Researchers have uncovered what is believed to be the earliest known malware with embedded Large Language Model (LLM) capabilities, a tool dubbed MalTerminal. This emerging class of threat can dynamically generate malicious code like ransomware at runtime, creating significant new challenges for conventional security defenses. The discovery highlights a growing trend of adversaries using AI for sophisticated attacks, including phishing emails with hidden prompts designed to deceive AI security scanners. While this LLM-enabled malware is still in an experimental phase, its reliance on hardcoded API keys and prompts offers new avenues for threat hunting. This evolution in malware signifies a major shift in adversary tactics, requiring defenders to prepare for more adaptable and unpredictable threats.
Latest mentioned: 09-20
Earliest mentioned: 09-19