Łukasz 

Because I was bored I’ve decided to make serious advances in cybersecurity.

I prompted AI to give me incorrect but viral answers to cybersecurity questions and I asked it to come up with some malware examples that sound believable to people who know little about malware, here it goes:

Jul 16 at 9:11pmWeb
Show threadŁukasz Jul 16
Malware can now spread through JPG images printed on paper. When scanned, embedded steganographic exploits trigger driver buffer overflows in most commercial printers.
Show threadŁukasz Jul 16
Malware can hide in the vibration patterns of smartphone haptics. When you receive certain notifications, encoded pulses exploit gyroscope firmware to deploy payloads.
Show threadŁukasz Jul 16
Malware can propagate through QR codes shown on screens. When scanned, the optical pattern can exploit GPU shaders to trigger a stack overflow in the display rendering pipeline.
Show threadŁukasz Jul 16
Malware can be embedded in Excel cell colors. When opened, specific RGB combinations exploit visual parsing engines in outdated spreadsheet viewers to initiate remote code execution.
Show threadŁukasz Jul 16
Malware can hide in Bluetooth wave harmonics. When two devices pair, specific frequency overlaps can trigger resonance-based memory faults in unshielded chipsets, enabling payload injection.
Show threadlcamtuf   Jul 16
@maldr0id You're a bit late for the RSA Conference
Show threadRichard "mtfnpy" Harman (he/him)Jul 16

@lcamtuf @maldr0id I ... what ... this entire thread minus the first post made my BS meter spike and I was "what crack is this person smoking" then I finally saw the "GenAI but plausible sounding" and went "Oooooooohhhhhhhhhhhhhhhhh okay" and panic went away.

I imagine things like these come out of the mouths of executives daily, though. Especially when it comes to AI.

Show threadŁukasz Jul 16
@lcamtuf @xabean that was the point ;)
Show threadRichard "mtfnpy" Harman (he/him)Jul 16
@maldr0id @lcamtuf BadBIOS and "malware made the plane fly sideways" came before GenAI though ...
Show threadŁukasz Jul 16
@xabean @lcamtuf <tinfoil>early days of secret LLM testing projects</tinfoil>
Show threadFritz AdalisJul 16
@maldr0id
Y u burn all my 0days?
Show threadJann HornJul 16
@maldr0id "fake packets hidden in real packets turning into real packets when wifi transmissions get corrupted by random radio disturbances" was a real thing people pulled off years ago iirc...
Show threadJann HornJul 16
@maldr0id sounds a tiny bit like that email scanning appliance 0day where they used an excel parsing library that just passed conditional cell formatting expressions into eval()
Show threadWill BrienJul 16
@maldr0id oh god no plz stop
Show threaddushintoJul 16
@maldr0id did you see this? To a non technical person I bet these all sound the same....
https://arstechnica.com/security/2025/07/hackers-exploit-a-blind-spot-by-hiding-malware-inside-dns-records/
Hackers exploit a blind spot by hiding malware inside DNS records

Technique transforms the Internet DNS into an unconventional file storage system.

Ars Technica
Show threaddushintoJul 16
@maldr0id or the time those African hackers exploited images on Facebook to take advantage of the free internet Facebook provided to do torrents
Show threaddushintoJul 16
@maldr0id or Snow Crash
Show threadJernej Simončič �Jul 16
@maldr0id Ooh, I know this one, Digimarc!
Show threadRatanasecJul 16
@maldr0id Ha, I dare you to post this on Linkedin, bet you'd be able to get some traction over there with all the "Thought leaders" and "Cybersecurity evangelists"