US EditionAI Malware, Gemini Lures and More: Google Reveals How Hackers Are Actually Using AI
- In its latest AI Threat Tracker report, Google's Threat Intelligence Group found attackers are using AI more than ever and state-sponsored hacking groups leveraged Gemini at nearly every attack stage.
- Distillation attacks are being used to clone large language models by threat actors who exploit model reasoning and avoid paying for legitimate services.
- HONESTCUE illustrates the technique by using Gemini to re-write and execute code during attacks, while Iranian and North Korean state-sponsored groups leveraged AI for reconnaissance and malware development.
- Security vendors are deploying AI tools to fight back, and Google has deployed Big Sleep and CodeMender to hunt vulnerabilities and assist patching in Gemini.
- Open-Source AI models are closing the gap with frontier AI companies, and the duration of cyber tasks is rising from less than 10 minutes to over an hour by mid-2025, John Hultquist said.
16 Articles
16 Articles
Google finds state-sponsored hackers use AI at 'all stages' of attack cycle
A new report from Google found evidence that state-sponsored hacking groups have leveraged AI tool Gemini at nearly every stage of the cyber attack cycle. The research underscores how AI tools have matured in their cyber offensive capabilities, even as it doesn’t reveal novel or paradigm shifting uses of the technology. John Hultquist, chief analyst at Google’s Threat Intelligence Group, told CyberScoop that many countries still appear to be exp…
MIT Technology Review
mnnofa.comThe Download: AI-enhanced cybercrime, and secure AI assistants
This is today’s edition of The Download, our weekday newsletter that provides a daily dose of what’s going on in the world of technology. AI is already making online crimes easier. It could get much worse. Just as software engineers are using artificial intelligence to help write code and check for bugs, hackers are using these tools to reduce the time and effort required to orchestrate an attack, lowering the barriers for less experienced attac…
Inside the AI Arms Race: How North Korea, China, Iran, and Russia Are Weaponizing Google’s Gemini for Cyber Espionage
For years, nation-state hackers have relied on sophisticated toolkits, zero-day exploits, and painstaking manual reconnaissance to penetrate targets across the globe. Now, according to new findings from Google, some of the world’s most prolific state-backed threat actors are adding a powerful new instrument to their arsenals: generative artificial intelligence. Specifically, Google’s own Gemini AI platform has become a tool of choice for advance…
Google warns attackers are wiring AI directly into live cyberattacks
A new report out today from the Google Threat Intelligence Group is warning that threat actors are moving beyond casual experimentation with artificial intelligence and are now beginning to integrate AI directly into operational attack workflows. The report focuses in part on abuse and targeting of Google’s own Gemini models, underscoring how generative AI systems […] The post Google warns attackers are wiring AI directly into live cyberattacks …
Google has announced a few hours ago that groups of cyberattackers are using fraudulent tactics to extract data from Gemini. Its aim is to attack large companies worldwide to steal insider information more easily, taking as their backing the artificial intelligence of technology. Experts have already predicted that this type of action could end up generating terrible consequences for the affected states. Just when we believed that AI was going t…
Coverage Details
Bias Distribution
- 100% of the sources are Center
Factuality
To view factuality data please Upgrade to Premium
