Piat Vojtya

You're listening to the Cyberwire Network, powered by N2K.

Dave Bittner

Most security conferences talk about Zero Trust. Zero Trust World puts you inside this is a hands on cybersecurity event designed for practitioners who want real skills, not just theory. You'll take part in live hacking labs where you'll attack real environments, see how modern threats actually work, and learn how to stop them before they turn into incidents. But Zero Trust World is more than labs. You'll also experience expert led sessions, practical case studies and technical deep dives focused on real world implementation. Whether you're blue team, red team, or responsible for securing an entire organization, the content is built to be immediately useful. You'll earn CPE credits, connect with peers across the industry and leave with strategies you can put into action right away. Join us March 4th through the 6th in Orlando, Florida. Register now at ztw.com and take your zero trust strategy from Theory to execution. Hello everyone and welcome to the Cyberwires Research Saturday I'm Dave Buettner and this is our weekly conversation with researchers and analysts tracking down the threats and vulnerabilities, solving some of the hard problems, and protecting ourselves in our rapidly evolving cyberspace. Thanks for joining us.

Piat Vojtya

We've been seeing a number of attacks that was leveraging accounts or were originating from Gmail accounts for legitimate infrastructure and had a very nice and polished AI generated content. And we've been on the lookout for is there any particular tool, is there any particular capability, is there any particular new thing that the attackers developed that might have support that particular types of flavor of attacks? And that ultimately is how we arrived at this particular tool is through research and that continuous monitoring of what the attackers are doing.

Dave Bittner

That's Piat Vojtya, head of Threat Intelligence and Platform at Abnormal AI. The research we're discussing today is titled Inbox Prime AI New Phishing Kit Fueling Scalable AI Powered Cybercrime. Well, for listeners who haven't seen your research, how would you describe Inbox prime AI?

Piat Vojtya

Well, ultimately you can think of it as a tool that allows you to send email attacks or craft email attacks. And it has it's a very point and clicky. So it has a very friendly user interface, very intuitive interface. It pretty much looks like a legitimate marketing software. But the kicker or the big selling point is that it is AI enabled. So it allows you to customize the content of the email, whether it's subjects, whether it's the content of the messages themselves. With AI which makes those emails look extremely professional, it makes them look obviously the polished they do grammatically correct. So everything that AI has to offer and on top of that, it has a number of different templates and parameters. So you can adjust the tone, you can adjust the language, you can adjust the industry, you can adjust the theme. So it has pre built themes within the tool itself. And most importantly, it also operates as pretty much as a legitimate user, or as if it was a legitimate user coming from a Google infrastructure. So to send those email attacks out, it leverages the Google Gmail infrastructure and the accounts that are Gmail accounts. So ultimately it's a mix of the legitimate infrastructure and AI content that is pre generated in this very intuitive interface that makes pretty much crafting attacks extremely, extremely easy.

Dave Bittner

Yeah, one of the striking aspects of this is, as you say, it operates through Gmail's web interface. Why is that such a meaningful design choice here?

Piat Vojtya

Well, when you think of email security or one of the ways how different companies and organizations try to combat the problem of email attacks is pretty much to ensure that those emails are not spoofed, that they're coming from the sender who actually said that it's going to send that email, or from the person who is actually associated with the organization that they claim to be associated with. So for that we have pretty much three particular brackets, so spf, dkim, dmarc, that allow you to pretty much verify that the email is coming from legitimate infrastructure, from a specific organization, from a specific sender. So if you leverage Google, if you leverage trusted infrastructure such as Google, those headers, all those checks will pass. And that's one of the ways how vendors and security solutions check for security of the incoming email. So it's one way to kind of bypass those very simple checks, let's call it that way. And then the other thing is that obviously that creates a lot more trust and a lot more legitimacy with the recipient. Sending an email from Gmail account is probably better than hey, I want to pawnyou.com account.

Dave Bittner

Well, let's talk about the AI component. So what role does AI play in generating these phishing emails themselves?

Piat Vojtya

Yeah, so ultimately what we have here is we pretty much have a pre built, you can think of it, not even templates, but pre built parameters that AI takes and then crafts specific emails based on your need. So if you want to send an email that is coming from an HR person, if you want to send an email that is focused to specific recipient who might be a payroll analyst, because you want to attempt a payroll fraud, you can specifically call out what type of email you want to create, what Tone of that email should be whether you're an expert, whether you're a beginner, you can create urgency, you can be very specific with your needs and ultimately what the AI component of it will create that entire content of the email for you. So pretty much within number of clicks you have an entire content of an email ready. And also there's an ability for you to templatize that. So if you want to create different variants of that template, if you want to create different types of that email because you want to send to different recipients, there's an ability for you to include certain parts of that email as templates and then AI will take care of, of the rest of the generation of that content and really make sure that it's exactly fit to your needs and what you want it to be before that's being sent out. So that entire concept of creating the content is AI generated and then the intuitive interface and the Gmail infrastructure that is responsible for sending, that's pretty much just the orchestration of that tool.

