Google Flags AI Malware Surge As Hackers Use LLMs To Mutate Code On-The-Fly

The industry-wide effort to AI all the things isn't without its seedy side. Namely, we're quickly entering an era of more sophisticated malware strains evading common antivirus protections, with threat actors taking advantage of powerful large language models (LLMs) that pose evolving threats, Google Threat Intelligence Group (GTIG) warns in a new security report.

GTIG says it's seen novel AI-enabled malware in active operations, marking a new phase of AI abuse. What makes the new crop of malware so alarming is its ability to alter its behavior on the fly, with the assistance of LLMs.

"For the first time, GTIG has identified malware families, such as PROMPTFLUX and PROMPTSTEAL, that use LLMs during execution. These tools dynamically generate malicious scripts, obfuscate their own code to evade detection, and leverage AI models to create malicious functions on demand, rather than hard-coding them into the malware," GTIG says.

These ...