BERLIN: The "growing weaponisation" of generative artificial intelligence (GenAI) could make older forms of cybersecurity and virus scanning obsolete.

Hackers and scammers from North Korea are among those seemingly able to turn the technology to their advantage to install malware and steal information.

"GenAI-built malware is no longer theoretical, it's already operational," according to cybersecurity company CrowdStrike.

In its new 2025 Threat Hunting Report, CrowdStrike warns that so-called "threat actors" are using AI to gain access, steal credentials and deploy malware. That shows that "autonomous systems" and "machine identities" are being made increasingly central to cybercrime.

In one of the most audacious attacks of its kind on record, a North Korea-based group used AI to infiltrate Western companies, including by building fake resumes and conducting "deepfake" interviews, according to CrowdStrike.

Meanwhile as a “Russia-nexus adversary" used AI to "amplify pro-Russia narratives," an Iranian group known as Charming Kitten targeted European and US-based entities with “phishing lures” crafted using AI or large-language models.

Such "adversaries" have shown they can use AI to "innovate, adapt, and scale operations with speed," CrowdStrike says. It is calling on security teams to respond in kind by turning to "agentic" AI that can reason, adapt and act autonomously, albeit "within defined guardrails."

AI means that even little-league criminals can develop viruses or malware, meaning that such threats - previously the preserve of syndicates with money and know-how - could become much more frequent and make cyber-scams even more prevalent.

"Lower-tier eCrime and hacktivist actors are abusing AI to generate scripts, solve technical problems, and build malware – automating tasks that once required advanced expertise," according to CrowdStrike.

"The AI era has redefined how businesses operate, and how adversaries attack," says Adam Meyers, CrowdStrike's head of counter adversary operations. – dpa