1. Forum
  2. FidoNet
  3. CONSPRCY

  • More AI malware has been

    From Mike Powell@1:2320/105 to All on Tue Jan 27 09:59:04 2026
    More AI malware has been found - and this time, crypto developers are under attack

    Date:
    Mon, 26 Jan 2026 16:45:00 +0000

    Description:
    KONNI is using AI-generated backdoors to target crypto bros - and security
    pros should pay attention.

    FULL STORY

    Security researchers have found more malware being developed with the help of Gen AI, as the use of AI tools in cybercrime moves from theory into practice, and that defenders should also start integrating AI into their tech stack.

    Security outfit Check Point Research (CPR) has detailed KONNI , a known North Korean state-sponsored threat actor that has been around for more than a decade.

    According to CPR, KONNI is known for targeting South Korean politicians, diplomats, academics, and other similar targets. However, after more than a decade of chasing after political and diplomatic targets, KONNI shifted its attention towards software developers - specifically, blockchain and crypto developers.

    AI-generated PowerShell backdoor

    CPR says that in the latest campaign, KONNI was mailing IT technicians with highly convincing phishing lures, attempting to access cloud infrastructure, source code repositories, APIs, and blockchain-related credentials.

    Those that took the bait deployed an AI-generated PowerShell backdoor that granted the attackers access to their computers, and through it, to all of
    the secrets stored there.

    A defining aspect of this campaign is the deployment of an AI-generated PowerShell backdoor, demonstrating how artificial intelligence is
    accelerating malware development and deployment, CPR said in its report.

    Rather than introducing entirely new attack techniques, AI enables faster iteration, easier customization, and greater flexibility.

    The report also stresses that this means cybersecurity professionals will
    have to change, or evolve, their approach, as well. AI-generated malware can change faster and to a greater extent, evading traditional, signature-based detection with ease.

    Organizations should treat development environments as high-value targets,
    CPR concludes. To defend, they should first strengthen phishing prevention across collaboration and developer workflows. After that, they should protect development and cloud environments with strong access controls and finally,
    use AI-driven threat prevention to block unseen malware early in the attack chain.

    ======================================================================
    Link to news story: https://www.techradar.com/pro/security/more-ai-malware-has-been-found-this-tim e-targeting-crypto-developers

    $$
    --- SBBSecho 3.28-Linux
    * Origin: Capitol City Online (1:2320/105)