{"id":194481,"date":"2025-09-02T15:53:09","date_gmt":"2025-09-02T15:53:09","guid":{"rendered":"https:\/\/www.europesays.com\/us\/194481\/"},"modified":"2025-09-02T15:53:09","modified_gmt":"2025-09-02T15:53:09","slug":"when-ai-becomes-a-cybercriminals-best-friend","status":"publish","type":"post","link":"https:\/\/www.europesays.com\/us\/194481\/","title":{"rendered":"When AI Becomes A Cybercriminal\u2019s Best Friend"},"content":{"rendered":"

The Wiretap is your weekly digest of cybersecurity, internet privacy and surveillance news. To get it in your inbox, subscribe here<\/a>.<\/p>\n

Last week, AI giant Anthropic<\/strong> said<\/a> it had uncovered three particularly alarming uses of its Claude tool<\/strong>: a large-scale extortion operation, a fraudulent employment scheme from North Korea and AI-generated ransomware.<\/p>\n

Its assessment was stark: \u201cAgentic AI has been weaponized<\/strong>. AI models are now being used to perform sophisticated cyberattacks, not just advise on how to carry them out.\u201d<\/p>\n

Cybersecurity experts have long feared AI agents would drastically increase the scale of digital crime. It\u2019s now being borne out in reality.<\/p>\n

In an \u201cunprecedented\u201d extortion case, Anthropic said the hacker used Claude Code to automate reconnaissance on 17 different organizations by gathering employees\u2019 usernames and passwords to find a way onto target networks. Claude did plenty of malicious work on its own: it decided what data to steal and how much ransom to demand to make based on victims\u2019 financial information. It even came up with the language used to threaten to release the pilfered data if the company didn\u2019t pay up.<\/p>\n

Anthropic also found that North Koreans had used Claude to create convincing fake people who could pass coding tests in job interviews at major American technology companies. Once they secured jobs, Claude would then carry out technical tasks.<\/p>\n

Finally, the company also learned its AI was used by someone with minimal technical skills to code up ransomware packages, which were then sold online to other cybercriminals for up to $1,200.<\/p>\n

Benevolent hackers have caught onto AI\u2019s power too. Various offensive and defensive-focused companies are looking to AI agents to find ways into company networks on behalf of defense and intelligence agencies to gather data on foreign governments, or to help their customers\u2019 IT teams figure out where their weaknesses lie.<\/p>\n

One of the more prominent companies in this new era of AI-powered hacks is XBOW, whose AI tries to find vulnerabilities in commonly-used software. Its software rose to the top of HackerOne\u2019s leaderboard for identifying such bugs earlier this year. In August, it said<\/a> OpenAI\u2019s GPT-5 model, when integrated into XBOW\u2019s agent, led to a \u201csignificant leap in performance\u201d and helped find \u201cvastly more exploits.\u201d If XBOW and competitors can get such powerful tools into the hands of defenders before criminals, it may help prevent new, AI-powered attacks from happening.<\/p>\n

With both cyber defenders and criminals making use of these new AI tools, it\u2019s clear we\u2019ve entered a new cybersecurity arms race pitting AI vs. AI. Only time will tell which side will emerge victorious.<\/p>\n

Got a tip on surveillance or cybercrime? Get me on Signal<\/strong> at +1 929-512-7964<\/a>.<\/p>\n

THE BIG STORY:
\nChinese Hackers May Have Stolen Data On \u2018Nearly Every American\u2019<\/p>\n

A hacking group known as Salt Typhoon<\/strong>, believed to be sponsored by the Chinese government, has hacked into as many as 200 American organizations<\/strong>, including major telecoms companies like AT&T and Verizon, according to the FBI.<\/p>\n

Last week, intelligence agencies from the western world identified three organizations that allegedly assisted in the attacks: Sichuan Juxinhe Network Technology, Beijing Huanyu Tianqiong Information Technology and Sichuan Zhixin Ruijie Network Technology.<\/p>\n

