Cybercriminals have found in the installers of AI a New Malware distribution routeaccording to the Cisco cyber-intelligence division. The case confirms that the convergence of artificial intelligence and cybersecurity represents one of the deepest strategic challenges faced by modern organizations.
Cisco Talos has discovered a highly destructive new malware identified as ‘number’, which It is presented as a legitimate installer of artificial intelligence tools. This threat severely affects the compromised systems, manipulating the components of the User Graphical Interface (GUI) in Windows Operating Systems, which causes its complete uselessness.
Its operational impact makes it a critical threat, especially for business environments that depend on the continuous availability of its devices.
And as the generative the tools have become more powerful, affordable and accessible, cybercriminals adopt them more and more to support all kinds of attacks, from commercial fraud to extortion and the theft of identities, with special significance in the Deepfakes by AI, a mechanism that uses video generation platforms, audio and images available commercially to generate realistic that are used to deceive both individuals and organizations. These tools are economical, easy to use and increasingly capable of avoiding identity verification systems and security controls.
Cisco Talos has also detected the ransomware CyberLockdeveloped by Powershell, which focuses on encrypting specific files in the victim’s system. This malware stands out for a particularly misleading manipulation tactic: in the rescue note, the attackers claim that the required payments will be destined for humanitarian aid in regions such as Palestine, Ukraine, Africa and Asia, in order to generate empathy and psychologically press those affected to facilitate the payment of the rescue.
Finally, Cisco Talos has identified Lucky_Gh0$ta new variant of Yashma ransomware, the sixth iteration within the Chaos family. This version presents minor modifications, indicating a limited technical evolution with respect to previous versions. Despite its slightest sophistication, its detection reinforces the need for continuous surveillance against families of already known malware.
