AI-Powered Hackers Find New Way to Bypass Two-Factor Authentication
Cybersecurity researchers have discovered what may be the first real-world cyberattack created with the help of artificial intelligence (AI) to bypass two-factor authentication (2FA). Experts believe hackers used AI tools to identify and build a “zero-day” exploit, which is a hidden software weakness that developers were not yet aware of.
The attack targeted a widely used web-based system administration tool. Researchers explained that the flaw allowed attackers to get around 2FA protections if they already had access to a user’s login credentials. The issue was reportedly fixed before it became a larger threat, although the name of the affected software was not publicly shared.
Investigators suspect the malicious code was generated using an advanced AI language model similar to modern chatbots. The code included highly organized formatting, detailed comments, and technical descriptions that appeared more polished than what is typically seen in traditional hacker-created malware. These clues led researchers to believe AI played a major role in developing the attack.
Security professionals say this is a significant moment because AI has the potential to make cybercrime faster, easier, and more advanced. In the past, discovering software vulnerabilities and creating exploits required a high level of technical skill and time. AI tools may now help automate parts of that process, allowing cybercriminals to launch attacks more efficiently.
Researchers also discussed a separate Android malware strain known as “PromptSpy.” This malware reportedly used AI capabilities to monitor a victim’s screen activity, maintain control of infected devices, and resist attempts to remove it. Experts believe this demonstrates how AI could be used to create smarter and more adaptable malware in the future.
In addition, cybersecurity teams have identified hacking groups from several countries experimenting with AI-powered cyber operations. These groups are reportedly using AI to research vulnerabilities, improve malware, automate attacks, and increase the scale of their operations.
Experts warn that AI is changing the cybersecurity landscape rapidly. While AI can help organizations improve digital security and detect threats more quickly, it can also provide hackers with powerful new tools. As AI technology continues to evolve, businesses and everyday users may need stronger security measures and increased awareness to stay protected online.
