GreyVibe hackers use ChatGPT, Gemini to power cyberattacks
Summary
A threat group called GreyVibe, likely linked to Russia, has been running cyberattacks since August 2025 against Ukrainian and other organizations using AI-generated fake content and custom malware tools. The group uses ChatGPT, Gemini, and other AI tools to create realistic phishing lures (fake websites and emails impersonating legitimate organizations), and likely uses AI to help develop malware like LegionRelay (a remote access trojan, or RAT, which lets attackers control a victim's computer from afar) and FallSpy (Android spyware that steals personal data). Researchers say the attackers show less sophistication than typical state-sponsored groups and may include current or former cybercriminals.
Classification
Affected Vendors
Related Issues
Original source: https://www.bleepingcomputer.com/news/security/greyvibe-hackers-use-chatgpt-gemini-to-power-cyberattacks/
First tracked: May 28, 2026 at 08:00 PM
Classified by LLM (prompt v3) · confidence: 92%