Google Spotted Foreign Government Agents Using Gemini for Malicious Purposes

A recent report from Google indicates that government agents from various countries have been spotted using Gemini, its Artificial Intelligence service, with malicious intent.

Hackers from several countries spotted abusing AI

Government agents from several countries, including China, Iran, North Korea and Russia, are using Gemini AI maliciously, Google’s Threat Intelligence Group (TIG) said in a security advisory this week.

Reportedly, the company used a mixture of technical signals and behavioral patterns correlated with activity on its platforms to track government threat agents and their infrastructure.

Gemini AI guardrails hindered the creation of malware

Tracked threat actors successfully used Google’s Gemini for various malicious purposes, such as translating or crafting highly believable phishing lures from scratch, performing digital reconnaissance on targets of interest and generating software scripts.

On the bright side, says Google, the company’s guardrails proved effective enough to hamper the creation of malware with its artificial intelligence chatbot.

“Threat actors copied and pasted publicly available prompts and appended small variations in the final instruction  (e.g., basic instructions to create ransomware or malware),” reads Google’s report. “Gemini responded with safety fallback responses and declined to follow the threat actor's instructions.”

Iran, in the eye of the maelstrom

Although the report said government-backed threat actors from several countries were attempting to weaponize its AI service, Iran tops the list with 75 percent of all observed malicious Gemini usage.

Over 10 Iran-sponsored cybercrime groups have been spotted trying to bypass Gemini’s guardrails, especially for performing Android-related research. However, the scope of these groups also involves vulnerability research, recon tasks, pinpointing free hosting providers and generating digital personas for malicious purposes.

Keeping safe from AI-fueled threats

Although AI companies constantly work to ensure the safety of their services, threat actors sometimes find workarounds and exploits to weaponize them.

Dedicated software solutions like Bitdefender Ultimate Security can protect you from AI-powered threats and other digital intrusions.

It provides continuous, comprehensive protection against viruses, Trojans, worms, zero-day exploits, spyware, ransomware, rootkits and other cyber threats.

It also features advanced features to safeguard your systems, such as network threat prevention, behavioral detection for active apps, anti-phishing and anti-fraud modules, and AI-powered scam detection.