Intelligence
Cyber Intelligence Weekly Echelon

Cyber Intelligence Weekly (March 9, 2025): Our Take on Three Things You Need to Know

By
Posted on Mar 09 / 2025

Welcome to our weekly newsletter where we share some of the major developments on the future of cybersecurity that you need to know about. Make sure to follow my LinkedIn page as well as Echelon’s LinkedIn page to receive updates on the future of cybersecurity!

To receive these and other curated updates to your inbox on a regular basis, please sign up for our email list here: https://echeloncyber.com/ciw-subscribe

Before we get started on this week’s CIW, I’d like to highlight our upcoming webinar on cloud security!

Don't miss your chance to gain insights from cloud security experts Paul Matvey, Stephen Dyson, and Mitchel Sykes. They'll discuss the critical vulnerabilities that organizations face today, from identity mismanagement to intricate compliance issues, and the indispensable role of thorough security audits. Secure your spot now! https://lnkd.in/dMa8nfMQ

https://lnkd.in/dMa8nfMQ

Away we go!

1.  U.S. Charges 12 Chinese Nationals in Massive Cyber Espionage Operation

The U.S. Department of Justice has charged 12 individuals, including two Chinese government officials and ten alleged hackers, for their involvement in a global cyber espionage campaign spanning over a decade. The accused are linked to APT27 (also known as Silk Typhoon) and the hacking contractor i-Soon, which is suspected of breaching the U.S. Treasury Department, compromising sensitive government and corporate networks, and selling stolen data to Chinese state agencies. The charges reveal how China’s hacker-for-hire ecosystem operates, with independent contractors selecting targets for financial gain while also working on behalf of government clients.

Prosecutors allege that Shanghai-based i-Soon profited significantly from cyber intrusions, reportedly charging up to $75,000 per hacked email inbox and generating millions in revenue annually. Their services included zero-day exploit sales, password-cracking tools, and advanced phishing kits. Beyond government targets, these hackers allegedly infiltrated U.S. media outlets, dissident groups, religious leaders, and defense contractors. The indictment includes internal communications between hackers, showcasing their motivations and strategies, such as targeting U.S. organizations due to personal preference.

While none of the 12 suspects are currently in U.S. custody, the State Department has issued rewards ranging from $2 million to $10 million for information leading to their arrest. The FBI’s Cyber Division has warned that these charges send a strong message to those aiding China’s cyber warfare efforts, emphasizing that the U.S. will continue to identify, expose, and prosecute malicious actors engaged in state-sponsored hacking operations.

SaaS Breaches: Defenses Falling Short Against Modern Threats

A new security report from Obsidian Security highlights the alarming frequency of Software as a Service (SaaS) incidents, driven by misconfigurations, poor access controls, and lack of security visibility. Many organizations assume that cloud providers handle all security responsibilities, leading to critical security gaps.

Since September 2023, SaaS breaches have risen 300%. An example of a recent high-profile SaaS-based incident is the Snowflake, a leading cloud data warehouse platform, data breach that resulted in over 160 companies having deployment configurations and data exposed including AT&T. As a result of the incident, over $2.5m was extorted from the victim organizations. In 2024, the healthcare sector experienced the highest volume of SaaS-based breaches (14%) with state and local government (13$) and financial services (11%) rounding out the top 3 industries.

A major issue is the lack of centralized visibility across multiple SaaS applications, making it difficult to detect unauthorized access and misconfigurations. Attackers are also exploiting weak API security to gain access to sensitive data and manipulate SaaS services. The typical attack includes the use of adversary-in-the middle (AiTM) techniques to compromise the user account and gain access to the SaaS application. This technique can compromise both the user account and their multifactor authentication (MFA). Other common techniques used are self-service password reset, password guessing or spraying, and MFA bombing or fatigue.

AiTM Attack Path

Microsoft - https://www.microsoft.com/en-us/security/blog/2022/07/12/from-cookie-theft-to-bec-attackers-use-aitm-phishing-sites-as-entry-point-to-further-financial-fraud/

To mitigate these risks, organizations must adopt a proactive security approach, enforce stringent access controls, and continuously monitor SaaS environments for anomalies.

Recommendations:

  • Centralize the management, security, and monitoring controls for SaaS applications
  • Implement zero-trust security for SaaS applications including mandatory least privilege access controls
  • Conduct regular security audits to identify misconfigurations.
  • Enforce strict API access controls to prevent unauthorized data access.

2.  Millions of Android Devices Infected with Hidden Backdoor for Cybercrime

A new wave of cyber threats has been uncovered in millions of inexpensive Android-powered devices, including TV streaming boxes, tablets, and car infotainment systems. Cybersecurity researchers at Human Security revealed that a large number of these devices are preloaded with malware that covertly turns them into botnet nodes—allowing cybercriminals to commit ad fraud, data theft, and other online crimes without the owners’ knowledge. The latest campaign, dubbed Badbox 2.0, expands on previous findings, showing that the ecosystem behind these compromised devices is far larger than initially believed.

