-scale encryption and aggressive data exfiltration into a single Rust-based executable, capable of disabling over 50 processes on victim machines and equipped with self-cleanup features to evade defenses. Beyond its core ransomware functionality, FunkSec has expanded its toolkit to include a password generator and a basic DDoS tool — both showing clear signs of code synthesis using large language models (LLMs). FunkSec's approach reflects the evolving landscape of mass cybercrime, combining advanced tools and tactics. Kaspersky's GReAT experts highlight the key features that define their operations: Password-Controlled Functionality GReAT experts discovered that FunkSec ransomware features a unique password-based mechanism that controls its operation modes. Without a password, the malware performs basic file encryption, while providing a password activates a more aggressive data exfiltration process in addition to encryption to steal sensitive data. FunkSec packs full-scale encryption, local exfiltration and self-cleanup into a single Rust binary—without a side-loader or a companion script. That level of consolidation is uncommon and gives affiliates a plug-and-play tool they can deploy almost anywhere. Use of AI in development Code analysis shows that FunkSec is actively using generative artificial intelligence to create its tools. Many parts of the code seem to be automatically generated rather than manually written. Signs of this generic placeholder comments (such as 'placeholder for actual check') and technical inconsistencies, like commands for different operating systems that don't align properly. Additionally, the presence of declared but unused functions—such as modules included upfront but never utilized — reflects how large language models combine multiple code snippets without pruning redundant elements. 'More and more, we see cybercriminals leveraging AI to develop malicious tools. Generative AI lowers barriers and accelerates malware creation, enabling cybercriminals to adapt their tactics faster. By reducing the entry threshold, AI allows even less experienced attackers to quickly develop sophisticated malware at scale,' comments Marc Rivero, Lead Security Researcher at Kaspersky's GReAT. High-volume, low-ransom strategy FunkSec demands unusually low ransom payments, sometimes as little as $10,000, and pairs this with the sale of stolen data at discounted prices to third parties. This strategy appears designed to enable a high volume of attacks, helping the group quickly establish its reputation within the cybercriminal underground. Unlike traditional ransomware groups that seek million-dollar ransoms, FunkSec employs a high-frequency, low-cost model — further underscoring its use of AI to streamline and scale operations. Expands beyond ransomware FunkSec has expanded its capabilities beyond the ransomware binary. Its dark leak site (DLS) hosts additional tools, including a Python-based password generator designed to support brute-force and password-spraying attacks, as well as a basic DDoS tool. Advanced evasion FunkSec employs advanced evasion techniques to avoid detection and complicate forensic analysis. The ransomware is capable of stopping over 50 processes and services to ensure thorough encryption of targeted files. Additionally, it includes a fallback mechanism to execute certain commands even if the user launching FunkSec lacks sufficient privileges. Kaspersky's products detect this threat as HEUR: To stay protected from ransomware attacks, Kaspersky experts recommend organizations follow these best practices to safeguard from ransomware: • Enable ransomware protection for all endpoints. There is a free Kaspersky Anti-Ransomware Tool for Business that shields computers and servers from ransomware and other types of malware, prevents exploits and is compatible with already installed security solutions. • Always keep software updated on all the devices you use to prevent attackers from exploiting vulnerabilities and infiltrating your network. • Focus your defense strategy on detecting lateral movements and data exfiltration to the internet. Pay special attention to outgoing traffic to detect cybercriminals' connections to your network. Set up offline backups that intruders cannot tamper with. Make sure you can access them quickly when needed or in an emergency. • Install anti-APT and EDR solutions, enabling capabilities for advanced threat discovery and detection, investigation and timely remediation of incidents. Provide your SOC team with access to the latest threat intelligence and regularly upskill them with professional training. All of the above is available within Kaspersky Expert Security framework. • Use the latest Threat Intelligence information to stay aware of the actual Tactics, Techniques, and Procedures (TTPs) used by threat actors. • To protect the company against a wide range of threats, use solutions from Kaspersky Next product line that provide real-time protection, threat visibility, investigation and response capabilities of EDR and XDR for organizations of any size and industry. Depending on your current needs and available resources, you can choose the most relevant product tier and easily migrate to another one if your cybersecurity requirements are changing.
