AI-Assisted EDR Evasion Framework Linked to Ransomware Operations
Sophos X-Ops reported that a threat actor built and tested an AI-assisted post-exploitation framework designed to evade endpoint detection and response tools, using a mix of malicious files, Cobalt Strike profiles, Python shellcode-injection scripts, a Telegram Bot API command-and-control channel, and a Cloudflare Worker redirector. Investigators found a supporting Git repository that automated Active Directory discovery and maintained a malware-testing lab with multiple virtual machines to evaluate bypass techniques against Sophos, CrowdStrike, and Microsoft Defender environments; many scripts appeared partly AI-generated and included Russian-language elements.
The framework used a Python payload generator to create Rust- and Go-based payloads with encryption, evasion, and alternate execution methods, ultimately producing nearly 80 modules that tested more than 70 techniques. Sophos said the operators used tools including Cursor, Claude Opus 4.5, and Model Context Protocol to coordinate workflows, ingest public research, and map activity to MITRE ATT&CK, but found no clear evidence that AI independently invented new malware capabilities; the company also linked the development activity to known ransomware deployment and data-theft operations and urged organizations to maintain layered defenses including patching, MFA, passkeys, and strong EDR coverage.
Get ahead of threats like this
Mallory correlates global threat intelligence with your attack surface — know if you’re exposed before adversaries strike.
How this story unfolded
1 event from the most recent confirmed update back to the earliest known activity.
Sophos analyzes AI-assisted EDR evasion framework tied to ransomware activity
Sophos X-Ops reported on a threat actor that used AI-assisted tooling, including Cursor, Claude Opus 4.5, and Model Context Protocol, to develop and test EDR evasion techniques within a post-exploitation framework. The investigation linked the development activity to known ransomware deployment and data theft operations and documented supporting infrastructure such as Telegram Bot API C2, a Cloudflare Worker redirector, and malware-testing lab environments.
Related entities
Vulnerabilities, threat actors, malware, products, organizations, and breaches Mallory has linked to this story.
Sources
7 references tracked. Mallory keeps watching after this page renders.
AI accelerates development of ransomware toolkit with EDR evasion capabilities | brief | SC Media
scworld.com
Open sourceHackers Using AI Tools to Automate Active Directory Attacks and EDR Evasion
cybersecuritynews.com
Open sourceAttackers Use AI to Automate EDR Evasion Testing
darkreading.com
Open sourceAI-built ransomware toolkit automates EDR evasion, AD discovery
bleepingcomputer.com
Open sourcePointing a Cursor at evading detection | SOPHOS
sophos.com
Open sourceSophos uncovers AI-powered malware lab built for EDR evasion - Help Net Security
helpnetsecurity.com
Open sourcePointing a Cursor at evading detection | SOPHOS
sophos.com
Open sourceSee the full picture, correlated to your attack surface.
Map indicators from this story to your assets and identify affected systems in minutes.
Every observed campaign, victim, and pivot linked to actors named in this story.
Malware, exploits, and IOCs connected to the activity described here.
YARA, Sigma, and Snort rules deployed to your SIEM as soon as they’re published.
Get matching new stories delivered to your team as they break — not the next morning.
Ask questions about this story and take action on the answers.
Related stories
Other stories Mallory is tracking that overlap on entities, sources, or topic labels.
