×
Google thwarts hacker group using Gemini to breach accounts
Written by
Published on
Join our daily newsletter for breaking news, product launches and deals, research breakdowns, and other industry-leading AI coverage
Join Now

State-sponsored hackers from Iran, North Korea, China, and Russia have attempted to use Google’s Gemini AI for malicious purposes, but their efforts have not produced any significant cybersecurity threats.

Key findings: Google’s investigation revealed that multiple state-sponsored hacking groups have been experimenting with Gemini AI for various tasks, though their attempts at sophisticated cyber attacks have been unsuccessful.

  • More than 10 Iranian, 20 Chinese, and nine North Korean hacking groups were identified using Gemini
  • Iranian APT actors were found to be the most frequent users of the AI system
  • The hackers primarily used Gemini for basic tasks like translation, content creation, and simple coding

Security measures and limitations: Google’s built-in safeguards have effectively prevented malicious actors from using Gemini for more dangerous cyber activities.

  • Attempts to generate malware or execute advanced phishing techniques were blocked by the system
  • Hackers failed to bypass account creation verification methods
  • The AI system’s restrictions prevented attempts to “jailbreak” Gemini for malicious purposes

Actual usage patterns: State-sponsored groups have primarily utilized Gemini for mundane productivity tasks rather than sophisticated cyber attacks.

  • North Korean hackers used the system to draft cover letters and research job opportunities, possibly to infiltrate US companies as remote IT workers
  • Iranian operations employed Gemini for content translation and propaganda localization
  • Hackers utilized the AI for research on defense organizations and vulnerability assessment

Industry perspective: These findings align with broader observations about AI’s current role in cybersecurity threats.

  • OpenAI reported similar findings regarding state-sponsored hackers’ use of ChatGPT
  • Both companies have observed that AI tools are being used primarily as productivity enhancers rather than for breakthrough cyber attacks
  • Google maintains active security monitoring and collaboration with law enforcement to address potential threats

Future implications: While current AI systems have not enabled significant cyber breaches, the situation warrants continued vigilance and security development.

  • Google continues to design and test robust security measures for its AI systems
  • The company actively investigates and disrupts suspected malicious activity
  • The focus remains on preventing AI tools from enabling more sophisticated cyber attacks as the technology evolves
Google: Hackers Tried (and Failed) to Use Gemini AI to Breach Accounts

Recent News

Introducing Browser Use: a free, open-source web browsing agent

Swiss startup makes AI web browsing tools available to everyone by offering both cloud and self-hosted options at a fraction of competitors' costs.

AI agents gain capability to use Windows applications using PigAPI’s cloud virtual desktops

Virtual desktop AI agents navigate and control legacy Windows software to bridge the automation gap for enterprises stuck with outdated systems.

A look into generative AI’s changing impacts on marketing

Corporate investment in AI tools shifts away from consumer chatbots to focus on workplace productivity and automation solutions.