Be careful, generative AI now used to create malware for cyberattacks

"GenAI is accelerating attacks," says HP in a recent report.

Home » News

Reading time icon 2 min. read

Calendar icon Published on

by Rafly Gilang 

published on

Share this article

Readers help support MSpoweruser. We may get a commission if you buy through our links. Tooltip Icon

Read our disclosure page to find out how can you help MSPoweruser sustain the editorial team Read more

Key notes

  • HP’s report shows cybercriminals are using generative AI to create malware, particularly targeting French-speakers.
  • ChromeLoader campaigns are now becoming more sophisticated, distributing fake tools that hijack browsers.
  • Malware is also now being embedded in SVG images for easier execution of malicious code.
Hacker, deepfake illustration

We’re now in the age of AI. There’s no doubt about that as it makes a lot of things faster and more convenient for us all. Every tech company on the face of the earth—whether they love it or hate it—has to start using the latest AI tech, or else, they’ll be outdated and knocked down by the era.

But besides those conveniences, AI still does pose a threat. HP’s recent Threat Insight Report reveals a worrying trend that bad actors, hackers, and cybercriminals are using generative AI to develop sophisticated malware. More specifically, they target French-speaking users.

“The malware’s structure, comments explaining each line of code, and native language function names and variables all indicate the threat actor used GenAI to create the malware,” the report reads, which was gathered thanks to data from consenting HP Wolf Security customers between April and June 2024.

Victims are typically targeted through phishing emails or malvertising, which leads them to malicious websites. These sites may appear professional and trustworthy, often offering fake tools or services, like PDF converters for example. This ChromeLoader campaign ended up installing malicious codes after users were led to counterfeit PDF tools, and then it took control of their browsers.

HP also said that some criminals are hiding malware in SVG (Scalable Vector Graphics) images that automatically run in web browsers.

The report also mentions that in the second quarter of 2024, 12% of email threats bypassed scanners, with 61% from attachments, 18% from browser downloads, and 21% from removable storage. ZIP files, on the other hand, account for 39% of malware delivery.

Such threat should not be underestimated, hence a lot of tech giants, especially big players in the AI landscape, have been robust in their AI security campaigns.

Not too long ago, Google added a “Security Advisor” on Workspace, a set of tools that give you tailored insights, simplified data protection controls, and features like Enhanced Safe Browsing for Chrome and Gmail. It launched as a part of Gemini AI chatbot’s wider integration into Google Workspace apps like Gmail, Docs, and Drive for enterprises.

Rafly Gilang

Rafly Gilang Shield

Tech Reporter

Rafly is a reporter with years of journalistic experience, ranging from technology, business, social, and culture. Currently reporting news on Microsoft-related products, tech, and AI on MSPowerUser. Got a tip? Send it to [email protected]

User forum

0 messages