The underground market for criminally oriented generative AI has moved beyond the early hype surrounding ‘malicious chatbots.’ The gradual integration of AI as a productivity layer within cybercrime operations has become the dominant story, indicating that while the potential for fully autonomous AI hacking systems is possible, attackers are not embracing them as expected. Instead, threat actors are increasingly using AI to accelerate routine, but operationally significant, tasks to scale their operations. Drafting phishing lures, profiling targets, debugging code, generating forged documents, modifying malware, translating victim communications, and processing stolen data at scale were once time-consuming activities that AI has made significantly easier. AI does not replace cybercriminals; it lowers friction, increases speed, and expands the range of actors able to perform tasks that previously required more time, skill, or external support.
Read more…
Source: Rapid7 News
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- FBI Warns of Maze Ransomware Focusing on U.S. Companies
January 3, 2020
Organizations in the private sector received an alert from the F.B.I. about operators of the Maze ransomware focusing on companies in the U.S. to encrypt information on their systems after stealing it first. The warning came less than a week after the Bureau warned about the LockerGoga and MegaCortex ransomware threats infecting corporate systems. Maze has been operating since ...
- Cybercriminals Fill Up on Gas Pump Transaction Scams Ahead of Oct. Deadline
January 3, 2020
Gas stations are gearing up for a major change in credit-card fraud liability in October, when they will find themselves on the hook for card-skimming attacks at the pump. In the meantime though, cybercriminals will be targeting pay-at-the-pump point-of-sale mechanisms with a vengeance, researchers say. Fuel pumps represent a last bastion of non-encrypted transactions. Unlike when ...
- Microsoft Takes Control Of ‘Thallium’ Hacking Domains
December 31, 2019
Microsoft has scored a victory against a North Korean cybercrime group called “Thallium”, the company has revealed. Redmond said that it had taken control of web domains used by Thallium to steal information. The software giant has history in taking on cybercrime and hacking groups through the courts. In August 2018 for example, it foiled a cyber attack that ...
- US Coast Guard discloses Ryuk ransomware infection at maritime facility
December 30, 2019
An infection with the Ryuk ransomware took down a maritime facility for more than 30 hours; the US Coast Guard said in a security bulletin it published before Christmas. The agency did not reveal the name or the location of the port authority; however, it described the incident as recent. “Forensic analysis is currently ongoing but the virus, ...
- FIN7 Hackers’ BIOLOAD Malware Drops Fresher Carbanak Backdoor
December 27, 2019
Malware researchers have uncovered a new tool used by the financially-motivated cybercriminal group known as FIN7 to load fresher builds of the Carbanak backdoor. Dubbed BIOLOAD, the malware loader has a low detection rate and shares similarities with BOOSTWRITE, another loader recently identified to be part of FIN7’s arsenal. The malware relies on a technique called binary planting that ...
- Ransomware Hits Maastricht University, All Systems Taken Down
December 27, 2019
Maastricht University (UM) announced that almost all of its Windows systems have been encrypted by ransomware following a cyber-attack that took place on Monday, December 23. UM is a university from the Netherlands with over 18,000 students, 4,400 employees, and 70,000 alumni, UM being placed in the top 500 universities in the world by five ranking tables in the last two ...