A

Hello everyone, this is Tom Uran. I'm here with the GROK for another Between Two Nerds episode. G', Day, Grok. How are you?

B

Fine, Tom. Yourself?

A

I'm very well. So this week's episode is brought to you by Push Security. Push makes an in browser plugin that'll keep your corporate network safe from all kinds of nasties. So, Grok, you sent me a little While ago a August 2025 threat intel report from the AI company Anthropic. Anthropic makes Claude in different variations and it's a large language model, so it'll do all kinds of stuff. And this report talks about how criminals mostly or threat actors are using AI. So just from the executive summary, I'll just read out a few of the dot points they've got in there. Agentic AI systems are being weaponized. AI models themselves are being used to perform sophisticated cyber attacks, not just advising on how to carry them out. AI lowers the barrier. Sophisticated cybercrime. So actors with few technical skills have used AI to conduct complex operations like developing ransomware that would previously have required years of training. Cybercriminals are embedding AI throughout their operations. This includes victim profiling, automated service delivery in operations that affect tens of thousands of users. And AI is being used for all stages of fraud operations like analyzing stolen data, stealing credit card information, and creating false identities. So it then has a variety of different, I guess you call them case studies, where it breaks down what AI has been used for. The North Korean IT worker scam turns up there. Chinese threat actors. I think it's interesting that they're all using claude, which is one of the companies that produces these threat reports, and then says, we've kicked these groups off our platform. Like there's a way that they can analyze the queries and find them. We last spoke about AI way back almost exactly two years ago in BTN50, where we talked about how AI can turbocharge cyber scams. And our takeaway at the time was that we weren't sure that AI actually expanded the market all that much. And I guess in particular we were talking about the pig butchering scams, where it appears that a person is vulnerable at a particular time in their life. And AI doesn't change how many people are vulnerable.

B

Right.

A

If that theory is correct, that may mean that there's more threat actors trying to go after the same number of people. So that would mean that there's is that more supply of threat actors, but an equivalent amount of demand, so less pay per actor.

B

Right.

A

It did seem quite striking, though, this report, that there were a lot of examples where it seemed like the. The barrier to entry was dramatically lowered because you could use CLAUDE or whatever. Now. Now Anthropic itself says that in a way, it says Claude's not special. I mean, they would say that CLAUDE is special, but what they say is that this is probably reflects something that is consistent across all frontier AI models.

B

You're kind of expecting them to be like, you know, cyber criminals want to use the best tools for the job, and unfortunately, Anthropic has the best AI available.

A

So what leapt out to you about this report?

B

So there's a couple of things I found funny. First of all, you might remember that earlier this week there was a report about how 95% of companies are getting no return on value for their AI deployments. And I think that that might not be reflected with threat actors. Like, it seems that they've found a way to actually use these things as part of their workflows. So maybe businesses can't deploy AI unless their business is crime.

A

I had an interesting discussion with a sponsor, Derek Hanson from UBICO actually, and his take on that was that if you're a business, you've got a massive number of processes and it's quite hard to integrate things into processes that are already set up. But threat actors always taking advantage of, I guess, vulnerabilities or loopholes or gaps. And so they're aiming at particular things and so they don't have to integrate with a whole lot of infrastructure to, to get it working. They can just build something that targets.

B

That needs to be. It's. Yeah, it's a proof of concept that works once and then they can build a different one the next time.

A

Yeah. And they're not expecting it to last forever, I guess, is the.

B

Yeah, yeah. And they probably. They don't have a lot of legacy infrastructure. But also I think. I think the other thing is that their business workflows are actually much shorter and there's fewer of them. Right. So you don't have this very complicated system where you're trying to just. You're trying to add something in to replace an already functioning part of our whole complex system. You just.

A

Yeah, yeah. So that was his take, which I thought was interesting. And to me, sort of intuitively.

