Google Blocks AI-Based Cyberattack Aimed at Breaking Two-Factor Authentication Protection
Google detects the first AI-powered zero-day cyberattack targeting two-factor authentication systems, highlighting growing risks from AI cyber threats, malware, phishing attacks, and advanced cybersecurity vulnerabilities affecting banking, Android devices, and digital payments.
Tech Author
Cybersecurity experts are warning of a significant shift in cyber threats after Google unveiled the first known incidence of hackers employing artificial intelligence to construct a zero-day exploit for a real-world cyberattack operation. According to Google's Threat Intelligence Group (GTIG), attackers attempted to compromise two-factor authentication (2FA) systems, which millions of users rely on for banking, shopping, financial apps, and online accounts.
Google claims the attack was stopped before it could be deployed on a big scale, but experts believe this instance demonstrates how AI-powered cyberattacks are getting more complex and devastating.
According to security specialists, the attackers utilized an AI tool, not Google Gemini, to find a hidden gap in a widely used web-based server administration system. After getting user login credentials, hackers used the exploit to bypass two-factor authentication. Unlike traditional security methods, which focus on software crashes or coding errors, AI was able to understand how the system was structured and uncover underlying logic issues within the code. Experts claim this makes AI-generated cyber attacks far more difficult to identify because the technology can monitor program behavior rather than just scanning for obvious flaws.
A zero-day vulnerability is a security flaw that software companies and security teams do not know exists. Since there are no patches available at the time of discovery, hackers can use these flaws before organizations have time to fix them. Google stated attackers planned to use this exploit for large-scale attacks targeting thousands or even millions of users.
Google's report added concerns about AI-powered malware. Researchers uncovered malware known as PROMPTSPY, which can apparently monitor user activities, learn unlock patterns or PIN codes, and resist removal attempts.
Security experts warn that this is especially troubling because most smartphones worldwide, particularly Android devices, might become appealing targets for AI-driven attackers.
Cybersecurity experts recommend following several important steps to stay protected from advanced cyber threats and AI-powered attacks. Users should install software updates immediately because unpatched systems are more vulnerable to zero-day exploits. Experts also suggest using authenticator apps instead of SMS OTPs for stronger two-factor authentication security. Regularly checking app permissions can help identify suspicious applications with unnecessary access. Users should avoid clicking highly personalized emails, messages, or links that may be phishing attempts, and using different passwords for every account can help reduce damage if one account gets compromised.
According to Google, threat actors from many countries are increasingly using AI for malware creation, vulnerability discovery, phishing attacks, and cyber espionage. The recent incident demonstrates how artificial intelligence is transforming cybersecurity. While AI has numerous advantages, researchers warn that it is also generating smarter cyber threats requiring greater security measures and increased digital awareness.
This article is based on information from The Economic Times
