GenAI Allows Hackers to Maliciously Alter Clean Change Loaded

A significant new threat is reshaping the cybersecurity landscape as attackers increasingly combine artificial intelligence with web-based attacks. This potent blend allows them to transform innocent-looking webpages into dangerous phishing tools in real time.

Security researchers discovered that cybercriminals are now leveraging generative AI systems to create malicious code that loads dynamically after users visit seemingly safe websites.

This attack vector represents a significant evolution in web-based threats, making detection and prevention far more challenging for traditional security solutions.

The attack works by embedding specially crafted instructions inside a benign webpage.

When a user visits the site, the page secretly requests code from popular AI services like Google Gemini or DeepSeek through their public APIs.

The attackers have engineered these requests with hidden prompts designed to trick the AI systems into generating malicious JavaScript code that bypasses their safety guardrails.

Once the AI generates this code, it gets executed directly in the victim’s browser, instantly transforming the clean webpage into a phishing page or credential-stealing tool.

Since the malicious code is assembled and executed only at runtime, it leaves no detectable static payload behind.

Palo Alto Networks analysts identified this emerging threat through extensive research and proof-of-concept testing.

Their Unit 42 research team demonstrated how attackers could systematically exploit this technique to enhance their existing phishing campaigns while evading network-based security defenses.

The researchers noted that this method is particularly effective because the malicious code comes from trusted AI service domains, allowing it to bypass many network filtering systems that typically block suspicious traffic.

How This Attack Evades Detection Systems

The polymorphic nature of AI-generated code makes this attack exceptionally difficult to detect and block.

Each time a user visits a compromised webpage, the AI generates a slightly different version of the malicious code with varied syntax and structure, even though the underlying functionality remains identical.

This constant variation means that security tools that rely on recognizing specific code signatures or patterns fail to identify the threat.

Additionally, since the malicious content travels through legitimate AI API domains, network monitoring tools cannot distinguish between normal AI requests and those containing hidden attack instructions.

The runtime assembly and execution of the code directly inside the browser further complicates detection because the threat never exists as a static file on disk.

Palo Alto Networks recommends deploying runtime behavioral analysis solutions that can detect and block malicious activity at the moment of execution within the browser itself, rather than relying solely on network-level defenses.

Disclaimer: HackersRadar reports on cybersecurity threats and incidents for informational and awareness purposes only. We do not engage in hacking activities, data exfiltration, or the hosting or distribution of stolen or leaked information. All content is based on publicly available sources.