B

Yeah, like, that sounds. That sounds correct. That is a good insight. So, yeah, like, it struck me that that was interesting that they've actually found a way to get value out of it. But then the other thing that I thought was particularly interesting was the way that they were getting value was in doing things that they cannot do. Right. So yeah, there's value in having Claude do hands on keyboard stuff with Kali Linux for you. But if you're a cyber threat actor, you can do that or learn to do that yourself. Like that's kind of what you live for, right? Like that's your thing. So you'd be happy to do that. But once you've broken into a company, then things get more difficult if you're trying to do extortion, right? Like you need to be able to find where the sensitive data is and you need to know what it is. And then from what they were doing, they were looking at the financials to find out how much they could extort. And again, using claude. Right. So they were using CLAUDE to do essentially financial analysis to say, how much can you get out of this person? Like how much can you get from this company? And while I'm sure quite a lot of cyber threat actors are moonlighting as certified accountants, all the rest of them, you know, all the rest of them don't necessarily have that skill set.

A

So I think it's worth reading out the particular part that you're talking about. Extortion analysis and ransom note development. The actor leveraged CLAUDE code, a particular variant of claude, to create customized ransom notes based on exfiltrated data analysis. CLAUDE code generated HTML formatted ransom notes with victim specific details, including exact financial figures, employee counts and tailored threats based on industry specific regulations. The actor created ransom notes to compromised systems demanding payments ranging from 75,000 to 500,000 in Bitcoin. Claude co generated or created multi tiered extortion strategies for each victim. For example, it generated profit plans offering multiple monetization options, including direct organizational blackmail, data, sales to criminals, and targeted extortion of individuals whose data was compromised. The ransom notes included specific deadlines, incremental penalty structures and custom contact emails for each victim.

B

It's like having a personal assistant. If you're a really busy ransomware executive and you just don't have time to, you know, schedule your own ransomware deadlines, you farm it out to your pa, who then does it for you. And it's yeah.

A

And I think from a ransomware actor's point of view, it doesn't have to be perfect. But I'm pretty convinced that CLAUDE would do a really good job of convincing you that it's quite good. Yeah, it's like, I'm sure it would work to some degree. Like you're going to get people paying. And from the ransomware actor's point of view, it's like, oh, it's doing a marvelous job. It seems very confidently doing something that looks great. Everyone's happy.

B

Well, extortion, yes, that's a great idea. Oh, you're correct. I mean, the thing is, if you're a criminal, you're kind of scaling this up. You're not doing like a boutique handcrafted ransomware once every six months.

A

It doesn't have to be perfect.

B

Yeah, yeah. It's a numbers game in a way. And if this improves your numbers, then you win overall. Because if you have slightly better extortion per victim and you keep the number of victims the same, you're going to make more money. And as long as it's earning you more than $20 a month that it costs, it's a straight up win. The thing that was interesting to me here, right, Is that Claude can do things that you can't do. Right. It can look through an arbitrary business at their data set and say, this is sensitive and this they care about. So, like, you don't need to be an expert on law firms that handle rights for oil feels and also dentists, offices and also shoes sales chains. And each of these things you don't need that. You can just have Claude do it for you and say, okay, here's something they will care about here. The list of lawsuits they're involved in is interesting, particularly this discovery data here. Whatever the client, this is interesting. And here, these are the things that are sensitive that you can threaten them with the most.

A

I guess the thesis is that an LLM has enough, I guess you'd call it general knowledge of every business to be able to say, here's the sensitive stuff and this is a point of leverage. And therefore we should ask, you know, X number of dollars, like six figure, seven figure, based on what I, Claude, know of the business. And that takes a, I guess a lot of workload or something that a competent technical ransom operator is just not going to have.

B

Right?

A

Typically.

B

And yeah. And I think the thing here is that it might not be super accurate. Yeah, it's going to be more accurate than a random guess. And if it's ballpark, that's good enough, Right.

A

Like you don't good enough for cybercrime.

B

Exactly. Right. Like you only need to. You need to be competent enough to make money with it. You don't need to not be wrong. I guess.

A

I guess you only have to be better than the average ransomware operator at that task. I Think if the average ransomware operator is not that good.

B

I think we spoke about this before, but I'm pretty sure that the bottleneck for ransomware groups is not the hacking part. They can do more than enough hacking. Like they can, they can scale that up when they need to. It's things like managing the targets that they have. Right. And then dealing with the negotiations. And then. So this was one of the big problems that they had when they were doing the extortion by like leaking data. They would leak all of the data at once. All sorts of dumb things. Like they would put it up on the free to download host. So like mega or something like that, where you could just contact them and be like, this is illegal, you have to take it down and it would go away. But they weren't going to host hundreds of gigs of your data just to threaten you. That was a pain in the ass. Or terabytes of just emails. They didn't have the infrastructure for it and it would be easy to target if they did, and so on. And then it would be a huge business expense that they'd have all this bandwidth.

