Hackers Are Leveraging AI to Create Dangerous Malware, According to HP Study

---

A recent HP Threat Insights Report reveals that hackers are increasingly using generative AI to develop malicious software. The study highlights a sophisticated ChromeLoader campaign disseminated through malvertising, which led to the creation of deceptive rogue PDF tools and the embedding of harmful code in SVG images. Notably, cybercriminals are shifting from HTML files to vector images for malware distribution, taking advantage of how SVG files execute embedded JavaScript in web browsers. The report also notes that 12% of email threats bypassed gateway scanners, with email attachments being the primary threat vector. Overall, the findings underscore the evolving tactics of cybercriminals in the ever-changing cybercrime landscape.

 

 

---

 

HP has recently published its Threat Insights Report, revealing that cyber attackers are increasingly using generative AI to develop code for malicious software. The company’s threat research team found that a significant and sophisticated ChromeLoader campaign was disseminated through malvertising, leading to the creation of seemingly legitimate rogue PDF tools. Additionally, they identified cybercriminals embedding harmful code within SVG images. This report analyzes real-world cyberattacks, aiding organizations in staying updated on the latest tactics employed by cybercriminals to evade detection and compromise computers in the rapidly evolving landscape of cybercrime.

Notable findings from HP’s analysis, based on data from millions of endpoints protected by HP Wolf Security, include:

Malware Concealed in Vector Images

Some hackers are shifting tactics from HTML files to vector images to smuggle malware. Vector images, often utilized in graphic design, frequently use the XML-based SVG format. Since SVG files open automatically in web browsers, any embedded JavaScript code is executed as the image is viewed. As a result, while victims believe they are simply looking at an image, they are actually interacting with a complex file format that leads to the installation of various types of infostealer malware.

Diversified Attack Methods

– At least 12% of email threats identified by HP Sure Click bypassed one or more email gateway scanners, maintaining the same rate as the previous quarter.
– The primary threat vectors included email attachments (61%), browser downloads (18%), and other infection methods like removable storage devices (such as USB thumb drives) and file shares (21%).
– Archives were the most common method for delivering malware, accounting for 39%, with ZIP files comprising 26% of this category.

For more updates on cyber threats and security, visit TOI for the latest news across various domains, including city, business, and entertainment news.