What if… AI became your worst enemy - S01E02?
Introduction: When Prometheus Arms His Enemies
Artificial intelligence was supposed to protect us. ChatGPT was meant to democratize knowledge, machine learning algorithms were to strengthen our cybersecurity, and automation was to free us from repetitive tasks. But like Prometheus who stole fire from the gods, we have given cybercriminals a weapon of unprecedented power.
In 2024, reality already surpasses fiction: +1265% of AI-powered phishing emails, undetectable deepfakes used to manipulate elections, self-learning ransomware that adapts in real-time to defenses… Welcome to the era where artificial intelligence not only augments us but also enhances our worst enemies.
For CIOs, CISOs, and cybersecurity professionals, the question is no longer whether AI will be used against us, but how to survive this offensive revolution that transforms every script kiddie into a sophisticated cybercriminal.
Chapter 1: The Arsenal of Malicious AI - Portrait of a Criminal Revolution
1.1 The New Lords of the Dark Web
FraudGPT: The Evil ChatGPT
Discovered in July 2023 by Netenrich, FraudGPT represents the logical evolution of repurposed generative AI. Sold on Telegram and underground forums, this tool offers:
- Generation of undetectable malware: Polymorphic code that mutates with each infection
- Automated creation of phishing pages: Perfect replicas of legitimate sites
- Writing of contextualized fraudulent emails: Customized according to targeted victims
- Automated exploitation scripts: For zero-day vulnerabilities
Criminal Pricing:
- Monthly subscription: 200 USD
- Annual subscription: 1700 USD
- Over 3000 active users recorded
WormGPT: Automated Social Engineering
Based on EleutherAI’s GPT-J, WormGPT specializes in BEC (Business Email Compromise) attacks:
- Behavioral analysis: Mimics the writing style of executives
- Automatic contextualization: Uses OSINT to personalize attacks
- Generation of emergency scenarios: Creates credible pretexts for scams
Measured Impact:
- +300% success rate on traditional BEC attacks
- Preparation time reduced by 90% (10 minutes vs 2 hours)
- Detection rate by anti-spam filters: <15%
🔍 Real Case: The Zelensky Deepfake Attack (2022)
- Context: Compromised Ukrainian TV channel
- Technique: Video deepfake of the president calling for surrender
- Impact: Massive dissemination before detection
- Detection: Forensic video analysis revealing AI artifacts
- Lesson: Need for real-time authenticity verification systems
1.2 The Expanded Criminal Ecosystem
The “Dark AI” Family:
🕷️ Black Market for AI - Marcus’s Tools
💀 FraudGPT - $200/month (Malware + Phishing)
Technological Base: Modified GPT-3.5 without safeguards
Marcus’s Specialties:
- Generation of polymorphic malware
- Hyper-personalized phishing emails
- Attack scripts in 12 languages
Usage Example: “Create malware that steals Slack tokens and spreads via DMs”
🐛 WormGPT - $60-500/month (BEC + Social Engineering)
Technological Base: Unrestricted GPT-J
Marcus’s Weapons:
- Ultra-realistic BEC (Business Email Compromise)
- Psychologically adapted social engineering
- Identity theft of executives
Performance: +340% open rate vs traditional emails
🌐 DarkBERT - $150/month (Dark web analysis)
Technological Base: BERT fine-tuned on criminal forums
Espionage Capabilities:
- Automated analysis of hacker forums
- Monitoring of 0-day vulnerabilities
- Real-time black market pricing
Usage at FINTECH-CORP: Marcus monitors mentions of the company
🎭 DarkBARD - $100/month (OSINT reconnaissance)
Technological Base: Repurposed and extended Bard
Total Reconnaissance:
- Complete mapping of employees
- Social media analysis for social engineering
- Identification of entry points
Efficiency: 12 hours to map a complete organization
☠️ PoisonGPT - $300/month (Backdoor injection)
Technological Base: Corrupted GPT-4 with backdoors
The Most Dangerous:
- Injection of malicious code into legitimate code
