The underground market for criminally oriented generative AI has moved beyond the early hype surrounding ‘malicious chatbots.’ The gradual integration of AI as a productivity layer within cybercrime operations has become the dominant story, indicating that while the potential for fully autonomous AI hacking systems is possible, attackers are not embracing them as expected. Instead, threat actors are increasingly using AI to accelerate routine, but operationally significant, tasks to scale their operations. Drafting phishing lures, profiling targets, debugging code, generating forged documents, modifying malware, translating victim communications, and processing stolen data at scale were once time-consuming activities that AI has made significantly easier. AI does not replace cybercriminals; it lowers friction, increases speed, and expands the range of actors able to perform tasks that previously required more time, skill, or external support.
Read more…
Source: Rapid7 News
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- DoppelPaymer ransomware suspects cuffed, alleged ringleaders escape
March 6, 2023
German and Ukrainian cops have arrested suspected members of the DoppelPaymer ransomware crew and issued warrants for three other “masterminds” behind the global operation that extorted tens of millions of dollars and may have led to the death of a hospital patient. The criminal gang, also known as Indrik Spider, Double Spider and Grief, used double-extortion ...
- Germany and Ukraine hit two high-value targets
March 6, 2023
With the help of the FBI, German and Ukrainian police last week searched the properties of two suspected “core members” of a global cybercrime gang that has cost US victims tens of millions of dollars, European officials said Monday. German police officers raided a German citizen’s house, while Ukrainian police searched properties in the capital Kyiv ...
- Spike in LokiBot Activity During Final Week of 2022
March 3, 2023
Unit 42 researchers have uncovered a malware distribution campaign that is delivering the LokiBot information stealer via business email compromise (BEC) phishing emails. This malware is designed to steal sensitive information from victims’ systems, such as passwords and banking information, as well as other sensitive data. In this blog, Unit 42 researchers will explain how attackers used ...
- Managed XDR Exposes Spear-Phishing Campaign Targeting Hospitality Industry Using RedLine Stealer
March 2, 2023
Recently, Trend Micro researchers noticed a spike in the number of emails received by one of our customers. After further investigation, they found that three other customers in the hospitality industry were also affected. The researchers observed that most of the emails had subject lines that attempt to catch victims’ attention: “help,” “requesting for assistance,” ...
- US Launches Aggressive National Cybersecurity Strategy
March 2, 2023
The Biden administration is pushing for more comprehensive federal regulations to keep the online realm safer against hackers, including by shifting cybersecurity responsibilities away from consumers to industry and treating ransomware attacks as national security threats. The plan is part of the National Cyber Strategy that the administration released Thursday, outlining long-range goals for how individuals, government ...
- Subdomain Reputation: Detecting Malicious Subdomains of Public Apex Domains
March 2, 2023
Cybercriminals regularly leverage popular dynamic domain name system (DDNS) or web hosting services to store and distribute their content. Threat actors leverage these for command and control (C2), malware distribution and phishing. This abuse has created the need for new detection methods for malicious subdomains. DDNS and web hosting services often allow people to serve content ...