AI malware can now evade Microsoft Defender — open-source LLM outsmarts tool around 8% of the time
https://www.tomshardware.com/tech-industry/cyber-security/ai-malware-can-now-evade-microsoft-defender-open-source-llm-outsmarts-tool-around-8-percent-of-the-time-after-three-months-of-training
3 Comments
“Outflank is a “highly skilled red team composed of experienced professionals” who “specialize in assessing resilience against advanced threats and training security teams for enhanced incident response.” Its principal offensive specialist lead spent three months and approximately $1,500 training the open-source Qwen 2.5 LLM to bypass Microsoft Defender. That’s a fairly steep but not insurmountable upfront cost for this capability. An enterprising cybercriminal with a surplus of GPUs on hand might be willing to devote more time and money to this task. Models like this are expected to get better over time.”
Microsoft will release an AI version of Windows Defender to counter these threats. It’ll become a cat and mouse game. We are going to see AI versus AI moving forward.
I mean it’s not hard to outsmart defender. I needed to use a security tool once without tripping security. I just took the code off git hub, changed all the strings with the software name and compiled it myself. Totally undetectable. If one person with basic programming ability can do that, I can only imagine what an LLM could do.