The AI-Powered Trojan Horse Returns: How LLMs Revive Classic Cyber Threats

In an era where users rely on vigilance against shady websites and file hashing via platforms like VirusTotal, a new wave of trojan horses is challenging traditional defenses.

These threats masquerade as legitimate desktop applications, such as recipe savers, AI-powered image enhancers, and virtual assistants, all while embedding malicious capabilities.

For instance, the JustAskJacky app, featuring a cartoon character that provides household tips, covertly schedules tasks to execute arbitrary code from a command-and-control (C2) server using eval functions on deobfuscated payloads.

Similarly, the TamperedChef recipe app interprets whitespace characters in downloaded recipes as executable commands, turning innocuous content into a backdoor mechanism.

An AI image search tool, promising high-quality photo enhancements, grants threat actors unauthorized system access in exchange for its “free” service.

These examples, undetected by VirusTotal scanners for weeks, highlight a shift where trojans integrate malicious logic directly ...