close
close

Association-anemone

Bite-sized brilliance in every update

Cyber ​​attack warning as hackers use AI and Gmail in new campaign
asane

Cyber ​​attack warning as hackers use AI and Gmail in new campaign

Hackers using AI almost compromised a Gmail user’s account, as we recounted in a recent report that went viral. Now, both Gmail and AI are back in the spotlight together, but as part of a large-scale hacking campaign targeting both consumers and businesses with a financially motivated payload. Here’s everything you need to know about the CopyRh(ight)adamantys cyber attack.

ForbesFBI Warns Gmail and Outlook Users of $100 Government Emergency Data Email Hack

CopyRh(ight)adamantys: Cyber ​​attack with global reach targeting victims with AI-generated messaging via dedicated Gmail accounts

Unlike the AI ​​generated deepfake cyber attack that is so close compromised a Gmail account user by impersonating Google supportthe newly discovered CopyRh(ight)adamantys campaign is both more sophisticated and much simpler.

Let’s deal with this overly complicated name first: this cyber attack, described as a large-scale phishing campaign by Check Point Software researchersuses a newly discovered variant of the Rhadamanthys malware to steal information. The attack also uses a false premise that the victim is responsible for copyright infringement. The combination of these two things gives us that awful, pun-laden label, CopyRh(ight)adamantys.

The Check Point team has tracked several threat actors using Rhadamanthys info-stealing malwareincluding an Iranian group operating in Israel called Void Manticore and Handala, a related hacktivist group. Now, researchers have identified a new large-scale phishing operation targeting both individuals and organizations. Rather than a political or nation-state agenda, Check Point’s analysis suggests that the motivation is purely financial and carried out by a criminal cybercrime operative.

ForbesRansomware gang demands payment of $125,000 in French bread and crypto

Gmail and AI at the center of the new cyber attack

The Check Point report reveals that the cyber attackers in question are using dedicated Gmail accounts created solely to distribute emails impersonating legitimate organizations to claim copyright infringement on social media accounts, primarily Facebook. “Using spoofed Gmail accounts that send emails from these well-known companies,” Check Point said, “email addresses and language are customized for each target to inform the victim of their alleged writing violation.” It should come as no surprise that AI capabilities were exploited as part of this new cyber attack campaign. However, according to researchers, these capabilities are limited to older OCR models that use AI automation “to create personalized emails and multiple Gmail accounts per target.”

Sergey Shykevich, threat intelligence group manager at Check Point Software, said the discovery of the CopyRh(ight)adamantys cyberattack campaign not only reveals the evolving sophistication of cyberthreats, but also “highlights how cybercriminals are using artificial intelligence to of marketing and use automation. to increase their reach and operational scale. For security leaders.” As such, Shykevich concluded, “it’s a wake-up call to prioritize automation and artificial intelligence in defense strategies to counter these financially motivated, global-scale phishing campaigns.”

ForbesGmail 2FA Cyber ​​Attacks — Open another account before it’s too late

We have reached out to Google for a statement regarding the use of Gmail in the CopyRh(ight)adamantys cyber attack campaign.