Criminal Use of AI Growing, But Lags Behind Defenders

In summary, Trend Micro has found only one criminal LLM: WormGPT. Instead, there is a growing incidence, and therefore potential use, of jailbreaking services: EscapeGPT, BlackHatGPT, and LoopGPT. There is also an increasing number of 'services' whose purpose is unclear.
These provide no demo and only mention their supposed capabilities: high on claims but low on proof.
Trend is not sure about the relevance or value of these offerings, and places them in a separate category labeled potential 'scams'.
Other examples include XXX.GPT, WolfGPT, EvilGPT, DarkBARD, DarkBERT, and DarkGPT. In short, when not scamming other criminals, criminals are concentrating on the use of mainstream AI products rather than developing their own AI systems.
This is also seen in the use of AI within other services.
The Predator hacking tool includes a GPT feature using ChatGPT to assist scammers' text creation abilities.
It is also evident in an increasing number of deepfake services.
Image or video deepfakes can be supported by voice deepfakes.
The result is good enough to fool people with little direct knowledge of the faked person, so the services tend to concentrate on the KYC element of false account creation.
Despite the current lack of large-scale criminal exploitation of gen-AI, Trend's researchers highlight indications that this may change.
Criminals' main priorities are learning how to use AI without upending the preference for evolution over revolution, obtaining maximum return on effort, and remaining hidden from law enforcement.
Jailbreaking services allow criminals to use existing LLMs - currently almost entirely ChatGPT - with minimal likelihood of being tracked and traced.
Microsoft and OpenAI have already demonstrated the ability to profile APT use of ChatGPT based on the content of the questions and the location of the source IPs.
For now, new jailbreaking techniques can be developed faster than LLM guardrails can be developed to prevent them.
This may not last with the rapid development of AI technology.
When jailbreaking the main LLMs becomes too difficult, we may see a new evolution in criminal use.
What we currently see is not a rejection of AI by cybercriminals, nor even a lack of understanding, but rather a careful and methodical inclusion of its capabilities.
They suspect that improved deepfakes may be among the earliest applications.
Trend Micro still refrains from joining the doom and gloom AI scenario.
In the overall AI cat and mouse game between criminals and defenders, defenders currently have the edge.


This Cyber News was published on www.securityweek.com. Publication date: Thu, 09 May 2024 15:43:06 +0000


