The underground market for criminally oriented generative AI has moved beyond the early hype surrounding ‘malicious chatbots.’ The gradual integration of AI as a productivity layer within cybercrime operations has become the dominant story, indicating that while the potential for fully autonomous AI hacking systems is possible, attackers are not embracing them as expected. Instead, threat actors are increasingly using AI to accelerate routine, but operationally significant, tasks to scale their operations. Drafting phishing lures, profiling targets, debugging code, generating forged documents, modifying malware, translating victim communications, and processing stolen data at scale were once time-consuming activities that AI has made significantly easier. AI does not replace cybercriminals; it lowers friction, increases speed, and expands the range of actors able to perform tasks that previously required more time, skill, or external support.
Read more…
Source: Rapid7 News
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- INTERPOL: 14 arrests, thousands of illicit cyber networks disrupted in Africa operation
August 18, 2023
DAR ES SALAM, Tanzania – INTERPOL and AFRIPOL have coordinated an operation across 25 African countries that enabled investigators to arrest 14 suspected cybercriminals and identify 20,674 suspicious cyber networks, highlighting the surge in digital insecurity and cyber threats in the region. The networks identified were linked to financial losses of more than USD 40 ...
- US Offers up to $10 Million for Info on Cyber Attacks in Montenegro
August 18, 2023
The US embassy in Montenegro has placed billboards on several locations in the capital Podgorica, offering up to $10 million for information on cyber attacks in Montenegro operated against American interests. The billboards seek information about ransomware attacks on state information systems, interference in elections, or “malicious cyber activities against critical American infrastructure”. Montenegro has been ...
- Threat Actors are Interested in Generative AI, but Use Remains Limited
August 17, 2023
Since at least 2019, Mandiant has tracked threat actor interest in, and use of, AI capabilities to facilitate a variety of malicious activity. Based on Mandiant own observations and open source accounts, adoption of AI in intrusion operations remains limited and primarily related to social engineering. In contrast, information operations actors of diverse motivations and capabilities ...
- LinkedIn user accounts have been taken over in huge hacking campaign
August 16, 2023
Someone is targeting LinkedIn accounts, trying to break in with either login credentials leaked elsewhere, or with brute-force attacks. As a result, many people have had their accounts compromised, while others have been locked out due to too many failed login attempts. Read more… Source: TechRadar
- China’s Ministry of State Security warns of data security risks after Wuhan Earthquake Monitoring Center cyberattack
August 16, 2023
China’s Ministry of State Security (MSS) on Wednesday warned of data security risks after recent reports identified US intelligence agencies were behind a cyberattack on Wuhan Earthquake Monitoring Center. A joint investigation team formed by the National Computer Virus Emergency Response Center (CVERC) and Chinese cybersecurity company 360 discovered malicious backdoor software that exhibits characteristics of ...
- Cyber crimes in Germany down 6.5% in 2022, federal police say
August 16, 2023
Cyber crimes in Germany fell by 6.5% in 2022, federal police said on Wednesday, but the decline was not a “relief” as the attacks were more severe and those originating from overseas rose by more than 8%. The economic damage was 203 billion euros ($221.59 billion), down slightly from last year, but still double that of ...