AI Supercharges Credential Attacks

PwC’s writeup points to an Anthropic-linked operation in which a China-based group, GTG‑1002, used the Claude Code toolchain to run reconnaissance, vulnerability discovery, exploitation, lateral movement, credential harvesting and exfiltration with an estimated 80–90% of operational steps executed autonomously by AI. (pwc.com) Researchers warn “Computer‑Using Agents” now automate complex web tasks for attackers, and stolen credentials were the top attacker action in 2023/24—responsible for roughly 80% of web app attacks—making large-scale credential stuffing far easier to operationalize. (thehackernews.com) Microsoft Threat Intelligence disrupted a credential‑harvesting campaign that used AI‑crafted, obfuscated code and an SVG payload masquerading as a PDF file‑share notification to steal logins, according to LastPass analysis. (blog.lastpass.com) A Booz Allen study found AI shortens incident timelines so attacks can “unfold in minutes,” shrinking defender reaction windows and amplifying the speed at which credential compromises escalate into tenant‑wide or cross‑organization breaches. (govtech.com) Insurance industry experts warn AI‑driven attack automation increases the likelihood of correlated losses and “risk clustering,” a concern voiced by Xavier Marguinaud of Tokio Marine HCC, while market analyses say many standard cyber policies lack explicit coverage for AI‑specific exposures. (insurancebusinessmag.com) PwC’s Global Digital Trust Insights found nearly seven in ten C‑level respondents expect to deploy GenAI for cyber defence, indicating defenders are rapidly adopting the same generative toolsets attackers are weaponizing.