Dave Bittner

So does this make it much easier for the attackers to create a high level of polish compared to older phishing operations?

Piat Vojtya

100%. I think one of the, one of the key indicators, especially in the, in the world of the business email compromise back in the day was really looking for typos, you know, grammar errors or even things that just don't sound right. Like I'm not a native English speaker, so when I speak you can probably pick up on little things when I say that just don't sound right. Like an English speaker might not say it in a specific way or the way I put words together, it just doesn't make sense. So it's similar concept applies to those emails. Back in the day. You would have some of those emails that would just not sound right or they would have some errors, they would have some mistakes. This completely removes that layer of ability for users to spot, hey, there's something off about this email. But not only that, it creates the polish, it creates the professionalism, it creates the, it creates pretty much the perfect lure for what the attackers are after because you can really adjust that hook, you can really adjust that email to whatever your need is and make AI do its magic and really polish it in a way that those emails are a lot more polished, a lot more slick, and ultimately can gain a lot more trust from the recipients.

Dave Bittner

Yeah, I have to say that Inbox prime looks more like a commercial SaaS product than a crime tool.

Piat Vojtya

It does. It's quite interesting how some of those tools really focus on the user experience, but at the same time, when you think about it, it really lowers the bar of entry for anyone. So the price point is not that scary. You can get that pretty much for $1,000. But also the Back in the day, a lot of before the age of AI, having the knowledge and the know how to create the infrastructure, the underlying infrastructure both to be able to send the emails, to be able to orchestrate the framework that would actually be able to send emails from different accounts through different servers, and then having templates and content and then having the landing infrastructure. There's so many different components to successful phishing operations, and that requires a certain amount of skill or access in terms of you buying those tools from someone else. And this is a perfect example of that bar being so low now that you can literally be someone who has no idea how any of this works and then open the tool, click a few buttons and pretty much you're able to deliver a phishing campaign and attack most organizations around the world.

Dave Bittner

We'll be right back. Ever wished you could rebuild your network from scratch to make it more secure, scalable and simple? Meet Meter, the company reimagining enterprise networking from the ground up. Meter builds full stack zero trust networks including hardware, firmware and software, all designed to work seamlessly together. The result? Fast, reliable and secure connectivity without the constant patching, vendor juggling, or hidden costs. From wired and wireless to routing, switching, firewalls, DNS security and vpn, every layer is integrated and continuously protected in one unified platform. And since it's delivered as one predictable monthly service, you skip the heavy capital costs and endless upgrade cycles. Meter even buys back your old infrastructure to make switching effortless, transform complexity into simplicity, and give your team time to focus on what really matters, helping your business and customers thrive. Learn more and book your demo@meter.com cyberwire that's M E T E R.com cyberwire. If securing your network feels harder than it should be, you're not imagining it. Modern businesses need strong protection, but they don't always have the time, staff or patience for complex setups. That's where NORD Layer comes in. Nordlayer is a toggle ready network security platform built for businesses. It brings VPN access control and threat protection together in one place. No hardware, no complicated configuration. You can deploy it in minutes and be up and running in less than 10. It's built on zero trust principles so only the right people can get access to the right resources. It works across all major platforms, scales easily as your teams grow and integrates with what you already use. And now Nordlayer goes even further through its partnership with CrowdStrike, combining NordLayer's network security with Falcon Endpoint protection for small and mid sized businesses. Enterprise grade security made manageable. Try Nordlayer risk free and get up to 22% off yearly plans plus an extra 10% with the code CYBERWIRE10. Visit nordlayer.com cyberwire daily to learn more. Can we touch on the scalability here? I mean this, this has bulk management tools and things like proxies and templates. As you mentioned there, this is designed to be able to fit the needs of a lot of different types of operators.

