Security researchers at Alphabet Inc’s Google said they believe a cybercrime group used artificial intelligence to create a hacking tool that could bypass defenses in a tool widely used to manage computer systems.The scheme, which was foiled when Google alerted the tool’s developer, would be the first time Google’s threat intelligence group has caught a hacker using AI-generated “zero-day” in this way, according to a report published Monday. Zero-day vulnerabilities are flaws that are unknown to the developer, leaving defenders no time to fix them before they can be exploited. Google said it had “high confidence” that artificial intelligence was used to help detect and weaponize the exploit.The company declined to name the cybercrime group, the software affected, or the broad language model that was used in the attempted attack. However, a company spokesperson said researchers do not believe this exploit was created using Anthropic PBC’s Mythos software or Google’s Gemini model.The company also did not say when the exploit was discovered other than that it was “recent.” Anthropic said in April that it would not release its new Mythos model widely, because the way it uses artificial intelligence to exploit software flaws poses a national security risk.
Since then, the White House has moved to address potentially harmful use of large language models, and officials have held emergency meetings with technology and industry leaders.Google researchers said their findings indicate that such threats are already a reality.The hacking group used an artificial intelligence model to find a previously unknown flaw in the tool. The flaw could be used to bypass multi-factor authentication, a security protection often added in addition to a password, to gain access to the internal networks of organizations using the software.The report said that Google alerted the tool’s developer, who fixed the issue before hackers could deploy it against users.Businesses use web-based system administration tools to remotely configure and manage servers, websites, and applications. This includes managing security settings, employee accounts, and the permissions the accounts have to access systems and data. This is the Bloomberg story.
