(May 11): Security researchers at Alphabet Inc’s Google said they believe a cybercrime group used artificial intelligence (AI) to create a hacking tool that can bypass defences in a widely-used tool to administer computer systems.
The scheme, which was foiled when Google alerted the tool developer, would mark the first time that Google’s Threat Intelligence Group caught a hacker using an AI-generated “zero-day” in such a way, according to a report published on Monday. Zero-day vulnerabilities are flaws unknown to the developer, leaving defenders no time to patch before they can be exploited.
Google said it has “high confidence” that AI was used to help discover and weaponise the exploit.
The company declined to name the cybercrime group, the impacted software or the large language model that was used in the attempted attack. However, a spokesperson said researchers don’t believe the exploit was created using Anthropic PBC’s Mythos or Google’s own model, Gemini.
The company also wouldn’t say when the exploit was discovered other than it was “recent”.
Anthropic said in April it wouldn’t widely release its new model, Mythos, because the way it used AI to identify and exploit software flaws posed a national security risk. Since then, the White House has moved to address potential malicious use of large language models, and government officials have held emergency meetings with technology and industry leaders.
See also: OpenAI to buy consulting firm for private equity joint venture
Google researchers said their findings suggest such threats are already a reality.
The hacking group used a AI model to find a previously unknown flaw in the tool, according to the report. That flaw could be used to bypass multifactor authentication, a security protection often added in addition to a password, to gain access to the internal networks of organisations using the software.
Google alerted the tool’s developer, who fixed the issue before hackers could deploy it against users, the report said.
See also: SoftBank’s Son in talks for major data centre project in France — Bloomberg
Businesses use web-based system administration tools to configure and manage servers, websites and applications remotely. This includes managing security settings, employee accounts and the permissions those accounts have to access systems and data.
Uploaded by Tham Yek Lee
