Researchers at HP discovered the first instances of AI-written malware scripts being sent out in emails. Malware developers are now using AI to generate codes to speed up the process and accelerate the number of attacks. The AI involvement lets less skilled individuals into hacking which only expands the number of hackers trying to steal your data.
In a September report Wolf security team from HP, detailed how they discovered a variation of asynchronous remote access trojan (AsyncRAT) on an email sent to a client. However, AsyncRAT is a human-developed software used to fix contaminated devices. These are exploited by hackers to steal user data. This new version contains an injection method which is supposedly developed using generative AI. Generative AI has a history of creating phishing or deceptive sites to lure users into buying their malware but this is the first time it has assisted in creating malware.
The team first discovered the email when it was sent to a subscriber of HP’s Sure Click threat containment software. It was written in French, suggesting it was likely a file targeting French speakers. This software allows users to control infected hosts remotely by providing them with a user interface that can perform tasks on the user’s computer, AsyncRAT can be used to steal a crypto user’s private key or seed words, potentially leading to the loss of funds.
“The activity shows how GenAI [generative AI] is accelerating attacks and lowering the bar for cybercriminals to infect endpoints,” the HP report stated. Cybersecurity details are still grappling with the effects of AI advancement on security. Many believe after the new EU draft is passed, these activities are less likely to occur.
