The Google Threat Intelligence Group (GTIG) reported that advanced persistent threats (APTs) from countries such as China, Iran, North Korea, and Russia have exploited its Gemini AI tool for cyber-attack operations. These groups utilized Gemini for multiple phases of their cyber strategies, including infrastructure procurement, target reconnaissance, and developing malicious content. Notably, Iranian actors primarily research defense vulnerabilities and craft phishing campaigns, while Chinese actors focus on topics like lateral movement and data exfiltration. North Korea and Russia’s use of Gemini is more limited, focusing mainly on coding and cryptocurrency theft.
The Google Threat Intelligence Group reveals that advanced persistent threats from nations like China and Iran exploited its Gemini AI for cyber-attack strategies.
In their attacks, APT groups from at least 20 countries attempted to utilize Google’s Gemini for various malicious activities including researching defense vulnerabilities and creating phishing content.
Collection
[
|
...
]