Google flags 5 AI-powered malware families linked to DPRK crypto theft

A new GTIG report reveals that cybercriminals are increasingly using LLMs to make malware smarter, allowing it to rewrite itself in real time and target high-value assets like crypto.

A new report from Google’s Threat Intelligence Group has uncovered a growing trend in which cybercriminals and state-linked actors are using large language models to supercharge their malware operations.

The report identified 5 distinct families of AI-enabled malware that query LLMs like Gemini and Qwen2.5-Coder during runtime to generate, modify or hide malicious code.

Among the identified threats, two malware families PROMPTFLUX and PROMPTSTEAL were examined in detail. PROMPTFLUX uses a “Thinking Robot” process that calls Gemini’s API hourly to rewrite its VBScript code. PROMPTSTEAL, linked to the Russian APT28 group, leverages the Qwen model hosted on Hugging Face to generate Windows commands on demand, which allows attackers to execute customized operations without pre-programming each function.

This “just-in-time code creation” technique enables the malware to modify its behavior in real time, marking a shift from traditional malware creation, which relies on hard-coded logic.

AI-enabled malware exploits LLMs for crypto theft

The report noted that these AI-driven attacks are already active and targeting high-value assets, including crypto holdings.

It also found that the North Korean group UNC1069 (a.k.a. Masan) has been misusing AI to conduct crypto theft by probing crypto wallets, creating phishing scripts, and crafting targeted social engineering attacks.

Google has disabled accounts tied to these activities and implemented stricter safeguards, including enhanced API monitoring and prompt filters, to limit AI misuse.