The underground market for criminally oriented generative AI has moved beyond the early hype surrounding ‘malicious chatbots.’ The gradual integration of AI as a productivity layer within cybercrime operations has become the dominant story, indicating that while the potential for fully autonomous AI hacking systems is possible, attackers are not embracing them as expected. Instead, threat actors are increasingly using AI to accelerate routine, but operationally significant, tasks to scale their operations. Drafting phishing lures, profiling targets, debugging code, generating forged documents, modifying malware, translating victim communications, and processing stolen data at scale were once time-consuming activities that AI has made significantly easier. AI does not replace cybercriminals; it lowers friction, increases speed, and expands the range of actors able to perform tasks that previously required more time, skill, or external support.
Read more…
Source: Rapid7 News
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Ransomware Attack Cripples Cosco Shipping Network – Report
July 26, 2018
A shipping giant is likely to run up in millions of dollars of additional costs after a ransomware attack apparently crippled its US network. The attack was against COSCO (China Ocean Shipping Company), which is a Chinese owned shipping giant. It comes after its larger shipping rival Maersk admitted in August 2017 that its operations had been impacted by ...
- Hackers Breach Virginia Bank, Make Off With Millions
July 25, 2018
Hackers have compromised a bank in the United States twice in the past eight months and made off with millions of dollars. But the cyber attacks has resulted in a spat between the bank and its insurer provider which is refusing to fully cover the losses. The incident is a salient reminder of the online threat being ...
- Emotet Malware Evolves Beyond Banking to Threat Delivery Service
July 24, 2018
The Emotet trojan has been popping up in the news for years: From widespread malspam infections of banking German targets in 2014, all the way up to the costly infection of a New Hampshire town’s computer network in July. And while the tricky Emotet malware first emerged targeting banking credentials, lately researchers have spotted the trojan ...
- Massive Malspam Campaign Finds a New Vector for FlawedAmmyy RAT
July 20, 2018
A widespread spam campaign from the well-known financial criminal group TA505 is spreading the FlawedAmmyy RAT using a brand-new vector: Weaponized PDFs containing malicious SettingContent-ms files. The SettingContent-ms file format was introduced in Windows 10; it allows a user to create “shortcuts” to various Windows 10 setting pages. “All this file does is open the Control Panel ...
- Singapore’s Largest Healthcare Group Hacked, 1.5 Million Patient Records Stolen
July 20, 2018
Singapore’s largest healthcare group, SingHealth, has suffered a massive data breach that allowed hackers to snatch personal information on 1.5 million patients who visited SingHealth clinics between May 2015 and July 2018. SingHealth is the largest healthcare group in Singapore with 2 tertiary hospitals, 5 national specialty , and eight polyclinics. According to an advisory released by Singapore’s Ministry ...
- Cybercrooks slurp nearly $1m from Russian bank after pwning router at regional branch
July 20, 2018
Hackers stole almost $1m from a Russian bank earlier this month after breaching its network via an outdated router. PIR Bank was looted by the notorious MoneyTaker hacking group, according to Group-IB, the Moscow-based security firm called in by the bank to handle incident response. Funds were stolen on 3 July through the Russian Central Bank’s Automated ...