Criminals, good guys and foreign spies: Hackers everywhere are using AI now
The hackers included an attachment containing an artificial intelligence program. If installed, it would automatically search the victims' computers for sensitive files to send back to Moscow.
That campaign, detailed in July in technical reports from the Ukrainian government and several cybersecurity companies, is the first known instance of Russian intelligence being caught building malicious code with large language models (LLMs), the type of AI chatbots that have become ubiquitous in corporate culture.
Those Russian spies are not alone. In recent months, hackers of seemingly every stripe — cybercriminals, spies, researchers and corporate defenders alike — have started including AI tools into their work.
LLMs, like ChatGPT, are still error-prone. But they have become remarkably adept at processing language instructions and at translating plain language into computer code, or identifying and summarizing documents.
The technology has so far not revolutionized hacking by turning complete novices into experts, nor has it allowed would-be cyberterrorists to shut down the electric grid. But it's making skilled hackers better and faster. Cybersecurity firms and researchers are using AI now, too — feeding into an escalating cat-and-mouse game between offensive hackers who find and exploit software flaws and the defenders who try to fix them first.
'It's the beginning of the beginning. Maybe moving towards the middle of the beginning,' said Heather Adkins, Google's vice president of security engineering.
In 2024, Adkins' team started on a project to use Google's LLM, Gemini, to hunt for important software vulnerabilities, or bugs, before criminal hackers could find them. Earlier this month, Adkins announced that her team had so far discovered at least 20 important overlooked bugs in commonly used software and alerted companies so they can fix them. That process is ongoing.
None of the vulnerabilities have been shocking or something only a machine could have discovered, she said. But the process is simply faster with an AI. 'I haven't seen anybody find something novel,' she said. 'It's just kind of doing what we already know how to do. But that will advance.'
Adam Meyers, a senior vice president at the cybersecurity company CrowdStrike, said that not only is his company using AI to help people who think they've been hacked, he sees increasing evidence of its use from the Chinese, Russian, Iranian and criminal hackers that his company tracks.
'The more advanced adversaries are using it to their advantage,' he said. 'We're seeing more and more of it every single day,' he told NBC News.
The shift is only starting to catch up with hype that has permeated the cybersecurity and AI industries for years, especially since ChatGPT was introduced to the public in 2022. Those tools haven't always proved effective, and some cybersecurity researchers have complained about would-be hackers falling for fake vulnerability findings generated with AI.
Scammers and social engineers — the people in hacking operations who pretend to be someone else, or who write convincing phishing emails — have been using LLMs to seem more convincing since at least 2024.
But using AI to directly hack targets is only just starting to actually take off, said Will Pearce, the CEO of DreadNode, one of a handful of new security companies that specialize in hacking using LLMs.
The reason, he said, is simple: The technology has finally started to catch up to expectations.
'The technology and the models are all really good at this point,' he said.
Less than two years ago, automated AI hacking tools would need significant tinkering to do their job properly, but they are now far more adept, Pearce told NBC News.
Another startup built to hack using AI, Xbow, made history in June by becoming the first AI to climb to the top of the HackerOne U.S. leaderboard, a live scoreboard of hackers around the world that since 2016 has kept tabs on the hackers identifying the most important vulnerabilities and giving them bragging rights. Last week, HackerOne added a new category for groups automating AI hacking tools to distinguish them from individual human researchers. Xbow still leads that.
Hackers and cybersecurity professionals have not settled whether AI will ultimately help attackers or defenders more. But at the moment, defense appears to be winning.
Alexei Bulazel, the senior cyber director at the White House National Security Council, said at a panel at the Def Con hacker conference in Las Vegas last week that the trend will hold, at least as long as the U.S. holds most of the world's most advanced tech companies.
'I very strongly believe that AI will be more advantageous for defenders than offense,' Bulazel said.
He noted that hackers finding extremely disruptive flaws in a major U.S. tech company is rare, and that criminals often break into computers by finding small, overlooked flaws in smaller companies that don't have elite cybersecurity teams. AI is particularly helpful in discovering those bugs before criminals do, he said.
