Cybercriminals stepping up AI use to “enhance all stages” of attacks, Google intel warns

Cybercriminals Increasing AI Use Across All Attack Stages, Google Warns

Google threat intelligence reveals that cybercriminals are aggressively adopting AI tools to improve every phase of their attacks, from malware distribution to stealing credentials.

Growing AI Integration in Cyberattacks

Recent observations show threat actors using AI not only for ransomware and credential theft but also for creating new malware variants. Some even impersonate capture-the-flag (CTF) participants to deceive chatbots. This marks a significant shift in cybercriminal tactics.

"Attackers over the past twelve months, from low-level vibe coders to nation-state actors, have been observed moving into ‘a new operational phase of AI abuse’ – one that is integrating and experimenting with AI, not only 'across the industry but throughout the entire attack lifecycle.'"

Insights from Google’s Threat Intelligence Group

In the latest update to its Adversarial Misuse of Generative AI analysis, Google highlights how widespread AI abuse has become within cybercrime. The Google Threat Intelligence Group (GTIG) detailed these findings in a blog post released on Wednesday.

Recommended Defensive Measures

The report advises cybersecurity teams on strengthening defenses against emerging AI-driven threats, focusing on the misuse of large language models (LLMs) and tools like Google’s Gemini AI Assistant.

"The report also provides cybersecurity teams with steps to take to harden systems against these new threats, which include the abuse of LLMs and, more specifically, Google’s Gemini AI Assistant."

Author's summary: Cybercriminals are increasingly exploiting AI technology to enhance every step of their attacks, prompting Google to urge stronger cybersecurity defenses against these evolving threats.

more

Cybernews Cybernews — 2025-11-07

More News