The underground market for criminally oriented generative AI has moved beyond the early hype surrounding ‘malicious chatbots.’ The gradual integration of AI as a productivity layer within cybercrime operations has become the dominant story, indicating that while the potential for fully autonomous AI hacking systems is possible, attackers are not embracing them as expected. Instead, threat actors are increasingly using AI to accelerate routine, but operationally significant, tasks to scale their operations. Drafting phishing lures, profiling targets, debugging code, generating forged documents, modifying malware, translating victim communications, and processing stolen data at scale were once time-consuming activities that AI has made significantly easier. AI does not replace cybercriminals; it lowers friction, increases speed, and expands the range of actors able to perform tasks that previously required more time, skill, or external support.
Read more…
Source: Rapid7 News
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Malicious PowerPoint files used to push remote access trojans
January 24, 2022
Since December 2021, a growing trend in phishing campaigns has emerged that uses malicious PowerPoint documents to distribute various types of malware, including remote access and information-stealing trojans. According to a report by Netskope’s Threat Labs shared with Bleeping Computer before publication, the actors are using PowerPoint files combined with legitimate cloud services that host the ...
- Japan’s Supreme Court rules cryptojacking scripts are not malware
January 21, 2022
A man found guilty of using the Coinhive cryptojacking script to mine Monero on users’ PCs while they browsed the web has been cleared by Japan’s Supreme Court on the grounds that crypto mining software is not malware. Tokyo High Court ruled against the defendant, 34-year-old Seiya Moroi, on charges of keeping electromagnetic records of an ...
- Indonesia c.bank says ransomware attack did not impact services
January 20, 2022
Indonesia’s central bank said on Thursday that it had been attacked last month by ransomware, but the risk from the attack had been mitigated and did not affect its public services. “We were attacked, but so far so good as we took anticipatory measures and most importantly public services at Bank Indonesia were not disrupted at ...
- SEC Filing Reveals Fortune 500 Firm Targeted in Ransomware Attack
January 20, 2022
Fortune 500 integrated services firm R.R.Donnelley & Sons (RRD) is the latest victim of the hacking collective known as the Conti Group. According to regulatory disclosures RRD was the victim of a network breach that resulted in stolen data in December. RRD, a global firm with 33,000 employees, disclosed incident details in its U.S. Securities and ...
- Biden warns of US ‘cyber’ response after Ukraine says computers wiped during attack
January 20, 2022
US President Joe Biden responded forcefully to reports of a wide-ranging cyberattack on Ukrainian government systems Wednesday afternoon, telling reporters that the US would respond with its own cyberattacks if Russia continues to target Ukraine’s digital infrastructure. “The question is if it’s something significantly short of an…invasion or major military forces coming across,” Biden said in ...
- Red Cross Begs Attackers Not to Leak 515K People’s Stolen Data
January 20, 2022
The Red Cross is imploring threat actors to show mercy by abstaining from leaking data belonging to 515,000+ “highly vulnerable” people that were stolen from a program used to reunite family members split apart by war, disaster or migration. “While we don’t know who is responsible for this attack, or why they carried it out, we ...