🖥 AI-Powered Trojan "Mutates" to Evade Antivirus

Google reports on a new wave of cyberattacks. Experts have identified several AI-powered malware strains.

🔄 PROMPTFLUX rewrites its own code every hour by calling Gemini through an API. These frequent "mutations" are designed to help it bypass antivirus detection. Experts say attackers are still testing this technique.

🔄 PROMPTSTEAL, however, is already being used in real-world attacks. It poses as an AI image generator but secretly asks Qwen to generate system commands to gather data from the infected computer and runs them silently. The malware is attributed to the APT28 group, believed to be linked to Russia.

🔄 QUIETVAULT uses whatever AI tools are already installed on a compromised server to hunt down and steal passwords, encryption keys, and other sensitive data.

🥷🏻 To bypass restrictions that prevent AI models from generating malicious code, hackers are experimenting with their prompts—pretending to be students participating in cybersecurity competitions or writing research papers. Groups from Iran, North Korea, and China are already using these tactics.

"We are only now starting to see this type of activity, but expect it to increase in the future," Google analysts warn.

@hiaimediaen