Content |
Chronicle
2025: How cybercriminals use generative AI in their attacks. 6 main directions
Attackers are actively using generative artificial intelligence (GENI) to improve the effectiveness of cyber attacks and automate fraudulent operations. This is stated in the CrowdStrike study, the results of which were published on February 27, 2025. Analysts identify six main areas of application of Genia for cybercriminal purposes.
1. Carrying out phishing attacks
Large language models (LLMs) are able to efficiently generate phishing emails or create websites to collect credentials. The results of a study conducted in 2024 indicate that phishing messages created by LLM have a significantly higher rate of clickability (the ratio of the number of clicks to the number of impressions) compared to letters written by a person: 54% versus 12%. In addition, thanks to the use of Genia, the time cost of preparing a phishing campaign is significantly reduced.
2. Creating deepfakes
Attackers use Genia to simulate the voice and image of senior company executives, officials and others. These deepfakes can then be used to carry out various fraudulent transactions. For example, a scheme is common when cybercriminals pose as CEOs of various organizations, trying to convince employees to transfer funds under one pretext or another. Voice deepfakes are often used for phone scams: attackers can mimic the speech of the victim's relatives or friends in an attempt to get money.
3. Spread of misinformation on social media
Genia is able to create believable, but false articles, and all kinds of messages for publication on social platforms. This allows attackers to manipulate public opinion, distribute fake defamatory materials, undermine the authority of individuals and entire companies, etc.
4. Create dummy social media profiles
Attackers through Genia create fake profiles on various social networks, for example, LinkedIn. In the future, fraudsters use such accounts for various deception schemes, for example, requesting personal data for an interview. Criminals offer high-paying jobs to lure gullible users into their trap. In particular, in such messages, the organizers of the scheme can send malicious links, request an advance for training, ask for certain personal information for employment, etc.
Cryptocurrency scams are also common on social networks. One popular scheme is to disguise the attacker as a successful financial adviser, which offers "profitable investments." First of all, such a proposal attracts users who are in a difficult economic situation, and those who are confident in easy earnings on cryptocurrency.
5. Writing malicious code
Genia allows you to automate the process of writing malware. Attackers use neural networks to automatically create new modifications of viruses. Moreover, even people with minimal programming skills can perform such a task.
6. Creating exploits
Genia tools can be used by cybercriminals to search for zero-day vulnerabilities in security systems and develop exploits. This greatly increases the likelihood of a successful attack. Previously unknown "holes" can be used to steal information or introduce ransomware viruses.[1]
Notes
| The site content is translated by machine translation software powered by PROMT. The machine-translated articles are not always perfect and may contain errors in vocabulary, syntax or grammar. Read original article If you find inaccuracies or errors in the results of machine translation, please write to editor@tadviser.ru. We will make every effort to correct them as soon as possible. |