Google has warned that several cyber threat groups are already using artificial intelligence on an industrial scale to attack, hide, and automate operations that until recently required human teams and much longer times. The warning appears in the AI Threat Tracker report from the Google Threat Intelligence Group, which reviews campaigns attributed to actors linked to North Korea, China, and Russia.
The leap is not that AI appears in isolated incidents, but that it serves to expand the attack volume and sustain persistent campaigns. Google also maintains that a recent patch curbed a massive attack that was planned after detecting a zero-day vulnerability in a Python script capable of bypassing two-factor authentication in an open-source web tool for systems administration.
Google detected a flaw that allowed bypassing two-factor authentication
The company identified that zero-day vulnerability in a Python script integrated into a web-based system administration tool. The flaw allowed the user to bypass 2FA, one of the most widespread barriers to containing unauthorized access.
Google believes the applied patch prevented a planned massive attack.
The researchers did find indications of artificial intelligence use around the case, although they ruled out that the Gemini and Mythos models had intervened in the development of that specific vulnerability. The report places the value of this technology in other phases of the offensive cycle, such as massive exploitation of flaws, code obfuscation, and evasion of safeguards in language models.
APT45 Validated Thousands of Exploits With the Help of Artificial Intelligence
One of the examples that the document collects affects the North Korean actor APT45. Google attributes to it the use of artificial intelligence to validate thousands of exploits and form an arsenal of capabilities that, by volume, it could not have managed without that automation.
In China, UNC2814 resorts to fake identities of supposed security experts to deceive artificial intelligence systems and study vulnerabilities in hardware such as routers. Added to this activity is another actor linked to Beijing that used AI tools to autonomously and persistently probe the weak points of a Japanese technology company.
Promptspy acts on Android and blocks uninstallation attempts.
The report also describes the incorporation of agentic tools into the cybercriminals' strategy. In that section appears Promptspy, a new backdoor for Android that uses artificial intelligence to move autonomously through the device's interface and resist its elimination.
Pro-Russian campaigns cloned voices and hid malicious code
The dimension of the threat is not limited to technical access to systems. The pro-Russian campaign Operation Overload cloned voices with artificial intelligence to impersonate real journalists through fake audios inserted into legitimate news clips, a tactic aimed at expanding disinformation in the United States, Ukraine, and France.
Actors linked to Moscow also used AI-generated lure code to hide malicious functions from security scanners. At the same time, the OpenClaw framework has become a target for hackers who want to test and refine offensive capabilities in controlled environments.
TeamPCP focused part of its attacks on artificial intelligence software dependencies such as LiteLLM.
On that front, Google attributes attacks against AI-linked software components to TeamPCP with the objective of stealing high-value cloud secrets and AWS keys stored in development environments.