- Undetectable backdoors in applications
- Corruption of internal AI models
Impact at FINTECH: Infected code in production for 3 months
Black Market Statistics:
- +200,000 stolen AI API credentials in circulation
- 500+ Telegram groups dedicated to malicious AI tools
- 400% growth in sales of criminal AI tools between 2023-2024
Chapter 2: Anatomy of AI Attacks - Techniques and Infection Vectors
2.1 AI-Powered Phishing: The Art of Perfect Deception
Traditional Method vs AI:
[BEFORE - Manual Phishing]
1. Target selection (1h)
2. Manual OSINT research (4h)
3. Writing personalized email (2h)
4. Creating phishing page (3h)
5. Testing and deployment (1h)
Total: 11 hours / 1 victim
[NOW - AI Phishing]
1. Input target into FraudGPT (2min)
2. Automatic profile generation (3min)
3. Contextual email generated (1min)
4. Cloned phishing page (2min)
5. Automated deployment (2min)
Total: 10 minutes / 100 victimsTypical Attack Script - Automated AI Phishing:
# Educational example - DO NOT USE FOR MALICIOUS PURPOSES
import openai
import requests
from bs4 import BeautifulSoup
import smtplib
class AIPhishingCampaign:
def __init__(self, api_key):
self.client = openai.Client(api_key=api_key)
def osint_gathering(self, target_email):
"""Automated collection of information about the target"""
domain = target_email.split('@')[1]
# Analysis of the company's website
try:
response = requests.get(f"https://{domain}")
soup = BeautifulSoup(response.text, 'html.parser')
company_info = {
'name': soup.find('title').text,
'keywords': [tag.get('content') for tag in soup.find_all('meta', {'name': 'keywords'})],
'description': soup.find('meta', {'name': 'description'}).get('content') if soup.find('meta', {'name': 'description'}) else ""
}
except:
company_info = {'name': domain, 'keywords': [], 'description': ''}
return company_info
def generate_phishing_email(self, target_info):
"""Generation of contextual phishing email"""
prompt = f"""
Create a professional phishing email targeting {target_info['name']}.
Company context: {target_info['description']}
Style: Urgent but credible
Pretext: Mandatory security update
Avoid keywords detected by anti-spam filters
"""
response = self.client.completions.create(
model="gpt-3.5-turbo-instruct",
prompt=prompt,
max_tokens=300
)
return response.choices[0].text.strip()AI Indicators of Compromise:
- Emails with perfect syntax but unusual context
- Personalized messages based on recent public information
- Unusual linguistic variation in a series of emails
- Perfect timing with current events
2.2 Self-Evolving Malware: When Code Learns to Survive
Architecture of AI Malware:
# Conceptual example of self-adaptive malware
class SelfLearningMalware:
def __init__(self):
self.behavior_patterns = {}
self.evasion_techniques = []
self.success_rate = 0.0
def analyze_environment(self):
"""Analysis of the target environment"""
detections = self.scan_security_tools()
network_topology = self.map_network()
user_patterns = self.profile_user_behavior()
return {
'av_products': detections,
'network': network_topology,
'users': user_patterns
}
def adapt_payload(self, environment):
"""Adapting the payload according to the environment"""
if 'Windows Defender' in environment['av_products']:
self.apply_technique('process_hollowing')
if 'EDR' in environment['av_products']:
self.apply_technique('living_off_land')
# Reinforcement learning
if self.success_rate < 0.7:
self.mutate_code()
self.update_behavior_patterns()
def propagate_intelligently(self):
"""AI-guided propagation"""
high_value_targets = self.identify_critical_systems()
optimal_path = self.calculate_stealth_path()
for target in high_value_targets:
success = self.attempt_infection(target, optimal_path)
self.learn_from_attempt(success)
Observed AI Evasion Techniques:
- Behavioral Morphism: Changes strategy according to detected defenses
- Adaptive Timing: Waits for moments of low surveillance
- Legitimate Mimicry: Imitates normal system processes
