Google Confirms Hackers Used AI to Develop Zero-Day Exploit

Google confirms hackers used AI to develop a zero-day exploit targeting a web management tool. The attack bypasses 2FA and uses AI-typical code structures.

Google Confirms Hackers Used AI to Develop Zero-Day Exploit

Google has identified the first confirmed case of a zero-day exploit developed with the assistance of artificial intelligence. The threat intelligence group at Google discovered the vulnerability targeting a popular open-source web-based system management tool. This marks a significant shift in cyber warfare as attackers begin leveraging large language models to create novel security flaws.

Malicious actors bypass two-factor authentication using novel attack code

The exploit allows malicious actors to bypass two-factor authentication on the targeted software. Google suspects that an unidentified large language model played a key role in crafting the attack code. Evidence of this AI involvement includes the presence of hallucinated CVSS scores within the script. The code also features rich educational docstrings and a structured Pythonic format typical of LLM training data.

Malicious script featuring hallucinated CVSS scores and structured Pythonic formatting typical of large language model training data.
The exploit code includes educational docstrings and clean formatting characteristic of AI-generated scripts.

Google confirmed that its own Gemini AI was not involved in the development of this specific exploit. The company did not disclose which specific large language model the threat actors used. John Hultquist, a senior analyst at the Google Threat Intelligence Group, stated that this incident is likely just the tip of the iceberg. He warned that other AI-developed zero-day vulnerabilities are likely to exist in the wild.

The threat actors behind the exploit are described as a prominent cybercrime group. Nation-state-linked groups from China and North Korea have shown strong interest in AI-based vulnerabilities. This development highlights the growing intersection of generative AI and sophisticated cyber threats. Security researchers are now monitoring for similar patterns in future attack vectors.

Discussion

0 comments

Log in to join the thread with a thoughtful take, question, or correction.

Add to the discussion