If you thought script kiddies were annoying back in the olden days... Well you ain't seen shit yet, friends.

"But it’s still a bit strange. Why was it not obfuscated? Why did the attacker not remove the comments? Was the encryption also implemented with the help of AI? The answer may lie in the common view of the AI threat – it reduces the barrier of entry for malicious newcomers.

"Usually,” explained Alex Holland, co-lead principal threat researcher with Schlapfer, “when we assess an attack, we examine the skills and resources required. In this case, there are minimal necessary resources. The payload, AsyncRAT, is freely available. HTML smuggling requires no programming expertise. There is no infrastructure, beyond one C&C server to control the infostealer. The malware is basic and not obfuscated. In short, this is a low grade attack.”

https://www.securityweek.com/ai-generated-malware-found-in-the-wild

#information #security #infosec #ai #artificialintelligence #technology