HomeSecurity OperationsHackers sponsored by the government exploit Google’s Gemini Chatbot

Hackers sponsored by the government exploit Google’s Gemini Chatbot

Published on

spot_img

Hackers from Iran, China, and North Korea are utilizing Google’s Gemini chatbot to enhance their cyber operations, as per a report released by Google’s Threat Intelligence Group (GTIG) on January 31, 2025. The report sheds light on how state-sponsored actors are leveraging the AI tool to increase their productivity, although significant advancements in their capabilities have not been observed.

According to the GTIG report, government-backed attackers are making use of Gemini for a variety of tasks, including coding, scripting, and intelligence gathering on potential targets. The report mentioned that these attackers attempted to utilize Gemini for coding and scripting tasks, gathering information on potential targets, researching vulnerabilities, and enabling post-compromise activities.

Interestingly, Iranian hackers have emerged as the most frequent users of the chatbot, using it primarily for phishing campaigns and intelligence-gathering missions against defense experts and organizations. The report highlighted that Iranian hackers were the most prominent users of Gemini, using it for crafting phishing campaigns and reconnaissance on defense entities.

In contrast, hackers from China are focusing their utilization of Gemini on debugging code and gaining enhanced access to their targets’ networks. They engage with the chatbot for activities such as lateral movement within systems, privilege escalation, and data exfiltration. The report pointed out that Chinese hackers concentrated on topics like lateral movement, privilege escalation, data exfiltration, and evasion.

North Korean actors have been observed using Gemini to produce fake cover letters and explore remote IT job opportunities within Western companies, potentially as part of broader infiltration tactics. The report also noted that they used Gemini to research topics of interest to the North Korean government, such as the South Korean military and cryptocurrency.

Although Russian hackers have also been leveraging Gemini for coding tasks like translating malware and implementing encryption features, their techniques did not significantly evolve during the analyzed period, according to the report.

Overall, the Google report provides valuable insights into how generative AI tools like Gemini are enabling hackers to operate more efficiently without fundamentally altering their capabilities. The report highlighted that instead of driving disruptive change, generative AI enables threat actors to operate faster and at larger scales.

The impact of AI tools on cybercrime has become a major concern for cybersecurity experts. AI is believed to potentially increase the volume and effectiveness of cyberattacks, as noted by the UK’s National Cyber Security Centre.

While hackers are benefiting from productivity gains through AI tools like Gemini, Google emphasized the limitations of the chatbot. The built-in safeguards prevent its use for more sophisticated and damaging attacks, such as directly manipulating Google’s products. The report underscored that the current capabilities of AI tools are unlikely to enable breakthrough capabilities for threat actors.

The emergence of tools like Gemini has sparked discussions on monitoring and regulating the use of AI in cybersecurity contexts. The balance between innovation and risk is becoming more evident, challenging organizations and governments to defend against increasingly sophisticated threat actors.

As hackers continue to leverage tools like Gemini, the cybersecurity community must stay vigilant. The insights provided by Google’s GTIG will play a crucial role in shaping future protective strategies against state-sponsored cyber threats. The evolving role of the Gemini chatbot raises questions about how hackers will utilize it in the future and what countermeasures will be needed to combat potential exploitation.

Source link

Latest articles

Data breach at Vorwerk: Hackers steal Thermomix user data

In a recent cybersecurity breach, hackers have managed to gain access to user data...

Behavioral Analytics in Cybersecurity: Identifying the Primary Beneficiaries

In the realm of cybersecurity, the cost of a data breach hit a new...

Britain Reportedly Requests Apple to Create Backdoor

In a shocking turn of events, the British government has reportedly issued a secret...

Vorwerk Data Breach: Hackers Steal Thermomix User Data

Hacker haben sich Zugriff auf Thermomix-Nutzerdaten verschafft Ein kürzlich aufgetretener Datenskandal hat Thermomix-Nutzer auf der...

More like this

Data breach at Vorwerk: Hackers steal Thermomix user data

In a recent cybersecurity breach, hackers have managed to gain access to user data...

Behavioral Analytics in Cybersecurity: Identifying the Primary Beneficiaries

In the realm of cybersecurity, the cost of a data breach hit a new...

Britain Reportedly Requests Apple to Create Backdoor

In a shocking turn of events, the British government has reportedly issued a secret...