In a stark assessment of the evolving digital battlefield, the Google Threat Intelligence Group (GTIG) released a comprehensive report on February 12, 2026, warning that global threat actors have officially transitioned from casual experimentation with artificial intelligence to integrating it directly into live cyberattack workflows. According to SiliconANGLE, the report highlights a sophisticated shift where malware now makes real-time application programming interface (API) calls to generative AI models to fetch malicious code during execution, effectively outsourcing the attack's logic to the cloud.
The investigation, which focused heavily on the abuse of Google’s own Gemini models, identified several high-profile adversaries—including state-aligned groups from North Korea, China, Iran, and Russia—leveraging AI to accelerate the "cyber kill chain." A primary example cited by Google is a malware family dubbed HONESTCUE. Unlike traditional malware that carries its full payload within a static binary, HONESTCUE uses prompts to retrieve C# source code from Gemini in real-time. This code is then compiled and executed in memory, leaving virtually no footprint on the victim's physical disk and bypassing traditional signature-based security software.
The report also details the activities of UNC2970, a North Korean group linked to the Lazarus cluster. According to The Hacker News, this group has been using Gemini to synthesize open-source intelligence (OSINT) and profile high-value targets within the defense and cybersecurity sectors. By mapping specific technical roles and salary information, the group crafts highly convincing phishing personas that are nearly indistinguishable from legitimate corporate recruiters. This level of precision in social engineering, powered by AI's linguistic capabilities, has significantly lowered the barrier for entry for sophisticated espionage campaigns.
Beyond operational use, Google researchers observed a surge in "model extraction" or distillation attacks. In these scenarios, threat actors issue hundreds of thousands of structured queries to a proprietary model to infer its internal logic and response patterns. The goal is to build a "shadow model" that mirrors the original’s capabilities without the massive research and development costs. Google reported disrupting one such campaign involving over 100,000 prompts aimed at replicating Gemini’s reasoning across multiple non-English languages.
From an analytical perspective, the integration of AI into live attacks represents a fundamental shift in the economics of cybercrime. Historically, the development of custom, fileless malware required elite-level engineering talent. By "wiring" AI into the attack chain, mid-tier threat actors can now generate sophisticated, polymorphic code on the fly. This creates a "Detection Gap" where defensive tools, which rely on historical patterns, struggle to keep pace with code that is generated uniquely for every single victim. The move toward memory-only execution via AI-generated scripts suggests that the industry's reliance on endpoint detection and response (EDR) must evolve toward more aggressive behavioral analysis of API traffic.
However, some industry experts urge caution against overstating the current threat. Dr. Ilia Kolochenko, CEO of ImmuniWeb, noted that while AI accelerates simple processes like reconnaissance and phishing lure generation, it has not yet demonstrated the ability to execute a full, autonomous cyberattack without human intervention. Kolochenko also raised a significant legal point: as Google identifies these abuses, it may face increasing pressure regarding its liability for damages caused by actors using its proprietary tools, despite the presence of safety guardrails.
The trend toward "Agentic AI" in cyber warfare is the next logical frontier. While Google has not yet seen widespread deployment of fully autonomous AI agents in the wild, the groundwork is being laid. Future malware could potentially function as an independent agent, making real-time decisions on which vulnerabilities to exploit based on the specific environment it encounters, rather than following a pre-programmed script. This would move the timeline of an attack from days or hours to seconds, necessitating a shift toward AI-driven defensive responses that can act at machine speed.
Looking ahead, the cybersecurity landscape in 2026 and beyond will likely be defined by this "AI-on-AI" arms race. As adversaries use model extraction to steal intellectual property and LLMs to automate exploit development, defenders will need to deploy generative AI to predict attack vectors before they are utilized. The data suggests that while AI is currently an "assistant" for hackers, the transition to AI as the primary "operator" is inevitable. Organizations must now treat AI API security as a critical infrastructure component, as the very tools designed to enhance productivity are being rewired into the most potent weapons of the digital age.
Explore more exclusive insights at nextfin.ai.