\u201cWe are deeply concerned by the irresponsible behaviour of the named commercial entities based in China that has enabled an unrestrained campaign of malicious cyber activities on a global scale,\u201d said<\/a> Dr Richard Horne, chief executive of the U.K.\u2019s National Cyber Security Centre, a branch of the GCHQ signals intelligence agency.<\/p>\n

Stories You Have To Read Today<\/p>\n

WhatsApp users have been encouraged to update the messaging app after a warning that a vulnerability<\/a> \u201cmay have been exploited in a sophisticated attack against specific targeted users<\/strong>.\u201d It specifically targeted users of the iOS and Mac versions of the app, and experts have suggested the attacks could\u2019ve been launched by a spyware vendor.<\/p>\n

One such surveillance company, Paragon Solutions<\/strong>, just had its $2 million contract with Immigration Customs Enforcement reactivated<\/strong>, according to independent reporter Jack Poulson<\/a>. ICE had been ordered to put the work with Paragon on hold after the Biden administration sought to explore whether it\u2019d breached rules on acquiring spyware.<\/p>\n

Winner of the Week<\/p>\n

Cloudflare<\/strong> claims to have stopped<\/a> a record distributed denial of service attack<\/strong> in recent weeks. It measured in at 11.5 terabits per second (Tbps), beating the previous record<\/a> of 7.3 Tbps.<\/p>\n

Loser of the Week<\/p>\n

Cybersecurity giant Palo Alto Networks has suffered a data breach<\/strong>. It was one of hundreds of victims whose Salesforce information has been taken thanks to another hack at sales automation platform Salesloft. That breach allowed hackers to steal authentication tokens for a Drift chat agent that was integrated with Salesforce, allowing access to many customers\u2019 data, Bleeping Computer reports<\/a>.<\/p>\n

More On Forbes<\/strong>ForbesHow An AI Notetaker Became One Of The Few Profitable AI StartupsBy Iain Martin<\/a>ForbesThis Startup Is Racing To Be The First To Mine Helium On The MoonBy Jeremy Bogaisky<\/a>ForbesChicago\u2019s Hot Dog King Dick Portillo On Selling Out And Moving OnBy Giacomo Tognini<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"The Wiretap is your weekly digest of cybersecurity, internet privacy and surveillance news. To get it in your…\n","protected":false},"author":3,"featured_media":194482,"comment_status":"","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[21],"tags":[691,24142,738,74,12993,13337,59543,409,108412,108411,158,67,132,68,108413],"class_list":{"0":"post-194481","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-artificial-intelligence","8":"tag-ai","9":"tag-anthropic","10":"tag-artificial-intelligence","11":"tag-china","12":"tag-cloudflare","13":"tag-cybercrime","14":"tag-hackers","15":"tag-immigration","16":"tag-paragon","17":"tag-salt-typhoon","18":"tag-technology","19":"tag-united-states","20":"tag-unitedstates","21":"tag-us","22":"tag-xbow"},"share_on_mastodon":{"url":"https:\/\/pubeurope.com\/@us\/115135512971015679","error":""},"_links":{"self":[{"href":"https:\/\/www.europesays.com\/us\/wp-json\/wp\/v2\/posts\/194481","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.europesays.com\/us\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.europesays.com\/us\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.europesays.com\/us\/wp-json\/wp\/v2\/users\/3"}],"replies":[{"embeddable":true,"href":"https:\/\/www.europesays.com\/us\/wp-json\/wp\/v2\/comments?post=194481"}],"version-history":[{"count":0,"href":"https:\/\/www.europesays.com\/us\/wp-json\/wp\/v2\/posts\/194481\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.europesays.com\/us\/wp-json\/wp\/v2\/media\/194482"}],"wp:attachment":[{"href":"https:\/\/www.europesays.com\/us\/wp-json\/wp\/v2\/media?parent=194481"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.europesays.com\/us\/wp-json\/wp\/v2\/categories?post=194481"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.europesays.com\/us\/wp-json\/wp\/v2\/tags?post=194481"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}