Search This Blog
Powered by Blogger.

Blog Archive

Labels

Footer About

Footer About

Labels

Load More
Trendy Right Now

Popular Posts

Showing posts with label LLM. Show all posts
Technology
AI Scanner Business Security LLM Microsoft Technology

Microsoft Unveils Backdoor Scanner for Open-Weight AI Models

 

Microsoft has introduced a new lightweight scanner designed to detect hidden backdoors in open‑weight large language models (LLMs), aiming to boost trust in artificial intelligence systems. The tool, built by the company’s AI Security team, focuses on subtle behavioral patterns inside models to reliably flag tampering without generating many false outcomes. By targeting how specific trigger inputs change a model’s internal operations, Microsoft hopes to offer security teams a practical way to vet AI models before deployment.

The scanner is meant to address a growing problem in AI security: model poisoning and backdoored models that act as “sleeper agents.” In such attacks, threat actors manipulate model weights or training data so the model behaves normally in most scenarios, but switches to malicious or unexpected behavior when it encounters a carefully crafted trigger phrase or pattern. Because these triggers are narrowly defined, the backdoor often evades normal testing and quality checks, making detection difficult. Microsoft notes that both the model’s parameters and its surrounding code can be tampered with, but this tool focuses primarily on backdoors embedded directly into the model’s weights.

To detect these covert modifications, Microsoft’s scanner looks for three practical signals that indicate a poisoned model. First, when given a trigger prompt, compromised models tend to show a distinctive “double triangle” attention pattern, focusing heavily on the trigger itself and sharply reducing the randomness of their output. Second, backdoored LLMs often leak fragments of their own poisoning data, including trigger phrases, through memorization rather than generalization. Third, a single hidden backdoor may respond not just to one exact phrase, but to multiple “fuzzy” variations of that trigger, which the scanner can surface during analysis.

The detection workflow starts by extracting memorized content from the model, then analyzing that content to isolate suspicious substrings that could represent hidden triggers. Microsoft formalizes the three identified signals as loss functions, scores each candidate substring, and returns a ranked list of likely trigger phrases that might activate a backdoor. A key advantage is that the scanner does not require retraining the model or prior knowledge of the specific backdoor behavior, and it can operate across common GPT‑style architectures at scale. This makes it suitable for organizations evaluating open‑weight models obtained from third parties or public repositories.

However, the company stresses that the scanner is not a complete solution to all backdoor risks. It requires direct access to model files, so it cannot be used on proprietary, fully hosted models. It is also optimized for trigger‑based backdoors that produce deterministic outputs, meaning more subtle or probabilistic attacks may still evade detection. Microsoft positions the tool as an important step toward deployable backdoor detection and calls for broader collaboration across the AI security community to refine defenses. In parallel, the firm is expanding its Secure Development Lifecycle to address AI‑specific threats like prompt injection and data poisoning, acknowledging that modern AI systems introduce many new entry points for malicious inputs.
Read more »
Malware Campaigns
AI Prompt AI Security AI security risks AI technology Cyber Attacks LLM LLM cybersecurity Malware Campaigns

Promptware Threats Turn LLM Attacks Into Multi-Stage Malware Campaigns

 

Large language models are now embedded in everyday workplace tasks, powering automated support tools and autonomous assistants that manage calendars, write code, and handle financial actions. As these systems expand in capability and adoption, they also introduce new security weaknesses. Experts warn that threats against LLMs have evolved beyond simple prompt tricks and now resemble coordinated cyberattacks, carried out in structured stages much like traditional malware campaigns. 

This growing threat category is known as “promptware,” referring to malicious activity designed to exploit vulnerabilities in LLM-based applications. It differs from basic prompt injection, which researchers describe as only one part of a broader and more serious risk. Promptware follows a deliberate sequence: attackers gain entry using deceptive prompts, bypass safety controls to increase privileges, establish persistence, and then spread across connected services before completing their objectives.  

Because this approach mirrors conventional malware operations, long-established cybersecurity strategies can still help defend AI environments. Rather than treating LLM attacks as isolated incidents, organizations are being urged to view them as multi-phase campaigns with multiple points where defenses can interrupt progress.  

