The Google Threat Intelligence Group (GTIG) has just published a report on the hacktivities of blackhats everywhere, and the painted picture is quite sobering. Not only are attackers predictably using clankers to automate their efforts, but they’re also putting them to rather creative use in almost every area of cybercrime, including developing at least one zero-day exploit. Even more concerning, malware that can modify its own source code and create exploit payloads dynamically, and even generate decoy code, has been detected.
The attack in question was a Python script that allowed bypassing 2FA in a “popular open-source, web-based system administration tool.” According to the GTIG, the exploit’s code bore all the hallmarks of AI usage and abuses a logic flaw. GTIG remarks that for authorization flows, even the latest LLMs “struggle to navigate complex enterprise […] logic,” but they’re really good at contextual reasoning. This means they have the ability to read source code and validate the developer’s intention versus what’s actually implemented, and thus quickly find unconsidered corner cases.
Follow Tom’s Hardware on Google News, or add us as a preferred source, to get our latest news, analysis, & reviews in your feeds.
Click Here For The Original Source.
