In section Startups & Technology

The human hand behind the first AI-driven ransomware

A recent extortion operation dubbed JadePuffer was touted as the first ransomware attack executed entirely by an AI agent without human oversight. However, security researchers now clarify that while the agent managed the technical intrusion, human operators remained essential for selecting targets and provisioning the infrastructure required for the breach.

The human hand behind the first AI-driven ransomware

The JadePuffer attack utilized a known vulnerability in the open-source tool Langflow to infiltrate a production MySQL server, where the AI agent encrypted over 1,300 configuration records. The agent demonstrated a high degree of autonomy, narrating its decision-making process in real-time and resolving login failures in seconds. Despite this efficiency, Michael Clark of Sysdig confirmed that the initial credentials were provided by human actors, who also established the command-and-control servers. The AI functioned as a high-speed executor rather than an independent mastermind.

Confusion initially arose regarding the role of frontier AI models after reports surfaced that the agent had harvested API keys for OpenAI, Anthropic, DeepSeek, and Gemini. Clark later clarified that these keys were merely part of the stolen loot, serving as indicators of value rather than the engine powering the attack. Sysdig remains unable to identify the specific model driving JadePuffer, leading experts like Microsoft’s Geoff McDonald to speculate that the operation likely relied on an open-weight model with safety guardrails removed. While this automation could eventually lower the barrier to entry for cybercriminals, the current requirement for human-led target selection and infrastructure setup prevents the immediate, mass-scale deployment of such campaigns.

Share:on TelegramXFacebook

Subscribe to our newsletter

Once a week — the best stories from our editors, no ads or push notifications. Delivered Sunday morning.

Comments (0)

Leave a comment

No comments yet. Be the first!