Techniqueai-attack-stagingATLAS

AML.T0102Generate Malicious Commands

What it is

Adversaries may use large language models (LLMs) to dynamically generate malicious commands from natural language. Dynamically generated commands may be harder detect as the attack signature is constantly changing. AI-generated commands may also allow adversaries to more rapidly adapt to different environments and adjust their tactics. Adversaries may utilize LLMs present in the victim's environment or call out to externally hosted services. [APT28](https://attack.mitre.org/groups/G0007) utilized a model hosted on HuggingFace in a campaign with their LAMEHUG malware [\[1\]][1]. In either case prompts to generate malicious code can blend in with normal traffic. [1]: https://logpoint.com/en/blog/apt28s-new-arsenal-lamehug-the-first-ai-powered-malware

References

  1. https://atlas.mitre.org/techniques/AML.T0102

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

ATLAS
AI Agent
ATLAS
LLM Prompt Crafting
ATLAS
Deploy AI Agent
ATLAS
AI Service API
ATLAS
LLM Trusted Output Components Manipulation
ATLAS
LLM Prompt Injection
Sourced from MITRE ATLAS — Adversarial Threat Landscape for AI Systems. Curated by Adam Lundqvist, SQUR.