Artificial Intelligence (AI) has been seen every bit a potential solution for automatically detecting as well as combating malware, as well as halt cyber attacks earlier they impact whatever organization.
However, the same applied scientific discipline tin give the axe also live on weaponized past times threat actors to ability a novel generation of malware that tin give the axe evade fifty-fifty the best cyber-security defenses as well as infects a reckoner network or launch an assail exclusively when the target's expression upwardly is detected past times the camera.
To demonstrate this scenario, safety researchers at IBM Research came upwardly alongside DeepLocker—a novel breed of "highly targeted as well as evasive" assail tool powered past times AI," which conceals its malicious intent until it reached a specific victim.
According to the IBM researcher, DeepLocker flies nether the radar without beingness detected as well as "unleashes its malicious activity every bit shortly every bit the AI model identifies the target through indicators similar facial recognition, geolocation as well as phonation recognition."
Describing it every bit the "spray as well as pray" approach of traditional malware, researchers believe that this sort of stealthy AI-powered malware is specially unsafe because, similar nation-state malware, it could infect millions of systems without beingness detected.
The malware tin give the axe enshroud its malicious payload inward benign carrier applications, similar video conferencing software, to avoid detection past times most antivirus as well as malware scanners until it reaches specific victims, who are identified via indicators such every bit phonation recognition, facial recognition, geolocation as well as other system-level features.
Also Read: Artificial Intelligence Based System That Can Detect 85% of Cyber Attacks
"What is unique virtually DeepLocker is that the role of AI makes the “trigger conditions” to unlock the assail almost impossible to contrary engineer," the researchers explain. "The malicious payload volition exclusively live on unlocked if the intended target is reached."
To demonstrate DeepLocker's capabilities, the researchers designed a proof of concept, camouflaging well-known WannaCry ransomware inward a video conferencing app as well as then that it remains undetected past times safety tools, including antivirus engines as well as malware sandboxes.
With the built-in triggering condition, DeepLocker did non unlock as well as execute the ransomware on the scheme until it recognized the expression upwardly of the target, which tin give the axe live on matched using publicly available photos of the target.
Trustwave has late open-sourced a facial recognition tool called Social Mapper, which tin give the axe live on used to search for targets across numerous social networks at once.
The IBM Research grouping volition unveil to a greater extent than details as well as a alive demonstration of its proof-of-concept implementation of DeepLocker at the Black Hat USA safety conference inward Las Vegas on Wednesday.
However, the same applied scientific discipline tin give the axe also live on weaponized past times threat actors to ability a novel generation of malware that tin give the axe evade fifty-fifty the best cyber-security defenses as well as infects a reckoner network or launch an assail exclusively when the target's expression upwardly is detected past times the camera.
To demonstrate this scenario, safety researchers at IBM Research came upwardly alongside DeepLocker—a novel breed of "highly targeted as well as evasive" assail tool powered past times AI," which conceals its malicious intent until it reached a specific victim.
According to the IBM researcher, DeepLocker flies nether the radar without beingness detected as well as "unleashes its malicious activity every bit shortly every bit the AI model identifies the target through indicators similar facial recognition, geolocation as well as phonation recognition."
Describing it every bit the "spray as well as pray" approach of traditional malware, researchers believe that this sort of stealthy AI-powered malware is specially unsafe because, similar nation-state malware, it could infect millions of systems without beingness detected.
The malware tin give the axe enshroud its malicious payload inward benign carrier applications, similar video conferencing software, to avoid detection past times most antivirus as well as malware scanners until it reaches specific victims, who are identified via indicators such every bit phonation recognition, facial recognition, geolocation as well as other system-level features.
Also Read: Artificial Intelligence Based System That Can Detect 85% of Cyber Attacks
"What is unique virtually DeepLocker is that the role of AI makes the “trigger conditions” to unlock the assail almost impossible to contrary engineer," the researchers explain. "The malicious payload volition exclusively live on unlocked if the intended target is reached."
To demonstrate DeepLocker's capabilities, the researchers designed a proof of concept, camouflaging well-known WannaCry ransomware inward a video conferencing app as well as then that it remains undetected past times safety tools, including antivirus engines as well as malware sandboxes.
With the built-in triggering condition, DeepLocker did non unlock as well as execute the ransomware on the scheme until it recognized the expression upwardly of the target, which tin give the axe live on matched using publicly available photos of the target.
"Imagine that this video conferencing application is distributed as well as downloaded past times millions of people, which is a plausible scenario present on many world platforms. When launched, the app would surreptitiously feed photographic tv set camera snapshots into the embedded AI model, merely otherwise bear unremarkably for all users except the intended target," the researchers added.
"When the victim sits inward front end of the reckoner as well as uses the application, the photographic tv set camera would feed their expression upwardly to the app, as well as the malicious payload volition live on secretly executed, thank yous to the victim’s face, which was the preprogrammed substitution to unlock it."So, all DeepLocker requires is your photo, which tin give the axe easily live on constitute from whatever of your social media profiles on LinkedIn, Facebook, Twitter, Google+, or Instagram, to target you.
Trustwave has late open-sourced a facial recognition tool called Social Mapper, which tin give the axe live on used to search for targets across numerous social networks at once.
The IBM Research grouping volition unveil to a greater extent than details as well as a alive demonstration of its proof-of-concept implementation of DeepLocker at the Black Hat USA safety conference inward Las Vegas on Wednesday.