Unlike earlier versions of this attack, which embedded backdoors directly into device firmware before they were sold, Badbox 2.0 now leverages traditional malware tactics such as drive-by downloads and malicious app installations. Many of these devices operate outside Google’s ecosystem, making them more vulnerable to exploitation. Attackers also trick users into downloading fake versions of legitimate apps, turning their devices into tools for fraudulent ad revenue generation and proxy-based cybercrime.

Researchers estimate that the majority of infected devices are in South America, particularly Brazil, and are being used to mask illegal internet traffic through unsuspecting victims' connections. While Google and cybersecurity firms have taken action to disrupt the botnet, experts warn that the threat is far from over, as fraudsters are quick to adapt and evolve their tactics. Consumers are urged to be cautious when purchasing cheap, no-name Android devices, as they may come with more than just a bargain—they could be carrying a hidden cyber threat.

LLM Vulnerability: Prompt Injection Attacks

OWASP’s newest report on Large-Language Model (LLM) Application Security lists prompt injection as the number one critical vulnerability in their Top 10 list for 2025. Prompt injection vulnerabilities persist in systems employing advanced compensating techniques like Retrieval Augmented Generation (RAG) and fine-tuning, presenting a complex challenge that extends beyond simple input validation.

The report identifies two distinct attack vectors: direct prompt injections, where threat actors deliberately craft seemingly benign inputs to manipulate model behavior, and indirect injections, where malicious payloads are hidden in the data the LLM consumes. The MITRE ATLAS framework (AML.T0051.000 - Direct Prompt Injection, AML.T0051.001 - Indirect Prompt Injection) provides additional technical depth on these attack patterns, highlighting how they can bypass safety measures and enable unauthorized actions.

Recent incidents demonstrate how these vulnerabilities can manifest in production environments, with attackers successfully manipulating LLMs to disclose sensitive information, generate harmful content, or facilitate unauthorized access. The attack surface expands significantly with multimodal AI systems, where interactions between different data (e.g., text, images, etc.) create novel cross-modal attack opportunities that current detection methods struggle to identify.

From a LLM Operations (LLMOps) lifecycle perspective, prompt injection vulnerabilities primarily manifest in the “Operate” and “Monitor” stages, where applications actively process user inputs and generate responses. This vulnerability impacts both custom and pre-trained model deployments, though it is especially critical in pre-trained scenarios where developers have less control over the underlying model behavior. Within the LLM application architecture, these attacks target the “Application Services” layer, specifically the interaction between user interfaces/inputs and the LLM’s processing pipeline.

Security practitioners should implement defense-in-depth strategies through adversarial training that combines input validation, output filtering, and strict context adherence. OWASP recommends moving beyond traditional prompt engineering to embrace programmatic guardrails, semantic filtering, and the RAG Triad methodology for evaluating context relevance. For detailed technical implementation guidance, security teams should reference MITRE ATLAS, which provides comprehensive attack patterns and mitigations.

3.  Texas Border City Declares State of Emergency Following Cyberattack

The city of Mission, Texas, has declared a state of emergency after a significant cyberattack compromised its government systems, exposing sensitive data and forcing officials to take networks offline. While city officials assured residents that emergency services remain operational, reports suggest that law enforcement lost access to crucial state databases, including the ability to run license plates and check driver’s licenses. The attack, which began on February 28, has left the city struggling to restore operations.

In response to the crisis, Mayor Norie Gonzalez Garza sent an urgent request to Texas Governor Greg Abbott, asking for a state-level emergency declaration to unlock funding and resources for recovery. In her statement, she warned that the breach could expose personal records, health information, and legal documents held by the city. Despite local efforts to contain the damage, the Texas Division of Emergency Management has yet to comment on the situation, and no further updates have been provided since Wednesday.

Mission is the latest in a series of Texas municipalities targeted by ransomware attacks, which have disrupted essential services across the state. Just last month, Matagorda County also declared a disaster after a cyberattack, while McKinney, Coppell, and Richardson suffered similar breaches in the past year. The ongoing wave of cyberattacks on local governments underscores the urgent need for enhanced cybersecurity measures to protect public infrastructure and personal data.

Thanks for reading!

About us: Echelon is a full-service cybersecurity consultancy that offers wholistic cybersecurity program building through vCISO or more specific solutions like penetration testing, red teaming, security engineering, cybersecurity compliance, and much more! Learn more about Echelon here: https://echeloncyber.com/about

Are you ready to get started?