Novel malware from Russia’s APT28 prompts LLMs to create malicious Windows commands – Source: www.csoonline.com

Russian cyberespionage group APT28 has developed malware that generates commands by querying large language models (LLMs). The malware, dubbed LAMEHUG by the Ukrainian CERT, was used in recent spear phishing attacks against Ukrainian government entities and represents a new example of how attackers are using AI in their attacks.

The phishing emails were sent from a compromised email account and impersonated a representative of an Ukrainian ministry, according to the CERT-UA report. The malware was contained in a ZIP archive and had a .pif (MS-DOS executable) extension, though variants with .exe and .py extensions have also been observed.

CERT-UA attributes these attacks to a group it tracks as UAC-0001, but which is better known in the security community as APT28. Western intelligence agencies have officially associated this group with Unit 26165, or the 85th Main Special Service Center (GTsSS) of the GRU, Russia’s military intelligence service.

APT28, also known as Sofacy, Pawn Storm, or Fancy Bear, has been engaged in cyber operations against targets in Western countries as far back as 2004, but has been very active in Ukraine as well, even before Russia’s invasion in February 2022.

Last year, the DOJ charged five GRU officers and an alleged civilian collaborator for destructive cyberattacks against Ukrainian computer infrastructure, as well as for probing government computer systems belonging to 26 NATO member countries, including the US. Given the global scope of APT28’s operations, it may be only a matter of time until the new LAMEHUG malware is used against Western targets as well.

Querying LLM APIs in real-time

To date, attackers have been observed using LLMs to write malicious scripts or better phishing emails. There are also a variety of uncensored and jailbroken LLM subscription services sold on cybercrime forums.

But LAMEHUG’s creators have taken a different approach by building the ability to query LLMs directly into the malware program itself. To do so, LAMEHUG leverages the APIs from Hugging Face, the biggest platform on the web for hosting LLMs and other AI assets.

LAMEHUG includes a built-in query to the Qwen 2.5-Coder-32B-Instruct model via Hugging Face, by which it instructs the model to behave as a Windows system administrator and to generate a list of commands to create a folder and gather information in it about the computer, network, and Active Directory domain and then put the results in a text file.

A separate query instructs the model to create a list of commands that will recursively copy all .pdf and .txt documents from the Documents, Downloads, and Desktop folder to the newly create staging directory under C:Programdatainfo.

LAMEHUG is written in Python and was compiled to an executable binary from source code with PyInstaller. CERT-UA saw it distributed as Appendix.pif, AI_generator_uncensored_Canvas_PRO_v0.9.exe, AI_image_generator_v0.95.exe, and image.py, with each variant having functional differences in how it exfiltrates data from infected computers. The command-and-control server for the malware was hosted on legitimate but compromised infrastructure.

Just like LLMs are becoming a common tool and resource for organizations and employees, they are also useful for attackers; LAMEHUG is just one recent example. Researchers recently tested the abilities of LLMs to performing vulnerability and exploit development tasks and found them to be buggy and mostly ineffective. But the researchers did observe rapid improvement over several months. As time goes by, we are likely to see more AI-assisted attacks, and even advanced hacking, just like we’ve seen AI-assisted programming take off.

By using LLMs to introduce variety in executed commands on the fly, attackers might hope to avoid detection signatures by introducing a level of polymorphism to this aspect of its attack chain.