Summary: A lone wolf actor, known as EncryptHub, has been identified by Microsoft as the discoverer of two Windows security flaws while simultaneously engaging in cybercrime. The individual, originating from Ukraine and now in Romania, has compromised over 618 high-value targets and utilized advanced techniques in malware development, including reliance on OpenAI’s ChatGPT. Outpost24’s investigation reveals the complexities of this cybercriminal’s background, emphasizing how poor operational security led to their exposure.
Affected: Microsoft Windows
Keypoints :
- EncryptHub is credited with discovering two security flaws in Windows, later fixed by Microsoft, and attributed to another persona, SkorikARI.
- The threat actor has been linked to the exploitation of a new zero-day vulnerability to deploy various backdoor malware.
- EncryptHub’s journey into cybercrime began after facing challenges in legitimate job searches and exploiting poor operational security practices.
- Evidence suggests EncryptHub has used OpenAI’s ChatGPT for malware development and communication, showcasing reliance on advanced technologies.
Source: https://thehackernews.com/2025/04/microsoft-credits-encrypthub-hacker.html