- Load Distribution: Spreads malicious activity over time
2.3 Automated Reconnaissance: OSINT in the Age of AI
Automated OSINT Attack Pipeline:
# Example of automated reconnaissance workflow
#!/bin/bash
TARGET_DOMAIN="example.com"
AI_API_KEY="your_api_key"
# Phase 1: Automated collection
echo "=== Phase 1: Automated OSINT Collection ==="
# Subdomains
subfinder -d $TARGET_DOMAIN | tee subdomains.txt
amass enum -d $TARGET_DOMAIN | tee -a subdomains.txt
# Emails and people
theHarvester -d $TARGET_DOMAIN -l 100 -b all | tee contacts.txt
# Technologies used
whatweb $TARGET_DOMAIN | tee technologies.txt
# Social networks
python3 social_analyzer.py --username $TARGET_DOMAIN --websites "all"
# Phase 2: AI analysis of collected data
echo "=== Phase 2: AI-Powered Analysis ==="
python3 << EOF
import openai
import json
# Intelligent analysis of collected OSINT data
def analyze_osint_data():
with open('contacts.txt', 'r') as f:
contacts = f.read()
with open('technologies.txt', 'r') as f:
tech_stack = f.read()
# Prompt for strategic analysis
analysis_prompt = f"""
Analyze this OSINT data and identify:
1. Potential vulnerabilities
2. Priority attack vectors
3. Key personas to target
4. Optimal attack surface
Contacts: {contacts}
Technologies: {tech_stack}
"""
client = openai.Client(api_key="$AI_API_KEY")
response = client.completions.create(
model="gpt-4",
prompt=analysis_prompt,
max_tokens=500
)
return response.choices[0].text
attack_plan = analyze_osint_data()
print("ATTACK VECTOR ANALYSIS:")
print(attack_plan)
EOF🔍 Real Case: Exotic Lily Attack via OSINT-AI (2024)
- Context: APT group using AI to personalize spear-phishing attacks
- Method: Automated analysis of social networks and corporate sites
- Technique: Creation of fake legitimate companies via generative AI
- Impact: 100+ organizations compromised, success rate 85%
- Detection: Patterns of automated creation detected by behavioral analysis
- Lesson: Need for monitoring public mentions and digital hygiene
Chapter 3: Deepfakes and Cognitive Manipulation: The Information War
3.1 Weaponized Deepfakes: When Seeing is No Longer Believing
Case Study: Electoral Manipulation in Slovakia (2023)
Two days before the Slovak parliamentary elections, a strikingly high-quality deepfake audio surfaces. It apparently features liberal candidate Michal Šimečka discussing vote buying and electoral manipulation with a journalist.
Technical Analysis of the Attack:
# Workflow for creating a deepfake audio
class AudioDeepfakeGenerator:
def __init__(self):
self.voice_model = None
self.content_generator = None
def train_voice_model(self, target_audio_samples):
"""Training on 5-10 minutes of target audio"""
# Extracting vocal characteristics
voice_features = self.extract_vocal_characteristics(target_audio_samples)
# Training the voice synthesis model
self.voice_model = self.train_synthesis_model(voice_features)
return self.voice_model
def generate_malicious_content(self, scandal_context):
"""Generating compromising content"""
prompt = f"""
Generate a credible audio dialogue between a politician and a journalist
Context: {scandal_context}
Style: Private, informal conversation
Content: Compromising but plausible revelations
Duration: 2-3 minutes maximum
"""
dialogue = self.ai_content_generator.generate(prompt)
return dialogue
def synthesize_fake_audio(self, dialogue_text):
"""Final audio synthesis"""
fake_audio = self.voice_model.synthesize(
text=dialogue_text,
emotion="confident",
background_noise="office_environment"
)
return fake_audioMeasured Impact:
- 2.3 million views in 48 hours
- Dissemination across 15+ platforms simultaneously
- Measurable influence on 12% of voting intentions
- Post-electoral detection through forensic analysis
3.2 AI-Assisted Cognitive Manipulation
Automated Persuasion Techniques:
- Emotional Micro-targeting: Adapting the message according to psychological profile
- Artificial Social Validation: Creating credible fake testimonials
