Google Catches First AI Zero-Day Exploit: A Warning Shot for Crypto Security?
Google detected the first AI-built zero-day exploit used by hackers, neutralizing a planned mass attack and highlighting AI's growing role in cybersecurity threats.Summary
Google's Threat Intelligence Group has identified the first instance of a criminal hacking group utilizing an AI-generated zero-day exploit in real-time, successfully thwarting a large-scale attack. The exploit, written in Python, bypassed two-factor authentication on an open-source system administration tool. Indicators suggesting AI authorship included tutorial-style docstrings and a fabricated CVSS score. While Google confirmed its own Gemini model was not involved, analysts warn that subtler AI-assisted intrusions may already be occurring undetected. The report also highlights the increasing use of AI by state-linked actors, with Russian malware families like PROMPTFLUX and PROMPTSPY using AI for planning, and Chinese and North Korean operations training models on vast vulnerability datasets. In response, Google has developed AI agents like Big Sleep to proactively hunt for zero-days and CodeMender for automated patching. The article emphasizes the growing threat to cryptocurrency security, noting that AI agents exploit smart contracts more effectively than they detect threats, and past incidents have shown AI tools aiding scammers and exposing private keys.
(Source:BeInCrypto)