Flutterby™! : Taking responsibility for nothing

Next unread comment / Catchup all unread comments User Account Info | Logout | XML/Pilot/etc versions | Long version (with comments) | Weblog archives | Site Map | | Browse Topics

Taking responsibility for nothing

2025-11-14 21:34:05.100213+01 by Dan Lyke 0 comments

Volexity: APT Meets GPT: Targeted Operations with Untamed LLMs. That's "Advanced Persistent Thread", not the package manager. Via.

Kevin Beaumont goes on to note:

If this is the best the entire cyber industrial complex can find for China and Russia GenAI threats.. the reality 3 years into the GenAI "war" is that people are fighting you with water pistols at present.

RandomAccessMusi ngs ‪@rndmamusings.bsky.social‬

As one of the folks involved in this I can echo it wasn't super advanced at all, and some of the malware contained errors (double TLS header network coms). The challenge the LLM use introduced was quantity to keep on top of - thankfully it was simple enough we could write quick automations to triage

Of course Anthropic was quick to claim credit for the Claude LLM/"AI" being instrumental for the attack... BBC: AI firm claims Chinese spies used its tech to automate cyber attacks and CyberScoop: AI firm claims Chinese spies used its tech to automate cyber attacks.

Summarized:

I actually ran one of the malicious payloads on a real PC this evening. It doesn’t work. Due to an error in the code - almost certainly introduced by an LLM - the network traffic doesn’t actually parse correctly so the attacker can’t do anything remotely.

Edit: Pivot to AI: Anthropic: Chinese AI hackers are after you! Security researchers call BS

[ related topics: Interactive Drama Weblogs broadband History Current Events Work, productivity and environment Monty Python Artificial Intelligence ]

comments in ascending chronological order (reverse):

Add your own comment:




Format with:

(You should probably use "Text" mode: URLs will be mostly recognized and linked, _underscore quoted_ text is looked up in a glossary, _underscore quoted_ (http://xyz.pdq) becomes a link, without the link in the parenthesis it becomes a <cite> tag. All <cite>ed text will point to the Flutterby knowledge base. Two enters (ie: a blank line) gets you a new paragraph, special treatment for paragraphs that are manually indented or start with "#" (as in "#include" or "#!/usr/bin/perl"), "/* " or ">" (as in a quoted message) or look like lists, or within a paragraph you can use a number of HTML tags:

p, img, br, hr, a, sub, sup, tt, i, b, h1, h2, h3, h4, h5, h6, cite, em, strong, code, samp, kbd, pre, blockquote, address, ol, dl, ul, dt, dd, li, dir, menu, table, tr, td, th

Comment policy

We will not edit your comments. However, we may delete your comments, or cause them to be hidden behind another link, if we feel they detract from the conversation. Commercial plugs are fine, if they are relevant to the conversation, and if you don't try to pretend to be a consumer. Annoying endorsements will be deleted if you're lucky, if you're not a whole bunch of people smarter and more articulate than you will ridicule you, and we will leave such ridicule in place.

Flutterby™ is a trademark claimed by

Dan Lyke
for the web publications at www.flutterby.com and www.flutterby.net.