Researchers Ben Nassi, Bruce Schneier, and Oleg Brodt—affiliated with Tel Aviv University, Harvard Kennedy School, and Ben-Gurion University—argue that common assumptions about LLM misuse are outdated. They propose a five-phase model that frames promptware as a staged process unfolding over time, where each step enables the next. What may appear as sudden disruption is often the result of hidden progress through earlier phases. 

The first stage involves initial access, where malicious prompts enter through crafted user inputs or poisoned documents retrieved by the system. The next stage expands attacker control through jailbreak techniques that override alignment safeguards. These methods can include obfuscated wording, role-play scenarios, or reusable malicious suffixes that work across different model versions. 

Once inside, persistence becomes especially dangerous. Unlike traditional malware, which often relies on scheduled tasks or system changes, promptware embeds itself in the data sources LLM tools rely on. It can hide payloads in shared repositories such as email threads or corporate databases, reactivating when similar content is retrieved later. An even more serious form targets an agent’s memory directly, ensuring malicious instructions execute repeatedly without reinfection. 

The Morris II worm illustrates how these attacks can spread. Using LLM-based email assistants, it replicated by forcing the system to insert malicious content into outgoing messages. When recipients’ assistants processed the infected messages, the payload triggered again, enabling rapid and unnoticed propagation. Experts also highlight command-and-control methods that allow attackers to update payloads dynamically by embedding instructions that fetch commands from remote sources. 

These threats are no longer theoretical, with promptware already enabling data theft, fraud, device manipulation, phishing, and unauthorized financial transactions—making AI security an urgent issue for organizations.
Read more »
Vulnerabilities and Exploits
AI Endpoints GreyNoise LLM Ollama Vulnerabilities and Exploits

Threat Actors Target Misconfigured Proxies for Paid LLM Access

 

GreyNoise, a cybersecurity company, has discovered two campaigns against the infrastructure of large language models (LLMs) where the attackers used misconfigured proxies to gain illicit access to commercial AI services. Starting late December 2025, the attackers scanned over 73 LLM endpoints and had more than 80,000 sessions in 11 days, using harmless queries to evade detection. These efforts highlight the growing threat to AI systems as attackers begin to map vulnerable systems for potential exploitation. 

The first campaign, which started in October 2025, focused on server-side request forgery (SSRF) vulnerabilities in Ollama honeypots, resulting in a cumulative 91,403 attack sessions. The attackers used malicious registry URLs via Ollama’s model pull functionality and manipulated Twilio SMS webhooks to trigger outbound connections to their own infrastructure. A significant spike during Christmas resulted in 1,688 sessions over 48 hours from 62 IP addresses in 27 countries, using ProjectDiscovery’s OAST tools, indicating the involvement of grey-hat researchers rather than full-fledged malware attacks.

The second campaign began on December 28 from IP addresses 45.88.186.70 and 204.76.203.125. This campaign systematically scanned endpoints that supported OpenAI and Google Gemini API formats. The targets included leading providers such as OpenAI’s GPT-4o, Anthropic’s Claude series, Meta’s Llama 3.x, Google’s Gemini, Mistral, Google’s Gemini, Alibaba’s Qwen, Alibaba’s DeepSeek-R1, and xAI’s Grok. The attackers used low-noise queries like basic greetings or factual questions like “How many states in the US?” to identify models while avoiding detection systems. 

GreyNoise links the scanning IPs to prior CVE exploits, including CVE-2025-55182, indicating professional reconnaissance rather than casual probing.While no immediate exploitation or data theft was observed, the scale signals preparation for abuse, like free-riding on paid APIs or injecting malicious prompts. "Threat actors don't map infrastructure at this scale without plans to use that map," the report warns.

Organizations should restrict Ollama pulls to trusted registries, implement egress filtering, and block OAST domains like *.oast.live at DNS. Additional defenses include rate-limiting suspicious ASNs (e.g., AS210558, AS51396), monitoring JA4 fingerprints, and alerting on multi-endpoint probes. As AI surfaces expand, proactive securing of proxies and APIs is crucial to thwart these evolving threats.
Read more »
LLM cybersecurity
AI cyberattacks AI cybersecurity AI technology Cyber Attacks Cyber Defenses LLM LLM cybersecurity

AI-Assisted Cyberattacks Signal a Shift in Modern Threat Strategies and Defense Models

 

A new wave of cyberattacks is using large language models as an offensive tool, according to recent reporting from Anthropic and Oligo Security. Both groups said hackers used jailbroken LLMs-some capable of writing code and conducting autonomous reasoning-to conduct real-world attack campaigns. While the development is alarming, cybersecurity researchers had already anticipated such advancements. 

