November 8th – A new hacking tool, ominously named “Predator AI,” has emerged. What sets this tool apart from others is the integration of artificial intelligence; specifically, a ChatGPT-driven class embedded within a Python script.
The unique GPT class adds a chat-like text-processing interface. The integration appears intended to reduce reliance on OpenAI’s API, while also advancing Predator AI’s capabilities.
Predator AI: Distribution
What’s also of note is the distribution method selected by those responsible for Predator AI. Rather than selling the tool on the dark web, threat actors have primarily distributed the tool through Telegram channels that are closely associated with hacking communities, raising concerns about the scale of the tool’s potential impact.
Predator AI: Technical details
With over 11,000 lines of code, Predator AI leverages a graphical user interface (GUI) based on Tkinter. This consists of various classes that handle divergent functionalities, including web application security scans and cloud service integration.
The tool facilitates web application attacks on technologies that most businesses use, such as WordPress, and cloud email services, like AWS SES.
In terms of attributes, Predator AI shares similarities with tool sets like AlienFox and Legion, which are cloud spamming tool sets that are known for their destructive capabilities.
Predator AI: Mitigating risk
Take steps to mitigate the risk posed by these types of tools. For instance:
- Maintain up-to-date systems
- Segment networks
- Employ cloud security posture management tools (CSPM)
- Leverage specialized logging and detection mechanisms
Given the nature of evolving threats like Predator AI, businesses need to continually adapt and innovate when it comes to security measures.