Cyber News related to Criminal Use of AI Growing, But Lags Behind Defenders

Criminal IP and Quad9 Collaborate to Exchange Domain and IP Threat Intelligence - Criminal IP, a renowned Cyber Threat Intelligence search engine developed by AI SPERA, has recently signed a technology partnership to exchange threat intelligence data based on domains and potentially on the IP address to protect users by blocking ...
5 months ago Hackread.com
Criminal Use of AI Growing, But Lags Behind Defenders - In summary, Trend Micro has found only one criminal LLM: WormGPT. Instead, there is a growing incidence, and therefore potential use, of jailbreaking services: EscapeGPT, BlackHatGPT, and LoopGPT. There is also an increasing number of 'services' ...
5 months ago Securityweek.com
Cyber Insights 2023: Criminal Gangs - The result is more than a dozen features on subjects ranging from AI, quantum encryption, and attack surface management to venture capital, regulations, and criminal gangs. Despite some geopolitical overlaps with state attackers, the majority of ...
1 year ago Securityweek.com
Criminal IP and Tenable Partner for Swift Vulnerability Detection - Criminal IP, a prominent Cyber Threat Intelligence search engine developed by AI SPERA, has recently established a technical partnership with Tenable, a global leader in exposure management. This partnership is designed to equip users with a robust ...
9 months ago Bleepingcomputer.com
Criminal IP ASM: A new cybersecurity listing on Microsoft Azure - AI SPERA, a leader in Cyber Threat Intelligence-based solutions, today announced that Criminal IP ASM is now available on the Microsoft Azure Marketplace. As an officially certified ISV partner of Microsoft, AI SPERA offers services and technology ...
9 months ago Bleepingcomputer.com
International Criminal Court systems breached for cyber espionage - The International Criminal Court provided additional information about the cyberattack five weeks ago, saying that it was a targeted operation for espionage purposes. The intergovernmental organization disclosed the breach on September 19, a few days ...
11 months ago Bleepingcomputer.com
Tracers in the Dark: The Global Hunt for the Crime Lords of Crypto - Y is the author of a book I can very greatly recommend, with the fascinating title Tracers in the Dark: The Global Hunt for the Crime Lords of Cryptocurrency. As I dug into this cypherpunk world, around 2010 and 2011, I came upon this thing that ...
1 year ago Nakedsecurity.sophos.com
CyberCrime & Doing Time: Classic Baggie: A Delaware BEC Case calls him the leader of an International Criminal Organization - The U.S. Attorney's office in Delaware charged Olugbenga Lawal with being a major money launderer for a Nigerian-based international criminal organization that specialized in Business Email Compromise and Romance Scam. The Defendant's importance in ...
9 months ago Garwarner.blogspot.com
Copycat Criminals mimicking Lockbit gang in northern Europe - Recent reports of Lockbit locker-based attacks against North European SMBs indicate that local crooks started using Lockbit locker variants. During the past months, the Lockbit gang reached very high popularity in the underground ecosystem. The ...
1 year ago Securityaffairs.com
US DOJ applies carrot-and-stick approach to Foreign Corrupt Practices Act policy - The US Department of Justice has taken a carrot-and-stick approach to its corporate enforcement policy in regard to the Foreign Corrupt Practices Act in an effort to entice companies to self-report when in violation of the FCPA. Assistant Attorney ...
1 year ago Csoonline.com
Eurojust conducts operation to shut malware and ransomware spreading botnets - Eurojust, the European Union Agency for Criminal Justice, recently initiated a decisive strike against a notorious botnet network responsible for disseminating malware and ransomware across the digital realm. The crackdown led to the seizure of their ...
5 months ago Cybersecurity-insiders.com
AI Adoption Surges But Security Awareness Lags Behind - A new ExtraHop survey involving over 1200 global security and IT leaders has provided fresh insights into the adoption and management of generative AI tools like ChatGPT and Google Bard. Security is reportedly not the primary concern for ...
11 months ago Infosecurity-magazine.com
AI Boosts Malware Detection Rates by 70% - Threat intelligence-sharing platform VirusTotal has unveiled new research showing how AI can be used by cyber defenders to enhance malware analysis. Through the research, VirusTotal found that AI is extremely effective in analyzing malicious code, ...
11 months ago Infosecurity-magazine.com
Medusa Ransomware Unleashes New Tactics: Data Sale, Time Extension, and AI Threats - In the ever-evolving landscape of cyber threats, Medusa Ransomware has taken a bold step by launching a dedicated blog to publish victim details, offering a chilling one-click data sale for $10,000. This notorious group, distinct from Medusa Locker ...
9 months ago Cybersecurity-insiders.com
African Organizations Aim to Fix Cybersecurity in 2024 - Faced with numerous cybersecurity threats and challenges, but lacking adequate cyber training, African nations hope to develop the depth of skills needed to defend against attackers in 2024. In December, for example, the University of Lagos, the ...
10 months ago Darkreading.com
Why Red Teams Can't Answer Defenders' Most Important Questions - Red teaming is useful for plenty of other things, but it's the wrong protocol for answering this specific question about defense efficacy. By their nature, they only test a few specific variants of a few possible attack techniques that an adversary ...
10 months ago Darkreading.com
Interpol Arrests Smuggler With New Biometric Screening Database - In November, Interpol arrested a fugitive smuggler using a new biometric security system it plans to deploy across its 196 member countries. The colorlessly named "Biometric Hub" collates Interpol's existing fingerprint and facial-recognition data ...
11 months ago Darkreading.com
Recent Surveillance Revelations, Enduring Latin American Issues: 2023 Year in Review - The challenges in ensuring strong privacy safeguards, proper oversight of surveillance powers, and effective remedy for those arbitrarily affected continued during 2023 in Latin America. Amidst the Argentinian presidential elections, a thorny ...
10 months ago Eff.org
Feds Seize LockBit Ransomware Websites, Offer Decryption Tools, Troll Affiliates - U.S. and U.K. authorities have seized the darknet websites run by LockBit, a prolific and destructive ransomware group that has claimed more than 2,000 victims worldwide and extorted over $120 million in payments. Instead of listing data stolen from ...
8 months ago Krebsonsecurity.com
Cybersecurity Teams Tackle AI, Automation, and Cybercrime-as-a-Service Challenges - In the digital society, defenders are grappling with the transformative impact of artificial intelligence, automation, and the rise of Cybercrime-as-a-Service. Recent research commissioned by Darktrace reveals that 89% of global IT security teams ...
7 months ago Cysecurity.news
How Microsoft's cybercrime unit has evolved to combat increased threats - Governments and the tech industry around the world have been scrambling in recent years to curb the rise of online scamming and cybercrime. Even with progress on digital defenses, enforcement, and deterrence, the ransomware attacks, business email ...
10 months ago Packetstormsecurity.com
Interpol Arrested 3,500 Suspects and Seized $300 Million - In a groundbreaking initiative spanning 34 countries, INTERPOL orchestrates Operation HAECHI IV, a relentless assault on online financial crime, yielding a formidable impact. Interpol, short for the International Criminal Police Organization, is a ...
10 months ago Gbhackers.com
Ransomware victims targeted in follow-on extortion attacks The Register - Ransomware victims already reeling from potential biz disruption and the cost of resolving the matter are now being subjected to follow-on extortion attempts by criminals posing as helpful security researchers. Researchers at Arctic Wolf Labs ...
9 months ago Go.theregister.com
Is your ID badge giving away too much about you? - ID badges are a two-edged sword, providing security and convenience on one hand, but risking exposure of sensitive data on the other. The reason Abbott's now-removed Insta post caught so much heat is that a hacker named Alex Hope was able to uncover ...
10 months ago Blog.avast.com
Stopping Lateral Movement Means Identifying the Small Hops That Take Attackers Far - Today's attackers rarely conduct lateral movement manually. For attackers, lateral movement is an exercise in taking what they are given: They are not moving throughout the network according to some sort of preplanned map, but following open pathways ...
10 months ago Securityboulevard.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)