Posts

Showing posts with the label GTIG

Threat Actors Exploit Google’s Gemini to Accelerate Cyberattacks

Google Threat Intelligence Group (GTIG)  recently reported that cybercriminals—in particular, state-sponsored threat actors from North Korea, Iran, China, and Russia—are misusing Gemini, Google’s large language model (LLM), to support all stages of their attack lifecycle. Specifically, GTIG observed threat actors using Gemini to code and script tasks, accelerate reconnaissance, research publicly known vulnerabilities, and enable malware development and post-compromise activity. Examples of State-Sponsored Threat Actor’s Use of Gemini GTIG documented several examples of state-backed actors integrating Gemini into their operations, including: North Korea:  GTIG observed the North Korean government-backed group  UNC2970  use Gemini to synthesize open-source intelligence (OSINT ) and profile high-value targets to support campaign planning and reconnaissance. Iran:  The Iranian sponsored actor  APT42  used generative AI models, including Gemini, to search f...