Business Wire
18-06-2025
- Business
- Business Wire
I/ONX HPC Announces Heterogeneous Compute Platform for AI/ML
LAS VEGAS--(BUSINESS WIRE)--I/ONX High Performance Compute today announced its emergence from stealth mode with the unveiling of the world's first fully functional AI Heterogeneous Compute Platform, a groundbreaking milestone in AI that will redefine enterprise AI/ML compute infrastructure. The future of computing is not tied to a single processor architecture, but to flexibility and orchestration across all compute types. I/ONX's customizable heterogeneous compute platform is capable of orchestrating any chipset—CPU, GPU, ASIC, and/or FPGA—within a rack-scale system. The platform can scale up AI/ML as business needs evolve. "We believe the future of computing is not tied to a single processor architecture, but to flexibility and orchestration across all compute types," says Justyn Hornor, CEO of the company. "Our platform allows any enterprise to unify disparate chipsets under a single software-defined fabric—from AI training workloads to edge deployments—with our focus on extremely low-latency network and advanced software applications." I/ONX worked with Slalom, a leading global business and technology consulting firm, to independently test the platform and determine key elements of the ecosystem profile and performance criteria. 'Slalom has deep expertise and interest in innovating on the frontiers of cutting-edge AI/ML,' said Chris Samuels, director at Slalom. 'We're committed to exploring the growth of sustainable and responsible AI, so our customers can expand their horizons and explore new possibilities in the democratization of AI.' The I/ONX platform supports standard Python-based workflows on GPUs while also offering Rust-based fused kernels for ultra-low-latency performance across multiple processor classes. Multiple large AI models were tested and exceeded state-of-the-art speeds, for example, Whisper V3 Large. Key Highlights from the testing revealed: Verified operation across CPU, GPU, ASIC, and FPGA environments Scale-up architecture with flexible rack-level orchestration Seamless compatibility with Python-based data science and AI workflows Advanced Rust-based fused kernels for high-performance execution Greater than State-of-the-Art speeds on multiple complex models Note: Further details available upon request. Customer Use Cases: An AI lab team will be deploying custom FPGAs alongside enterprise GPUs and ASICs, leveraging I/ONX's unified orchestration. A research group will run advanced simulation models, where ASICs manage pre-processing and enterprise GPUs perform the heavy-lifting computations. With this public reveal, I/ONX is inviting early customers, research labs, and hyperscalers to engage in pilot deployments and joint development opportunities via our waiting list at The company's technology enables customers to future-proof their infrastructure while achieving performance levels previously restricted to proprietary, closed-box systems. Forward-Looking Statements: This press release contains "forward-looking statements" within the meaning of the safe harbor provisions of the U.S. Private Securities Litigation Reform Act of 1995. Forward-looking statements can be identified by words such as "anticipate," "intend," "plan," "seek," "believe," "estimate," "expect," "strategy," "likely," "may," "should" and similar references to future events or periods. Forward-looking statements are neither historical facts nor assurances of future performance. Instead, they are based only on our current beliefs, expectations and assumptions regarding the future of our business, future plans and strategies, projections, anticipated events and trends, the economy and other future conditions. Because forward-looking statements relate to the future, they are subject to inherent uncertainties, risks and changes in circumstances that are difficult to predict and many of which are outside of our control. Our actual results and financial condition may differ materially from those indicated in the forward-looking statements. Therefore, you should not rely on any of these forward-looking statements. Any forward-looking statement made by us in this press release is based only on information currently available to us and speaks only as of the date on which it is made. We undertake no obligation to publicly update any forward-looking statement, whether written or oral, that may be made from time to time, whether as a result of new information, future developments or otherwise. For media inquiries or to request a copy of the testing report, please contact pr@ I/ONX High Performance Compute is a division of Cloud Computing Solutions Group, Inc., specializing in the development of software-defined platforms that enable cross-architecture orchestration of heterogeneous compute environments. With a headquarters in Las Vegas, Nevada, I/ONX serves enterprise customers across AI, scientific computing, finance, and edge sectors.
