DeepLocker is an AI-powered malware. It was developed as a proof of concept by IBM Research in order to understand how several AI and malware techniques already being seen in the wild could be combined to create a highly evasive new breed of malware, which conceals its malicious intent until it reached a specific victim.
It achieves this by using a Deep Neural Network (DNN) AI-model to hide its attack payload in benign carrier applications, while the payload will only be unlocked if—and only if —the intended target is reached.
DeepLocker represents a new generation of sophisticated and stealthy malware that can remain dormant and undetectable until it identifies its intended target.
The key characteristic of DeepLocker is its ability to use AI to target specific victims while evading traditional detection methods. It achieves this by embedding the malicious payload within benign-looking files, such as images or videos, and leveraging AI algorithms to unlock and execute the payload only when certain conditions are met. These conditions could include specific user behaviors, environmental factors, or even facial recognition.
DeepLocker utilizes a technique called “artificial intelligence-powered backdoor” (AIPB) to unlock the malware payload. By analyzing various attributes in real-time, the malware can determine if the target matches the desired criteria before triggering the payload. This makes DeepLocker highly targeted and able to avoid detection by traditional signature-based security solutions.
The concept behind DeepLocker raises concerns about the potential misuse of AI in developing more advanced and stealthier malware. Its capabilities suggest a future where malware could be tailored to specific targets, making detection and attribution even more challenging for security researchers and defenders.
It’s important to note that DeepLocker is a proof-of-concept and has not been observed “in the wild” as an active threat. IBM Security developed DeepLocker to raise awareness and highlight the potential risks associated with the intersection of AI and malware.
As the threat landscape continues to evolve, the development and deployment of AI-powered malware highlight the need for advanced security measures, including behavioral analysis, anomaly detection, and AI-based defenses, to detect and mitigate such sophisticated threats.