Home » Cyber Security News » Researchers Developed Artificial Intelligence-Powered Stealthy Malware

Researchers Developed Artificial Intelligence-Powered Stealthy Malware

Artificial Intelligence (AI) has been seen as a potential solution for automatically detecting and combating malware, and stop cyber attacks before they affect any organization.

However, the same technology can also be weaponized by threat actors to power a new generation of malware that can evade even the best cyber-security defenses and infects a computer network or launch an attack only when the target’s face is detected by the camera.

To demonstrate this scenario, security researchers at IBM Research came up with DeepLocker—a new breed of “highly targeted and evasive” attack tool powered by AI,” which conceals its malicious intent until it reached a specific victim.

According to the IBM researcher, DeepLocker flies under the radar without being detected and “unleashes its malicious action as soon as the AI model identifies the target through indicators like facial recognition, geolocation and voice recognition.”

Describing it as the “spray and pray” approach of traditional malware, researchers believe that this kind of stealthy AI-powered malware is particularly dangerous because, like nation-state malware, it could infect millions of systems without being detected.

The malware can hide its malicious payload in benign carrier applications, like video conferencing software, to avoid detection by most antivirus and malware scanners until it reaches specific victims, who are identified via indicators such as voice recognition, facial recognition, geolocation and other system-level features.

“What is unique about DeepLocker is that the use of AI makes the “trigger conditions” to unlock the attack almost impossible to reverse engineer,” the researchers explain. “The malicious payload will only be unlocked if the intended target is reached.”

To demonstrate DeepLocker’s capabilities, the researchers designed a proof of concept, camouflaging well-known WannaCry ransomware in a video conferencing app so that it remains undetected by security tools, including antivirus engines and malware sandboxes.

With the built-in triggering condition, DeepLocker did not unlock and execute the ransomware on the system until it recognized the face of the target, which can be matched using publicly available photos of the target.

So, all DeepLocker requires is your photo, which can easily be found from any of your social media profiles on LinkedIn, Facebook, Twitter, Google+, or Instagram, to target you.

Trustwave has recently open-sourced a facial recognition tool called Social Mapper, which can be used to search for targets across numerous social networks at once.

The IBM Research group will unveil more details and a live demonstration of its proof-of-concept implementation of DeepLocker at the Black Hat USA security conference in Las Vegas on Wednesday.

Firewall,Hardware Firewall,Software Firewall,Firewall India, Firewall,Network Firewall,Firewall Support,Firewall Monitoring,Firewall VPN, WAF Website Firewall,Firewall Security, Firewall India,Firewalls Provider in India

Information Security - InfoSec - Cyber Security - Firewall Providers Company in India

What is Firewall? A Firewall is a network security device that monitors and filters incoming and outgoing network traffic based on an organization's previously established security policies. At its most basic, a firewall is essentially the barrier that sits between a private internal network and the public Internet.

 

Secure your network at the gateway against threats such as intrusions, Viruses, Spyware, Worms, Trojans, Adware, Keyloggers, Malicious Mobile Code (MMC), and other dangerous applications for total protection in a convenient, affordable subscription-based service. Modern threats like web-based malware attacks, targeted attacks, application-layer attacks, and more have had a significantly negative effect on the threat landscape. In fact, more than 80% of all new malware and intrusion attempts are exploiting weaknesses in applications, as opposed to weaknesses in networking components and services. Stateful firewalls with simple packet filtering capabilities were efficient blocking unwanted applications as most applications met the port-protocol expectations. Administrators could promptly prevent an unsafe application from being accessed by users by blocking the associated ports and protocols.

 

Firewall Firm is an IT Monteur Firewall Company provides Managed Firewall Support, Firewall providers , Firewall Security Service Provider, Network Security Services, Firewall Solutions India , New Delhi - India's capital territory , Mumbai - Bombay , Kolkata - Calcutta , Chennai - Madras , Bangaluru - Bangalore , Bhubaneswar, Ahmedabad, Hyderabad, Pune, Surat, Jaipur, Firewall Service Providers in India

Sales Number : +91 9582 90 7788 | Support Number : +91-9654016484
Sales Email : sales@itmonteur.net | Support Email : support@itmonteur.net

Register & Request Quote | Submit Support Ticket