BTC $71,807
2026 Bull Run Is Building Start trading with 5% OFF all fees
Sign Up Now
BTC $71,807
Bull Run 2026 | 5% Off Fees Open your Binance account today
Sign Up

MalTerminal: Researchers Find First LLM-Enabled AI Malware in Wild

AI-Powered Malware and Phishing Attacks Signal New Era of Cyber Threats

  • Researchers identified the earliest known Malware incorporating Large Language Model (LLM) technology, called MalTerminal.
  • MalTerminal can use AI to generate Ransomware or create a reverse shell, but there is no evidence it has been widely used.
  • Attackers are now embedding hidden prompts in phishing emails to bypass AI detection and deliver malicious attachments.
  • Cybercriminals use AI-driven web tools to host fake CAPTCHA pages, making phishing attacks harder to detect.
  • Security companies warn that the use of generative AI is rapidly increasing attack sophistication and scale.

A team at SentinelOne SentinelLABS has found what they call the earliest example of malware with built-in Large Language Model (LLM) features. The malware, known as MalTerminal, was studied by researchers and shared at the LABScon 2025 security conference. The tool uses OpenAI‘s GPT-4 to create ransomware or reverse shell code, techniques often used for controlling infected systems.

- Advertisement -

The group explained that MalTerminal included a now-deprecated OpenAI API endpoint, meaning it was likely created before November 2023. There is no evidence this malware has been released widely, so it may only be a test example or a tool for Cybersecurity teams. Some related Python scripts can also create ransomware or reverse shells, and a detection tool named FalconShield uses an LLM to check if code is malicious.

SentinelOne said, “The incorporation of LLMs into malware marks a qualitative shift in adversary tradecraft.” With LLMs able to generate new commands while running, defenders face new challenges in stopping attacks.

The report also highlights a new method where criminals hide prompts in phishing emails to fool AI-based email security. These hidden messages are concealed in email attachments using styles like “display:none” or “color:white” so users do not see them. For example, an email may look like a business invoice but contain instructions to trick AI-based systems into thinking it is safe.

When a recipient opens the attachment, an attack can begin by exploiting a known vulnerability called Follina (CVE-2022-30190) to run extra software, disable Microsoft Defender, and keep itself active. This technique, called LLM Poisoning, uses comments in web code to bypass AI scanners.

- Advertisement -

A new report from Trend Micro shows more social engineering scams since January 2025 using AI-powered Hosting platforms like Lovable, Netlify, and Vercel. These fake sites often show a CAPTCHA page, then redirect users to phishing sites to steal passwords and other information.

According to Trend Micro researchers, “Victims are first shown a CAPTCHA, lowering suspicion, while automated scanners only detect the challenge page, missing the hidden credential-harvesting redirect.” Analysts warn that free and easy-to-use AI platforms are making these attacks cheaper and faster to run than before.

✅ Follow BITNEWSBOT on Telegram, Facebook, LinkedIn, X.com, and Google News for instant updates.

Previous Articles:

- Advertisement -
Ad
Altseason Is Loading. Don't watch from the sidelines.
SOL $90.51
DOGE $0.0963
LINK $9.02
SUI $1.00
5% off fees when you sign up
Start Trading
Ad
Pay Less on Every Trade. For Life.
$10K/mo volume Save $60/yr
$50K/mo volume Save $300/yr
$100K/mo volume Save $600/yr
5% off all trading fees when you sign up
Claim Your Discount

Latest News

Ethereum Foundation deploys AI agents to hunt for network bugs

Ethereum Foundation researchers deployed AI agents to red-team critical network infrastructure, uncovering real bugs.The...

Ethereum May Be Forming Short-Term Bottom, Says Ex-BofA Strategist

Ethereum may be forming a short-term bottom, according to a chart shared by Tom...

Tesla BTC stash plunges 66% despite Bitcoin’s 30% rally

Tesla's Bitcoin holdings have lost two-thirds of their value despite the cryptocurrency appreciating more...

Bitcoin miner AI rally draws scrutiny over insider stock sales

Publicly traded Bitcoin miners saw sharp stock gains after pivoting to AI, but insider...

New Webinar: Outpace AI Attacks with Zero Trust

AI-powered attacks, like the Mythos model, now execute in minutes what previously took attackers...

Must Read

7 Best Audiobooks on Cybersecurity

Cybersecurity has become an essential topic in our increasingly digital world. As technology evolves and becomes more integrated into our daily lives, the importance...
Ad
Altseason Is Loading. These 4 coins are trending right now.
SOL $92.12
DOGE $0.0950
LINK $9.02
SUI $1.02
5% off spot fees when you sign up
Start Trading