The underground market for criminally oriented generative AI has moved beyond the early hype surrounding ‘malicious chatbots.’ The gradual integration of AI as a productivity layer within cybercrime operations has become the dominant story, indicating that while the potential for fully autonomous AI hacking systems is possible, attackers are not embracing them as expected. Instead, threat actors are increasingly using AI to accelerate routine, but operationally significant, tasks to scale their operations. Drafting phishing lures, profiling targets, debugging code, generating forged documents, modifying malware, translating victim communications, and processing stolen data at scale were once time-consuming activities that AI has made significantly easier. AI does not replace cybercriminals; it lowers friction, increases speed, and expands the range of actors able to perform tasks that previously required more time, skill, or external support.
Read more…
Source: Rapid7 News
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- DarkCrewFriends Returns with Botnet Strategy
June 26, 2020
The hackers-for-hire group DarkCrewFriends has resurfaced and is targeting content management systems to build a botnet. The botnet can be marshalled into service to carry out a variety of criminal activities, including distributed denial-of-service (DDoS) attacks, command execution, information exfiltration or sabotage of an infected system. Researchers said they observed DarkCrewFriends exploiting an unrestricted file upload ...
- Threat Assessment: EKANS Ransomware
June 26, 2020
Unit 42 researchers have observed recent EKANS (Snake backward) ransomware activity affecting multiple industries in the U.S and Europe. As a result, we’ve created this threat assessment report for the activities of this ransomware. Identified techniques and campaigns can be visualized using the Unit 42 Playbook Viewer. EKANS, which was first observed in January 2020, has relatively ...
- Exposed Frost & Sullivan databases for sale on hacking forum
June 24, 2020
U.S. business consulting firm Frost & Sullivan was breached after data from an unsecured backup folder exposed on the Internet was sold on a hacker forum. Frost & Sullivan is a business consulting firm that assists companies in growth strategy, market research, on corporate training. With 40 locations throughout the world and over 1,800 employees, Frost ...
- Lucifer: New Cryptojacking and DDoS Hybrid Malware Exploiting High and Critical Vulnerabilities to Infect Windows Devices
June 24, 2020
On May 29, 2020, Unit 42 researchers discovered a new variant of a hybrid cryptojacking malware from numerous incidents of CVE-2019-9081 exploitation in the wild. A closer look revealed the malware, which we’ve dubbed “Lucifer”, is capable of conducting DDoS attacks and well-equipped with all kinds of exploits against vulnerable Windows hosts. The first wave of the ...
- Magnitude exploit kit – evolution
June 24, 2020
Exploit kits are not as widespread as they used to be. In the past, they relied on the use of already patched vulnerabilities. Newer and more secure web browsers with automatic updates simply do not allow known vulnerabilities to be exploited. It was very different back in the heyday of Adobe Flash because it’s just ...
- Fxmsp hackers made $1.5M selling access to corporate networks
June 23, 2020
New details have emerged on the activity of the infamous Fxmsp hacker that last year was advertising access to the networks of three cybersecurity vendors. Researchers tracking Fxmsp’s ventures on underground forums counted the network intrusions associated with this actor and revealed the presumed identity of the attacker. Fxmsp became widely known outside hacker forums about a year ...