- Adaptive Argumentation: Modifying arguments based on reactions
- Psychological Timing: Sending at moments of maximum vulnerability
# Example of cognitive manipulation analysis
class CognitiveManipulationDetector:
def analyze_content(self, message):
"""Detection of AI manipulation patterns"""
indicators = {
'emotional_triggers': self.detect_emotional_manipulation(message),
'logical_fallacies': self.identify_fallacies(message),
'social_proof': self.check_fake_testimonials(message),
'urgency_patterns': self.analyze_urgency_cues(message),
'ai_generation_markers': self.detect_ai_signatures(message)
}
manipulation_score = self.calculate_risk_score(indicators)
return manipulation_score
def detect_ai_signatures(self, text):
"""Detection of AI generation markers"""
ai_markers = [
'perfect_grammar_unusual_context',
'repetitive_sentence_structures',
'generic_but_specific_examples',
'emotional_escalation_patterns',
'statistical_precision_without_sources'
]
detected_markers = []
for marker in ai_markers:
if self.check_marker(text, marker):
detected_markers.append(marker)
return detected_markersChapter 4: Adaptive Defenses: How to Survive Hostile AI
4.1 Detection and Mitigation of AI Attacks
Anti-AI Defense Architecture:
# Anti-AI security stack
defense_layers:
email_security:
- ai_content_detection: "Detection of AI-generated emails"
- behavioral_analysis: "Analysis of automated sending patterns"
- deepfake_detection: "Scan of multimedia attachments"
network_security:
- traffic_analysis: "Detection of automated reconnaissance"
- behavioral_clustering: "Identification of advanced bots"
- ai_anomaly_detection: "Detection of non-human activities"
endpoint_protection:
- dynamic_analysis: "Sandbox with adaptive malware detection"
- behavioral_monitoring: "Monitoring of self-modifying processes"
- ai_signature_detection: "Recognition of malicious AI patterns"
user_protection:
- deepfake_alerts: "Verification of multimedia authenticity"
- social_engineering_detection: "Analysis of cognitive manipulation"
- ai_literacy_training: "Training on detection of AI content"4.2 Recommended Defense Tools
🛠️ Anti-AI Defensive Arsenal
| Category | Tool | Capability | Cost | Effectiveness |
|---|---|---|---|---|
| Email Security | Microsoft Defender ATP | AI phishing detection | $$$ | 85% |
| Deepfake Detection | Sensity Platform | Forensic media analysis | $$$$ | 92% |
| Behavioral Analysis | Darktrace DETECT | Behavioral AI | $$$$$ | 88% |
| Content Analysis | GPTZero Enterprise | AI content detection | $$ | 78% |
| Network Security | CrowdStrike Falcon | ML endpoint protection | $$$$ | 90% |
| User Training | KnowBe4 AI Security | AI attack simulation | $$$ | 75% |
4.3 AI Incident Response Playbook
Phase 1: AI Incident Detection
#!/bin/bash
# AI incident investigation script
echo "=== AI INCIDENT RESPONSE PLAYBOOK ==="
# 1. Collecting artifacts
collect_ai_artifacts() {
echo "[1] Collecting AI attack artifacts..."
# Suspect emails
grep -r "ChatGPT\|GPT\|artificial intelligence" /var/log/mail.log
# Recently generated files with AI patterns
find /tmp -name "*.py" -newer /tmp/incident_start -exec grep -l "openai\|anthropic\|ai\|gpt" {} \;
# Suspicious network connections to AI APIs
netstat -an | grep -E "(openai\.com|anthropic\.com|huggingface\.co)"
# Processes using ML models
ps aux | grep -E "(python.*model|torch|tensorflow|transformers)"
}
# 2. Behavioral analysis
analyze_ai_behavior() {
echo "[2] Analyzing AI-driven behavior..."
# Patterns of automated requests
awk '{print $1}' /var/log/apache2/access.log | sort | uniq -c | sort -rn | head -20
# Detection of scripted activity
grep -E "User-Agent.*bot|python|curl" /var/log/apache2/access.log
# Temporal analysis of requests (non-human patterns)
cat /var/log/apache2/access.log | awk '{print $4}' | cut -d: -f2-4 | sort | uniq -c
}
# 3. Content integrity verification
verify_content_integrity() {
echo "[3] Verifying content integrity..."