A

So you're thinking something like, Claude, can you take all this email and pull out the, I don't know, air quotes, juicy stuff or the sensitive stuff that the company might not like, made public?

B

Yeah, like, are there any personal details that would be embarrassing to see?

A

And format it nicely so I can show it to the victim and threaten to leak it.

B

Yeah, put it, put it in a report, highlight the, the evidence, give it a little narrative summary of what's happening.

A

A few nice pictures.

B

Here's a, like, I think that that's a thing where Claude adds capability that didn't exist. I don't think Claude adds like malware dev capability that didn't exist. It might make it faster, it might make it easier, it might lower the bar, but it's not adding something that wasn't already there. Whereas I think in this case it absolutely is. Like, historically, I know that things like victim profiling, like beforehand a way that a lot of these guys would operate was you'd, you'd spend your time making a list of all the potential victims. You'd say law firms in France and then you'd go through and you'd have like French LinkedIn and then French company house and all this stuff. And you just trawl through all of that and try and pull out all of the law firms that you could then message and try to extort, you know, or message, try to fish them, try to gain access, et cetera. That's tedious work that can be sped up significantly with an LLM. AI would be good for that. It speeds that process up. It's not necessarily a replacement, but it speeds it up. That's good. But I think the major thing is, historically, you'd be saying it's a law firm, they can afford $200,000. All law firms can afford that. Some of them, that would be a tiny amount, and some of them that would be significantly above what they can pay. But you'd have to sort of say, like, roughly, that's what I think we can get away with. Whereas now you can customize it to a specific victim, and that's a skill set that didn't exist beforehand, or I think it was rare.

A

What this made me wonder about, particularly the part where it talks about North Korean actors using it to get jobs, is on Reddit. There's a forum called Overemployed, and it's about people who get 2, 3, 4, sometimes 5 is the most I've heard of recently. 5 remote working jobs, and they maintain them at the same time, get, you know, multiples of their normal salary. And I immediately went to that subreddit and I thought, ah, this is so good. Surely there's a whole lot of people using Claude or Open or chatgpt or whatever, right? To get their work done faster so that they can more convincingly maintain three jobs. And there were just no posts on it whatsoever. So I'm kind of. So I don't know what to make of that. I think that, like in the North Korean case, they're talking about making convincing, I guess you'd call them legends or stories, work histories, convincing profiles, Personas, that kind of thing. And maybe if you're a legitimate. Legitimate. Yeah, well, a real person trying to be employed several times, you don't need to do that.

B

Right. So I was going to say, I think. I think some of the issue here is that if you come from North Korea, you might not have great cultural knowledge of the US for example, and how a work history should look and sort of places you should be from, the education you should have. These are mysteries.

A

Yeah. I think that's the same as the understanding the business context for a technical ransomware operator. It's the same problem.

B

Right, Exactly. One of the documents I have in my collection of library stuff is a 1950s manual written by the KGB for people about to be deployed to the U.S. right. And what's funny is the vast majority of it is about how to fit in with Americans. And it has things like, Americans change their socks every day, how to go into a bar and order a beer. Like you are expected to go to the bar and ask for the beer yourself. And it's just like all of these cultural things that, you know, in the 50s, if you went to a foreign country, it was a foreign country.

A

Yeah.

B

It had different mannerisms and cultures and they, they could tell that you were a foreigner because you dressed different and spoke different and didn't know how to order food and like. Yeah, all of these things. And so to blend in, you had to sort of learn all of these local customs. And it was a lot easier to have a manual beforehand that would say, you know, like when you're in fr, you don't need to shower, eat an onion. I don't know, I've never been to France, but I assume that it's, you.

A

Know, that's how it works. Yeah, yeah, it must be.

B

Right. I think that this is where LLMs are useful in that they have this broad domain specific knowledge in a very, very wide range of things. I don't know, maybe it's like it's an undergraduate level or a high school senior or whatever. It doesn't really matter because if you go from having zero knowledge at all to any amount of knowledge, that's a huge benefit.

