In practice, these threat actors are leveraging Gemini for a variety of tasks: from assisting in the development of tools and scripts to researching publicly disclosed vulnerabilities, translating technical content, and identifying methods to evade detection or escalate privileges in compromised networks. For instance, Iranian groups are using Gemini extensively for intelligence gathering on defense organizations, while Chinese actors focus on reconnaissance against U.S. military and government targets and even exploring techniques for lateral movement in networks. North Korean and Russian APTs are also experimenting with the tool, albeit to a lesser extent, to support their cyber operations through activities like malware development and payload crafting.
Google noted that some threat actors attempted to bypass Gemini’s built-in security measures through public jailbreaks or prompt rephrasing, though these attempts were reportedly unsuccessful. This report, alongside similar disclosures from OpenAI regarding ChatGPT, underscores the broad and growing misuse of generative AI tools by cybercriminals at various levels. As the AI landscape evolves, the potential for AI-powered tools to accelerate cyberattacks and shorten preparation times remains a significant concern for security professionals worldwide.
Source: Bleeping Computer
The European Cyber Intelligence Foundation is a nonprofit think tank specializing in intelligence and cybersecurity, offering consultancy services to government entities. To mitigate potential threats, it is important to implement additional cybersecurity measures with the help of a trusted partner like INFRA www.infrascan.net, or you can try yourself using check.website.