{"id":97019,"date":"2026-05-12T11:02:20","date_gmt":"2026-05-12T08:02:20","guid":{"rendered":"https:\/\/forklog.com\/en\/?p=97019"},"modified":"2026-05-12T11:05:11","modified_gmt":"2026-05-12T08:05:11","slug":"google-reports-surge-in-ai-use-among-cybercriminals","status":"publish","type":"post","link":"https:\/\/forklog.com\/en\/google-reports-surge-in-ai-use-among-cybercriminals\/","title":{"rendered":"Google Reports Surge in AI Use Among Cybercriminals"},"content":{"rendered":"<p>Malicious actors are leveraging artificial intelligence to exploit vulnerabilities, expand the scale of operations, and gain initial access to targeted systems or networks, according to a report by the <a href=\"https:\/\/cloud.google.com\/blog\/topics\/threat-intelligence\/ai-vulnerability-exploitation-initial-access\">Google Threat Intelligence Group (GTIG)<\/a>.<\/p>\n<p>The GTIG division first identified a hacker who used a zero-day exploit developed with AI. The hacker intended to deploy it for a large-scale attack, but corporate experts managed to thwart the threat.<\/p>\n<p>North Korea-linked hackers have also shown significant interest in using AI to find vulnerabilities.<\/p>\n<p>Programming with neural networks has accelerated the development of infrastructure toolkits and <span data-descr=\"virus\/trojan\/other malware that can change its code or appearance with each new infection, launch, or distribution, while retaining its malicious function\" class=\"old_tooltip\">polymorphic malware<\/span>. This technology facilitates bypassing security systems and allows for the integration of deceptive logic. GTIG associates such developments with Russia.<\/p>\n<p>Artificial intelligence aids in autonomous operations. Analysts highlighted that malware like PROMPTSPY &#8220;indicates a shift towards independent orchestration of attacks.&#8221; Models interpret the system state to dynamically generate commands and manipulate the victim&#8217;s environment.<\/p>\n<blockquote class=\"wp-block-quote is-layout-flow wp-block-quote-is-layout-flow\">\n<p>&#8220;This approach allows malicious actors to offload operational tasks to AI for scalable and adaptive activity,&#8221; the report states.<\/p>\n<\/blockquote>\n<p>Hackers continue to use AI as a high-speed research assistant to support the attack lifecycle. Simultaneously, they are shifting towards agent-based workflows for automation.<\/p>\n<p>Malicious actors seek anonymous access to premium-level models to unlawfully bypass limits. Such infrastructure enables mass abuse of services.<\/p>\n<p>GTIG noted that hackers like TeamPCP (also known as UNC6780) have begun using AI environments and software dependencies to gain initial access to victims&#8217; infrastructure.<\/p>\n<p>Google&#8217;s cyber division experts emphasized that they are taking proactive measures to stay ahead of ever-evolving threats.<\/p>\n<p>Back in September 2025, the threat analysis team of the startup Anthropic <a href=\"https:\/\/forklog.com\/en\/news\/anthropic-unveils-first-ai-driven-cyber-espionage-operation\">discovered<\/a> and disrupted the first-of-its-kind AI-driven cyber-espionage campaign.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Malicious actors are leveraging AI to exploit vulnerabilities, expand operations, and gain initial access to systems or networks.<\/p>\n","protected":false},"author":1,"featured_media":97020,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"select":"1","news_style_id":"1","cryptorium_level":"","_short_excerpt_text":"Cybercriminals increasingly use AI to exploit vulnerabilities and expand operations.","creation_source":"","_metatest_mainpost_news_update":false,"footnotes":""},"categories":[3],"tags":[438,44,1111,738],"class_list":["post-97019","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-news-and-analysis","tag-artificial-intelligence","tag-cybercrime","tag-cybersecurity","tag-google"],"aioseo_notices":[],"amp_enabled":true,"views":"5","promo_type":"1","layout_type":"1","short_excerpt":"Cybercriminals increasingly use AI to exploit vulnerabilities and expand operations.","is_update":"","_links":{"self":[{"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/posts\/97019","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/comments?post=97019"}],"version-history":[{"count":1,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/posts\/97019\/revisions"}],"predecessor-version":[{"id":97021,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/posts\/97019\/revisions\/97021"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/media\/97020"}],"wp:attachment":[{"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/media?parent=97019"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/categories?post=97019"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/tags?post=97019"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}