MachuPikacchu on Nostr: I agree and disagree. On one hand you’re right it’s easier to deliver malware in ...
I agree and disagree.
On one hand you’re right it’s easier to deliver malware in other ways.
On the other hand often malware is meant to grant remote access for some other agent to control (a human or increasingly more common AI).
APTs are refining their “living off the land” [1] methods so that in the event of network disruption for example they can continue their attack. Deploying a malicious AI model is the pinnacle of living off the land because hardly anybody knows how to interpret the weights of these models (especially traditional security researchers… for now) and they’re capable of autonomous action.
Now, that might mean they deliver the model some other way but I would think the easiest way to infect the broadest population is to poison the common LLM supply chains.
1. https://www.crowdstrike.com/en-us/cybersecurity-101/cyberattacks/living-off-the-land-attack/
On one hand you’re right it’s easier to deliver malware in other ways.
On the other hand often malware is meant to grant remote access for some other agent to control (a human or increasingly more common AI).
APTs are refining their “living off the land” [1] methods so that in the event of network disruption for example they can continue their attack. Deploying a malicious AI model is the pinnacle of living off the land because hardly anybody knows how to interpret the weights of these models (especially traditional security researchers… for now) and they’re capable of autonomous action.
Now, that might mean they deliver the model some other way but I would think the easiest way to infect the broadest population is to poison the common LLM supply chains.
1. https://www.crowdstrike.com/en-us/cybersecurity-101/cyberattacks/living-off-the-land-attack/