AI-Accelerated Intrusions and Malware Campaigns Reduce Time to Domain Compromise
Threat actors increasingly abused *legitimate AI tools* and automation to accelerate intrusions, with CrowdStrike reporting an **89% YoY increase in AI-enabled adversary activity** and an average eCrime breakout time dropping to **29 minutes** (fastest observed **27 seconds**). CrowdStrike also described attackers poisoning or hijacking local AI tooling via **malicious JavaScript embedded in npm packages** targeting tools such as *Claude* and *Gemini* to steal credentials and crypto assets, and highlighted a **CHATTY SPIDER** intrusion that began with voice phishing and remote access via **Microsoft Quick Assist**, followed by attempted exfiltration using **WinSCP** and a fallback to **Google Drive** when blocked. Separate reporting detailed additional active campaigns and exploitation trends consistent with faster initial access and persistence: **UAC-0050 (DaVinci Group / “Mercenary Akula”)** used spear-phishing with spoofed Ukrainian judicial themes and multi-layer archives (ZIP→RAR→passworded 7z) to deliver an `*.pdf.exe` dropper that installed **Remote Manipulator System (RMS)** for remote control and file transfer against a European financial institution. **UnsolicitedBooker** shifted targeting to telecoms in Kyrgyzstan and Tajikistan, using phishing documents that prompt “Enable Content” to run macros that drop loaders (e.g., **LuciLoad**, **MarsSnakeLoader**) and deploy **LuciDoor** and **MarsSnake** backdoors. Vulnerability intelligence for January 2026 also warned of **active exploitation** including **APT28** use of a Microsoft Office zero-day (**CVE-2026-21509**) via weaponized RTFs to deliver implants (e.g., **Covenant**), alongside multiple critical authentication-bypass and RCE issues affecting enterprise platforms—reinforcing that adversaries are combining rapid social engineering, supply-chain style delivery, and exploited vulnerabilities to compress dwell time and speed lateral movement.
Mar 21, 2026
AI-Assisted Malware Campaign Distributed Through Fake Software Downloads
Researchers reported a large-scale **malware distribution campaign** that used fake software offerings hosted on trusted platforms to infect users, with operators increasingly relying on **AI-assisted or “vibe-coded” development** to scale payload creation. McAfee identified more than **443 malicious ZIP archives** masquerading as AI tools, game cheats, VPNs, drivers, and decryptors, distributed via services including *Discord*, *SourceForge*, *FOSSHub*, *MediaFire*, and *mydofiles.com*. The campaign used **48 variants** of `WinUpdateHelper.dll` across **17 kill chains**, each with separate command-and-control infrastructure but linked through shared cryptocurrency wallet credentials, allowing researchers to trace monetization activity and victim distribution across countries including the US, UK, India, Brazil, France, Canada, and Australia. A separate but related report described another **multi-stage malware campaign** that also relied on deceptive delivery and evasion, using **.NET Ahead-of-Time (AOT) compilation** to hinder analysis and a host-scoring system to avoid sandboxes and low-value targets. In that intrusion chain, a phishing-delivered ZIP launched `KeyAuth.exe`, which fetched `bound_build.exe` and then deployed both the **Rhadamanthys infostealer** and an **XMRig** miner disguised as *MicrosoftEdgeUpdater*. The malware checked conditions such as RAM, uptime, document count, and active antivirus processes, and terminated itself if the environment scored below a threshold, showing a deliberate effort to evade detection while maximizing successful infections.
Apr 3, 2026
AI and Automation Accelerate Ransomware Operations and Intrusion Speed
Recent reporting and threat research indicate **AI and automation are materially compressing attacker timelines**, reducing defenders’ opportunity to detect and contain intrusions. A ReliaQuest analysis cited by SC Media found **lateral movement can occur in as little as four minutes** (with average lateral movement time dropping from 48 to 34 minutes), and **data exfiltration** in the fastest cases falling to **six minutes** (down from more than four hours previously). The same reporting notes **80% of ransomware groups** are leveraging AI and/or automation for data theft, and highlights **BoaLoader** as an example of converged AI-assisted development, social engineering, and traditional cybercrime activity. Separate ransomware telemetry from NCC Group shows overall **publicly disclosed ransomware incidents** dipped month-over-month in January but remained broadly consistent year-over-year (741 vs. 696), with **North America** accounting for **54%** of activity and **industrials** the most targeted sector (32%). The report identified **Qilin** as the most active group (108 cases), followed by **Akira** and **Sinobi**, and warned that attacker tradecraft is expanding to new initial access paths, including **messaging platforms** (e.g., WhatsApp, Signal, Telegram) via device-linking scams and malicious QR codes. ASEC’s weekly “Ransom & Dark Web Issues” roundup provides additional context on ongoing ransomware and hacktivist activity (e.g., **Morpheus** targeting a South Korean plating company and **Ailock** republishing prior victims), but it is not clearly tied to the same specific datasets or findings on AI-driven acceleration described in the other reporting.
Mar 21, 2026