'The types of things that AI is better at — identifying vulnerabilities in a low cost, easy way — really democratizes access to vulnerability information,' Bulazel said.
That trend may not hold as the technology evolves, however. One reason is that there is so far no free-to-use automatic hacking tool, or penetration tester, that incorporates AI. Such tools are already widely available online, nominally as programs that test for flaws in practices used by criminal hackers.
If one incorporates an advanced LLM and it becomes freely available, it likely will mean open season on smaller companies' programs, Google's Adkins said.
'I think it's also reasonable to assume that at some point someone will release [such a tool],' she said. 'That's the point at which I think it becomes a little dangerous.'
Meyers, of CrowdStrike, said that the rise of agentic AI — tools that conduct more complex tasks, like both writing and sending emails or executing code that programs — could prove a major cybersecurity risk.
'Agentic AI is really AI that can take action on your behalf, right? That will become the next insider threat, because, as organizations have these agentic AI deployed, they don't have built-in guardrails to stop somebody from abusing it,' he said.
Hashtags
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
Yahoo
2 hours ago
- Yahoo
I Asked ChatGPT How To Get Rich Using Your Phone — Here's What It Said
From Facebook ads to personal finance sites, many places advertise ways to get rich — or at least earn extra cash — from your phone. Some of the suggestions involve playing games like BINGO to win real money or using shopping apps like Honey and Rakuten to earn cash back. The ads look glamorous, showing young and beautiful people in loungewear, relaxing on their sofa and smiling as they check their growing Paypal balance. Turns out, even ChatGPT said these games are 'not a real path to getting rich.' I Asked ChatGPT: Learn More: 'Most of these apps pay pennies per hour of play, often through point systems that translate into gift cards instead of cash,' it said. 'If your goal is to 'get rich off your phone,' these apps won't move the needle.' So what did ChatGPT recommend when I asked, 'How can I get rich off my phone?' The AI platform offered some viable options, but most won't make you rich. The vast majority require a unique skillset or tools beyond just using your phone to earn money. Nevertheless, here are some of the options ChatGPT suggested for building wealth from the comfort of your own phone. Run a Side Hustle or Start a Small Business ChatGPT recommended what countless finance experts online often suggest: start a side hustle. It pointed out that gig apps like DoorDash, Instacart, Rover and TaskRabbit 'won't usually make you rich long-term, but they put cash in your pocket quickly.' Likewise, if you have marketable skills, you can earn money on freelancing platforms like Upwork or Fiverr. 'Once you land clients, you can work entirely from your phone,' ChatGPT said. I'm a Self-Made Millionaire: Expert Take GOBankingRates has previously profiled side gigs that can earn $1,000 per month or more. But, as ChatGPT said, you most likely won't 'get rich' with a typical side hustle. 'It's an easy way to earn extra income to create wiggle room in your budget, but you won't become a high earner doing it,' agreed Melanie Musson, finance expert at She pointed out that, for gigs like DoorDash, Uber or Instacart, you'll also need a vehicle. As far as writing articles, building websites or doing graphic design for income through freelancing platforms? 'You're really going to need a keyboard because working these platforms from your phone isn't ideal,' Musson said. Sell Items Online ChatGPT also recommended selling items on marketplaces like Facebook Marketplace, eBay and Poshmark. It said this endeavor 'can scale into a small business if you keep sourcing inventory.' Expert Take 'Some people who have a good understanding of the market and what sells can earn a decent income doing this,' Musson said. However, Resume Now career expert Keith Munson recently cited 'online reseller' as one of the side gigs that could struggle in a high-tariff economy. 'If your side hustle involves sourcing products from overseas, such as electronics, clothing or beauty items, you may see your margins shrink,' he said in a previous GOBankingRates article. Create Monetized Content for Social Media Have aspirations of becoming an influencer? ChatGPT listed 'creating monetized content' as one of a few 'reliable wealth-building methods' you can do from your phone, noting there is 'potential for passive income once content gains traction.' Expert Take GOBankingRates recently shared statistics on average income for social media influencers from ZipRecruiter. The average salary, in general, for a social media influencer in 2025 is $57,928, but TikTok influencers earn an average of $131,874. There's definitely money to be made, but Musson warned it may not make you rich. 