Meet JADEPUFFER: The first ransomware attack that hacked, diagnosed, and extorted — All without a human
For as long as ransomware has existed as a category, it has had a human somewhere in the loop — writing the script, choosing the target, deciding when to pull the trigger on encryption. That assumption just broke.
Researchers at the Sysdig Threat Research Team have documented what they assess to be the first fully agentic ransomware operation on record: an extortion campaign named JADEPUFFER, in which a large language model — not a human operator — performed reconnaissance, harvested credentials, moved laterally, established persistence, exploited a downstream target, and executed a destructive extortion playbook against a production database. Start to finish, without a person driving.
This is not a proof-of-concept from a red team. It’s an attack Sysdig’s team observed in the wild, reconstructed from captured payloads, and is now warning the industry about.
What actually happened
According to Sysdig’s findings, the operation unfolded in two acts.
Act one...
Copyright of this story solely belongs to expresscomputer.in. To see the full text click HERE