Google, Pirates from China and Russia use twins to attack the world, Google says Google

In the world of cyber security, it is well known that US and European companies talked about cyber guilty groups with connections with “foreign” or “oriental” governments. In the Choir from the Choir, the intelligence team against threats Google is now talking about more than 20 malicious groups In this umbrella.

57 Cyber ​​Inadequate Team will be connected or It will be supported by countries such as China, Iran, North Korea and Russia. In addition, the observed groups use twins with Google’s own artificial intelligence to attack.

“Threat agents test Gemini to strengthen their operations, find productivity gains, but yet to develop new resources. Currently, they are mainly using research, code problems and content creation and location, Google says Google Threat Intelligence Group (GTIG) report.

The crime center supported by this type of state has an appropriate name: APT or advanced threat.

In addition to attacks on organizations and crypto portfolios for financial gains, APTs are also known for attacks aiming to damage the infrastructure, to have companies and to steal engineering secrets.

Using artificial intelligence

Google researchers open the report in the following expression:

“In cyber security, AI is ready to transform digital defense by activating defenders and improving our collective security. Mother Language Models (LLMS) opens new possibilities for advocates from complex telemetry analysis to safe coding, discovery of security gaps and simplify operations. However, some of the same AI skills are also available for attackers, which leads to concerns about the possibility of inappropriate use for malicious purposes ”.

Among the main discoveries, GTİG states that APTs use basic measures or specific jailbreak to try to overcome the Security Controls of Gemini.

Nevertheless, cyber criminals are under the discovery of artificial intelligence and especially the Gemini. Idea is to strengthen operations and have productivity gains – but it has not yet happened. So far, AI has been successfully used for research, code problems and solutions for creating/translation.

Surveys include APTS cyber infrastructures, free hosting providers, security deficits, service load development and malicious script techniques and release techniques.

Cyber ​​guilty groups allegedly financed by Iran, the main users of the Gemini, the Russians and the Chinese were left behind.

During the report, Google boasts for protective measures in the artificial intelligence model, because competitors were not exactly more successful for these security measures.

Finally, the company also says that the new identity hunting techniques in Gmail have attempts to abuse Google products due to the development of an infostealer for Google Chrome, and the deviation from Google authentication codes. All the above initiatives would fail.

“It should be noted that North Korean actors use the Gemini to write your presentation letters and probably to write business activities that support the efforts to add the secret workers of North Korea to Western companies.” He said.

“A group supported by North Korea used Gemini to write presentation letters and offers for position explanations, investigated the average salaries for certain jobs, and asked questions about the works in LinkedIn. It is common for anyone who does research and applicants.

Illness

Google explains that cyber criminals offer and sell artificial intelligence tools that are already designed for crime and based on legitimate language models.

This is called “evil IAS” WormGPT, Wolfgpt, Escapegpt, Fraudgpt and Ghostgpt. Capabilities, identity hunting blows, models for corporate attacks, and fake sites design.

In relation to countries interested in APT and artificial intelligence, Google says it would be 20, Iran and China are the main ones.

Thus, GTIG proves that Iran supports about 10 cyber criminals. China, 20 groups. North Korea would have nine and Iran eight. Russia will finance three.

Twins

Jailbreak is something in the report. The term is referred to the attacks that allow the model to be used without any protective precaution. In short, in the case discussed: Break the artificial intelligence to do everything sent.

“Threat actors were copied to the latest instructions (for example, basic instructions to create ransom software or malicious software) and copied and pasted the public demands and added small variations. The twins responded with alternative security answers and refused to follow the instructions of the threat agency. ”

For example, the researchers team explains that a suitable group copied public demands on twins and adds basic instructions to perform coding tasks. These tasks include coding the text from a file, capturing the executable file and writing Python code for service attacks (DDOS) tool. In the first case, Gemini provided the Python code to convert Base64 into Hexadecimal, but the user provided a security response when a follow -up requesting of the same code with a VBScript (script file).

What was investigated

Understanding the research is to understand the other. For this reason, Google threatening intelligence group explained which issues are the most sought -after issues for cyber criminals. To follow:

• Iranian: Research on issues related to experts, international defense organizations, government organizations and Iran-Israeli conflict
• North Korea: Companies in various sectors and geographical regions, US military research and South Korean operations, research on free hosting providers
• Chinese: USA Army, US -based IT Service providers, US Intelligence General Database Access, Target Network Requisitions Research and Survey on Determining Domain Names

To complete the report, Google says that “it reflects AI systems with solid safety measures and strong security guards and we constantly test our models to improve them. Our political guidelines and usage policies give priority to the security and responsible use of Google AI productive vehicles. Google’s policy development process involves determining the tendencies, end -to -end thinking, and reflecting for security. We are constantly improving the guards in our products to provide gradual protections to users around the world ”

Details of the information that arises here can be accompanied by the report Productive AI’s hostility abuse.