The underground market for criminally oriented generative AI has moved beyond the early hype surrounding ‘malicious chatbots.’ The gradual integration of AI as a productivity layer within cybercrime operations has become the dominant story, indicating that while the potential for fully autonomous AI hacking systems is possible, attackers are not embracing them as expected. Instead, threat actors are increasingly using AI to accelerate routine, but operationally significant, tasks to scale their operations. Drafting phishing lures, profiling targets, debugging code, generating forged documents, modifying malware, translating victim communications, and processing stolen data at scale were once time-consuming activities that AI has made significantly easier. AI does not replace cybercriminals; it lowers friction, increases speed, and expands the range of actors able to perform tasks that previously required more time, skill, or external support.
Read more…
Source: Rapid7 News
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Cyberattack on JAL delays some flights, disrupts operations
December 26, 2024
Japan Airlines announced on Dec. 26 that its computer network was hit by a cyberattack, which delayed some flights while the company worked to restore the system and resume normal operations. According to JAL, the cyberattack caused a heavy access load to the network equipment connecting internal and external offices from 7:24 a.m. that morning. The ...
- UN General Assembly adopts milestone cybercrime treaty
December 24, 2024
The General Assembly on Tuesday adopted the United Nations Convention against Cybercrime, a landmark global treaty aimed at strengthening international cooperation to combat cybercrime and protecting societies from digital threats. The agreement on the legally binding treaty marked the culmination of a five-year effort by UN Member States, with inputs from civil society, information security experts, ...
- WhatsApp scores historic victory against NSO Group in long-running spyware hacking case
December 23, 2024
A U.S. judge has ruled that Israeli spyware maker NSO Group breached hacking laws by using WhatsApp to infect devices with its Pegasus spyware. In a historic ruling on Friday, a Northern California federal judge held NSO Group liable for targeting the devices of 1,400 WhatsApp users, violating state and federal hacking laws as well as ...
- ‘NetWalker’ Ransomware Attacker Gets 20 Years in Prison
December 21, 2024
Romanian national Daniel Christian Hulea pleaded guilty to computer fraud conspiracy and wire fraud conspiracy. NetWalker ransomware attacks often targeted the healthcare sector during the COVID-19 pandemic. The attacker obtained nearly 1,600 Bitcoin ransomware payments as a result of his attacks, netting him and another affiliate about $21.5 million. Hulea is being ordered to forfeit these ...
- Beware Feb. 3, 2025 – Diabolic Ransomware Gang Issues New Attack Warning
December 21, 2024
If you thought law enforcement had not only disrupted the LockBit ransomware operation, alongside trolling the criminal gang behind it but taken it out of business altogether, then you are likely in for a shock: LockBitSupp, the group’s alleged leader, has warned LockBit 4 will return next year. In fact, a dark web posting said the ...
- 240,000 Credit Union Members Exposed
December 20, 2024
A recent data breach at SRP Federal Credit Union, based in South Carolina, has left over 240,000 members vulnerable to potential identity theft and financial fraud. Between Sept. 5 and Nov. 4, 2024, hackers accessed sensitive personal data, including Social Security numbers, driver’s license information, dates of birth and financial account details. The ransomware group Nitrogen ...