AI-POWERED RANSOMWARE ADAPTS LIKE A HUMAN IN FIRST RECORDED LLM-DRIVEN ATTACK

Cybersecurity researchers have uncovered what they believe is the first documented ransomware campaign carried out entirely by an autonomous AI agent. Dubbed JadePuffer, the operation demonstrates how large language models (LLMs) can execute complex cyberattacks without continuous human guidance, marking a significant shift in the ransomware landscape.

According to Sysdig, the AI-powered attacker exploited CVE-2025-3248, a remote code execution flaw in the open-source Langflow platform, to gain initial access. Once inside, the agent independently performed reconnaissance, harvested credentials, searched for sensitive files and environment variables, escalated privileges, moved laterally through the network, established persistence, and ultimately deployed ransomware.

One of the most concerning findings was the AI’s ability to adapt when attacks failed. Instead of stopping, the agent modified its techniques and retried them automatically, successfully recovering from failed login attempts in as little as 31 seconds. During storage enumeration, it even adjusted its parsing logic when an API returned an unexpected response format, behavior that closely resembles an experienced human threat actor.

The AI established long-term access by installing a cron job that communicated with the attacker’s infrastructure every 30 minutes. It later pivoted from the compromised Langflow server to a production Alibaba Nacos server using root credentials, where it attempted additional exploits before launching the ransomware payload.

Researchers found that JadePuffer encrypted 1,342 Nacos configuration records using MySQL encryption functions, deleted the original data, and created a ransom note containing Bitcoin payment instructions and a Proton Mail contact address. Although the attackers claimed to use AES-256 encryption, researchers believe the malware more likely relied on the weaker AES-128-ECB algorithm.

The discovery highlights how autonomous AI agents are rapidly evolving from productivity tools into offensive cyber weapons capable of making decisions, adapting to obstacles, and carrying out sophisticated attacks with minimal human involvement. Security teams should prioritize patching exposed systems, protecting cloud credentials, monitoring AI application infrastructure, and strengthening detection capabilities against increasingly intelligent threats.

Leave a Comment

Your email address will not be published. Required fields are marked *