{"id":212820,"date":"2026-02-12T16:24:00","date_gmt":"2026-02-12T21:24:00","guid":{"rendered":"https:\/\/news-you-need.com\/index.php\/2026\/02\/12\/google-finds-state-sponsored-hackers-use-ai-at-all-stages-of-attack-cycle\/"},"modified":"2026-02-12T18:10:12","modified_gmt":"2026-02-12T23:10:12","slug":"google-finds-state-sponsored-hackers-use-ai-at-all-stages-of-attack-cycle","status":"publish","type":"post","link":"https:\/\/news-you-need.com\/index.php\/2026\/02\/12\/google-finds-state-sponsored-hackers-use-ai-at-all-stages-of-attack-cycle\/","title":{"rendered":"Google finds state-sponsored hackers use AI at &#8216;all stages&#8217; of attack cycle\u00a0"},"content":{"rendered":"<p><a href=\"https:\/\/cyberscoop.com\/state-hackers-using-gemini-google-ai\/\">Google finds state-sponsored hackers use AI at &#8216;all stages&#8217; of attack cycle\u00a0<\/a><\/p>\n<p><a href=\"https:\/\/cyberscoop.com\/state-hackers-using-gemini-google-ai\/\">https:\/\/cyberscoop.com\/state-hackers-using-gemini-google-ai\/<\/a><\/p>\n<p>Publish Date: <a href=\"publish_date]\">2026-02-12 16:24:00<\/a><\/p>\n<p>Source Domain: <a href=\"cyberscoop.com\">cyberscoop.com<\/a><\/p>\n<p>A new report from Google found evidence that state-sponsored hacking groups have leveraged AI tool Gemini at nearly every stage of the cyber attack cycle.<\/p>\n<p>The research underscores how AI tools have matured in their cyber offensive capabilities, even as it doesn\u2019t reveal novel or paradigm shifting uses of the technology.<\/p>\n<p>John Hultquist, chief analyst at Google\u2019s Threat Intelligence Group, told CyberScoop that many countries still appear to be experimenting with AI tools, determining where they best fit into the attack chain and provide more benefit than friction.<\/p>\n<p>\u201cNobody\u2019s got everything completely worked out,\u201d Hultquist said. \u201cThey\u2019re all trying to figure this out and that goes for attacks on AI, too.\u201d<\/p>\n<p>But the report also reveals that frontier AI models can build speed, scale and sophistication into a myriad of hacking tasks, and state-sponsored hacking groups are taking advantage.<\/p>\n<p>Gemini was a useful, dynamic and convenient tool for many tasks, helping threat actors in a variety of different ways. In nearly all cases, Google\u2019s reporting suggests that state-sponsored actors relied on Gemini as one tool among many, using it for specific purposes such as automating routine processes, conducting research or reconnaissance and experimenting with malware.<\/p>\n<p>One North Korean group used it to synthesize open-source intelligence about job roles and salary information at cybersecurity and defense companies. Another North Korean group consulted it \u201cmultiple days a week\u201d for technical support, using it to troubleshoot problems and generate new malware code when they got stuck during an operation. One Iranian APT used Gemini to \u201csignificantly augment reconnaissance\u201d techniques against targeted victims. China, Russia, Iran and North Korea all also used Gemini to create fake articles, personas, and other assets for information operations.<\/p>\n<p>\u201cWhat\u2019s so interesting about this capability is it\u2019s going to have an effect&#8230;<\/p>\n<p><a href=\"https:\/\/cyberscoop.com\/state-hackers-using-gemini-google-ai\/\">Source<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Google finds state-sponsored hackers use AI at &#8216;all stages&#8217; of attack cycle\u00a0 https:\/\/cyberscoop.com\/state-hackers-using-gemini-google-ai\/ Publish Date:&#8230;<\/p>\n","protected":false},"author":1,"featured_media":212821,"comment_status":"closed","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/cyberscoop.com\/wp-content\/uploads\/sites\/3\/2026\/02\/GettyImages-2249289774-1.jpg","fifu_image_alt":"","footnotes":""},"categories":[15],"tags":[26,24,32],"class_list":["post-212820","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity","tag-ai","tag-cybersecurity","tag-malware"],"_links":{"self":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/212820"}],"collection":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/comments?post=212820"}],"version-history":[{"count":1,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/212820\/revisions"}],"predecessor-version":[{"id":212822,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/212820\/revisions\/212822"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/media\/212821"}],"wp:attachment":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/media?parent=212820"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/categories?post=212820"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/tags?post=212820"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}