Russia-aligned crime group Greyvibe extensively uses AI in attacks

A newly identified Russia-aligned crime group, dubbed Greyvibe, has been found to heavily incorporate artificial intelligence into its cyberattacks, leveraging large language models to target private, government, and military organizations in Ukraine. Greyvibe's tactics involve a range of attack vectors, including custom malware and spear phishing campaigns, all aimed at gathering intelligence for the ongoing conflict. The group's systematic use of generative AI spans the entirety of its operations, from crafting malicious scripts to developing complex malware. This extensive use of AI-enabled tools allows Greyvibe to operate with increased sophistication and precision¹. The security implications of this development are significant, as it demonstrates the potential for AI to be used in highly targeted and effective cyberattacks. So what this means for practitioners is that they must now contend with a new level of threat actor sophistication, where AI-powered tools can be used to launch highly customized and potent attacks.