- EyeSpy reads its target environment, autonomously determines available attack vectors, and generates, tests and adapts malware until it achieves attack goals.
- It reasons on its own, picks the best tools and techniques to use in a given moment, then strategizes and executes an attack, assesses and fixes code failures in-memory to align with its changing attack objective, and continuously evades detection.
- Security Mindsets Analyst Charles Kolodgy: “I have seen EyeSpy demonstrated. The nightmare scenario where malware can autonomously respond to its environment is reality. With EyeSpy, HYAS is getting into the adversarial mindset on what's coming in the future and is able to be more predictive on what we’ll be facing.”
- Todd Graham, Managing Partner, M12 (Microsoft’s venture capital fund): “There is no doubt this is the next threat landscape and the new theater of war.”
VANCOUVER, British Columbia--(BUSINESS WIRE)--#FortressCybersecurityAward--HYAS Infosec, whose adversary infrastructure platform provides unparalleled visibility, protection and security against all kinds of malware and attacks, today announced its EyeSpy proof-of-concept (PoC), an entirely new type of polymorphic, fully autonomous malware. The malware uses artificial intelligence to make informed decisions and synthesize its capabilities as needed to conduct cyberattacks and continuously morph to avoid detection.
The development of EyeSpy is part of HYAS Infosec’s ongoing research and will ensure that the company’s protection platform extends to the future of malware as well. As part of its continuing research, HYAS pioneered AI-synthesized, polymorphic malware with its recent BlackMamba PoC.
HYAS CEO David Ratner said: “We spend a lot of time modeling and theorizing what sort of attacks might hit us, and in response, what sort of defenses we need to build against them, because it’s imperative that our defensive technologies evolve to keep up with how AI will affect security.”
Using the current early versions of generative AI, EyeSpy is capable of:
- Selecting its intended victim independently or through a threat actor’s specification
- Assessing the target environment, platform, applications and environmental footprint
- Identifying optimal vectors to extract information
- Writing malware on the fly – for example, if a target is on a specific video conference app, it will compose, test & validate the malware for that app
- Executing the attack
- Analyzing the QA result
- Self-repair and continued attack iteration until it has achieved the attacker’s goals
Ratner said: “What if threat actors used AI tools to create malware that could reason and act on its own, while continuously refining its code in response to its targeted environment and evading detection? We could assume threat actors were likely already doing this. To sustain and advance our adversarial detection, we had to move, and quickly.”
EyeSpy catapults HYAS even further into a future where such intelligent, autonomous entities will be part of the cyber warfare landscape. EyeSpy represents a significant milestone in the potential evolution of adversary capabilities. Observers note that EyeSpy malware isn’t merely a program - it is an adaptive entity with evolving strategies, making its class of malware an ever-present, dynamic threat that evades detection.
“As experts in adversary threat infrastructure, we recognize that the next generation of attack infrastructure is going to be fully AI-synthesized, polymorphic attack frameworks,” explains David Mitchell, Chief Technology Officer, HYAS. “At this moment EyeSpy can enable cybersecurity professionals to train the way they’ll have to fight and to engineer security stack solutions that can defend against and mitigate even the worst emerging threats – before their destructive power can be brought to bear. Those two goals have driven our development of this technology so we can begin to defend against it.”
"Analysts have speculated that smart malware is on the horizon. Well, the future is now. The nightmare scenario where malware can autonomously respond to its environment is reality," stated cybersecurity researcher Charles Kolodgy, Principal at Security Mindsets, formerly a senior expert with IDC and the NSA. "Cyber criminals will use similar technology to vastly expand the threat landscape. It is essential that the industry as a whole prepare to combat this level of fully autonomous, AI-synthesized polymorphic attack frameworks. By moving away from theory to the practical, HYAS has taken the first step in the development of defensive tools that can counter AI-enabled cyber attacks and tactics by creating a proof of concept to show us exactly what we are going to be up against.” Mr. Kolodgy offered his remarks following a demonstration of EyeSpy’s capabilities.
HYAS Labs threat research is accelerating work on technology capable of remediating this emerging class of AI-synthesized, polymorphic malware both to ensure its award-winning HYAS Protect, HYAS Confront, and HYAS Insight solutions provide the superb protection that the market urgently needs, and also to advance the sector’s understanding of and response to new generations of threats.
“This is the nightmare situation that we knew was coming, and now it’s here,” confirms Todd Graham, Managing Partner, M12. “There is no doubt this is the next threat landscape and the new theater of war. HYAS is developing the type of technology we will need to defend against the next generation of cyber attacks and warfare, and it is essential that the industry as a whole prepare to combat this level of fully autonomous, AI-synthesized, polymorphic attack frameworks.”
Learn more about the EyeSpy PoC.
HYAS is the world-leading authority on cyber adversary infrastructure and communication to that infrastructure. HYAS is dedicated to protecting organizations and solving intelligence problems through detection of adversary infrastructure and anomalous communication patterns.
We help businesses see more, do more, and understand more in real time about the nature of the threats they face. HYAS turns metadata into actionable threat intelligence, actual adversary visibility, and protective DNS that renders malware inoperable. For more information visit HYAS.com.
Director of Marketing, HYAS
Amy (dot) Levine (at) Hyas (dot) com
Madison Alexander PR