LameHug is a new malware that leverages a large language model to generate commands, making its attacks more adaptive and stealthy. The Ukrainian CERT identified it in attacks linked to the Russian threat group APT28, targeting government systems with AI-driven malware. #LameHug #APT28
Keypoints
- LameHug uses an open-source LLM to generate commands for compromised Windows systems.
- The malware was discovered through reports of malicious emails impersonating officials and containing ZIP attachments.
- It conducts system reconnaissance, data theft, and exfiltration by dynamically generated AI commands.
- This is the first documented case of malware utilizing an LLM for attack tasks, indicating a new threat paradigm.
- The use of AI for command generation may help malware evade detection and remain persistent longer.