When AI malware meets DDoS: a new challenge for online resilience (www.techradar.com)

AI is already being weaponized at scale: specialized models like GhostGPT, bots such as AkiraBot, and recent discoveries like PromptLock (the first ransomware written by an LLM) are enabling cybercriminals to write malicious code, bypass CAPTCHAs and fuel more sophisticated distributed denial-of-service (DDoS) campaigns. Research cited by the article notes that ~80% of ransomware in 2023–24 used AI in some form, and the trend has accelerated into 2025. The most worrying evolution is at the application layer (L7): AI-driven bots produce traffic that looks human, and ubiquitous HTTPS encryption hides payloads, making it much harder to separate legitimate users from attackers using traditional tests like reCAPTCHA (ETH Zurich showed AI can solve such challenges at human levels). The practical implication for defenders is a shift from “is this a bot?” to “what is the intent?” — intent-based filtering that evaluates behavior patterns (transaction flows, data requests, navigation consistency) rather than relying on CAPTCHAs. Enterprises should prioritize DDoS platforms with intent-based protections, deploy layered monitoring across apps, networks and endpoints, run stress tests simulating AI-enhanced attacks, and maintain clear incident-response playbooks. Because many managed security providers still lack intent filtering, careful vendor evaluation and proactive resilience testing will be critical to withstand the next wave of AI-driven cyberattacks.