'It's important to remember that content creation is a job,' she said. 'You put in time and effort, and you may be rewarded, but you're not going to make money if you're not actively creating content.' Take a Course Like creating social media content, taking a course is another way to build wealth slowly. The generative AI said, 'High-income skills = higher earning potential.' Suggesting you can 'level up your skills with mobile learning,' ChatGPT said taking a course through Coursera or even learning online through YouTube 'puts you in a position for better freelance, remote or entrepreneurial work.' Expert Take Enhancing your skills, in theory, should increase your earning power. Finance experts from Jaspreet Singh to Warren Buffett have recommended investing in self-education. But choose wisely. 'This strategy can help you earn more money, but not every course will have the desired effect,' Musson said. 'You need to understand what is going to help you and where it will help.' Use Cash-back Apps Like many finance websites, ChatGPT recommended using cash-back or rewards apps to make some easy money quickly. 'Rakuten, Ibotta and Honey give you money back on everyday purchases,' it said. 'If you put those savings into investments instead of spending them, they can grow into real wealth.' Expert Take In this case, Musson agreed. 'It's not going to hurt to use these rewards apps, but you're not going to earn much,' she said. 'At the same time, it's nice to earn money with minimal effort.' Invest Directly from Your Phone ChatGPT pointed out that investing is one of the best ways to build long-term wealth through your phone. 'Apps like Robinhood and Acorns let you start investing with small amounts,' it said. 'Many offer fractional shares, so you don't need thousands to buy into big-name stocks.' Expert Take Most GOBankingRates readers don't need an AI program or even a finance expert to tell them that investing is one of the best ways to build long-term wealth. Still, Jared Hubbard, fintech product manager at Plynk, an investing app, broke it down by the numbers for us. 'If you have $100 invested and it grows by 7% over a year, at the end of the year you have $107–that's a growth of $7. Now, say the next year your $107 grows at the same rate. At the end of the year, you have $114.49 — your investment has grown by even more. This increase may become really powerful over the long term,' he said. 'Of course, 7% growth is a hypothetical example, as every year in the market is different. In some years it's higher, and in other years it's lower.' Bottom Line Using an app on your phone that allows you to invest in fractional shares, and even roll cash-back earnings into investments, makes it easy to put your money to work for you. That's an important element to remember when you're trying to build wealth. 'You can 'get rich' off your phone,' ChatGPT concluded. 'Not by staring at Instagram all day, but by turning it into a tool for investing, earning and learning.' More From GOBankingRates 5 Ways Trump Signing the GENIUS Act Could Impact RetireesHow Far $750K Plus Social Security Goes in Retirement in Every US Region This article originally appeared on I Asked ChatGPT How To Get Rich Using Your Phone — Here's What It Said
Yahoo
2 hours ago
- Yahoo
Reddit (RDDT) Shares Soar 128% Over Last Quarter
Reddit achieved a remarkable turnaround with its share price soaring 128% over the last quarter, buoyed by unexpected positive earnings where sales surged to $499 million, marking a sharp contrast to prior-year losses. This upswing occurred during a period of broader market gains—the market was up 17% year-over-year—with Reddit also having been added to multiple indices, potentially enhancing its market visibility. Despite facing a class action lawsuit over alleged misleading statements on Google's AI impacts, the company maintained robust earnings guidance, suggesting potential resilience amidst market volatility. Buy, Hold or Sell Reddit? View our complete analysis and fair value estimate and you decide. We've found 19 US stocks that are forecast to pay a dividend yield of over 6% next year. See the full list for free. The recent news about Reddit's impressive quarterly share price increase of 128% is a significant factor in their broader narrative of international expansion and user-generated content. This price rise suggests strong investor confidence, despite ongoing legal challenges. Over the past