Google

Gǔgē

谷歌

to stop / to prevent

zǔzhǐ

阻止

hacker(s)

hēikè

黑客

to exploit / to make use of

lìyòng

利用

artificial intelligence

rén gōng zhì néng

人工智能

to develop

kāifā

开发

two-factor authentication

shuāngchóng rènzhèng

双重认证

security vulnerability / exploit

lòudòng

漏洞

。

New Words

News in English

Google Disrupts Hackers Using AI to Develop Two-Factor Authentication Exploit

Google researchers discovered an unknown threat actor using AI to create a zero-day exploit targeting two-factor authentication. Google subsequently worked with the software vendor to quietly patch the vulnerability.

On May 11th, Google's Threat Intelligence Group disclosed that an unknown hacker group has developed the first known AI-generated zero-day exploit.

This vulnerability exists in a popular open-source web-based administration tool and can bypass two-factor authentication protection.

Researchers pointed out that this vulnerability does not stem from common programming errors, but rather is a sophisticated logical flaw.

Attackers appear to use artificial intelligence models to identify this flaw and convert it into a usable exploit.

Google stated that the malicious script contains abundant annotations, and its style is highly consistent with the output of large language models.

Google subsequently notified the software vendor, and both parties cooperated to patch the vulnerability, making it impossible to be exploited on a large scale.

Google did not disclose the name of the artificial intelligence model used by the attackers, only indicating that it is very likely not Google's own Gemini model.

More in Science & Technology