The underground market for criminally oriented generative AI has moved beyond the early hype surrounding ‘malicious chatbots.’ The gradual integration of AI as a productivity layer within cybercrime operations has become the dominant story, indicating that while the potential for fully autonomous AI hacking systems is possible, attackers are not embracing them as expected. Instead, threat actors are increasingly using AI to accelerate routine, but operationally significant, tasks to scale their operations. Drafting phishing lures, profiling targets, debugging code, generating forged documents, modifying malware, translating victim communications, and processing stolen data at scale were once time-consuming activities that AI has made significantly easier. AI does not replace cybercriminals; it lowers friction, increases speed, and expands the range of actors able to perform tasks that previously required more time, skill, or external support.
Read more…
Source: Rapid7 News
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Meet BlackGuard: a new infostealer peddled on Russian hacker forums
March 31, 2022
Researchers have uncovered a new infostealer malware being peddled in Russian underground forums. Dubbed BlackGuard, zScaler says that the new malware strain is “sophisticated” and has been made available to criminal buyers for a monthly price of $200. Infostealers are forms of malware designed to harvest valuable data, potentially including operating system information, contact lists, screenshots, network ...
- Tracking cyber activity in Eastern Europe
March 30, 2022
In early March, Google’s Threat Analysis Group (TAG) published an update on the cyber activity it was tracking with regard to the war in Ukraine. Since our last update, TAG has observed a continuously growing number of threat actors using the war as a lure in phishing and malware campaigns. Government-backed actors from China, Iran, ...
- FBI: Ransomware Attacks Straining Local US Governments and Public Services
March 30, 2022
The FBI is informing Government Facilities Sector (GFS) partners of cyber actors conducting ransomware attacks on local government agencies that have resulted in disrupted operational services, risks to public safety, and financial losses. Ransomware attacks against local government entities and the subsequent impacts are especially significant due to the public’s dependency on critical utilities, emergency ...
- Ethereum sidechain Ronin that powers play-to-earn game is fleeced for over $600m
March 30, 2022
In a shock to absolutely no one paying attention to the so-called Web3 space, the touted security of blockchain-driven solutions might not be all it is cracked up to be. The latest victim comes by way of Ronin, which detailed that 173,600 in Ethereum (ETH) and 25.5 million in USD coin had departed its clutches across ...
- Hackers are getting faster at exploiting zero day flaws. That’s going to be a problem for everyone
March 29, 2022
Hackers were much faster to exploit software bugs in 2021, with the average time to exploitation down from 42 days in 2020 to just 12 days. That marks a 71% decrease in ‘time to known exploitation’ or TTKE, according to security firm Rapid7’s new 2021 Vulnerability Intelligence Report. The main reason for the reduction in TTKE ...
- IcedID malware, in the hijacked email thread, with the insecure Exchange servers
March 29, 2022
Cyber-criminals are using compromised Microsoft Exchange servers to spam out emails designed to infect people’s PCs with IcedID. IcedID is bad news because if you’re tricked into running it, it opens a backdoor allowing further malware, such as ransomware, to be injected into your system. Marks typically receive an encrypted .zip as an attachment, with the ...