Piat Vojtya

That is correct. Well one thing that is, you know, worth keeping in mind is that when you're a cyber criminal, you want to obviously perform your operations probably in a way that won't land you a nice place in jail somewhere. So you want to make sure that your operational security is up to a certain standard and you want to make sure that you don't expose your real IP address, your real location. So having those basic capabilities in place that allow you to proxy your access to certain Gmail accounts through traditional hops and layers, that is one of those ways how you can obscure and hide yourself. Not to mention that obviously you can run that tool from some sort of VPS somewhere in the Internet and probably sit behind some sort of Tor browser, et cetera, et cetera. So there's a number of ways where you already have pre built capabilities in the tool itself that can allow you to to obscure some of your origin and some of the origin of your attacks. But also to your point, there's additional things in place that allow you to also adjust the quality of your emails. So there's a quality assurance capability that pretty much looks at the message and ensures that hey, this could actually be flagged by a spam filter or this could actually be flagged by potential security filter. So let's adjust this wording, let's adjust this sentence, let's adjust this even more so it doesn't hit on those very obvious static signatures that some of the email security vendors might have. And that also allows with the scale and not only the scope of the attack, but also allowing you to adjust it specifically to your needs. And I think I also mentioned that the final piece when it comes to the scale is the template variation. So you can pretty much adjust the templates with specific tags and pretty much specify that like hey, within that tag, here's a number of different variations I want you to iterate on when you create the emails. So each email kind of comes out with a custom take on it, custom twist on it. And we already touched on the Gmail aspect of it as well. So you can pretty much, you have, you know, pre configured email addresses. And that also allows for scale because it doesn't come from one specific address, it originates from multiple different addresses. So ultimately you can send as many operations as you want and as customer and they'll be as custom as you want them to be.

Dave Bittner

Now one of the things you pointed out was a shift in their business model here, that this was originally sold as a subscription service, but they made some changes. What's going on there?

Piat Vojtya

Yeah, so originally like you mentioned, it was sold as a subscription. So there was an ongoing monthly payment versus a one off payment. Also in subscription based services you usually don't get the access to the underlying code and you only get access as a user to the platform or to the tool itself. So obviously it's, we don't sit in the mind of the attacker. So we can only speculate about what might be the reasons for that. But often what that might suggest is a certain level of market maturity where there's enough confidence in the market and in the followers and in the customers that you ultimately there's a certain level of your brand and your tool being established that allows you to make that shift. Also another thing that you know, might be, might be a reason for that change is pretty much, you know, democratizing that access and lowering that bar and pretty much reaching other customers that were previously not available because some of the productors don't want to leverage tools that they don't control. And by giving access to the source code, you pretty much allow them to control fully the tool itself having insight into the code. So there's a level of transparency to that. And finally there's also an ability for those threat actors to then customize the code even further. So you can then take that in whatever direction you would like and create new modules, create new capabilities. So ultimately one of the big reasons for that change might be to drive more revenue from the type of buyers who would not be the typical buyers for the subscription kind models, type of models.

Dave Bittner

Do you think that adding AI in this way and increasing the sophistication of this tool, has that changed the economics of running phishing campaigns?

Piat Vojtya

What I would say is that we're in a very interesting, we're at the very interesting tipping point, I think, when it comes to phishing and email tags, because we've already seen a number of use cases with many different AI tools. We've seen certain dark LLMs and dark chatbots that were built specifically for cybercrime. We've seen some use cases where you can hijack or manipulate the legitimate LLMs, the ChatGPT, the clause of this world, and pretty much tell them to give you or create you a phishing page or create you a phishing email, and you can bypass those safeguards that those models have already in place. We've seen ultimately, what I'm trying, what I'm trying to. What I'm kind of going on a little bit of a tangent here is that we see attackers adopting AI and it should not come as a shock to anyone who's been in security, because attackers are extremely innovative, they're extremely creative, and they will leverage whatever the next best thing is that will help them monetize on their campaigns. So I am not surprised that AI and the usage of AI, whether it's this tool or whether it's other tools that the attackers are using is present. And it's only going to get worse from here because it creates so much more efficiency, it creates a much higher quality, and it just makes pretty much something that was previously might have been, the activity might have been separated between many different groups or many different peoples within one team that were operating under specific thread group. You can pretty much perform a lot of actions in conjunction with AI as a single individual today. You can create tools, you can sell those tools. This AI allows you to monetize in a completely different way that I don't think was previously available to a lot of people. So right now your imagination is really, and you're creating is really your own implementation because you have a companion that is pretty much going to do whatever you're going to ask it to do if you have a good understanding of what you're trying to create. So to kind of answer, you know, this was a long time, but to ultimately answer your question, I do think that like leveraging AI, whether it's in this particular tool or in general by threat actors, really enables them to monetize and make attacks even more efficient.

