AI-Powered Malware - A Serious Cyber Security Threat

Uploaded on 2025-05-13 in TECHNOLOGY-Key Areas-Artificial Intelligence, NEWS-Cybersecurity News, FREE TO VIEW

Cyber criminals are using Artificial Intelligence (AI) to build sophisticated and hyper-targeted malware that is hard to detect with traditional cyber security. The integration of AI into malware development is becoming as a serious cyber security threat, which is now a new method of criminal hacking attacks. 

Traditionally, AI was not widely associated with malware, but with the rise of generative AI tools, cyber criminals are increasingly exploiting this technology to enhance their attacks. 

AI-powered cyber attacks are more sophisticated, harder to detect, and capable of by-passing traditional security measures. And despite organisations attempts to minimise hackers’ chances of using their tools for criminal purposes, AI can now be used in malware development in several ways. 

AI can be used to search for exploitable vulnerabilities, and readily available tools like ChatGPT allow even inexperienced hackers to write malicious scripts. AI-powered malware can also adapt to its environment, changing its behaviour and code structure dynamically to evade detection. 

  • According to a report by Cybernews detailing the use of AI by threat actors, one of the earliest groups to take advantage of AI capabilities for malware creation is CyberAv3ngers, an Iranian hacking group targeting critical infrastructure sectors such as water systems, energy, and manufacturing. This group uses AI to improve vulnerability research, automate malware debugging, and craft scripts that manipulate industrial control systems and programmable logic controllers. 
  • Similarly, SweetSpecter, a Chinese state-backed group, leverages OpenAI services to develop AI-driven intelligence collection tools and malware capable of bypassing traditional detection mechanisms. The capability to evade security measures makes their malware particularly potent, allowing it to persist undetected in targeted networks.
  • The Forest Blizzard group, also known as APT28, has used AI to create convincing fake government documents for phishing campaigns. By analysing victim communication patterns, they craft targeted attacks that can harvest sensitive information with great precision.

These groups represent the growing use of AI in cyber attacks, a trend that is expanding amongst both well-organised and less technical hacker groups. 

As AI technology continues to evolve, so will the sophistication of cyber threats. Security solutions will need to adapt to this new landscape to stay ahead of these advanced, AI-driven cyber attacks.

First and foremost, users and employees must be taught how to distinguish threats and act accordingly. Organisations need to be very careful about who has what permissions in their systems. 

Ransomware defences need to be better than ever, and networks need to be segmented to prevent or at least complicate lateral movement for attackers.

Palo Alto Networks  |  Palo Alto Networks   |    CISA   |   I-HLS  |  Cybernews   |   DesignRush  |    Impact  

Image: Sasha85ru

You Might Also Read: 

Securing Valuable Data

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 


 

« Cyber Crime Cost The US $16 Billion In 2024
TikTok Fined €530M For Breaking EU Rules »

CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

RCMP Cybercrime Strategy

RCMP Cybercrime Strategy

The RCMP Cybercrime Strategy sets out in an Operational Framework and Action Plan to combat cybercrime.

Genie Networks

Genie Networks

Genie Networks is a leading technology company providing networking and security solutions for optimizing the performance of large networks.

INCIBE-CERT

INCIBE-CERT

INCIBE-CERT is the reference security incident response center for citizens and private law entities in Spain

First National Technology Solutions (FNTS)

First National Technology Solutions (FNTS)

First National Technology Solutions is a leading provider of flexible, customized hosted and remote managed services including IT security and compliance.

Mako Networks

Mako Networks

The Mako System is an award winning networking and security service designed specifically for SMEs and branch offices of larger organisations.

File Centre

File Centre

File Centre is a leading specialist when it comes to data backup, we offer our clients a premium backup retrieval and delivery solution.

Desec Security

Desec Security

Desec's training platform allows professionals around of the world to acquire knowledge and practical experience in Information Security.

ST Engineering

ST Engineering

ST Engineering is a leading provider of trusted and innovative cybersecurity solutions.

ditno

ditno

ditno uses machine learning to help you build a fully governed and micro-segmented network. Dramatically mitigate risk and prevent lateral movement across your organisation – all from one centralised

Hyperproof

Hyperproof

Hyperproof is a cloud-based compliance operations software. Launch new programs immediately, collect evidence automatically, and manage a compliance program intelligently.

Nine23

Nine23

Nine23 are a highly focused cyber security solutions company that defines, builds and manages innovative services, enabling end-users to use technology securely in today’s workplace.

Torch.AI

Torch.AI

Torch.AI’s Nexus™ platform changes the paradigm of data and digital workflows, forever solving core impediments caused by the ever-increasing volume and complexity of information.

ECIT

ECIT

ECIT is your preferred provider of finance and IT services. We believe in the value of combining financial and IT services to streamline and improve the operation of your business.

CYBRI

CYBRI

CYBRI is a cybersecurity company helping businesses detect and remediate mission-critical vulnerabilities before they get exploited by hackers.

Barclay Simpson

Barclay Simpson

Barclay Simpson is proud to have a long history of delivering cyber security, technology and governance recruitment services.

Core42

Core42

Core42 provides a full-spectrum of AI enablement solutions covering cloud, data, cybersecurity and digital services designed for customer success.