{"id":358776,"date":"2026-01-26T09:15:00","date_gmt":"2026-01-26T17:15:00","guid":{"rendered":"https:\/\/cms-articles.softonic.io\/es\/?p=408193"},"modified":"2026-01-26T12:17:44","modified_gmt":"2026-01-26T20:17:44","slug":"the-rise-of-ai-generated-malware-poses-new-threats-to-cybersecurity","status":"publish","type":"post","link":"https:\/\/cms-articles.softonic.io\/en\/the-rise-of-ai-generated-malware-poses-new-threats-to-cybersecurity\/","title":{"rendered":"The rise of AI-generated malware poses new threats to cybersecurity"},"content":{"rendered":"\n<p>Security researchers have warned of an <strong>alarming increase in the development of malware using artificial intelligence tools, marking a significant transition from the theoretical realm to practical applications in cybercrime<\/strong>. This phenomenon has been documented by the cybersecurity firm Check Point Research, which has analyzed the activities of a well-known state-backed threat actor from North Korea, known as KONNI, which has been active for over a decade.<\/p>\n\n\n<h2 class=\"wp-block-heading\">The evolution of cyber threats<\/h2>\n\n\n<p>Initially, KONNI&#8217;s focus was on politicians, diplomats, and academics, primarily in South Korea. However, in its latest campaign, <strong>the group has changed its strategy, targeting software developers, especially those related to blockchain and cryptocurrencies<\/strong>. The attackers have been using highly convincing phishing techniques to access cloud infrastructures, source code repositories, and blockchain credentials.<\/p>\n\n\n<p>CPR researchers explain that those who have fallen into the trap have allowed the <strong>installation of an AI-generated backdoor in PowerShell, which has provided attackers with full access to the victims&#8217; computers<\/strong> and the secrets stored on them. This use of AI-generated malware not only accelerates the development of new attacks but also allows for faster and more flexible customization of threats, thereby evading traditional signature-based detection methods.<\/p>\n\n\n<figure class=\"wp-block-image size-full\"><img decoding=\"async\" src=\"https:\/\/articles-img.sftcdn.net\/auto-mapping-folder\/sites\/2\/2026\/01\/malware-4.jpg\" alt=\"\" class=\"wp-image-408201\"\/><\/figure>\n\n\n<p>In light of this new reality, cybersecurity professionals will need to adapt their approaches. There is an emphasis on the need to <strong>consider development environments as high-value targets and to strengthen prevention against phishing within collaboration and development workflows<\/strong>. Additionally, it is recommended to protect development infrastructures and the cloud with robust access controls and to use AI-driven threat prevention techniques to detect malware that is not visible in the early stages of an attack.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Security researchers have warned of an alarming increase in the development of malware using artificial intelligence tools, marking a significant transition from the theoretical to the practical in cybercrime. This phenomenon has been documented by the cybersecurity firm Check Point Research, which has analyzed the activities of a well-known state-backed threat actor from North Korea, known as KONNI, which has been active for over a decade. The evolution of cyber threats Initially, KONNI&#8217;s focus was on politicians, diplomats, and academics, primarily in South Korea. However, in its latest campaign, [&#8230;]<\/p>\n","protected":false},"author":9317,"featured_media":358782,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":"","wpcf-pageviews":0},"categories":[1015],"tags":[5605,3854,3885,1627],"usertag":[],"vertical":[],"content-category":[],"class_list":["post-358776","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-news","tag-ciberseguridad","tag-ia","tag-inteligencia-artificial","tag-malware"],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/cms-articles.softonic.io\/en\/wp-json\/wp\/v2\/posts\/358776","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/cms-articles.softonic.io\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/cms-articles.softonic.io\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/cms-articles.softonic.io\/en\/wp-json\/wp\/v2\/users\/9317"}],"replies":[{"embeddable":true,"href":"https:\/\/cms-articles.softonic.io\/en\/wp-json\/wp\/v2\/comments?post=358776"}],"version-history":[{"count":2,"href":"https:\/\/cms-articles.softonic.io\/en\/wp-json\/wp\/v2\/posts\/358776\/revisions"}],"predecessor-version":[{"id":358784,"href":"https:\/\/cms-articles.softonic.io\/en\/wp-json\/wp\/v2\/posts\/358776\/revisions\/358784"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/cms-articles.softonic.io\/en\/wp-json\/wp\/v2\/media\/358782"}],"wp:attachment":[{"href":"https:\/\/cms-articles.softonic.io\/en\/wp-json\/wp\/v2\/media?parent=358776"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/cms-articles.softonic.io\/en\/wp-json\/wp\/v2\/categories?post=358776"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/cms-articles.softonic.io\/en\/wp-json\/wp\/v2\/tags?post=358776"},{"taxonomy":"usertag","embeddable":true,"href":"https:\/\/cms-articles.softonic.io\/en\/wp-json\/wp\/v2\/usertag?post=358776"},{"taxonomy":"vertical","embeddable":true,"href":"https:\/\/cms-articles.softonic.io\/en\/wp-json\/wp\/v2\/vertical?post=358776"},{"taxonomy":"content-category","embeddable":true,"href":"https:\/\/cms-articles.softonic.io\/en\/wp-json\/wp\/v2\/content-category?post=358776"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}