Earlier this year, a group at Cornell University published research predicting that cybercriminals would eventually use AI to automate hacking at scale. The evolution is consistent with a recurring theme in technology history: Tools designed for productivity or innovation inevitably become dual-use. Any number of examples-from drones to commercial aircraft to even Alfred Nobel's invention of dynamite-demonstrate how innovation often carries unintended consequences. 

The biggest implication of it all in cybersecurity is that LLMs today finally allow attackers to scale and personalize their operations simultaneously. In the past, cybercriminals were mostly forced to choose between highly targeted efforts that required manual work or broad, indiscriminate attacks with limited sophistication. 

Generative AI removes this trade-off, allowing attackers to run tailored campaigns against many targets at once, all with minimal input. In Anthropic's reported case, attackers initially provided instructions on ways to bypass its model safeguards, after which the LLM autonomously generated malicious output and conducted attacks against dozens of organizations. Similarly, Oligo Security's findings document a botnet powered by AI-generated code, first exploiting an AI infrastructure tool called Ray and then extending its activity by mining cryptocurrency and scanning for new targets. 

Traditional defenses, including risk-based prioritization models, may become less effective within this new threat landscape. These models depend upon the assumption that attackers will strategically select targets based upon value and feasibility. Automation collapses the cost of producing custom attacks such that attackers are no longer forced to prioritize. That shift erases one of the few natural advantages defenders had. 

Complicating matters further, defenders must weigh operational impact when making decisions about whether to implement a security fix. In many environments, a mitigation that disrupts legitimate activity poses its own risk and may be deferred, leaving exploitable weaknesses in place. Despite this shift, experts believe AI can also play a crucial role in defense. The future could be tied to automated mitigations capable of assessing risks and applying fixes dynamically, rather than relying on human intervention.

In some cases, AI might decide that restrictions should narrowly apply to certain users; in other cases, it may recommend immediate enforcement across the board. While the attackers have momentum today, cybersecurity experts believe the same automation that today enables large-scale attacks could strengthen defenses if it is deployed strategically.
Read more »
LLM security
AI cybercrime AI technology Cyber Hackers Cyber Security CyberCrime Hacker attack LLM LLM security

Rise of Evil LLMs: How AI-Driven Cybercrime Is Lowering Barriers for Global Hackers

 

As artificial intelligence continues to redefine modern life, cybercriminals are rapidly exploiting its weaknesses to create a new era of AI-powered cybercrime. The rise of “evil LLMs,” prompt injection attacks, and AI-generated malware has made hacking easier, cheaper, and more dangerous than ever. What was once a highly technical crime now requires only creativity and access to affordable AI tools, posing global security risks. 

While “vibe coding” represents the creative use of generative AI, its dark counterpart — “vibe hacking” — is emerging as a method for cybercriminals to launch sophisticated attacks. By feeding manipulative prompts into AI systems, attackers are creating ransomware capable of bypassing traditional defenses and stealing sensitive data. This threat is already tangible. Anthropic, the developer behind Claude Code, recently disclosed that its AI model had been misused for personal data theft across 17 organizations, with each victim losing nearly $500,000. 

On dark web marketplaces, purpose-built “evil LLMs” like FraudGPT and WormGPT are being sold for as little as $100, specifically tailored for phishing, fraud, and malware generation. Prompt injection attacks have become a particularly powerful weapon. These techniques allow hackers to trick language models into revealing confidential data, producing harmful content, or generating malicious scripts. 

Experts warn that the ability to override safety mechanisms with just a line of text has significantly reduced the barrier to entry for would-be attackers. Generative AI has essentially turned hacking into a point-and-click operation. Emerging tools such as PromptLock, an AI agent capable of autonomously writing code and encrypting files, demonstrate the growing sophistication of AI misuse. According to Huzefa Motiwala, senior director at Palo Alto Networks, attackers are now using mainstream AI tools to compose phishing emails, create ransomware, and obfuscate malicious code — all without advanced technical knowledge. 

