skip to main content

Cybercriminals using AI to generate malware - HP

HP's latest Threat Insights Report reveals how attackers are using generative AI to help write malicious code and has identified cybercriminals embedding malicious code in images
HP's latest Threat Insights Report reveals how attackers are using generative AI to help write malicious code and has identified cybercriminals embedding malicious code in images

Cybercriminals are using artificial intelligence (AI) to generate malware, according to new research from HP.

The company's latest Threat Insights Report has revealed how attackers are using generative AI to help write malicious code and has identified cybercriminals embedding malicious code in images.

The report found that hackers are using slick "malvertising" campaigns that direct victims to well-designed websites offering functional tools like PDF readers and converters.

These working applications hide malicious code, while valid code-signing certificates bypass Windows security policies and user warnings, increasing the chance of infection.

The attack infects users with infostealer malware which can record victim's screens and keystrokes.

"There has long been speculation about AI being used by attackers, but evidence has been scarce, so this finding is significant," said Val Gabriel, Managing Director of HP Ireland.

"Typically, attackers tend to obscure their intentions to avoid revealing their methods, so this behaviour indicates an AI assistant was used to help write their code," he said.

"It’s cases like this that showcases threat actors are constantly updating their methods," Mr Gabriel added.