Google Thwarts AI-Powered Zero-Day Cyber Attack

Google recently announced that it successfully identified and prevented a zero-day exploit that was developed using artificial intelligence (AI) technology. The exploit, uncovered by Google Threat Intelligence Group (GTIG), was intended by “prominent cyber crime threat actors” to carry out a large-scale attack that could have bypassed two-factor authentication on an unidentified “open-source, web-based system administration tool.”

Google’s investigation revealed clues within the Python script utilized for the exploit that suggested the involvement of AI, such as a “hallucinated CVSS score” and well-structured formatting resembling LLM training data. The exploit exploited a significant semantic logic flaw in the platform’s 2FA system, where a trust assumption was hardcoded by the developer. This development comes amidst growing concerns regarding the capabilities of AI models focused on cybersecurity, including Anthropic’s Mythos, and the recent discovery of a Linux vulnerability with the aid of AI.

This marks the first instance where Google has encountered evidence of AI involvement in an attack of this nature. While Google was successful in disrupting this particular exploit, it warns that hackers are increasingly turning to AI to identify and exploit security loopholes. The report also highlights AI as a prime target for cyber attackers, noting that “GTIG has observed adversaries focusing more on the integrated components that provide AI systems with their functionality, such as autonomous capabilities and third-party data connectors.”

Furthermore, Google’s report outlines how hackers are leveraging “persona-driven jailbreaking” to utilize AI in uncovering security vulnerabilities, including instructing AI to simulate a security expert. Cybercriminals are also feeding vulnerability data repositories to AI models and using OpenClaw to enhance AI-generated payloads for increased exploit reliability before deployment.