A new strain of malware leveraging artificial intelligence (AI) to enhance its security evasion capabilities is spreading globally, triggering alarm within the cybersecurity industry. The malware has been identified in Europe, the Americas, Asia, the Middle East, and Africa (AMEA) regions.
On September 14, U.S.-based cybersecurity firm Trend Micro released a report introducing the concept of a novel malware dubbed EvilAI.
Trend Micro researchers have observed this malware disguising itself as legitimate AI tools or software to infiltrate systems. The malicious code imitates genuine software, enabling it to penetrate corporate and personal environments undetected.
EvilAI spreads through various channels, including programs that install AI enhancements, malicious social media advertisements, and counterfeit websites. In some cases, it mimics legitimate software so accurately that identifying its malicious nature becomes challenging.
A key feature of EvilAI is its AI-driven adaptability. The malware employs AI-powered obfuscation techniques and anti-analysis methods, allowing it to appear as benign code and evade detection by security systems.
Once installed, the malware attempts to disable or neutralize the victim’s security infrastructure. This direct assault on security systems leaves the target vulnerable to subsequent attacks, potentially resulting in more severe breaches.
Trend Micro’s analysis indicates that EvilAI attacks are proliferating rapidly worldwide. Data collected over a week starting August 29 revealed 56 cases in Europe, with an additional 29 cases reported across the AMEA region.
The malware has infiltrated a diverse range of sectors, demonstrating its versatility. Trend Micro’s findings show that manufacturing was the most affected with 58 cases, followed by the government and public sectors (51), healthcare (48), technology (43), retail (31), education (27), financial services (22), and construction (20).
Trend Micro warns that the emergence of AI-based malware signifies a significant shift in the threat landscape. As cybercriminals harness AI to develop increasingly sophisticated and stealthy malware, cybersecurity professionals must remain vigilant and innovative in their defensive strategies.