A recent AI-assisted campaign targeting Fortinet FortiGate appliances has been linked to CyberStrikeAI, an open-source security testing platform believed to be developed by a China-based developer associated with the Chinese government. Team Cymru’s analysis revealed that a suspected Russian-speaking threat actor utilized the tool for mass scanning vulnerabilities, compromising over 600 appliances across 55 countries. CyberStrikeAI integrates over 100 security tools for vulnerability detection and attack-chain analysis. The developer, known as Ed1s0nZ, has also created several other exploitation tools. There are concerns about state-sponsored ties, as Ed1s0nZ’s GitHub activity suggests interaction with organizations aligned with Chinese cyber operations. A recent leak involving the Chinese security vendor Knownsec 404 highlights this relationship, revealing access to sensitive data and global reconnaissance systems. The emergence of AI-driven tools like CyberStrikeAI signifies a troubling trend in offensive security, potentially heightening cyber threats on a global scale.
Source link
Share
Read more