A new Google Threat Intelligence Group report warns that two-factor authentication is increasingly targeted by advanced AI cyberattack methods involving zero-day exploits, self-morphing malware, and Gemini-powered hacking tools.
Google Report Reveals AI Cyberattack Targeting Two-Factor Authentication
According to a recently published Google Threat Intelligence Group (GTIG) report, there is an increase in bypass attempts on two-factor authentication systems using AI-powered cybersecurity threats. The GTIG found that cybercriminals have begun using AI in cybersecurity threats to automate the process, identify vulnerabilities, develop exploits, and adapt during attacks.
For example, there was a Python exploit designed to target a widely used open source web management application which bypassed the two-factor authentication system through a logical loophole in the authorization process. According to researchers, the exploit had the hallmark of AI-assisted hacking, as the hackers used a model of reasoning to uncover logic loopholes in the system. AI systems have increasingly been applied in developing zero-day exploits, as it speeds up the process of discovering vulnerabilities that could not be detected otherwise.
Self-Morphing Malware and Gemini-Driven Threats Raise Security Concerns
The GTIG report also includes malware that can modify its source code during runtime. AI-powered cyberattack systems can create payloads on the fly, add decoy instructions, and change their behavior to avoid detection by various analysis tools. Malware types including CANFAIL and LONGSTREAM are known to use sophisticated AI-based obfuscation technologies, which make them particularly difficult to analyze and prevent. The capability of continuously changing in real-time presents a huge problem for cybersecurity specialists.
An even more dangerous example is PROMPTSPY – an Android backdoor that apparently exploits Google Gemini cloud technology to monitor users' interface, emulate their actions, and defeat two-factor authentication based on PIN codes and gesture-based locks. This has created a concern for possible attacks involving AI-powered malware in Android devices that are managed through Google Gemini technology. Another new threat in cybersecurity is malware strains based on self-modifying AI capabilities.
AI Phishing Campaigns and Social Engineering Attacks Expand Globally
The report further discusses how cybercriminals are leveraging the power of artificial intelligence in crafting credible phishing attacks. Through collecting information from LinkedIn accounts, official websites of companies, and news outlets, hackers craft personalized emails that sound like the real deal. Two-factor authentication phishing attacks in enterprise environments are now more sophisticated because attackers are using AI cyberattack techniques to target employees from finance, human resources, and IT security departments.
GTIG also states that cybercriminals use AI-driven deep fakes, voice modifications, and video editing in creating political influence campaigns where hackers combine true and doctored images for added credibility. It appears evident that the use of AI in conducting automated social engineering attacks through the use of organizational information is becoming more common among attackers. In summary, according to Google, cybercrime is now moving into a new phase where even two-factor authentication cannot protect organizations from ever-evolving AI-based attacks. Business Honor views that cybersecurity must evolve beyond two-factor authentication as AI cyberattacks grow more adaptive, requiring real-time AI defense systems and stronger organizational security intelligence strategies.
.webp)
