Malware/Phishing Detection with AI in Cybersecurity: A Beginner’s Guide for Students

How a 10$ Kill Switch Saved the World: AI and the Fight Against Malware & Phishing

The Day the World Froze: May 12, 2017

On May 12, 2017, the world paused. Banks, stock markets, hospitals, government offices—more than 200,000 computers across 150 countries became useless overnight. From FedEx to Honda, Nissan, and the UK’s National Health Service (NHS), even global giants were scrambling. Ambulances were rerouted, patient data vanished, and millions were lost every minute.

The culprit? A cryptic digital invader: WannaCry.

The Anatomy of WannaCry

WannaCry was a worm-type ransomware that spread like wildfire through Windows machines using a vulnerability known as EternalBlue, an exploit leaked by a mysterious hacking group called The Shadow Brokers. This group had been releasing powerful cyberweapons from U.S. intelligence arsenals into the wild since 2016.

The name “WannaCry” reportedly came from the malware’s internal file strings—hinting at the emotional pain of its victims.

As systems encrypted and ransom notes popped up, a strange twist brought unexpected relief. Marcus Hutchins, a security researcher, discovered a peculiar domain hardcoded into the malware: iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.com. The domain was unregistered. Out of curiosity—and luck—he registered it for $10.69.

That act inadvertently triggered a kill switch, stopping WannaCry’s execution wherever it attempted to ping the now-active domain. While it didn't undo damage, it stopped the spread.

Estimated damages? Over $4 billion globally, all because of a tiny .kb-sized file.

How Attackers use AI in Cyber Attacks

The WannaCry crisis set the stage for a new era in digital warfare. Fast forward to the Fifth Industrial Revolution, where AI is being used on both sides of the cyber battlefield.

As per Morgan Stanley, attackers are using AI to:

• Write highly convincing phishing emails with generative models

• Evade detection by mutating malware signatures

• Scan and exploit vulnerabilities at machine speed

• Launch voice cloning and deepfake scams to bypass security layers

Meanwhile, defenders are striking back with AI-powered solutions:

• IBM is safeguarding hybrid cloud environments using AI that adapts in real time to threat behavior.

• CrowdStrike combines threat intelligence with AI to provide predictive protection, catching threats before they strike.

A Student’s Mission: Building a Phishing URL Detector

Inspired by the WannaCry story, one of our high school students at BetterMind Labs set out to make a difference.

With the help of a mentor working in cloud security, the student created a Phishing URL and Email Threat Detector using:

• Natural Language Processing (NLP) to scan email content for suspicious patterns

• Logistic Regression and Decision Trees trained on datasets of real and fake URLs

• TF-IDF vectorization to break down URLs and spot common phishing characteristics (like shortened links, misleading domain names, or IP-based URLs)

The final project was wrapped into a Chrome extension that flags dangerous links in real-time—simple, accessible, and highly effective.

"He didn’t stop an attack like WannaCry, but he might just prevent the next one."

5 AI + Cybersecurity Projects for High School Innovators

Want to try something like that? Here are 5 impactful beginner-friendly ideas:

1. AI-Based Phishing Email Classifier – Train a model using spam/ham datasets to flag suspicious content.

2. URL Safety Scorer – Build a tool that scores URLs based on domain trust, SSL, and content.

3. Voice Scam Detector – Use voice AI to spot deepfakes or cloned voices.

4. Intrusion Detection System (IDS) – Use AI to monitor traffic patterns and flag anomalies.

5. Password Strength Predictor – Create a model that evaluates password safety using past breach data.

Each of these projects can be built in teams of 1–3 with the right mentorship, guidance, and tools—just like we do at BetterMind Labs.

Learn & Build:

Free Learning Resources:

• YouTube:

  • "Cybersecurity & AI" by Simplilearn

  • "Machine Learning for Security" by Sentdex

• Creators:

  • David Bombal – Cybersecurity labs and ethical hacking

  • The AI Hacker – Projects combining ML & threat detection

• Research Orgs:

  • MIT CSAIL – Regularly publishes on AI in security

  • NIST Cybersecurity AI Research Initiative

Ready to Join the Fight?

AI in cybersecurity isn’t optional anymore—it’s the front line. If you're a high schooler who wants to do more than just learn about threats—but actually stop them—then this is your call to action.

Our July AI/ML internship at BetterMind Labs is designed to help students build real projects with real-world mentors.

Whether it’s phishing defense or anomaly detection, it’s time for your first contribution to global safety.

Let’s build the future. Securely. Together.