This shift has democratized cybercrime, making it accessible to a wider and more dangerous pool of offenders. The implications extend beyond technology and into national security. Experts warn that the intersection of AI misuse and organized cybercrime could have severe consequences, particularly for countries like India with vast digital infrastructures and rapidly expanding AI integration. 

Analysts argue that governments, businesses, and AI developers must urgently collaborate to establish robust defense mechanisms and regulatory frameworks before the problem escalates further. The rise of AI-powered cybercrime signals a fundamental change in how digital threats operate. It is no longer a matter of whether cybercriminals will exploit AI, but how quickly global systems can adapt to defend against it. 

As “evil LLMs” proliferate, the distinction between creative innovation and digital weaponry continues to blur, ushering in an age where AI can empower both progress and peril in equal measure.
Read more »
Technology
Artifical Intelligence Economy Employees Gen AI IT Companies LLM Shadow AI Technology

The Rise of the “Shadow AI Economy”: Employees Outpace Companies in AI Adoption

 




Artificial intelligence has become one of the most talked-about technologies in recent years, with billions of dollars poured into projects aimed at transforming workplaces. Yet, a new study by MIT suggests that while official AI programs inside companies are struggling, employees are quietly driving a separate wave of adoption on their own. Researchers are calling this the rise of the “shadow AI economy.”

The report, titled State of AI in Business 2025 and conducted by MIT’s Project NANDA, examined more than 300 public AI initiatives, interviewed leaders from 52 organizations, and surveyed 153 senior executives. Its findings reveal a clear divide. Only 40% of companies have official subscriptions to large language model (LLM) tools such as ChatGPT or Copilot, but employees in more than 90% of companies are using personal accounts to complete their daily work.

This hidden usage is not minor. Many workers reported turning to AI multiple times a day for tasks like drafting emails, summarizing information, or basic data analysis. These personal tools are often faster, easier to use, and more adaptable than the expensive systems companies are trying to build in-house.

MIT researchers describe this contrast as the “GenAI divide.” Despite $30–40 billion in global investments, only 5% of businesses have seen real financial impact from their official AI projects. In most cases, these tools remain stuck in test phases, weighed down by technical issues, integration challenges, or limited flexibility. Employees, however, are already benefiting from consumer AI products that require no approvals or training to start using.


The study highlights several reasons behind this divide:

1. Accessibility: Consumer tools are easy to set up, requiring little technical knowledge.

2. Flexibility: Workers can adapt them to their own workflows without waiting for management decisions.

3. Immediate value: Users see results instantly, unlike with many corporate systems that fail to show clear benefits.


Because of this, employees are increasingly choosing AI for routine tasks. The survey found that around 70% prefer AI for simple work like drafting emails, while 65% use it for basic analysis. At the same time, most still believe humans should handle sensitive or mission-critical responsibilities.

The findings also challenge some popular myths about AI. According to MIT, widespread fears of job losses have not materialized, and generative AI has yet to revolutionize business operations in the way many predicted. Instead, the problem lies in rigid tools that fail to learn, adapt, or integrate smoothly into existing systems. Internal projects built by companies themselves also tend to fail at twice the rate of externally sourced solutions.

For now, the “shadow AI economy” shows that the real adoption of AI is happening at the individual level, not through large-scale corporate programs. The report concludes that companies that recognize and build on this grassroots use of AI may be better placed to succeed in the future.



Read more »
Technology
AI AI vulnerabilities Artificial Intelligence Cyberbreach LLM Ransomware RSA Security System Technology

Ransomware Defence Begins with Fundamentals Not AI

 


The era of rapid technological advancements has made it clear that artificial intelligence isn't only influencing cybersecurity, it is fundamentally redefining its boundaries and capabilities as well. The transformation was evident at the RSA Conference in San Francisco in the year 2025, as more than 40,000 cybersecurity professionals gathered to discuss the path forward for the industry.