Dave Bittner

Yeah, it really strikes me that, you know, for the past couple years we've been talking about how these tools would be coming, you know, and everyone needed to prepare and brace themselves that these types of tools were inevitable. And now we're at the next step where these tools are readily available, they're easily available, they're affordable. And so that's the world we're in now.

Piat Vojtya

Exactly. And we're you know, just wait for the next, next year rsa, where we're going to see that every company is selling some form of AI agent. And usually that is just a certain level of abstraction, representation of where we are as an industry. So we're inching towards more autonomous capabilities. We still have an assisted copilot type of attack tools right now, but we're inching towards the world where those workflows will be fully automated, will be autonomous. And that is going to be also an extremely interesting point in that phishing evolution where we're going to start seeing attacks that might be fully automated, that might be actually done through a fully automated workflow and through AI agents or some flavor of AI agent implementation by the threat actors. So that is also going to be extremely interesting to see.

Dave Bittner

So what are your recommendations then for folks who are tasked with defending their organizations? What's the best way to defend yourself against these sorts of things?

Piat Vojtya

Yeah, so honestly, one of the things.

Dave Bittner

That.

Piat Vojtya

I've been thinking about coming into this conversation, but also being part of many different conversations, just seeing some of the attack trends and some of the changes in what attackers do, I feel like we're really at the stage where you cannot trust the email content or the email that you're receiving, and ultimately what you can and should trust and kind of like what that shift should happen in your mental model is from not trusting the email and then focusing and trusting on the verification process. So really thinking of like, okay, what is the way in which I can verify that the information presented to me is actually what it's claimed that I see in front of me. So when I think about business email compromise attacks, if you're talking to the same vendor every day and let's say the threat actor takes over the account on the vendor behalf and then pretty much tells you, hey, I just changed my bank details, can you please update that in your system? If you see that email and you just go and action. That. That is likely going to expose you to some to, to an attack at some point. However, if you're, if your mind shifts from this, okay, I cannot trust the information that is in front of me. And I. But I can trust the verification process. That can be as easy as you picking up the phone and calling a random like, hey, I just got this, you know, to let's what do you need me to update? Or any form of. There's a process, there's a process component, there's a human component, there's a technological component. Like with every other problem, it's exactly the same. So what defenders can do is they can focus on pretty much every aspect of those three components and that starts with process, that starts with people. And obviously there's a technology that can also support you. So I can speak to each and every one of those individually. But that concept of not trusting the emails and not trusting the email content and really trusting the verification process or allowing yourself to have process in place, whether it's your training, your ability to look at the email through the lens of if this was the attack, what should I look for? Do I have a technology that allows me to verify if this is an attack? Do I have a process in place that allows me to verify that this is intact? That is something where we as organizations and as defenders can really focus our attention and hopefully make ourselves and others more secure.

Dave Bittner

That's Piad Vojta from Abnormal AI. The research is titled Inbox Prime New Phishing Kit Fueling Scalable AI Powered Cybercrime. We'll have a link in the show notes and that's Research Saturday, brought to you by N2K CyberWire. We'd love to know what you think of this podcast. Your feedback ensures we deliver the insights that keep you a step ahead in the rapidly changing world of cybersecurity. If you like our show, please share a rating and review in your favorite podcast. Please also fill out the survey in the show notes or send an email to cyberwire2k.com this episode was produced by Liz Stokes. We're mixed by Elliot Peltzman and Trey Hester. Our executive producer is Jennifer Ibin. Peter Kilpe is our publisher and I'm Dave Bittner. Thanks for listening. We'll see you back here next time. If you only attend one cybersecurity conference this year, make it RSAC 2026. It's happening March 23rd through the 26th in San Francisco, bringing together the global security community for four days of expert insights, hands on learning and real innovation. I'll say this plainly, I never miss this conference. The ideas and conversations stay with me all year. Join thousands of practitioners and leaders tackling today's toughest challenges and shaping what comes next. Register today@rsaconference.com cyberwire26. I'll see you in San Francisco.

Jackson Hewitt Advertiser

Big tax changes this year could mean a bigger refund, and Jackson Hewitt knows how to get you your biggest you'll get $100 just to try us. That won't make you filthy rich, but definitely gas plus groceries rich. And since we know all the new tax codes, you could get thousands back. Which would make you low key, loaded or at least wealthy adjacent. Go with our trusted pros and get a hundred dollars to switch. Rest easy. Jackson Hewitt's got your taxes. Guaranteed limited time offer for new clients. Participate in locations only. Details at jacksonhewitt.

Piat Vojtya

Com.