Google Report Reveals State-Sponsored Hackers Using Gemini AI for Cyber Operations

Hackers from Iran, China, North Korea, and Russia are leveraging Google's AI for efficiency, but the technology has not enabled groundbreaking new attack methods.

Google's Threat Intelligence Group identified state-backed hackers from Iran, China, North Korea, and Russia using its Gemini AI to enhance cyber operations.
Iranian groups were the most active, accounting for 75% of observed usage, with activities including phishing, reconnaissance, and researching vulnerabilities.
Chinese hackers used Gemini for tasks like researching U.S. military targets and troubleshooting code, while North Korean actors focused on crafting fake job applications and researching nuclear technology.
Attempts to bypass Gemini's guardrails for malicious purposes, such as generating malware or abusing Google services, have been largely blocked by the system's safeguards.
While generative AI accelerates hacking efficiency, the report emphasizes that it has not yet enabled the development of novel or unprecedented attack capabilities.