Taking responsibility for nothing
2025-11-14 21:34:05.100213+01 by Dan Lyke 0 comments
Volexity: APT Meets GPT: Targeted Operations with Untamed LLMs. That's "Advanced Persistent Thread", not the package manager. Via.
Kevin Beaumont goes on to note:
If this is the best the entire cyber industrial complex can find for China and Russia GenAI threats.. the reality 3 years into the GenAI "war" is that people are fighting you with water pistols at present.
RandomAccessMusi ngs @rndmamusings.bsky.social
As one of the folks involved in this I can echo it wasn't super advanced at all, and some of the malware contained errors (double TLS header network coms). The challenge the LLM use introduced was quantity to keep on top of - thankfully it was simple enough we could write quick automations to triage
Of course Anthropic was quick to claim credit for the Claude LLM/"AI" being instrumental for the attack... BBC: AI firm claims Chinese spies used its tech to automate cyber attacks and CyberScoop: AI firm claims Chinese spies used its tech to automate cyber attacks.
I actually ran one of the malicious payloads on a real PC this evening. It doesn’t work. Due to an error in the code - almost certainly introduced by an LLM - the network traffic doesn’t actually parse correctly so the attacker can’t do anything remotely.
Edit: Pivot to AI: Anthropic: Chinese AI hackers are after you! Security researchers call BS