Deepfakes and malware: AI menu grows longer for threat actors, causing headaches for defenders
Artificial intelligence is being used by malicious actors to create deepfakes and malware, causing headaches for defenders. The use of AI voice changer software and deepfake video tools is becoming a significant problem, with attackers using them to impersonate trusted humans and target credential resets.
Malicious actors are using AI to create deepfakes and malware. AI voice changer software is freely available and can impersonate trusted humans. This is being used in voice phishing scams, where attackers impersonate trusted humans to gain access to sensitive information. The use of AI has fueled a rise in fraudulent voice and face tools. Credential resets are a prime target, with attackers using social engineering attacks to persuade service desk engineers to reset authentication factors. A significant hack occurred in 2023 when MGM Resorts Inc. and Caesars Entertainment Inc. were hit with a ransomware attack. The exploit targeted a third-party IT vendor through a social engineering attack. To combat this, organizations can implement control techniques such as requiring a signoff from two help desk employees for credential resets and doing video conference calls with the requester. The growing arsenal of AI deepfake tools extends to video, with a wave of 'digital arrest' scams sweeping India. Malicious actors use spoofed phone numbers to serve phony warrants through WhatsApp video channels.
This content was automatically generated and/or translated by AI. It may contain inaccuracies. Please refer to the original sources for verification.