- Check Point warns that GenAI tools can be misused as C2 infrastructure
- Malware can hide traffic by encoding data to attacker-controlled URLs via AI queries
- AI assistants can act as decision engines, enabling stealthy, adaptive malware operations
Hackers can use some Generative Artificial Intelligence (GenAI) tools as command-and-control (C2) infrastructure, hide malicious traffic in plain sight and even use them as decision-making engines, experts have warned.
Investigations by Check Point claim that Microsoft Copilot and xAI Grok’s web browsing features can be exploited for malicious activity, although some prerequisites remain.
Deploying malware on a device is only half the job. This malware still needs to be instructed what to do, and the results of those instructions still need to be sent out over the internet. Security solutions can intercept this traffic and thereby determine whether or not a device is compromised — which is why “mixing in with legitimate traffic” is one of the key features of high-quality malware — and now Check Point says there’s a way to do it through AI assistants.
Harvest sensitive data and get additional instructions
If a threat actor infects a device with malware, it can harvest sensitive data and system information, encode it, and paste it into a URL controlled by the attacker. For example, where the data= part contains the sensitive information.
Then the malware can instruct the AI: “Summarize the contents of this website”. Since this is legitimate AI traffic, it does not trigger any security alerts. However, the information is logged on the attacker-controlled server and successfully forwards it in plain sight. To make matters worse, the website may respond with a hidden prompt that the AI executes.
The problem can escalate further if the malware asks the AI what to do next. For example, it can ask, based on the system information it has harvested, whether it is running in a high-value enterprise system or a sandbox. If it’s the latter, the malware may remain dormant. If it is not, it can proceed to phase two.
“When AI services can be used as a stealthy transport layer, the same interface can also carry prompts and model outputs that act as an external decision engine, a stepping stone toward AI-powered implants and AIOps-style C2 that automate triage, targeting, and operational choices in real-time,” Check Point concluded.
The best antivirus for all budgets
Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews and opinions in your feeds. Be sure to click the Follow button!
And of course you can too follow TechRadar on TikTok for news, reviews, video unboxings, and get regular updates from us on WhatsApp also.
