The underground market for criminally oriented generative AI has moved beyond the early hype surrounding ‘malicious chatbots.’ The gradual integration of AI as a productivity layer within cybercrime operations has become the dominant story, indicating that while the potential for fully autonomous AI hacking systems is possible, attackers are not embracing them as expected. Instead, threat actors are increasingly using AI to accelerate routine, but operationally significant, tasks to scale their operations. Drafting phishing lures, profiling targets, debugging code, generating forged documents, modifying malware, translating victim communications, and processing stolen data at scale were once time-consuming activities that AI has made significantly easier. AI does not replace cybercriminals; it lowers friction, increases speed, and expands the range of actors able to perform tasks that previously required more time, skill, or external support.
Read more…
Source: Rapid7 News
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- NCA launches UK ad campaign to divert kids searching for cybercrime tools
May 29, 2020
The UK’s National Crime Agency (NCA) has launched a new advertising campaign designed to divert young people searching for cybercrime services to white hat alternatives. As spotted by cybersecurity expert Brian Krebs, using a UK IP address when searching Google for particular terms that can relate to cybercrime, such as Distributed Denial-of-service (DDoS) for hire, booters, stressers, ...
- Goodbye Mworm, Hello Nworm: TrickBot Updates Propagation Module
May 28, 2020
First discovered in 2016, TrickBot is an information stealer that provides backdoor access sometimes used by criminal groups to distribute other malware. TrickBot uses modules to perform different functions, and one key function is propagating from an infected Windows client to a vulnerable Domain Controller (DC). TrickBot currently uses three modules for propagation. As early as April ...
- ‘[F]Unicorn’ Ransomware Impersonates Legit COVID-19 Contact-Tracing App
May 27, 2020
A fresh ransomware strain known as “Unicorn” has emerged, first seen this week targeting users by pretending to be an official government COVID-19 contact tracing app. According to an advisory from the Computer Emergency Response Team (CERT) from the Agency for Digital Italy (AgID), the malware family is taking advantage of the rollout of “Immuni” – ...
- Spam and phishing in Q1 2020
May 26, 2020
Burning Man is one of the most eagerly awaited events among fans of spectacular performance and installation art. The main obstacle to attending is the price of admission: a standard ticket will set you back $475, the number is limited, and the buying process is a challenge all by itself (there are several stages, registration ...
- Europol, Capgemini team up in cybercrime prevention, awareness campaigns
May 26, 2020
Europol and Capgemini have agreed to pool their resources in new cybersecurity awareness campaigns and the expansion of existing collaboration on threat intelligence. On Tuesday, Europol’s European Cybercrime Centre (EC3) said a Memorandum of Understanding (MoU) has been signed with the consultancy giant that is expected to lead to new “joint exercises, capacity building, and prevention campaigns.” Europol and ...
- Qakbot Resurges, Spreads through VBS Files
May 25, 2020
Through managed detection and response (MDR), we found that a lot of threats come from inbound emails. These messages usually contain phishing links, malicious attachments, or instructions. However, in our daily investigation of email metadata, we often detect threats not just in inbound emails, but even in the users’ own sent items folder. This involves ...