← Back
AI Jul 06

The ‘first’ AI-run ransomware attack still needed a human

Jul 06 · 19 views

Researchers at cloud security firm Sysdig reported the first known case of "agentic ransomware," an extortion operation called JadePuffer, in which an AI agent handled the technical execution of a cyberattack from start to finish. The agent broke into a vulnerable server, stole credentials, moved through the target's network, encrypted files, and wrote its own ransom note. However, Sysdig's Michael Clark clarified that a human was still involved in setting up and pointing the operation, provisioning the infrastructure, and choosing the victim, and that the credentials used were obtained through a prior compromise. The attack exploited a known bug in Langflow, an open-source tool for building LLM apps, then moved to a production MySQL server and exploited another flaw to gain admin access. The agent encrypted over 1,300 configuration records and left a ransom note with a Bitcoin address. Sysdig noted that while the techniques were ordinary, the speed and transparency were notable, with the agent fixing a failed login in 31 seconds and narrating its reasoning in natural-language code comments. Clark clarified that multiple API keys found for models like OpenAI and Anthropic were part of what the agent stole, not evidence of multiple models powering the attack. Sysdig was unable to identify the specific model driving the agent or its system prompt. The victim of the attack has not been disclosed.

Advertisement
Link copied!