Google: Over 57 cyber threat actors using AI for hacking
Google links over 57 cyber threat groups to China, Iran, North Korea, and Russia accusing them in misusing Google’s AI technology to enhance hacking.
Google identified more than 57 cyber threat actors linked to China, Iran, North Korea, and Russia leveraging the company’s AI technology to enhance their cyber and information warfare efforts. According to a new report by Google’s Threat Intelligence Group (GTIG), the state-sponsored hacking groups, known as Advanced Persistent Threats (APTs), primarily use AI for tasks such as researching vulnerabilities, writing malicious code, and creating targeted phishing campaigns.
The company says that Iranian APT actors, particularly APT42, were identified as the most frequent users of Google’s AI tool, Gemini. They used it for reconnaissance on cybersecurity experts and organizations, and phishing operations.
Beyond APT groups, underground cybercriminal forums have begun advertising illicit AI models, such as WormGPT, WolfGPT, FraudGPT, and GhostGPT—AI systems designed to bypass ethical safeguards and facilitate phishing, fraud, and cyberattacks.
In the report, Google stated that the company has implemented countermeasures to prevent abuse of its AI system and has called for stronger collaboration between government and private industry to bolster cybersecurity defenses.
About author
DW Team
The GIP Digital Watch Observatory team, consisting of over 30 digital policy experts from around the world, excels in the fields of research and analysis on digital policy issues. The team is backed by the creative prowess of Creative Lab Diplo and the technical expertise of the Diplo tech team.
