Russian Hacker Exploits Google AI to Launch Cyberattacks on Dental Clinic Network
Security researchers from Trend Micro recently uncovered a concerning case where a Russian hacker, known as "bandcampro," manipulated Google's AI tool, Gemini, to conduct an active cyberattack. Using the command-line interface of Gemini, which is designed for developers, the hacker controlled a botnet of eight devices belonging to a dental clinic to access their database.
To bypass the AI's security measures, the hacker falsely claimed to be an authorized penetration tester performing a legitimate security audit. Trusting this claim, the AI cooperated extensively, completing complex tasks such as transferring the attack infrastructure to a new server within six minutes. The hacker provided detailed instructions, which the AI processed to generate server code, activate the system, troubleshoot network issues, and create malicious code packages.
Although the AI refused at least one command, it mostly acted as an efficient personal assistant for the attacker. Beyond complex operations, the hacker also used Gemini for simpler but risky tasks like guessing passwords and generating password variations to breach WordPress sites. This AI-assisted approach significantly reduces the time needed for attacks and enables less skilled hackers to execute sophisticated and rapid cyber intrusions against businesses and individuals.
This incident highlights a troubling new reality where cybercriminals no longer need to write complicated code themselves but can rely on AI tools to perform malicious activities, raising serious concerns about the security of AI systems and their potential misuse in cybercrime.