Forensic Summary
A likely Russian threat group dubbed GreyVibe has been actively using commercial LLMs — including ChatGPT and Google Gemini — to generate high-quality phishing lures, malware tooling, and social-engineering content targeting Ukrainian military, government, and civilian organisations. WithSecure researchers identified LLM artefact markers embedded in campaign imagery, confirming AI-assisted content generation at scale. The case represents a concrete, documented example of adversarial LLM weaponisation in an active nation-state-adjacent cyberespionage campaign.
Read the full technical deep-dive on Grid the Grey: https://gridthegrey.com/posts/russian-greyvibe-group-weaponises-chatgpt-and-gemini-for-cyberespionage/
Top comments (0)