Google announced Monday that it identified a cyber threat it believes hackers developed using AI, meant to exploit networks on a large scale. File Photo by Sascha Steinbach/EPA
May 11 (UPI) — Google announced Monday that it identified a cyber threat it believes hackers developed using artificial intelligence, meant to exploit networks on a large scale.
Google Threat Intelligence Group said the hackers were using a zero-day exploit, a security vulnerability that is unknown to security companies, and planned to use it for mass exploitation.
Google said this is the first time it has identified a threat with evidence that AI was used to develop it.
“AI-enabled malware, such as PROMPTSPY, signal a shift toward autonomous attack orchestration, where models interpret system states to dynamically generate commands and manipulate victim environments,” Google Threat Intelligence Group said in a news release.
Google’s AI Gemini and Claude Mythos were highlighted as AI models it does not believe were used in this threat attempt.
If the threat was successful, hackers would have been able to bypass two-factor authentication on “a popular open-source, web-based system administration tool,” Google said. The attempt occurred within the last couple months but Google did not specify when exactly.
AI is also being used for cybersecurity, as a tool to identify potential security risks. Google says Monday’s report shows criminal hacker groups are also interested in using AI for their goals.
“For every zero-day we can trace back to AI, there are probably more out there,” John Hultquist, chief analyst at Google Intelligence Group, said in a statement. “Threat actors are using AI to boost the speed, scale, and sophistication of their attacks.