Hackers are turning to easy, fast AI solutions to roll out attacks - so how can your business stay safe?

News
By published

Between speed, quality, and cost, hackers must sacrifice one

A stylized depiction of a padlocked WiFi symbol sitting in the centre of an interlocking vault.
(Image credit: Shutterstock)
  • Cybercriminals leverage GenAI to accelerate attack creation
  • Campaigns prioritize speed and scale over sophistication
  • Report shows basic tactics still bypass defenses

Cybercriminals are “vibe-hacking” their way into enterprise environments, using Generative Artificial Intelligence (GenAI) to make launching attacks faster and easier, research has claimed, noting although the attacks are less sophisticated compared to non-AI ones, this is a tradeoff cybercriminals are apparently happy to take.

The latest Threat Insights Report from HP Wolf Security claims to have seen AI tools being used in different ways. In one campaign, a fake invoice PDF contained a link that triggered a download from a compromised site, before redirecting the victim to a trusted platform.

In another one, the crooks were using off-the-shelf malware components and optimizing them with custom lures and payloads. This allows them to “quickly build, customize, and scale campaigns with minimal effort”.

Piggyback attacks

The researchers also observed a so-called “piggyback” attack, in which malware was hidden in fake Teams installers.

Victims would download a malicious installer bundle with a hidden Oyster Loader malware piggybacking on the Teams installation process. So, while the real app is being installed, the victims don’t notice the infection happening in the background.

“It’s the classic project management triangle - speed, quality and cost. You often sacrifice one of them. What we’re seeing is many attackers are optimizing for speed and cost, not quality,” said Alex Holland, Principal Threat Research, HP Security Lab.

“They are not using AI to raise the bar; they’re using it to move faster and reduce effort. The campaigns themselves are basic but the uncomfortable reality is they still work.”

Looking at the report, it would seem that quality isn’t the defining factor here. As per HP’s telemetry, at least 14% of malicious emails managed to bypass one or more email gateway scanners, suggesting that the “low quality, high quantity” approach does work. The most popular delivery type were executable files (37%), .ZIP archives (11%), and .DOCX files (10%).

Best antivirus software header
The best antivirus for all budgets

➡️ Read our full guide to the best antivirus
1. Best overall:
Bitdefender Total Security
2. Best for families:
Norton 360 with LifeLock
3. Best for mobile:
McAfee Mobile Security

Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews, and opinion in your feeds. Make sure to click the Follow button!

And of course you can also follow TechRadar on TikTok for news, reviews, unboxings in video form, and get regular updates from us on WhatsApp too.

Sead Fadilpašić

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

You must confirm your public display name before commenting

Please logout and then login again, you will then be prompted to enter your display name.