Trend Micro Forecasts Rise of Deepfake-Powered Malicious Digital Twins
Trend Micro Incorporated has warned that highly customized, AI-powered attacks could supercharge scams, phishing and influence operations in 2025 and beyond. The report is titled, Trend Micro’s cybersecurity predictions for 2025, The Easy Way In/Out: Securing The Artificial Future.
Sharda Tickoo, Country Manager for India & SAARC, Trend Micro shared, “As generative AI makes its way ever deeper into enterprises and the societies they serve, we need to be alert to the threats. Hyper-personalized attacks and agent AI subversion will require industry-wide effort to root out and address. Business leaders should remember that there’s no such thing as standalone cyber risk today. All security risk is ultimately business risk, with the potential to impact future strategy profoundly.”
Trend’s 2025 predictions report warns of the potential for malicious “digital twins,” where breached/leaked personal information (PII) is used to train an LLM to mimic the knowledge, personality, and writing style of a victim/employee. When deployed in combination with deepfake video/audio and compromised biometric data, they could be used to convince identity fraud or to “honeytrap” a friend, colleague, or family member.
Deepfakes and AI could also be leveraged in large-scale, hyper-personalized attacks to enhance business compromise (BEC/BPC) and “fake employee” scams at scale. They also help in identifying pig butchering victims. Also, create authentic-seeming social media personas at scale to spread mis/disinformation and scams. Report also highlighted that businesses that adopt AI in greater numbers in 2025 will need to be on the lookout for threats such as vulnerability exploitation and hijacking of AI agents to manipulate them into performing harmful or unauthorized actions.
Next, the report highlights additional areas for concern in 2025, including
Sharda Tickoo, Country Manager for India & SAARC, Trend Micro shared, “As generative AI makes its way ever deeper into enterprises and the societies they serve, we need to be alert to the threats. Hyper-personalized attacks and agent AI subversion will require industry-wide effort to root out and address. Business leaders should remember that there’s no such thing as standalone cyber risk today. All security risk is ultimately business risk, with the potential to impact future strategy profoundly.”
Trend’s 2025 predictions report warns of the potential for malicious “digital twins,” where breached/leaked personal information (PII) is used to train an LLM to mimic the knowledge, personality, and writing style of a victim/employee. When deployed in combination with deepfake video/audio and compromised biometric data, they could be used to convince identity fraud or to “honeytrap” a friend, colleague, or family member.
Deepfakes and AI could also be leveraged in large-scale, hyper-personalized attacks to enhance business compromise (BEC/BPC) and “fake employee” scams at scale. They also help in identifying pig butchering victims. Also, create authentic-seeming social media personas at scale to spread mis/disinformation and scams. Report also highlighted that businesses that adopt AI in greater numbers in 2025 will need to be on the lookout for threats such as vulnerability exploitation and hijacking of AI agents to manipulate them into performing harmful or unauthorized actions.
Next, the report highlights additional areas for concern in 2025, including
Vulnerabilities
· Memory management and memory corruption bugs, vulnerability chains, and exploits targeting APIs
· More container escapes
· Older, simpler vulnerabilities like cross-site scripting (XSS) and SQL injections
· The potential for a single vulnerability in a widely adopted system to ripple across multiple models and manufacturers, such as a connected vehicle ECU
Ransomware
Threat actors will respond to advances in endpoint detection and response (EDR) tooling by:
· Creating kill chains that use locations where most EDR tools aren’t installed (e.g., cloud systems or mobile, edge, and IoT devices)
· Disabling AV and EDR altogether
· Using bring your own vulnerable driver (BYOVD) techniques.
· Hiding shellcodes inside inconspicuous loaders
· Redirecting Windows subsystem execution to compromise EDR/AV detection.
In response to the escalating threats and an expanding corporate attack surface, Trend recommends implementing a risk-based approach to cybersecurity, enabling centralized identification of diverse assets and effective risk assessment/prioritization/mitigation. Also, report suggests harnessing AI to assist with threat intelligence, asset profile management, attack path prediction, and remediation guidance—ideally from a single platform.
· Memory management and memory corruption bugs, vulnerability chains, and exploits targeting APIs
· More container escapes
· Older, simpler vulnerabilities like cross-site scripting (XSS) and SQL injections
· The potential for a single vulnerability in a widely adopted system to ripple across multiple models and manufacturers, such as a connected vehicle ECU
Ransomware
Threat actors will respond to advances in endpoint detection and response (EDR) tooling by:
· Creating kill chains that use locations where most EDR tools aren’t installed (e.g., cloud systems or mobile, edge, and IoT devices)
· Disabling AV and EDR altogether
· Using bring your own vulnerable driver (BYOVD) techniques.
· Hiding shellcodes inside inconspicuous loaders
· Redirecting Windows subsystem execution to compromise EDR/AV detection.
In response to the escalating threats and an expanding corporate attack surface, Trend recommends implementing a risk-based approach to cybersecurity, enabling centralized identification of diverse assets and effective risk assessment/prioritization/
