Створене ШІ шкідливе ПЗ здатне обходити Microsoft Defender у 8% випадків
Modern AI language models are becoming more and more functional and powerful. In some cases AI is already leading to layoffs or Decrease in revenues in some areas. In addition, the rapid development of AI raises concerns among cybersecurity experts. After all, AI models are capable of generating not only useful code but also malicious code. Recently, a researcher proved that the malicious code created in this way can bypass Microsoft Defender.
Outflank specializes in assessing security against complex cyber threats. It is planning to demonstrate an interesting but disturbing result at the Black Hat 2025 conference in August. The open-source Qwen 2.5 language model, after appropriate training, is «capable of generating malware that can completely bypass Microsoft Defender for Endpoint in about 8% of cases».
Engineer Kyle Avery, one of Outflank’s lead specialists, spent about three months and $1500 to train the model. This is not too high an initial cost for attackers. The results of the study show that the model trained in this way copes with security bypass ten times better than others. For comparison, Anthropic’s AI demonstrates the effectiveness of security circumvention in less than 1% of cases, and DeepSeek — only 0.5%.
These results are still far from the level hoped for by the so-called «script kiddies» — beginners who expect a quick result in the spirit of «pressed a button — got a virus». But this is a wake-up call: language models, even open source ones, are gradually gaining abilities that previously required professional experience in writing malicious code.
The problem is compounded by the fact that improving such models — is a matter of time and resources. And if someone with enough graphics cards and access to training kits takes this seriously, the effectiveness of such models can increase significantly.
For now, this information should be taken as a strong argument in the discussion about the risks of AI. But this is not a reason to refuse the antivirus. Microsoft Defender also adapts over time. So the answer to such challenges is also a matter of time.
Another important aspect is also worth paying attention to. Most successful attacks are still not based on antivirus fraud, but on the human factor — phishing emails, manipulation, and social engineering. And this remains the main problem for most companies.
Source: tomshardware