Gemini chatbot is being exploited by hackers from Iran, China, and North Korea for cyber attacks, confirms Google

Updated on 31-Jan-2025
HIGHLIGHTS

Hackers from Iran, China, and North Korea are exploiting Google’s Gemini chatbot for cyber operations.

Iranian attackers use Gemini for reconnaissance and phishing campaigns, while Chinese hackers focus on system vulnerabilities.

North Korean hackers leverage the chatbot to create fake cover letters and research remote IT jobs for infiltration.

Hackers supported by state-sponsored organizations from nations like China, North Korea, and Iran are using the Gemini chatbot to enhance their cyberattack capabilities, according to Google’s Threat Intelligence Group. The report claims that these attackers are reportedly becoming more productive, but the AI tool has not yet allowed them to create noticeably more advanced methods.

The report claims that scammers are utilizing the Gemini for a wide range of novel tasks, such as creating new codes, investigating targets, or even figuring out system weaknesses. The report also stated that disinformation agents are using the chatbot to construct narratives, translate content, and establish virtual identities. 

The Iranian agents are among the most active scammers on Gemini, the report also stated. They are conducting reconnaissance on defense experts and organizations and using the chatbot to help with phishing campaigns. However, Gemini is being used by Chinese hacker groups to debug code and take advantage of holes in target networks. As they try to extract sensitive data, they concentrate on privilege escalation, lateral movement across systems, and avoiding detection.

Also read: iPhone 15 available at Rs 9,901 discount on Flipkart, further savings possible

According to reports, North Korean threat actors are using the chatbot to research remote IT job openings in Western nations and create fake cover letters, most likely as part of an infiltration strategy. 

The report also claimed that the chatbot has been used by Russian hackers less frequently. It is being used by the users to generate codes. These include incorporating encryption features into pre-existing code and translating publicly accessible malware into various programming languages.

Also read: Pixel 8 Pro gets Rs 32,000 off on Flipkart, bank offers also available

Notwithstanding these results, Google has pointed out that although the AI tool has increased the productivity of these attackers, it hasn’t allowed them to create new methods or resources.

Ashish Singh

Ashish Singh is the Chief Copy Editor at Digit. Previously, he worked as a Senior Sub-Editor with Jagran English from 2022, and has been a journalist since 2020, with experience at Times Internet. Ashish specializes in Technology. In his free time, you can find him exploring new gadgets, gaming, and discovering new places.

Connect On :