Attackers behind the recent AI-assisted hacking of hundreds of Fortinet FortiGate firewalls worldwide have weaponized the new open-source AI security testing platform CyberStrikeAI.
Attackers behind the recent AI-assisted hacking of hundreds of Fortinet FortiGate firewalls worldwide have weaponized the new open-source AI security testing platform CyberStrikeAI in new intrusions, according to BleepingComputer.
CyberStrikeAI — which has more than 100 security tools, an AI decision engine, and a skills system allowing automated cyber intrusions — has been run by 21 unique IP addresses between Jan. 20 and Feb. 26, one of which is an IP that was found to have communicated with breached Fortinet FortiGate devices, a report from Team Cymru revealed.
Most of the servers hosting CyberStrikeAI were in China, Singapore, and Hong Kong, with more infrastructure discovered in the U.S., Europe, and Japan.
Additional findings showed CyberStrikeAI to be associated with Chinese state-sponsored cyber operations, while the tool's developer Ed1s0nZ was found to have developed other AI-powered tools.
"In the near future, defenders must be prepared for an environment where tools like CyberStrikeAI, alongside the developer's other AI-assisted privilege escalation projects like PrivHunterAI and InfiltrateX, significantly lower the barrier to entry for complex network exploitation," said Team Cymru Senior Threat Intel Advisor Will Thomas.
Sharon Florentine is the editorial director for CyberRisk Alliance’s Channel Brands and acting editorial director for SC UK. She is responsible for setting strategy and editorial direction and developing content for news, features, analysis and other written content, moderates live webcasts, and oversees research projects. Sharon has previously held key editorial, content and leadership positions at DevOps.com, Security Boulevard, CIO.com, Ziff Davis Enterprise, and CRN, among others.
Sharon Florentine is the editorial director for CyberRisk Alliance’s Channel Brands and acting editorial director for SC UK. She is responsible for setting strategy and editorial direction and developing content for news, features, analysis and other written content, moderates live webcasts, and oversees research projects. Sharon has previously held key editorial, content and leadership positions at DevOps.com, Security Boulevard, CIO.com, Ziff Davis Enterprise, and CRN, among others.
An error occurred trying to play the stream. Please reload the page and try again.
CloseRegistering with SC Media is 100% free. Join tens of thousands of cybersecurity leaders today and gain access to the latest analysis shaping the global infosec agenda.
