{"id":184512,"date":"2026-02-04T12:19:00","date_gmt":"2026-02-04T17:19:00","guid":{"rendered":"https:\/\/testing.news-you-need.com\/index.php\/2026\/02\/04\/autonomous-attacks-ushered-cybercrime-into-ai-era-in-2025\/"},"modified":"2026-02-04T13:05:09","modified_gmt":"2026-02-04T18:05:09","slug":"autonomous-attacks-ushered-cybercrime-into-ai-era-in-2025","status":"publish","type":"post","link":"https:\/\/testing.news-you-need.com\/index.php\/2026\/02\/04\/autonomous-attacks-ushered-cybercrime-into-ai-era-in-2025\/","title":{"rendered":"Autonomous attacks ushered cybercrime into AI era in 2025"},"content":{"rendered":"

Autonomous attacks ushered cybercrime into AI era in 2025<\/a><\/p>\n

https:\/\/www.cybersecuritydive.com\/news\/cybercrime-ai-ransomware-mcp-malwarebytes\/811360\/<\/a><\/p>\n

Publish Date: 2026-02-04 12:19:00<\/a><\/p>\n

Source Domain: www.cybersecuritydive.com<\/a><\/p>\n

Author: <\/a><\/p>\n

Using an unordered list, summarize the following article with between 4 and 8 key points. <\/p>\n

Listen to the article
\n 4 min<\/p>\n

This audio is auto-generated. Please let us know if you have feedback.<\/p>\n

Dive Brief:<\/p>\n

Cybercrime \u201cbegan its shift toward an AI-driven future\u201d in 2025, the security firm Malwarebytes said in a report published Tuesday that charted AI\u2019s influence on the rapidly growing hacking ecosystem.
\nAI is making cyberattacks faster and more effective through deepfakes, vulnerability discovery, autonomous ransomware attacks and growing connectivity between AI models and penetration testing tools, according to the report.
\nMalwarebytes urged businesses to \u201cshrink their attack surfaces, harden identity systems, close blind spots, accelerate remediation, and adopt continuous monitoring.\u201d<\/p>\n

Dive Insight:
\nSecurity experts have predicted for years that AI would make it easier for hackers to design, prepare and launch cyberattacks, and the past year has vindicated those predictions, with high-profile reports of AI automating key aspects of the cyberattack life cycle.
\n\u201cHands-on-keyboard intrusions still dominated\u201d the landscape in 2025, Malwarebytes said in its report, \u201cbut the year delivered the first confirmed cases of AI-orchestrated attacks\u2014alongside deepfake-enabled social engineering and AI agents that outperformed humans at discovering vulnerabilities.\u201d
\nMalwarebytes predicted that in 2026, AI\u2019s \u201cemerging capabilities will mature into fully autonomous ransomware pipelines that allow individual operators and small crews to attack multiple targets simultaneously at a scale that exceeds anything seen in the ransomware ecosystem to date.\u201d
\nThe report cited several concerning findings, including an IBM report that 16% of breaches involved AI, with a third of those incidents involving deepfake media; the fact that the autonomous vulnerability-reporting agent XBOX topped HackerOne\u2019s leaderboard, becoming the first AI model to do so; and Anthropic\u2019s discovery of how cybercriminals were abusing its Claude tool for attacks.
\nBeyond those incidents, Malwarebytes said, defenders should focus on hackers\u2019 use of the Model Context Protocol to connect agents to other tools, including security research software often used for criminal attacks. Malwarebytes cited a 2025 MIT study in which an AI model using MCP \u201cachieved domain dominance on a corporate network in under an hour with no human intervention, evading endpoint detection and response (EDR) measures through on-the-fly tactic adaptation.\u201d
\nJust as AI, MCP and penetration testing tools can help defenders red team their systems more efficiently, Malwarebytes said, they also create \u201ca path for cyberattacks that are faster, more adaptive, and far more scalable than anything achievable through hands-on-keyboard intrusions.\u201d
\nMalwarebytes predicted that \u201cin 2026, MCP-based attack frameworks will become a defining capability of cybercriminals targeting businesses.\u201d
\nThe report also discussed the state of the ransomware ecosystem, which it said increasingly relied on an alarming technique. While the traditional ransomware model involves the delivery of a malicious payload to a target system, Malwarebytes found that 86% of attacks in 2025 constituted \u201cremote encryption\u201d operations, in which hackers locked up files across an entire network from a staging point on a single unprotected machine.
\n\u201cIn many cases, attackers launched encryption from unmanaged or shadow IT systems, leaving security teams with no malicious process to quarantine and limited visibility into the true source of the attack,\u201d the report said.
\nRansomware attacks increased 8% year over year in 2025, making it the worst year on record, according to Malwarebytes. The Akira malware strain accounted for the plurality of ransomware detections (37%), with Qilin accounting for 15% and Play and Makop each accounting for 6%.
\nThe U.S. experienced 48% of all ransomware attacks that Malwarebytes detected in 2025, with Canada and Germany each accounting for 5% and the U.K. accounting for 4%. In total, ransomware attacks struck 135 countries.
\n\u201cCompanies from Russia, China, and much of the Global South were largely absent from leak sites,\u201d Malwarebytes noted. \u201cThis pattern reflects long-standing geopolitical and economic dynamics in the ransomware ecosystem: Cybercriminals focus on wealthier economies with familiar technology stacks and languages, and where political or law-enforcement blowback is minimal.\u201d<\/p>\n

<\/p>\n","protected":false},"excerpt":{"rendered":"

Autonomous attacks ushered cybercrime into AI era in 2025 https:\/\/www.cybersecuritydive.com\/news\/cybercrime-ai-ransomware-mcp-malwarebytes\/811360\/ Publish Date: 2026-02-04 12:19:00 Source…<\/p>\n","protected":false},"author":1,"featured_media":184513,"comment_status":"closed","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/imgproxy.divecdn.com\/gnH9hbUyesKuLnc3MydEnbESbDX2sLEh6TFw-HAj8r4\/g:ce\/rs:fit:770:435\/Z3M6Ly9kaXZlc2l0ZS1zdG9yYWdlL2RpdmVpbWFnZS9HZXR0eUltYWdlcy0yMTk2MTM5NTU5LmpwZw==.webp","fifu_image_alt":"","footnotes":""},"categories":[15],"tags":[26,32,27],"class_list":["post-184512","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity","tag-ai","tag-malware","tag-vulnerability"],"_links":{"self":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/184512"}],"collection":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/comments?post=184512"}],"version-history":[{"count":1,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/184512\/revisions"}],"predecessor-version":[{"id":184514,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/184512\/revisions\/184514"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/media\/184513"}],"wp:attachment":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/media?parent=184512"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/categories?post=184512"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/tags?post=184512"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}