State-sponsored hackers are increasingly exploiting Google’s Gemini AI model across all phases of cyberattacks, as detailed in a report from Google’s Threat Intelligence Group (GTIG). APT groups from China, Iran, North Korea, and Russia are leveraging this large language model to enhance their capabilities, marking a notable shift in the weaponization of AI. These hackers are utilizing Gemini for tasks such as vulnerability analysis, social engineering, and intrusion techniques. Notably, over 100,000 prompts have been used in large-scale extraction attempts to replicate its reasoning capabilities. Cybercriminals are also integrating AI, exemplified by malware families like HonestCue and CoinBait, which use AI for code generation and malicious ads. Google’s proactive response includes disabling malicious accounts and improving security measures. This evolution in AI usage by adversaries poses a significant threat, emphasizing the need for robust cybersecurity innovations to safeguard against this increasing integration of generative AI in cyber operations.
Source link
