5 Ways Cybercriminals Are Using AI in Cybercrime in 2024

Cybercriminals are weaponizing AI for phishing, deep fakes, OTP bypasses, AI-enhanced hacking, and voice spoofing. This article explains how these five methods are transforming cybercrime.

‍

AI has quickly advanced in recent years across various fields. While most AI applications support cybersecurity operations (see top 5 ways AI is automating cybersecurity incident response), there’s also a dark side—cybercriminals are exploiting AI for malicious purposes. They may not be using AI to discover and exploit zero-day vulnerabilities, but they are leveraging it to enhance existing attack vectors and techniques. This article presents evidence—including real screenshots from cybercrime forums—showing how AI is being used in these illegal activities.

‍

5 Ways Cybercriminals Exploit AI in Cybercrime

‍

1. Phishing and Email Attacks

‍

AI has significantly improved email-based attacks. Cybercriminals can now generate emails with perfect grammar and natural language, making them more convincing. 

‍

Additionally, AI enables the creation of hundreds or even thousands of email variants, allowing attackers to conduct mass phishing campaigns more effectively.

‍

‍

A key factor in these advancements is the use of AI-based chatbots like WormGPT and FraudGPT, which are uncensored and often advertised as legitimate large language models (LLMs). However, some of these chatbots are simply jailbroken instances of ChatGPT wrapped in different interfaces.

2. Creation of Deepfakes

Deep fakes are one of the most popular AI-related trends in cybercrime today. AI-generated deep fakes are being used for various malicious purposes, from creating explicit images for blackmail to producing fake videos that bypass security measures at banks and cryptocurrency exchanges.

‍

‍

Discussions on cybercrime forums suggest that this technology will continue to advance, becoming more accessible to a wider range of criminals.

‍

‍

For example, a discussion from June 9th highlights just one of many threads on deep fakes, underscoring the growing interest in this area.

3. One-Time Password (OTP) Bots

The use of OTP bots is on the rise in cybercrime. These bots leverage AI to bypass multi-factor authentication systems by intercepting and using one-time passwords in real-time. Cybercriminals use these bots to gain unauthorized access to accounts.

‍

‍

AI plays a role here by enabling these bots to clone or create realistic voice templates, which are then integrated into the attack process.

4. AI-Enhanced Hacking

Cybercriminals frequently use AI tools, such as ChatGPT and other LLMs, to enhance their hacking activities. While this often involves generating basic malware, AI can also augment various aspects of cyberattacks, providing more efficiency.

‍

‍

The key takeaway is that AI is being used for augmentation rather than creating entirely new types of attacks, though this area is also quickly evolving.

5. AI Voice Spoofing

AI-driven voice cloning technology is increasingly being used in social engineering attacks. Cybercriminals can clone a victim’s voice to conduct convincing phone scams, impersonate trusted individuals, and manipulate victims into giving away sensitive information. This technique is often combined with OTP bots to gain unauthorized access to accounts.

‍

‍

As mentioned in point 3, the ability to spoof and clone realistic voices ties into broader schemes like social engineering and anonymization. Some ransomware groups, for instance, make phone calls to their victims. AI-based voice changers and cloners could be ideal tools for anonymizing these calls.

Get Started With Blink Ops

As we observe big advancements in LLMs and large investments in AI, particularly in cybersecurity, it’s evident that we are only beginning to uncover this technology’s potential.

‍

Blink is an ROI force multiplier for security teams and business leaders who want to quickly and easily secure a wide range of use cases, including SOC and incident response, vulnerability management, cloud security, identity and access management, and governance, risk, and compliance.

‍

With thousands of automations in the Blink library and the ability to customize workflows to fit your specific use case, Blink Ops can significantly improve your security operations. Get started with Blink Ops.

‍