HomeSecurity OperationsGoogle says Hackers Attempted to Use Gemini AI to Breach Accounts

Google says Hackers Attempted to Use Gemini AI to Breach Accounts

Published on

spot_img

Google has reported that it has detected dozens of state-sponsored hacking groups attempting to leverage its Gemini AI for malicious purposes, including the creation of malware. Despite these efforts, there have been no significant cyber threats as a result of this activity. The company emphasized in a blog post that while AI can be a useful tool for threat actors, it has not yet revolutionized the landscape as some may believe.

According to Google’s investigation, state-sponsored hackers from Iran, North Korea, China, and Russia have been utilizing Gemini for various tasks such as translating content, refining phishing attacks, and coding. The company identified over 10 Iranian hacking groups, 20 Chinese government groups, and nine North Korean hacking groups engaging with Gemini. Iranian APT actors were noted as the most active users of Gemini, using it for a range of activities including research on defense organizations, vulnerability exploration, and content creation for campaigns.

Although the state-sponsored hackers have been able to achieve “productivity gains” through the use of Gemini, their activities have remained limited to research, code troubleshooting, and content creation rather than direct hacking. Google disclosed that the hackers attempted to utilize Gemini for tasks like producing advanced phishing techniques for Gmail, coding a Chrome infostealer, and circumventing Google’s account verification methods, but these efforts were unsuccessful. Gemini did not generate any malware or content that could be effectively used in a malicious campaign.

While Gemini proved to be beneficial for certain tasks such as content creation, explaining complex concepts, and generating basic code, the chatbot’s safeguards prevented the state-sponsored groups from executing more sophisticated activities like account hijacking or breaking into the Gemini system. Despite this, Google acknowledged that Gemini could enable threat actors to operate faster and at a larger scale.

For instance, an Iranian propaganda operation leveraged Gemini to localize their content with improved translation capabilities. Similarly, North Korean hackers used the chatbot to draft cover letters and inquire about job opportunities on LinkedIn, potentially to secure remote IT worker positions at US companies—a concern that federal investigators are actively working to address.

Google’s findings are consistent with those of rival OpenAI, which previously identified state-sponsored hackers attempting to misuse ChatGPT for malicious purposes. However, both companies concluded that the hackers were mainly using the AI tools for productivity rather than executing groundbreaking cybersecurity attacks.

To combat such abuse, Google stated that it is implementing robust security measures within its AI systems and continuously testing them for vulnerabilities. The company also collaborates with law enforcement to investigate and disrupt malicious activities by government-backed threat actors. These efforts demonstrate Google’s commitment to ensuring the security and integrity of its platforms and services.

In conclusion, while state-sponsored hacking groups have been exploring the potential of AI tools like Gemini for nefarious schemes, their efforts have thus far been limited to productivity gains rather than posing significant cyber threats. Google’s proactive approach to strengthening the security of its AI systems underscores the importance of safeguarding against misuse and protecting users from potential malicious activities.

Source link

Latest articles

Real-World AD Breaches and the Future of Cybersecurity

Large Language Models (LLMs) are revolutionizing the field of penetration testing, employing their advanced...

There are more cyber attacks with less loot

Experts across all industries have noted a significant increase in awareness regarding the risks...

Canadian Man Faces Charges in $65 Million Cryptocurrency Hacking Scams

A Canadian man, Andean Medjedovic, found himself at the center of a criminal indictment...

Ransomware payment value decreased by over 30% in 2024

After a year of record payments to cyber criminals, the tide seems to be...

More like this

Real-World AD Breaches and the Future of Cybersecurity

Large Language Models (LLMs) are revolutionizing the field of penetration testing, employing their advanced...

There are more cyber attacks with less loot

Experts across all industries have noted a significant increase in awareness regarding the risks...

Canadian Man Faces Charges in $65 Million Cryptocurrency Hacking Scams

A Canadian man, Andean Medjedovic, found himself at the center of a criminal indictment...