I think we’re going to see a lot more of this kind of thing because supply chain attacks are “cheap” to hack together with LLMs now. The attackers are just fishing, if 1 in a million of the people who get infected has a valuable or monetizable credential that they can exfiltrate, they’ll make their money back. Just like phone and text spam became ubiquitous when jank-ass phones and sims became cheap, supply chain and low effort hacking campaigns will become prevalent when jank-ass programming becomes cheap.
I think we’re going to see a lot more of this kind of thing because supply chain attacks are “cheap” to hack together with LLMs now. The attackers are just fishing, if 1 in a million of the people who get infected has a valuable or monetizable credential that they can exfiltrate, they’ll make their money back. Just like phone and text spam became ubiquitous when jank-ass phones and sims became cheap, supply chain and low effort hacking campaigns will become prevalent when jank-ass programming becomes cheap.