When Vibe Scammers Met Vibe Hackers: Pwning PhaaS with Their Own Weapons [video] (media.ccc.de)

A recent investigation into Taiwan’s fake delivery scam ecosystem revealed a compelling intersection of AI-driven criminality and counter-offensive tactics. This study explored how perpetrators exploited AI technologies for creating sophisticated fraud platforms, showcasing flaws and vulnerabilities from careless implementation of AI-generated code. Researchers gained complete access to these systems by leveraging open-source intelligence and mapping over 100 active domains tied to fraudulent transactions valued at millions. They highlighted the irony of using the same AI tools as the scammers but with a more informed and strategic approach, demonstrating the erosion of traditional skill barriers in cybersecurity. This conversation highlights a significant shift in the landscape of cybercrime and defense, pointing to a future where both sides of the tech arms race, criminals and defenders, increasingly rely on AI tools. Through practical techniques, the team shared methods for automating reconnaissance and building threat intelligence pipelines, emphasizing the importance of context and ethical considerations in counter-fraud operations. The findings underscore the pressing reality that as scammers adapt quickly, so must defenders, elevating the need for greater sophistication in security practices and collaboration across the community to combat emerging threats effectively.