FunkSec...A Smelly New Ransomware Group

AI Spotlight
AI vs Human: Spearphishing Edition

Sometimes, winning in cyber attacks doesn’t mean getting a higher click rate on phishing emails. Sometimes, it just means sending phishing emails faster or cheaper. Oh, hello AI, I almost forgot about you.

Researchers did what researchers do best and evaluated using LLMs to launch fully automated personalized spearphishing campaigns and compare the results against meat suits humans. Okay, now I’m listening.

They tested four groups with a combined population of 101 Dalmatians individuals. Let’s start with the results:

The results showed that expert humans and AI perform about the same, with a small bump when a human is in the loop to fine-tune the AI-generated emails. However, compared to standard phishing emails, AI (and humans) performed 350% better. Yay, humans—we still got it!

The victims found that the AI-generated emails were more personalized, had better call-to-actions, and presented better than humans. Boo, humans, let’s step it up!

But here’s the catch. Creating those personalized emails is time-intensive. You must research the individual, write a catchy email, and send it off. That’s a lot of manual effort for us feeble humans. The human-in-the-loop process was 92% faster than the fully automated process! And from a cost perspective, the AI solution was 50 times more cost-effective than those expensive and pesky humans.

Another cool finding from the study? They found that both Claude and ChatGPT were really effective at detecting the intention of the email (e.g., is it trying to trick someone). Even more so when the model was primed to be suspicious of emails, unlike your parents, who click on everything.

Security Deep Dive
Something Smells Funky…Oh, Just a New Ransomware Group

Is 2025 going to be the year of the cybercriminal influencer? FunkSec might be trying to make it happen. In yet another attack group that no one knows about, there are claims of data leaks, AI-generated malware, and no shortage of rhetoric.

Part hacktivist (against India and the US), part ransomware group. At least this new group isn’t pretending to be cats.

The group launched in December 2024. They have the standard RaaS offering with a leaksite.

They claim that their encryptor has the “fastest encryption ever.”

One interesting thing is that they also have a tool section where stupid people hacktivists can download things like a DDoS tool that almost certainly won’t get you into trouble with any authorities.

They also apparently don’t like criticism as they felt the need to make an announcement where they don’t want anyone to say “chit” about them.

They’re not all that bad, though. Per CheckPoint research, they’re fans of using AI to enhance their tools. CheckPoint notes (and I can confirm), their scripts have perfect comments. So, they either copied the code from someone or used AI to generate it.

Whelp, just another group for us to deal with 🤦 

Security & AI News
What Else is Happening?

👀 The Hacker News released its 2025 “All-Star SaaS Threat Actors to Watch.” Let’s start by calling out that we shouldn’t glamorize cybercriminals. Then, we’ll go into calling out that part of their list has nothing to do with attackers that target SaaS. And lastly, they have one threat actor, ALPHV, who doesn’t exist anymore. Then, you realize it’s a sponsored post for a SaaS security company. This is one of the times that I hate this industry. /endrant

🤔 A victim of a cryptocurrency investment scam is suing three banks for “willful blindness” for allowing cybercriminals to open accounts used to steal $1 million from him. He claims the banks failed to conduct Know Your Customer (KYC) checks to verify the identity of the individual opening the account. It’s an interesting approach, and it’s one that I’m curious about how it plays out. Many cyber-attacks happen because criminals want financial gain. Making it harder for them to collect payments or cash out is a worthwhile pursuit…except for that whole Bitcoin thing.

🛑 This is the crap we need to stop. A Sydney teenager was caught using AI to create deepfake illicit pictures of other students and distributing them online. As the technology becomes better and more easily accessible, the barrier of entry to do sick things like this becomes ridiculously low. And yet, the long-term psychological harm to the kids and their families is long-lasting.

⚠️ Elon Musk warned that all humans are exhausted of him we have exhausted all human data to train AI models. He’s pushing for AI to create synthetic data to continue training. Some experts warn that relying on synthetic data could risk a model collapse, which means deteriorating the quality of the model’s outputs. Slop in, slop out.

🐑 A New Zealand Sheep Farmer predicted the dangers of AI 161 years ago. Check out the letter he wrote to a local newspaper in 1863. A few excerpts below feel too real today: