Accelerated phishing site creation facilitated by Vercel’s AI tool

Malicious sign-in webpages leveraged in phishing attacks have been produced quickly and at scale through the exploitation of Vercel's generative artificial intelligence tool v0, which allows natural language prompt-based landing page and full-stack app creation, reports The Hacker News.

Attackers have also used Vercel's infrastructure for hosting logos of the spoofed companies and other resources, according to a report from Okta Threat Intelligence researchers. "The observed activity confirms that today's threat actors are actively experimenting with and weaponizing leading GenAI tools to streamline and enhance their phishing capabilities. The use of a platform like Vercel's v0.dev allows emerging threat actors to rapidly produce high-quality, deceptive phishing pages, increasing the speed and scale of their operations," said researchers, who noted that the phishing sites have already been blocked by Vercel upon disclosure. Such findings follow a Cisco Talos report detailing threat actors' growing interest in uncensored large language models.