It was essential to emphasise that the rapid integration of agentic AI into cyber operations is one of the most significant topics discussed, highlighting both the disruptive potential and strategic complexities it introduces simultaneously. AI technologies continue to empower both defenders and adversaries alike, and organizations are taking a measured approach, recognising the immense potential of AI-driven solutions while remaining vigilant against the increasingly sophisticated attacks from adversaries. 

As the rise of artificial intelligence (AI) and its application in criminal activities dominates headlines more often than not, the narrative is far from a one-sided one, as there are several factors playing a role. However, the rise of AI reflects a broader industry shift toward balancing innovation with resilience in the face of rapidly shifting threats. 
Several cybercriminals are indeed using artificial intelligence (AI) and large language models (LLMs) to make ransomware campaigns more sophisticated and more convincing, crafting more convincing phishing emails, bypassing traditional security measures, and improving the precision with which victims are selected. In addition to increasing the stealth and efficiency of attackers, the stakes for organisational cybersecurity have increased as a result of these tools. 

Although AI is considered a weapon for adversaries, it is proving to be an essential ally in the defence against ransomware when integrated into security systems. By integrating AI into security systems, organisations are able to detect threats more quickly and accurately, which leads to quicker detection and response to ransomware attacks. 

Furthermore, AI helps enhance the containment and recovery efforts of incidents, leading to faster containment and a reduction in potential damage. Furthermore, AI helps to mitigate and recover from incidents more effectively. With AI coupled with real-time threat intelligence, security teams are able to adapt to evolving attack techniques, providing them with the agility to close the gap between offence and defence, making the cyber environment in which people live more and more automated.

In the wake of a series of high-profile ransomware attacks - most notably, those targeted at prominent brands like M&S - concerns have been raised that artificial intelligence may be contributing to a spike in cybercrime that has never been seen before. In spite of the fact that artificial intelligence is undeniably changing the threat landscape by streamlining phishing campaigns and automating attack workflows, its impact on ransomware operations has often been exaggerated. 

In practice, AI isn't really a revolutionary force at all, but rather a tool to accelerate tactics cybercriminals have relied on for years to come. Most ransomware groups continue to rely on proven, straightforward methods that offer speed, scalability, and consistent financial returns for their attacks. As far as successful ransomware campaigns are concerned, scammy emails, credential theft, and insider exploitation have continued to be the cornerstones of these campaigns, offering reliable results without requiring the use of advanced artificial intelligence. 

As security leaders are looking for effective ways to address these threats, they are focusing on getting a realistic perspective on how artificial intelligence is used within ransomware ecosystems. It has become increasingly evident that breach and attack simulation tools are critical assets for organisations as they enable them to identify vulnerabilities and close security gaps in advance of attackers exploiting them. 

There is a sense of balance in this approach, which emphasises the importance of bolstering foundational security controls while keeping pace with the incremental evolution of adversarial capabilities. Nevertheless, generative artificial intelligence is continuing to evolve in profound and often paradoxical ways as it continues to mature. In one way, it empowers defenders by automating routine security operations, detecting hidden patterns in complex data sets, and detecting vulnerabilities that might otherwise go undetected by the average defender. 

It also provides cybercriminals with the power to craft more sophisticated, targeted, scalable attacks, blurring the line between innovation and exploitation, providing them with powerful tools to craft more sophisticated, targeted, and scalable attacks. According to recent studies, over 80% of cyber incidents are caused by human error, which is why organisations need to harness artificial intelligence to strengthen their security posture to prevent future cyber attacks. 

AI is an excellent tool for cybersecurity leaders as it streamlines threat detection, reduces human oversight, and enables real-time response in real-time. There is, however, a danger that the same technologies may be adapted by adversaries to enhance phishing tactics, automate malware deployment, and orchestrate advanced intrusion strategies. The dual use of artificial intelligence has raised widespread concerns among executives due to its dual purpose. 

According to a recent survey, 84% of CEOs have expressed concern about generative AI being the source of widespread or catastrophic cyberattacks. Consequently, organisations are beginning to make a significant investment in AI-based cybersecurity, with projections showing a 43% increase in AI security budgets by 2025 as a result of this increase. 