# Searching for deepfakes in recent uploads
find /var/uploads -type f \( -name "*.mp4" -o -name "*.wav" -o -name "*.jpg" \) -newer /tmp/incident_start
# Analyzing emails for AI-generated content
python3 detect_ai_content.py /var/spool/mail/suspicious/
# Verification of modified documents
find /documents -type f -name "*.docx" -o -name "*.pdf" -newer /tmp/incident_start
}
# Executing the playbook
collect_ai_artifacts
analyze_ai_behavior
verify_content_integrity4.4 Anti-AI Training and Awareness
“AI Threat Awareness” Training Program:
Module 1: Recognizing AI Attacks
- Identification of emails generated by ChatGPT/FraudGPT
- Detection of audio/video deepfakes
- Recognition of automatically generated texts
Module 2: Investigation Techniques
- Forensic analysis tools for AI content
- Authenticity verification methodology
- AI-specific incident response
Module 3: Implementing Countermeasures
- Configuration of AI detection tools
- Security policies tailored to AI threats
- Content validation protocols
✅ Anti-AI Protection Checklist
Short term (0-3 months):
- Deployment of AI content detection tools
- Team awareness training on deepfakes
- Update identity validation policies
- Phishing test with AI-generated emails
Medium term (3-12 months):
- Implementation of behavioral analytics solutions
- Development of multimedia verification procedures
- Integration of defensive AI in the SOC
- Vulnerability audit for automated attacks
Long term (1-3 years):
- Zero Trust architecture with continuous AI validation
- Proprietary defensive AI for counterattacks
- Certification of the organization against AI threats
- Participation in sectoral defense initiatives
Chapter 5: The Future of AI Warfare: Predictions and Preparations
5.1 Emerging Trends 2025-2027
Expected Technological Evolutions:
- Multi-modal Offensive AI: Coordinated attacks across text/audio/video/code
- Neuromorphic Malware: Real-time adaptation to artificial neurons
- Generative Social Engineering: Creation of entirely artificial personas
- Quantum-resistant AI attacks: Preparation for post-quantum defenses
Economic Predictions:
- Total cost of AI cyberattacks: 15 trillion USD by 2027
- Growth of the market for malicious AI tools: +400% annually
- Necessary defensive investment: 8% of IT budget for large enterprises
5.2 Strategic Recommendations
For CIOs:
- Preventive Investment: 30% of cybersecurity budget dedicated to AI threats
- Specialized Skills: Recruitment of experts in adversarial AI
- Technological Partnerships: Alliances with anti-AI specialized vendors
For CISOs:
- Technological Monitoring: Continuous monitoring of new AI threats
- Simulation Exercises: Red team with malicious AI techniques
- Adapted Governance: Policies specific to AI risks
Conclusion: The Balance of Power in the Post-AI Era
Artificial intelligence has crossed the Rubicon. It is no longer just a neutral tool that we can choose to use or not – it has become the main battlefield of modern cybersecurity. Cybercriminals have massively adopted it, transforming script kiddies into sophisticated adversaries capable of executing surgical precision attacks.
The numbers speak for themselves:
- +600% increase in cyberattacks since the emergence of generative AI
- 3000+ active users of FraudGPT and WormGPT
- 85% success rate for AI-assisted spear-phishing attacks
- 200,000+ compromised AI API credentials in circulation
But this offensive revolution also comes with a defensive renaissance. The AI that attacks us can also protect us, provided we tame it before our adversaries fully master it.
The question is no longer “What if AI became our worst enemy?”, but “How can we make AI our best ally in this war that is just beginning?”
To survive in this new era, we must accept an unsettling truth: traditional cybersecurity is dead. Welcome to the era of augmented cybersecurity, where only artificial intelligence can compete with artificial intelligence.
The future belongs to those who can turn this existential threat into a strategic advantage. Because in this war of intelligences, there will be no room for spectators.
Resources and Sources
Documented Real Cases
- FraudGPT Analysis - Netenrich Research↗
- WormGPT Investigation - SlashNext Report↗
- Deepfake Elections Slovakia - MIT Technology Review↗
- AI Cyberattacks 2024 - Siècle Digital↗
Technical Tools and Resources
- OpenAI Safety Research↗
- NIST AI Risk Management Framework↗
- MITRE ATLAS Framework↗ - Adversarial ML tactics
- AI Incident Database↗
Training and Certification
Executive Summary
AI has become the weapon of choice for modern cybercriminals. FraudGPT, WormGPT, and their derivatives transform novices into experts, automating phishing (+1265%), electoral deepfakes, and adaptive malware. Over 3000 active users pay $200-1700/month for these tools, generating BEC attacks with 85% success in 10 minutes compared to 11 hours manually. Techniques include automated OSINT reconnaissance, generation of polymorphic malware, and cognitive manipulation. Facing 200,000+ stolen AI API credentials, traditional defenses are obsolete. Organizations must deploy AI behavioral detection, deepfake training, and adaptive Zero Trust architectures. Recommended defensive investment: 30% of cybersecurity budget dedicated to AI threats. The war of artificial intelligence is declared - only defensive AI can compete with offensive AI. The future belongs to the early adapters.