A

Now I was also wondering about why they're using the public models. And so one theory is that the public models are just so much better than the local models, the one that you can run locally on your machine, that it's worth the risk of being discovered.

B

I mean, I would say, like, what is, what is the risk of being discovered? Right. Losing your account, you know, like it's. Oh, no, I think you can live with it. It's not so bad.

A

Now there is an example. Does it say it's a Chinese. It doesn't necessarily say it's a state actor, but I know in some of the other reports that I've read like this, the threat actor was operating for state interests. It was Chinese, so it probably still was a commercial company. I guess that I would have thought that maybe they might care more, but perhaps not.

B

I was just thinking it's weird how the US has socialist intelligence, right? It's paid for by the state and run by the state, and everyone who works there is for the state. Whereas China has capitalist intelligence. It's a market that's driven by customer needs with money used to indicate interest and value, sort of inverse of how things work. Yeah, yeah, yeah. But It's. I think if you're the us you don't need to use Claude to do analysis on a victim because you should have experts to do that and you can't afford to be mostly correct.

A

Right.

B

I think that this works for a criminal where it doesn't work for a intelligence agency. I'm sure obviously they have their own AIs doing their own stuff, but those are private and customized to the things that they're doing. Right. I don't think that this necessarily translates into other arenas. Like if you, I mean I kind of wonder, does this knock the legs out from underneath the pen testing market? Right. Like if you can have a hands on keyboard Claude, AI driven pen test agent, do you need to hire someone to do that same sort of basic thing? Like obviously the top end, the boutique, special, highly customized stuff is still going to be there, but the bargain basement seems like it can be replaced fairly easily.

A

Right, right. I was just wondering about replacing the report writing part that everyone has.

B

Oh my God. See, I'm positive that that was the first thing. Right. Like that's absolutely, like I know that, that it's being used for that because that's what I would have used it for on day one.

A

And so I guess that we can shortcut a whole lot of the process where it's the AI writes the report and then on the company side they can just accept the findings and move on without doing anything. All done by AI. So yeah.

B

So you know why they're using these frontier models that they have to buy purchase access to as opposed to running an open source one locally like Olam or whatever. I think that's a good question. I bring up that like a lot of these groups are going to have big password cracking rigs. You know, these, these massive CPU heavy boxes that they've been using for password cracking.

A

GPU heavy?

B

Yeah. Cheap. Yeah. So these big GPU heavy boxes that are used for password hashing cracking, they're, you know, particularly good for that. They're great for doing AI roles. Like they will be able to do lots and lots of GPU operations, which is what you would want. So they have the infrastructure in place already. And what I got to wondering is like maybe some of these people who have these rigs in place already can start offering bulletproof LLM hosting.

A

Right?

B

Yeah. You know, where you could purchase access to a criminal LLM that has no guardrails so you don't have to trick it into anything that's already set up so that it can interface well. It Ships with an MCP for like Kali and whatever. That seems like a sort of sell shovels approach to making money from the ransomware gold rush.

A

I mean AWS does that for companies, I guess, where they'll spin up different isolated versions of whatever.

B

Maybe they need a ransomware tier.

A

So just diving into the Chinese threat actor Anthropic talks about, they say it leveraged CLAUDE across nearly all MITRE attack techniques or tactics. They call it a sophisticated Chinese threat actor who systematically leverage CLAUDE to enhance cyber operations targeting Vietnamese critical infrastructure. So this kind of sounds like a state backed type of actor. Yeah, the actor appears to have compromised major Vietnamese telecommunications providers, government databases and agricultural management systems.

B

One of these things is not like the others.

A

Exactly. So it still seems like state backed actors using it.

B

Yeah, what it seems like to me, and this is pure speculation, it's that if you're a smaller shop you can do more. If you can outsource some of the more difficult domain specific stuff.

A

Right.

B

Where again having CLAUDE would be useful. Right. If you maybe don't speak Vietnamese fluently, it would be good to have someone who does, who can also is a business expert in, I don't know, agricultural management who could then tell you this looks like an important database and that one looks like the history of the cafeteria luncheons. I think based on these findings and sort of what we've talked about before in the past, this makes a lot of sense. Right. We've been saying things about how AIs are going to help cybercrime in places where there's bottlenecks. They're going to help threat actors address things that are resource constrained in a way that they can't get beyond without huge investments. Like if you don't have a CPA or whatever.

