The newly-emergent FunkSec ransomware-as-a-service operation last month exploited artificial intelligence (AI) to facilitate intrusions against 85 organizations. The attacks would have made the ransomware gang the most prolific threat group in December if only many of the claimed attacks were not reused from previous hacktivism campaigns, reports SC Media.
Check Point researchers said aside from leveraging an AI chatbot for cybercrime via Miniapps and ChatGPT to summarize its ransomware know-how, FunkSec also used AI in its tools' code and Rust-based ransomware source code.
Additional findings also showed that FunkSec was linked to the dismantled Ghost Algéria hacktivist group owing to similarities between both groups' ransom notes.
"FunkSec's operations highlight the role of AI in malware development, the overlap between hacktivism and cybercrime, and the challenges in verifying leaked data," wrote the Check Point researchers. "It also raises questions about how we assess the threat posed by ransomware groups, as we often rely on the groups' own claims."