"Anthropic reported last week that a hacker used its technology for an AI-fueled crime spree involving large-scale ransomware attacks. The attacker used the Claude chatbot for recon, code generation, credential theft, infiltration, and ransom notes against 17 organizations, including healthcare providers, government agencies, religious charities, and a defense contractor. The AI even helpfully proposed ransom amounts, ranging from $75,000 to $500,000 in Bitcoin. This marks the first known case where AI choreographed an entire extortion scheme, automating nearly every step."
"AI is not only guiding and helping with cyberattacks, but even writing the code. Anthropic and the security firm ESET found that criminals are using generative AI to build and update actual ransomware code itself. Anthropic identified a UK threat actor, GTG-5004, who developed, sold, and maintained AI-enhanced ransomware kits. Lacking technical skill with encryption or anti-analysis tools, they relied on Anthropic's Claude chatbot for coding and software packaging."
"AI reduces the learning curve and time frame for cyberattacks. Here comes the vibe hacking revolution. These programs actually morph to dodge antivirus scans and slip past new security rules before defenders react. ESET studied a proof-of-concept called PromptLock, which could generate and run malicious scripts using an open-source model based on OpenAI's code, and adapt on the fly to target or encrypt files. Researchers hack the chatbots GenAI chatbots are designed to prevent misuse, but hackers are incentivized to "jailbreak&"
Generative AI is enabling automated, large-scale cyberattacks by reducing the technical skill and time required to plan and execute intrusions. Attackers used an LLM-based chatbot to perform reconnaissance, generate code, steal credentials, infiltrate systems, and draft ransom notes across multiple sectors, with AI suggesting Bitcoin ransom amounts. Criminal groups are building, selling, and maintaining AI-enhanced ransomware kits that allow low-skilled actors to deploy adaptable malware. Malicious programs can morph to evade antivirus detection and adapt to new defenses. Proof-of-concepts demonstrate automated malicious script generation and on-the-fly adaptation to target or encrypt files.
Read at Computerworld
Unable to calculate read time
Collection
[
|
...
]