The underground market for criminally oriented generative AI has moved beyond the early hype surrounding ‘malicious chatbots.’ The gradual integration of AI as a productivity layer within cybercrime operations has become the dominant story, indicating that while the potential for fully autonomous AI hacking systems is possible, attackers are not embracing them as expected. Instead, threat actors are increasingly using AI to accelerate routine, but operationally significant, tasks to scale their operations. Drafting phishing lures, profiling targets, debugging code, generating forged documents, modifying malware, translating victim communications, and processing stolen data at scale were once time-consuming activities that AI has made significantly easier. AI does not replace cybercriminals; it lowers friction, increases speed, and expands the range of actors able to perform tasks that previously required more time, skill, or external support.
Read more…
Source: Rapid7 News
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Bot and drone misuse could lead to cybercrime explosion
February 21, 2018
The rapid development of drones and artificial intelligence is a “game-changer” that will present a serious threat to national security if it isn’t addressed. The assessment, made by 26 experts from institutions including Cambridge and Oxford Universities, warns of the potential for malicious use of artificial intelligence (AI) by rogue states, criminals, and terrorists. The panel forecast ...
- Year-Old Coldroot RAT Targets MacOS, Still Evades Detection
February 20, 2018
Researchers are warning users about the Coldroot remote access Trojan that is going undetected by AV engines and targets MacOS computers. The RAT is cross-platform and capable of planting a keylogger on MacOS systems prior to the OS High Sierra and is designed to steal banking credentials. Coldroot was found by researcher Patrick Wardle, chief research ...
- UK local gov: 37 cyber attacks a minute but little mandatory training
February 20, 2018
Britain’s local governments were hit by almost 100 million cyber attacks in the last five years, while one in four councils’ systems were successfully breached, according to research. Privacy campaign group Big Brother Watch sent Freedom of Information to all the UK’s local authorities, asking for details of cyber attacks and data breaches from 2013-17. Read more… Source: ...
- Smart meters could leave British homes vulnerable to cyber attacks, experts have warned
February 18, 2018
New smart energy meters that the Government wants to be installed in millions of homes will leave householders vulnerable to cyber attacks, ministers have been warned. The intelligence agency GCHQ is said to have raised concerns over the security of the meters, which could enable hackers to steal personal details and defraud consumers by tampering with ...
- US special counsel indicts 13 members of Russia’s election meddling troll farm
February 16, 2018
Special Counsel Robert Mueller’s office said Friday that a grand jury has indicted 13 Russian nationals and three Russian entities accused of violating federal laws in order to interfere with US elections and political processes during the 2016 presidential race. The indictment says that the defendants, by early to mid-2016, were “supporting the presidential campaign of then-candidate Donald ...
- Word-based Malware Attack Doesn’t Use Macros
February 15, 2018
Typically, inbox-based attacks that include malicious Microsoft Office attachments require adversaries to trick users into enabling macros. But researchers say they have identified a new malicious email campaign that uses booby-trapped Office attachments that are macro-free. The attacks do not generate the same type of default warning from Microsoft associated with macro-based attacks, according to research ...