Google has published a list of ways AI is currently being used by threat actors to more efficiently hack you

• Copy link
• Facebook
• X
• Whatsapp
• Reddit
• Pinterest
• Flipboard
• Email

Share this article

0

Join the conversation

Follow us

Add us as a preferred source on Google

Newsletter

Get the PC Gamer Newsletter

Keep up to date with the most important stories and the best deals, as picked by the PC Gamer team.

Contact me with news and offers from other Future brands Receive email from us on behalf of our trusted partners or sponsors

---

By submitting your information you agree to the Terms & Conditions and Privacy Policy and are aged 16 or over.

You are now subscribed

Your newsletter sign-up was successful

---

Want to add more newsletters?

Every Friday

GamesRadar+

Your weekly update on everything you could ever want to know about the games you already love, games we know you're going to love in the near future, and tales from the communities that surround them.

Signup +

Every Thursday

GTA 6 O'clock

Our special GTA 6 newsletter, with breaking news, insider info, and rumor analysis from the award-winning GTA 6 O'clock experts.

Signup +

Every Friday

Knowledge

From the creators of Edge: A weekly videogame industry newsletter with analysis from expert writers, guidance from professionals, and insight into what's on the horizon.

Signup +

Every Thursday

The Setup

Hardware nerds unite, sign up to our free tech newsletter for a weekly digest of the hottest new tech, the latest gadgets on the test bench, and much more.

Signup +

Every Wednesday

Switch 2 Spotlight

Sign up to our new Switch 2 newsletter, where we bring you the latest talking points on Nintendo's new console each week, bring you up to date on the news, and recommend what games to play.

Signup +

Every Saturday

The Watchlist

Subscribe for a weekly digest of the movie and TV news that matters, direct to your inbox. From first-look trailers, interviews, reviews and explainers, we've got you covered.

Signup +

Once a month

SFX

Get sneak previews, exclusive competitions and details of special events each month!

Signup +

---

An account already exists for this email address, please log in.

Subscribe to our newsletter

As AI continues to grow and make its way into everyday life, the alleged productivity gains do appear to be showing in some places. It just so happens that hacker groups are one of those places, and Google's Threat Intelligence has listed some of the many ways they use it. Welcome to the future.

In its latest report, it says, "In the final quarter of 2025, Google Threat Intelligence Group (GTIG) observed threat actors increasingly integrating artificial intelligence (AI) to accelerate the attack lifecycle, achieving productivity gains in reconnaissance, social engineering, and malware development."

It details that government-backed threat actors, like those reportedly in the Democratic People's Republic of Korea (DPRK), Iran, the People's Republic of China (PRC), and Russia, are using LLMS for "technical research, targeting, and the rapid generation of nuanced phishing lures".

One of the bigger growing threats is called a model extraction attack. In Google's case, this involved accessing an LLM legitimately, then attempting to extract information to build new models.

Google reports one case of over 100,000 prompts which were intended to emulate Google Gemini's reasoning capabilities. Naturally, this is more of a threat to companies than to the average user. However, there are more methods detailed in the report.

One such method for AI use is making hackers seem more reputable in conversation. "Increasingly, threat actors now leverage LLMs to generate hyper-personalized, culturally nuanced lures that can mirror the professional tone of a target organization or local language"

Google has spotted it being used in phishing scams to learn information about potential targets, too. "This activity underscores a shift toward AI-augmented phishing enablement, where the speed and accuracy of LLMs can bypass the manual labor traditionally required for victim profiling."

This is all before mentioning AI-generated code, with hackers such as APT31 using Gemini to automate analysing vulnerabilities and plans to test said vulnerabilities. It also spotted 'COINBAIT', a phishing kit masquerading as a cryptocurrency, "whose construction was likely accelerated by AI code generation tools."

Though mostly a proof of concept, Google has reportedly spotted a malware that prompts users' AI bots to create code to generate additional malware. This would make tracking down malware on a machine increasingly hard as it continues to 'mutate'.

Google says, "The potential of AI, especially generative AI, is immense. As innovation moves forward, the industry needs security standards for building and deploying AI responsibly."

Just last week, we saw a phishing scam that uses AI to deepfake CEOs of companies, in order to get access to a victim's cryptocurrency. It seems AI is becoming more than just one tool in a hacker's toolbelt, and one has to hope counteragents are getting enough data to counteract it.

Best gaming rigs 2026

1. Best gaming laptop: Razer Blade 16

2. Best gaming PC: HP Omen 35L

3. Best handheld gaming PC: Lenovo Legion Go S SteamOS ed.

4. Best mini PC: Minisforum AtomMan G7 PT

5. Best VR headset: Meta Quest 3

👉Check out our list of guides👈