Follow us on Google News (click on ☆)
Cybercriminals are increasingly exploiting AI to design malicious software. The emergence of artificial intelligence tools, such as ChatGPT, allows inexperienced individuals to create malicious scripts with disconcerting ease.
A recent investigation conducted by HP Wolf Security shed light on an attack orchestrated in June 2024. This operation relied in part on a malware known as AsyncRAT, easily accessible on the web. Hackers used AI to develop elements of this attack.
The analysis of the code behind this cyberattack revealed comments, an unusual practice for hackers who usually strive to obscure the functioning of their code to complicate analysis and avoid detection. Cybercriminals often use obfuscation techniques, such as encryption and variable renaming, to make their malicious code difficult to understand. However, HP researchers observed that the code contained comments meticulously detailing each line, a hallmark of AI models.
These clear and accessible annotations, similar to those generated by chatbots, raise questions about the attackers' skills: using AI to write code may indicate a lack of technical expertise within these hacker groups.
By making script creation more accessible, AI lowers the entry barrier for less skilled individuals, paving the way for a new horizon in hacking where even novices can carry out complex attacks, presenting an additional challenge for cybersecurity specialists. Furthermore, by using AI, cybercriminals were able to focus on the architecture of the attack while letting the AI handle the scriptwriting.
AsyncRAT stands out due to its asynchronous operation, distinguishing it from other Trojans. Indeed, this malware does not require a permanent connection between the hacker and the compromised computer. The first signs of this threat appeared in the form of fake emails sent to French recipients, with an invoice containing a ZIP file. The hackers cleverly provided the password within the email body to conceal their true intent.
HP's report highlights that the rise of generative AI promotes an increase in cyberattacks. These new techniques make the spread of malware more accessible to less-qualified individuals. Internet users must therefore be extra vigilant.
What is malware?
Malware, or malicious software, refers to any program designed to infiltrate a computer system with the aim of causing damage, stealing information, or compromising the user's security. Malware comes in various forms, including viruses, Trojans, ransomware, and spyware. Each of these types has specific goals and uses different methods to spread and infect devices.
Malware can be hidden in files, links, or seemingly harmless applications. Once activated, it can perform harmful actions such as stealing personal data, spying on the user's activities, or using the computer's resources for malicious purposes. Preventing and detecting malware is essential for protecting information systems and ensuring data security.
What is asynchronous malware?
Asynchronous malware, like AsyncRAT, operates without requiring a constant connection between the attacker and the infected computer. This method allows hackers to control the compromised machine remotely while avoiding detection.
This asynchronous capability also offers greater flexibility to cybercriminals, enabling them to operate at their own pace. Data can be siphoned off at regular intervals, and the malware can remain active in the background without depending on continuous interaction with the attacker, thereby making detection more difficult for cybersecurity solutions.