A new form of malware called "LameHug" has been identified, marking a significant step in the evolution of cyber threats. This malware stands out as the first known instance of malicious software using artificial intelligence (AI) to generate commands for data theft on compromised Windows systems. Discovered by the National Computer Emergency Response Team of Ukraine (CERT-UA), LameHug is being used in attacks targeting the nation's security and defense sectors. These attacks have been linked with moderate confidence to the APT28 hacking group, which is believed to be controlled by Russian special services.
How LameHug Works
LameHug is designed to execute commands on infected Windows computers using AI-generated instructions. The malware is written in Python and utilizes the Hugging Face API to interact with the open-source Qwen2.5-Coder-32B-Instruct large language model (LLM) from Alibaba. This LLM, similar to those powering AI chatbots like ChatGPT, converts natural language instructions into executable code or shell commands.
The use of LLMs to generate execution commands is what makes LameHug unique. This innovative approach allows threat actors to adapt their tactics during an attack without needing to introduce new malicious code. By dynamically generating commands, LameHug can potentially evade detection by security software and static analysis tools that rely on recognizing pre-defined commands.
Infection Method
The malware is delivered via phishing emails containing a ZIP archive attachment. In a recent campaign observed by CERT-UA, emails were sent to executive bodies, seemingly from a representative of a relevant ministry. The attached ZIP file, named "Додаток.pdf.zip" (Attachment.pdf.zip), contained a file with a similar name but with a ".pif" extension. This file, converted using the Python-based PyInstaller tool, is the LameHug malware.
This method of hiding malware within ZIP archives is not entirely new. Security researchers have observed an increase in the use of ZIP file concatenation, where multiple ZIP files are combined, with the malware hidden in one of the inner archives. This technique exploits the different ways file archivers handle nested archives, making it more difficult for anti-malware software to detect the malicious payload.
Data Theft Capabilities
Once LameHug infects a system, it gathers system information and searches for text, PDF, and Office files in common folders like Documents, Downloads, and the Desktop. The commands used for these actions are generated by the LLM, allowing the attackers to extract specific data based on their needs. The stolen data is then sent to a remotely controlled server using SFTP or HTTP POST requests. While it is currently unclear how the LLM-powered attack is precisely carried out, the malware's ability to adapt its commands in real-time makes it a particularly dangerous threat.
Attribution and Implications
CERT-UA has attributed the LameHug attacks to APT28, a known Russian state-backed threat group also known as Fancy Bear, Sednit, and Sofacy. This group has been active since at least 2004 and has a long history of targeting Ukraine with cyberattacks. The emergence of LameHug signifies a concerning trend in the cyber landscape: the weaponization of AI for malicious purposes. While AI has been used to enhance various types of malware, LameHug is the first known instance of malware using an LLM to generate attack commands. This capability allows threat actors to adapt their attacks on the fly, potentially bypassing traditional security measures. As AI technology continues to advance, it is likely that we will see more sophisticated AI-powered malware in the future.
Protecting Against AI-Powered Malware
To defend against AI-driven malware like LameHug, Windows users need to adopt a multi-layered security approach. This includes:
By staying informed and taking proactive steps, Windows users can strengthen their defenses against the growing threat of AI-powered malware.
