SK Telecom Breach, Massive Ransomware Outage, Beware AI Links
Hey people! Welcome to July week 2. Here comes our fresh dose of cyber bulletin that will keep you up-to-date on the latest cyber incidents and will also help you protect yourself from potential cyber scams. This week, we will talk about the SK Telecom breach in South Korea that led to penalties being levied. Next, we will focus on the Ingram Micro widespread outage. Lastly, we will discuss the chances of ChatGPT and Perplexity links being potentially malicious.
So, let’s not waste any more time and start with the detailed bulletin.
SK Telecom breach leads to penalties and stringent legalities
SK Telecom, a mobile telecommunications service provider in South Korea, has experienced a data breach recently. The government has levied a fine on SK Telecom, as it has “failed to fulfil its obligations” of offering a secure communication system to its users.

A joint public-private investigation has been conducted against the 42,000 servers of SK Telecom. The investigation revealed that 28 of these servers were compromised by 33 distinct malware strains. As a result, the telecom service provider will now have to pay USD 21,890 (30 Million Won). The fine has been imposed because SK Telecom significantly delayed the reporting process after the breach. Apart from the penalty, the telecom service provider is also required to cater to certain stringent legal requirements. This includes conducting quarterly security assessments, enabling subscribers to cancel out the subscriptions without paying any fine, and offering users a free-of-cost USIM swap service.
Yoo Sang-im, the Minister of Science and Information and Communication Technology, believes that this data breach at the nation’s largest telecom service provider is a staggering reminder of the vulnerability of the telecom industry and related infrastructures to cyberattacks.

Ransomware attack responsible for the massive outage at Ingram Micro
Ingram Micro experienced a ransomware attack on Thursday. The IT distributor has to bring down its website. The attack was planned strategically just before the 4th of July weekend started. Two days later, Ingram informed customers about the ransomware attack.
Ingram took prompt action to secure the entire system and switched it to offline mode. It also implemented remedial measures. Ingram Micro collaborated with a cybersecurity company to investigate the attack further and also reported the breach to law enforcement agencies.
As of now, the IT distributor is “working diligently” to restore the disrupted services. They have also sincerely apologized for the inconvenience caused to the vendors as well as customers.

Ingram Micro filed an 8K form with the US Securities and Exchange Commission on Saturday.
The IT distributor has published a dedicated page this Monday to keep all the stakeholders informed about the latest updates around the cyberattack. They also notified that the subscribers can now place orders by email or phone from multiple countries like Germany, France, Italy, Brazil, and so on.
As per speculations, the ransomware attack has been carried out by a group called SafePay. But official confirmation has not been made yet. So far, the data from Ingram has not been published on the Dark Web yet.
DMARC, DKIM, and SPF help prevent phishing and spoofing, offering vital protection against ransomware threats.

Beware of clicking on the links shared by ChatGPT and Perplexity
If you search for anything and everything on ChatGPT and Perplexity, then you have to see this!
Netcraft has published a report that claims AI tools can actually share malicious links that can redirect you to phishing pages. As per the report, OpenAI GPT-4.1 was asked to share 50 band links. The AI tool could share only 66% correct links. The rest of the links shared were harmful in nature and could have led users to phishing scams.
The report also mentioned about 17 K AI-written Gitbook phishing pages that promote themselves as legitimate support hubs. This may convince the users to trust the malicious links as genuine ones and then fall prey to cyberattacks.

Perplexity has also shared the link to a phishing site, as the researchers asked for the URL to Wells Fargo. Netcraft has observed other malpractices as well, and this is exactly why you should trust the OpenAI CEO. Recently, he said that users must not trust AI tools blindly.
Sophisticated campaigns are being run by threat actors to “poison” AI coding assistants. Some of the cybercrooks designed a malicious API that impersonates the genuine Solana blockchain. Soon, developers mistakenly included it in their projects. The threat actors thus very cleverly managed to channel all transactions directly to their wallets.
All these sophisticated tactics by threat actors are a grim reminder that artificial intelligence is not fail-proof. It is important to use the AI tools responsibly, or you can end up being scammed by a cyberattacker.