While the AI tool has enhanced attackers' efficiency, it has yet to produce significantly more complex or creative cyberattack techniques
Google's Threat Intelligence Group has uncovered a concerning trend of state-sponsored hackers from China, North Korea, Iran, and other nations exploiting the Gemini chatbot to enhance their cyberattack capabilities. According to the report, while the AI tool has boosted the attackers' productivity, it has not yet resulted in significantly more sophisticated or novel cyberattack methods.
Innovative tactics being employed
The report highlights a wide array of activities carried out by these threat actors using Gemini. From creating new codes to investigating targets and identifying system vulnerabilities, hackers are finding innovative ways to leverage the AI tool. Disinformation agents, in particular, are utilizing the chatbot to craft persuasive narratives, translate materials, and establish fake online identities.
Among the most active groups are Iranian hackers, who are reportedly using Gemini to conduct reconnaissance on defence experts and organizations, as well as assist in phishing operations. Chinese hacker groups are reportedly exploiting the tool to debug code, discover security weaknesses in networks, and further their efforts in data exfiltration, with a focus on privilege escalation and lateral movement across systems.
North Korean and Russian hackers too part of the game
North Korean threat actors are also using the Gemini chatbot to aid in their infiltration strategies by researching remote IT job opportunities in Western nations and generating fraudulent cover letters. In contrast, Russian hackers have been less frequent users of Gemini but are employing the tool to generate encrypted code and translate existing malware into different programming languages.
While these developments demonstrate an increase in productivity among state-sponsored hackers, Google stresses that the tool has not yet resulted in significantly new tactics or techniques. The report suggests that while the Gemini chatbot aids in speeding up the process, it has yet to drive substantial advancements in cyberattack methodologies.
See What’s Next in Tech With the Fast Forward Newsletter
Tweets From @varindiamag
Nothing to see here - yet
When they Tweet, their Tweets will show up here.
