Modular, efficient malware intrusions facilitated by AI

Cybernews reports that AI has been tapped by malicious actors to generate vibe hacking scripts and modular malware for scalable cyber intrusions.

Usage of vibe hacking scripts was evident in an attack campaign that involved PDFs with links redirecting to Booking.com while downloading a seemingly harmless document with double file extensions, according to HP Wolf Security's Threat Insight Report. Opening the file triggered a JavaScript that executed a PowerShell payload. On the other hand, malvertising and search engine optimization poisoning have been leveraged to divert to a bogus Microsoft Teams website that included a download link, which enabled the installation of Teams setup files alongside a CapCut-related executable and a DLL that injects the OysterLoader backdoor.

Such attacks were noted by HP Security Lab Principal Threat Researcher Alex Holland to deliberately prioritize efficiency over sophistication.

"They are not using AI to raise the bar; they're using it to move faster and reduce effort. The campaigns themselves are basic, but the uncomfortable reality is they still work," Holland said.