Google · China · South Korea · Bitcoinist
Hackers Targeting Your Crypto Just Got An AI Upgrade, Google’s Report Is A Wake-Up Call
Compiled by KHAO Editorial — aggregated from 1 outlet. See llms.txt for citation guidance.
◌ Single Source
Google’s Threat Intelligence Group (GTIG) has published a major security report warning that artificial intelligence is now being weaponized by state-linked hackers and criminal threat actors at industrial scale, with autonomous malware, AI-generated zero-day exploits, and credential-targeting operations posing a direct and escalating threat to crypto users relying on standard security measures.
Key facts
- The May 11 report, published on the Google Cloud blog by GTIG and drawing on Mandiant incident response engagements, marks a significant escalation from the group’s February 2026 findings
- The report notes that state-linked actors associated with China and North Korea have separately demonstrated significant interest in using AI for vulnerability discovery
- For the first time, GTIG has identified a threat actor using a zero-day exploit believed to have been developed with AI assistance
- Beyond zero-day development, the report documents AI-accelerated development of polymorphic malware, code that rewrites its own structure to evade detection, linked to suspected Russia-nexus threat
Summary
The May 11 report, published on the Google Cloud blog by GTIG and drawing on Mandiant incident response engagements, marks a significant escalation from the group’s February 2026 findings. The most significant disclosure in the report is unprecedented. The report notes that state-linked actors associated with China and North Korea have separately demonstrated significant interest in using AI for vulnerability discovery. Beyond zero-day development, the report documents AI-accelerated development of polymorphic malware, code that rewrites its own structure to evade detection, linked to suspected Russia-nexus threat actors, per GTIG’s analysis.