This new ChatGPT-powered infostealer is targeting cloud platforms

Key Takeaways:

– Hackers have developed a new Python-based infostealer malware called “Predator AI” that targets cloud services.
– The malware incorporates Artificial Intelligence (AI) technology, specifically a ChatGPT-driven class, to create a chat-like interface.
– The developer’s goal is to reduce reliance on OpenAI API and streamline the infostealer’s functionalities.
– Predator AI has over 11,000 lines of code and a GUI based on Tkinter.
– While the developer claims the tool is for educational purposes only and should not be used for illegal activities, it is actively being developed and newer versions include a Twilio account checker integration.
– To protect against Predator AI and similar tools, businesses should keep their systems and endpoints updated, restrict internet access, deploy cloud security solutions, and implement specialized logging and detection mechanisms.

TechRadar:

Hackers have developed a new Python-based infostealer malware that is able to specifically target cloud services. It has a few standout features, such as the integration of Artificial Intelligence (AI) technology. 

A report from SentinelLabs outlined how it discovered the tool named “Predator AI” being advertised and distributed on Telegram channels devoted to hacking. It has a ChatGPT-driven class that was implemented in the Python script, allowing for a chat-like interface. The goal of the implementation, the developer says, is to be less reliant on OpenAI API, while at the same time streamlining the infostealer’s functionalities. 

Source link

AI Eclipse TLDR:

Hackers have created a new Python-based infostealer malware called “Predator AI” that specifically targets cloud services. This malware stands out due to its integration of Artificial Intelligence (AI) technology. The tool was discovered on Telegram channels dedicated to hacking, and it features a ChatGPT-driven class that allows for a chat-like interface. The developer implemented this feature to reduce reliance on the OpenAI API and streamline the infostealer’s functionalities. Predator AI has over 11,000 lines of code and a graphical user interface (GUI) based on Tkinter.

The main purpose of Predator AI is to simplify web application attacks against popular technologies like WordPress or AWS SES. Researchers have observed that Predator AI shares similarities with AlienFox and Legion, both of which are cloud spamming tools. However, the developer emphasizes that Predator AI is intended for educational purposes only and should not be used for illegal activities. Despite this claim, the malware is actively being developed, with newer versions featuring a Twilio account checker integration.

According to the researchers, the Twilio integration does not significantly enhance an attacker’s capability, and it has not yet been advertised on the actor’s Telegram channel. They also caution that there may be many edge cases that make the integration unstable and potentially expensive.

To protect against Predator AI and similar tools, businesses are advised to keep their systems and endpoints updated, restrict internet access whenever possible, and deploy cloud security solutions. Additionally, specialized logging and detection mechanisms can play a crucial role in identifying unusual activity on cloud services, helping to prevent severe cyberattacks.