• Super Admin
• 06 Mar, 2026

Cybercriminals are increasingly using artificial intelligence to rapidly generate malware campaigns that are simple and low-effort yet still manage to bypass enterprise security systems, according to new research from HP Inc.. The company's latest Threat Insights Report shows attackers are prioritising speed and cost over sophistication, using AI tools to scale attacks and automate the delivery of malicious software. Despite their basic design, many of these campaigns continue to evade detection tools used by organisations. Read also: Agrictech funding in Africa falls 20% as deals decline "It's the classic project management triangle - speed, quality and cost," said Alex Holland, principal threat researcher at HP Security Lab. "What we're seeing is many attackers are optimizing for speed and cost, not quality. They are not using AI to raise the bar; they're using it to move faster and reduce effort." One technique highlighted in the report is "vibe-hacking," where attackers rely on AI to generate ready-made infection scripts that automate malware delivery. In one campaign analysed by HP researchers, victims received a fake invoice PDF containing a malicious link that triggered a silent malware download before redirecting the user to a trusted platform such as Booking.com, masking the attack. Researchers also found that cybercriminals are assembling attacks using "flat-pack malware" -- modular components that can be cheaply purchased from hacker forums and quickly combined to create new campaigns. Read: Why emotional resilience will not solve Nigeria's rent crisis While attackers frequently change the bait and final payload, the intermediate scripts and installers are often reused, allowing them to scale operations rapidly. Another campaign exploited fake downloads of the workplace messaging platform Microsoft Teams. Victims searching online were directed to malicious websites via search engine poisoning or advertisements. The downloaded installer appeared legitimate but secretly contained the Oyster Loader malware, which piggybacked on the installation process to give attackers backdoor access to the device. The report, based on data from millions of endpoints protected by HP Wolf Security between October and December 2025, found that at least 14 percent of email threats bypassed one or more email gateway scanners. Read also: HP unifies OMEN, HyperX as it debuts AI-driven gaming gear Executable files accounted for the largest share of malware delivery methods at 37 percent, followed by zip files and Word documents. Ian Pratt, global head of security for personal systems at HP, said the rise of AI-assisted attacks highlights the limits of traditional detection tools. "When attackers can generate and repackage malware in minutes, detection-based defenses can't keep up," Pratt said. "Organizations need to reduce exposure by isolating risky activities like opening untrusted attachments or clicking unknown links." Source: https://businessday.ng/news/article/ai-built-cyberattacks-beating-security-defenses-despite-low-sophistication-hp/