Warnings that attackers could now potentially leverage AI agents to create infrastructure and mount attacks.
Malicious actors could leverage significantly improved functionality added to OpenAI's Operator and other artificial intelligence agents to deploy phishing attack campaigns.
According to a Symantec blog, despite allowing only the creation of phishing materials or basic coding almost a year ago, AI agents have been enhanced to support threat operations' phishing infrastructure and intrusions.
Symantec researchers explained that about a year ago, they would tell security professionals that large language models were passive and could only help attackers create phishing materials or write basic code, reports SC US.
“While an agent’s legitimate use case may be the automation of routine tasks, attackers could now potentially leverage them to create infrastructure and mount attacks,” wrote the researchers.
Written by
Dan Raywood is a B2B journalist with 25 years of experience, including covering cybersecurity for the past 17 years. He has extensively covered topics from Advanced Persistent Threats and nation-state hackers to major data breaches and regulatory changes.
He has spoken at events including 44CON, Infosecurity Europe, RANT Forum, BSides Scotland, Steelcon and the National Cyber Security Show, and served as editor of SC Media UK, Infosecurity Magazine and IT Security Guru. He was also an analyst with 451 Research and a product marketing lead at Tenable.