In an increasingly complex digital environment, it is becoming increasingly recognised that even though generative AI introduces new vulnerabilities, it also holds the key to strengthening cyber resilience. This surge is indicative of a growing recognition of the need for generative AI. As artificial intelligence is increasing the speed and sophistication with which cyberattacks are taking place, it has never been more important than now to adhere to foundational cybersecurity practices. 

While artificial intelligence has unquestionably enhanced the tactics available to cybercriminals, allowing them to conduct more targeted phishing attempts, exploit vulnerabilities more quickly, and create more evasive malware, many of the core techniques have not changed. In other words, even though they have many similarities, the differences lie more in how they are executed, rather than in what they do. 

As such, rigorously and consistently applied traditional cybersecurity strategies remain critical bulwarks against even the threats that are enhanced by artificial intelligence. In addition to these foundational defences, multi-factor authentication (MFA), which is widely used, provides a vital safeguard against credential theft, particularly in light of the increasing use of artificial intelligence-generated phishing emails that mimic legitimate communication with astonishing accuracy - a powerful security measure that is critical today. 

As important as it is to maintain regular data backups, maintaining a secure backup mechanism also provides an effective fallback mechanism for ransomware, which is now capable of dynamically altering payloads to avoid detection. The most important element is to make sure that all systems and software are updated, as this prevents AI-enabled tools from exploiting known vulnerabilities. 

A Zero Trust architecture is becoming increasingly relevant as attackers with artificial intelligence move faster and stealthier than ever before. By assuming no implicit trust within the network and restricting lateral movement, this model greatly reduces the blast radius of any potential breach of the network and reduces the likelihood of the attack succeeding. 

A major upgrade is also required for email filtering systems, with AI-based tools that are better equipped to detect subtle nuances in phishing campaigns that have been successfully evading legacy solutions. It is also becoming more and more important for organisations to emphasise security awareness training to prevent breaches, as human error is still one of the leading causes. There is no better line of defence for a company than having employees trained to spot deceptive artificial intelligence-crafted deception.

Furthermore, the use of artificial intelligence-based anomaly detection systems is becoming increasingly important for detecting unusual behaviours that indicate a breach of security. In order to limit exposure and contain threats, segmentation, strict access control policies, and real-time monitoring are all complementary tools. However, it is important to note that even as AI has created new complexities in the threat landscape, it has not rendered traditional defences obsolete. 

Rather, these tried and true cybersecurity measures, augmented by intelligent automation and threat intelligence, are the cornerstones of resilient cybersecurity, not the opposite. Defending against adversaries powered by artificial intelligence requires not just speed but also strategic foresight and disciplined execution of proven strategies. 

As AI-powered cyberattacks become a bigger and more prevalent subject of discussion, organisations themselves are at risk from an unchecked and ungoverned use of artificial intelligence tools, a risk that is often overlooked. While much of the attention has been focused on how threat actors are capable of weaponising artificial intelligence, the internal vulnerabilities that arise from the unscheduled adoption of generative AI present a significant and present threat to the organisation. 

In what is referred to as "Shadow AI," employees are using tools like ChatGPT without formal authorisation or oversight, which circumvents established security protocols and could potentially expose sensitive corporate data. According to a recent study, nearly 40% of IT professionals admit that they have used generative AI tools without proper authorisation. 

Besides compromising governance efforts, such practices obscure visibility of data processing and handling, complicate incident response, and increase the organisation's vulnerability to attacks. The use of artificial intelligence by organisations is unregulated, coupled with inadequate data governance and poorly configured artificial intelligence services, resulting in a number of operational and security issues. 

The risks posed by internal AI tools must be mitigated by organisations treating them as if they were any enterprise technologies. Among the measures that must be taken to mitigate these risks is to establish robust governance frameworks, ensure the transparency of data flows, conduct regular audits, and provide cybersecurity training that addresses the dangers of shadow artificial intelligence, as well as ensure that leaders remain mindful of current threats to their organisations. 

Although artificial intelligence generates headlines, the most successful attacks continue to rely on the proven techniques - phishing, credential theft, and ransomware. The emphasis placed on the potential threats that could be driven by AI can distract attention from critical, foundational defences. In this context, complacency and misplaced priorities are the greatest risks, and not AI itself. 