year, Reddit's total return was very large at 348.83%, showcasing a robust performance compared to the US Interactive Media and Services industry's 34.5% return over the same period. This indicates Reddit's outperformance relative to both its industry and the broader market, which returned 17% in the last year. This context underscores Reddit's potential to remain competitive and capture further market share through increasing engagement and ad revenue growth. Looking at revenue and earnings forecasts, Reddit's latest earnings surge to US$499 million suggests potential upward revisions in analyst forecasts could materialize if the company continues to leverage its global user base. However, moderation risks and digital ad dependency may remain pressures on sustained growth. With Reddit's current share price at US$246.50, the analyst consensus price target is US$195.96, reflecting a 20.5% expected decline, indicating potential volatility and market skepticism regarding future valuation at the present PE ratio. Nonetheless, Reddit's profitability and revenue trajectory provide foundational support for evaluating long-term growth considerations. Take a closer look at Reddit's potential here in our financial health report. This article by Simply Wall St is general in nature. We provide commentary based on historical data and analyst forecasts only using an unbiased methodology and our articles are not intended to be financial advice. It does not constitute a recommendation to buy or sell any stock, and does not take account of your objectives, or your financial situation. We aim to bring you long-term focused analysis driven by fundamental data. Note that our analysis may not factor in the latest price-sensitive company announcements or qualitative material. Simply Wall St has no position in any stocks mentioned. Companies discussed in this article include RDDT. This article was originally published by Simply Wall St. Have feedback on this article? Concerned about the content? with us directly. Alternatively, email editorial-team@ Error in retrieving data Sign in to access your portfolio Error in retrieving data Error in retrieving data Error in retrieving data Error in retrieving data
Yahoo
3 hours ago
- Yahoo
Is Perplexity's $34.5bn bid for Google Chrome strictly a power move?
Artificial intelligence start-up Perplexity AI has made an unsolicited $34.5bn (£25.4bn) all-cash offer for Google's Chrome browser, in a move that some analysts say is as much about signalling intent as it is about striking a deal. The San Francisco-based company revealed the bid on Tuesday, reported Reuters, claiming it had secured backing from several large venture capital funds to finance the offer in full, although it did not name them. Chrome, launched in 2008, is used by more than three billion people worldwide and remains a cornerstone of Google's control over online search. The timing is notable, with Perplexity's approach coming our just weeks before US District Judge Amit Mehta is expected to outline remedies in a major antitrust case the Department of Justice (DOJ) won against Google last year. The DOJ has proposed that Chrome be divested to restore competition, though Google has vowed to appeal, describing the remedies as 'extraordinary' and 'overboard'. Strategic positioning in the AI search race Perplexity, valued at $18bn in its latest funding round, is one of a wave of AI-powered search challengers seeking to disrupt the traditional search market. Founded in 2022, the firm's search engine provides AI-generated direct answers alongside links to source material, and in July it launched Comet, its own browser built on the same open-source platform as Chrome. In its bid, Perplexity pledged to keep the open source platform, Chronium, invest $3bn in Chrome over two years, retain most of the browsers' staff and, notably, keep Google as the default search engine. Ben Barringer, global tech analyst at Quilter Cheviot, said the offer 'is as much about making a statement as it is about securing a deal', noting the $34.5bn price tag 'is widely seen as undervaluing Chrome' and could be the start of a broader price discovery process. The move also highlights the growing strategic value of browsers in the AI era. 'Whoever owns the gateway to the web holds influence over how information is accessed, prioritised, and trusted', said Alon Yamin, co-founder and chief executive of Copyleaks. Whether the bid is a realistic attempt or a calculated show of strength, analysts expect any forced Chrome sale to attract multiple suitors like OpenAI and Yahoo, if regulators push ahead. But Google is likely to fight any divestment through a lengthy appeals process, potentially delaying such a decision for years.
