The underground market for criminally oriented generative AI has moved beyond the early hype surrounding ‘malicious chatbots.’ The gradual integration of AI as a productivity layer within cybercrime operations has become the dominant story, indicating that while the potential for fully autonomous AI hacking systems is possible, attackers are not embracing them as expected. Instead, threat actors are increasingly using AI to accelerate routine, but operationally significant, tasks to scale their operations. Drafting phishing lures, profiling targets, debugging code, generating forged documents, modifying malware, translating victim communications, and processing stolen data at scale were once time-consuming activities that AI has made significantly easier. AI does not replace cybercriminals; it lowers friction, increases speed, and expands the range of actors able to perform tasks that previously required more time, skill, or external support.
Read more…
Source: Rapid7 News
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Lastpass says hackers accessed customer data in new breach
November 30, 2022
LastPass says unknown attackers breached its cloud storage using information stolen during a previous security incident from August 2022. The company added that, once in, the threat actors also managed to access customer data stored in the compromised storage service. “We recently detected unusual activity within a third-party cloud storage service, which is currently shared by both ...
- All India Institute of Medical Sciences restores e-Hospital data after cyber attack
November 30, 2022
The server at the All India Institute of Medical Sciences (AIIMS) in Delhi has been down for the eighth day in a row, and according to reports, more analysts from Delhi are under consideration for suspension for cybersecurity violations after two of them were already suspended. According to the sources quoted by the report, “The sanitising ...
- Crafty threat actor uses ‘aged’ domains to evade security platforms
November 30, 2022
A sophisticated threat actor named ‘CashRewindo’ has been using ‘aged’ domains in global malvertising campaigns that lead to investment scam sites. Malvertising involves the injection of malicious JavaScript code in digital ads promoted by legitimate advertising networks, taking website visitors to pages that host phishing forms, drop malware, or operate scams. The CashRewindo malvertising campaigns are spread ...
- Trigona ransomware spotted in increasing attacks worldwide
November 29, 2022
A previously unnamed ransomware has rebranded under the name ‘Trigona,’ launching a new Tor negotiation site where they accept Monero as ransom payments. Trigona has been active for some time, with samples seen at the beginning of the year. However, those samples utilized email for negotiations and were not branded under a specific name. As discovered by ...
- Criminals use trending TikTok challenge to make data-stealing malware invisible
November 29, 2022
Malware-slinging miscreants are taking advantage of a trending TikTok challenge — and viewers’ dirty minds — to spread data-stealing malware via a phony app that’s had more than one million views so far. The new TikTok trend is called Invisible Challenge, and it involves a person filming themself naked while using an effect called Invisible Body ...
- Over a million user accounts ‘stolen’ in South Africa
November 28, 2022
Cyber security firm Kaspersky has warned that over a million company user accounts were compromised using a ‘data stealer’ in South Africa since 2021, and that the data may well have ended up on forums and markets on the dark web. The company said the average price that criminals charge for access to corporate systems in ...