"Nation-state goons and cybercrime rings are experimenting with Gemini to develop a "Thinking Robot" malware module that can rewrite its own code to avoid detection, and build an AI agent that tracks enemies' behavior. Attackers are no longer just using Gemini for productivity gains - things like translating and tailoring phishing lures, looking up information about surveillance targets, using AI for tech support, and writing some software scripts."
"For example, APT42, the cyber-arm of Iran's Islamic Revolutionary Guard Corps (IRGC), has long used AI for phishing campaigns and as a translation tool. More recently, however, the government goons attempted to use Gemini to build a "data processing agent" that converts natural language requests into SQL queries to analyze personally identifiable information (PII) and use that sensitive info to provide insights about individuals' asset ownership, location, demographics, and behavior."
"They are also trialing AI-enabled malware in their operations, we're told. Additionally, in what Google calls the "first use of just in time AI in malware," a novel code family uses LLMs during execution to generate malicious scripts on the fly, obfuscate itself, and create malicious functions."
Nation-state actors and cybercrime groups are experimenting with Gemini to create adaptive malware that can rewrite its own code, evade detection, and build AI agents to track targets. Adversaries have expanded beyond productivity uses—translating, tailoring phishing lures, researching surveillance targets, and writing scripts—to trial AI-enabled malware. Iran-linked APT42 attempted to use Gemini as a data processing agent that converts natural-language requests into SQL queries to analyze PII and derive insights about asset ownership, locations, demographics, and travel patterns; those accounts were disabled. A novel family, tracked as PromptFlux, demonstrates LLMs-in-execution that generate malicious scripts on the fly and obfuscate payloads.
Read at Theregister
Unable to calculate read time
Collection
[
|
...
]