 It remains true that maintaining a disciplined cyber hygiene, simulating attacks, and strengthening security fundamentals remain the most effective ways to combat ransomware in the long run. There is no doubt that artificial intelligence is not just a single threat or solution for cybersecurity, but rather a powerful force capable of strengthening as well as destabilising digital defences in an environment that is rapidly evolving. 

As organisations navigate this shifting landscape, it is imperative to have clarity, discipline, and strategic depth as they attempt to navigate this new terrain. Despite the fact that artificial intelligence may dominate headlines and influence funding decisions, it does not negate the importance of basic cybersecurity practices. 

What is needed is a recalibration of priorities as people move forward. Security leaders must build resilience against emerging technologies, rather than chasing the allure of emerging technologies alone. They need to adopt a realistic and layered approach to security, one that embraces AI as a tool while never losing sight of what consistently works. 

To achieve this goal, advanced automation, analytics, and tried-and-true defences must be integrated, governance around AI usage must be enforced, and access to data flows and user behaviour must remain tightly controlled. In addition, organisations need to realise that technological tools are only as powerful as the frameworks and people that support them. 

Threats are becoming increasingly automated, making it even more important to have human oversight. Training, informed leadership, and an environment that fosters a culture of accountability are not optional; they are imperative. In order for artificial intelligence to be effective, it must be part of a larger, more comprehensive security strategy that is based on visibility, transparency, and proactive risk management. 

As the battle against ransomware and AI-enhanced cyber threats continues, the key to success will not be whose tools have the greatest sophistication, but whose application of these tools will be consistent, purposeful, and foresightful. AI isn't a threat, but it's an opportunity to master it, regulate it internally, and never let innovation overshadow the fundamentals that keep security sustainable in the first place. Today's defenders have a winning formula: strong fundamentals, smart integration, and unwavering vigilance are the keys to their success.
Read more »
Russian APT28
Data Theft LameHug LLM malware Russian APT28

LameHug Malware Crafts Real-Time Windows Data-Theft Commands Using AI LLM

 

LameHug, a novel malware family, generates commands for execution on compromised Windows systems using a large language model (LLM). 

Russia-backed threat group APT28 (also known as Sednit, Sofacy, Pawn Storm, Fancy Bear, STRONTIUM, Tsar Team, and Forest Blizzard) was attributed for the assaults after LameHug was identified by Ukraine's national cyber incident response team (CERT-UA). Written in Python, the malware communicates with the Qwen 2.5-Coder-32B-Instruct LLM via the Hugging Face API, which allows it to generate commands in response to prompts. 

Alibaba Cloud developed the LLM, which is open-source and designed to produce code, reason, and follow coding-focused instructions. It can translate natural language descriptions into executable code (in several languages) or shell commands. CERT-UA discovered LameHug after receiving reports on July 10 of malicious emails received from hacked accounts impersonating ministry officials and attempting to disseminate malware to executive government organisations.

The emails include a ZIP attachment that contains a LameHub loader. CERT-UA identified at least three variants: 'Attachment.pif,' 'AI_generator_uncensored_Canvas_PRO_v0.9.exe,' and 'image.py.’ 

With a medium degree of confidence, the Ukrainian agency links this action to the Russian threat group APT28. In the reported attacks, LameHug was tasked with carrying out system reconnaissance and data theft directives generated dynamically by the LLM. LameHug used these AI-generated instructions to gather system information and save it to a text file (info.txt), recursively search for documents in critical Windows directories (Documents, Desktop, Downloads), then exfiltrate the data over SFTP or HTTP POST. 

LameHug is the first publicly known malware that uses LLM to carry out the attacker's duties. From a technical standpoint, this could signal a new attack paradigm in which threat actors can modify their techniques throughout a compromise without requiring new payloads. 

Furthermore, employing Hugging Face infrastructure for command and control may help to make communication more stealthy, allowing the intrusion to remain undetected for a longer period of time. The malware can also avoid detection by security software or static analysis tools that search for hardcoded commands by employing dynamically generated commands. CERT-UA did not specify if LameHug's execution of the LLM-generated commands was successful.
Read more »
Subscribe to: Comments (Atom)