• Government-backed hackers are increasingly using artificial intelligence to make their attacks faster and more effective, CrowdStrike said in a report published on Monday.
• AI is helping cyber threat actors conduct reconnaissance, understand the exploitation value of vulnerabilities and produce phishing messages, the security firm said in its annual threat hunting report.
• Cybercriminals are also using AI to “automate tasks and improve their tools,” according to the report.

As businesses race to incorporate AI into their workflows, hackers have also found the technology useful for understanding their targets and bypassing the social and technical barriers that stymied their past attacks.

The Iran-linked hacking team Charming Kitten, for example, “likely” used AI to generate messages as part of a 2024 phishing campaign against U.S. and European organizations, CrowdStrike said. Another group, which CrowdStrike called “Reconnaissance Spider,” almost certainly used AI to translate one of its phishing lures into Ukrainian when it reused old messages after their initial deployment. The attackers forgot to remove the AI model’s boilerplate prompt-response sentence from the text they copied.

AI is also helping the North Korea-linked hacker team “Famous Chollima” (also tracked as UNC5267) sustain “an exceptionally high operational tempo” of more than 320 intrusions in a year, the report said. The group is known for masterminding North Korea’s remote IT-worker fraud schemes, which funnel stolen money to Pyongyang and sometimes lead to the theft of victim businesses’ confidential data.

Para leer más ingrese a:

https://www.cybersecuritydive.com/news/ai-automate-cyber-threats-crowdstrike/756694/