A

Yeah. Skill based or understanding based or context based.

B

Right. These sort of like domain expertise things, these are the areas where an LLM helps because it gives you access to that knowledge that you didn't have before. I think all of the talk about it's going to be useful malware development, it's going to be used for writing phishing emails. That's not wrong. But that's not an important innovation in terms of how it adds value, how it improves threat actor capabilities. I like the support because the way that these guys are using it is sort of innovative in that they've directly addressed the areas that they have shortcomings. Like we don't know how to do this business analysis. We don't know how to look at the financials and figure out how much you can pay. We don't know how your government organization is organized and where you store the important information. Those are the things that it seems to sort of really help with.

A

Right, right. I mean, I guess that seems true, but it also seems optimistic. Part of the report talks about how North Korea is using it to scale up their overseas IT worker. And it used to be called it.

B

Yeah, I was just gonna say, how come these North Koreans can use Claude and get all of these jobs, and yet somehow the job market is so difficult to get into for everyone else?

A

Like.

B

Maybe, maybe the real trick is that the North Koreans should have a how to get hired course where they could train people. You could have a YouTube channel saying, you know, take my $5,000 course, learn how to get a job using Claude AI. Anyone could do it.

A

So it says that traditionally North Korean IT worker operations relied on highly skilled individuals, so recruited and trained from a young age. Within North Korea, our investigation reveals a fundamental shift. So basically they're getting people who are not highly skilled. And so they've got a number of.

B

Well, they're entry level roles. They can grow into it and sort of train others.

A

So they've got a number of like, example questions, representative of the type of questions that these people are asking Claude. And one of them is like, how to use Outlook application for small to large. How to do what does the above thing mean? So that does seem to me to be a pretty significant shift. Operators who cannot independently write basic code or communicate professionally in English are now successfully passing technical interviews, maintaining full time engineering positions, delivering work that meets employer expectations, earning salaries that fund weapons development programs. I think one of these things again, is a bit different from the rest.

B

It's a completely different use case than these criminal threat actors, or I think even the intelligence state threat actors. Those guys are using it to augment their existing skills by just adding new domains of knowledge that help them do their job better. Whereas in this case, these guys do not have the skills at all. And they are essentially proxying whatever Claude tells them. I mean, in that case, Claude is actually running a meat puppet to.

A

So one of the other things I thought was interesting was that it talks about a romance scam bot powered by AI models. Now, a while ago in the newsletter, I wrote about the stories of people who had been basically used as forced labor in those scam compounds, those massive scam compounds in Burma and Southeast Asia, Myanmar. And one of the people said that they felt very guilty because they were actually really good at emotional manipulation. And it was Kind of it's not humble breaking, but it was, I was good at this and a lot of people really found it very difficult. I think it's both you have to understand other people and you also have to be prepared to do that. And in this example it says the bot leveraged multiple AI models uses CLAUDE for generating high emotional intelligence response responses. So it did other stuff. Image generation multi language support systematically develops emotional manipulation content for targeting victims. So it says AI enables non native speakers to craft persuasive emotionally intelligent messages that bypass typical linguistic red flags. So that if it is as good as the writing or the text there purports to be. It's like tailoring something that will pull on emotional heartstrings and so on and it's providing context or person or victim specific messaging or content sort of tailoring it.

B

I think actually generally that's sort of where these LLMs fit in because overall it's correct. Like using Kali Linux to break into a company like oh you're going to do a port scan, oh you're going to look for, you're going to brute force the credentials or you're going to look through stealer logs, you're going to.

A

Like that's all apply book.

B

It's cookie cutter stuff. Yeah, it's just, it's the same thing. You do it over and over again but once you get in that's unique, that's special.

A

Right.

B

And that's the domain specific knowledge that an LLM brings to the table that you didn't have. And so in this case, you know, like, yeah, like every attack is the same, it's all the same stuff but every victim is unique.

A

We're all special individual snowflakes that CLAUDE understands.

B

Thanks a lot, Tom. Thanks, Scott.