September 26, 2024 at 08:25AM
Threat actors have leveraged generative artificial intelligence (GenAI) to create and spread malicious code, using it to write VBScript and JavaScript for the distribution of the AsyncRAT. The attackers’ use of GenAI was identified by researchers from HP Wolf Security, signifying a concerning advancement in attackers’ methods. This technological development requires corresponding vigilance and measures from defenders.
Based on the meeting notes, here are the key takeaways:
1. Threat actors have been observed using generative artificial intelligence (GenAI) to create and spread malicious code, specifically to distribute the AsyncRAT, a commercially available remote access trojan (RAT).
2. The use of GenAI in developing malicious code was first noticed by researchers from HP Wolf Security during an investigation of a suspicious email in June. This discovery marks a significant advancement in attackers’ tactics and should alert defenders to the evolving threat landscape.
3. The campaign revealed that the malware creators utilized GenAI to write VBScript and JavaScript code, and it’s the first observed instance of attackers weaponizing chatbot technology for such malicious purposes.
4. The presence of consistent comments, clear scripts’ structure, and choice of function names and variables in the code provided strong indication that threat actors used GenAI for their malicious activities.
5. The researchers found that the malware deployment involved an infection chain, including writing variables to the Windows Registry, dropping a JavaScript file into the user directory, and running PowerShell scripts to execute the malware payload.
6. Given the emergence of GenAI in attack strategies, it’s imperative for defenders to also incorporate the technology into their security posture to proactively identify potential threats and unauthorized access.
These key takeaways highlight the growing sophistication of cyber threats and the need for organizations to stay ahead of attackers by leveraging advanced technologies, such as GenAI, for proactive defense measures.