Sophisticated hacking groups from China, North Korea, and Iran are leveraging Google’s Gemini AI tool to enhance their cyber attacks and malware development. Google’s Threat Intelligence Group (GTIG) reported instances of these advanced persistent threat (APT) groups utilizing Gemini for target reconnaissance, coding tasks, and exploiting vulnerabilities. Notably, a Chinese group compiled intelligence on individuals and organizations in Pakistan using this AI technology. Iranian group APT42 employed Gemini to craft phishing scenarios, translate emails, and develop malware, effectively streamlining their operations. Similarly, North Korean actors conducted detailed profiles on defense sector targets with Gemini to inform their attack strategies. The trend reflects a broader phenomenon of state-sponsored cybercriminals employing publicly available large language models to automate reconnaissance, thereby improving attack efficiency. Furthermore, emerging malware like HONESTCUE integrates Gemini to enhance functionality and evade detection, marking a significant evolution in cyber threat landscapes.
Source link
Nation-State Hackers Increasingly Utilize Gemini for Target Reconnaissance and Malware Development, According to Google
Share
Read more