A new dangerous malware has emerged that infects Windows computers around the world, named 'LazyHug'. This malware is special because it uses the same technology that operates AI chatbots such as ChatGPT, Gemini, Perplexity, and Claude. It has been discovered by Ukraine's National Cyber Incident Response Team (CERT-UA).
AI-Powered Malware: How does it attack?
According to CERT-UA, this attack is being carried out by the Russian cybercriminal group APT028. The LazyHug malware is written in Python and uses the API of Hugging Face. To operate it, an open-source LLM (Large Language Model) called Qwen-2.5-Coder-32B-Instruct has been used, which has been developed by Alibaba Cloud.
Like AI chatbots, LazyHug's LLM can also convert instructions given in natural language into executable code or shell commands. This technique gives the malware the ability to create and run commands directly from human language.
Malware hidden in a ZIP file
This malware was hidden inside a ZIP file in the email sent by APT028 to Ukrainian government officials. The name of the file was AI_generator_uncensored_Canvas_PRO_0.9.exe image.py. As soon as the user opens these files, the LazyHug malware gets activated and starts collecting data from the infected Windows computer.
What information does it steal?
LazyHug scans the following folders present on the computer:
Documents
Downloads
Desktop
It scans the PDF and text files present in these folders and sends them to a remote server. It is not yet clear how exactly the LLM technique was used in this attack, but its functioning is considered to be extremely dangerous.
Why is this malware more dangerous?
According to a warning issued by IBM X-Force Exchange, this is the first known case where malware is creating executable commands using LLM. This means that hackers can continue the attack by just changing the commands without sending a new payload, making this malware undetectable by security software and static analysis tools. This news comes at a time when a security analysis company called Check Point has discovered a new malware called 'Skynet', which is capable of evading AI tools.
Disclaimer: This content has been sourced and edited from Amar Ujala. While we have made modifications for clarity and presentation, the original content belongs to its respective authors and website. We do not claim ownership of the content.
-
5 Most expensive, rare mango varieties in India
-
What to keep in the East direction at home, shop, or office?
-
What to offer (and avoid) on Shivling this Sawan Somwar – July 21, 2025
-
If you are disturbed by cold and cold sore throat, then these home remedies will give great relief
-
Hugo Ekikte: Liverpool Agree £ 79m Deal for Eintracht Frankfurt Striker
