Smooth AI criminal drives 'first' end-to-end agentic ransomware attack
Don't count on the LLM to return your data - even if you pay up
They're not bad; they're just prompted that way. Sysdig threat hunters documented what they say is the first-ever documented agentic ransomware infection with an LLM - not a human - driving the entire extortion operation, from gaining initial access to compromising a production database server and destroying data.
The security shop’s research team named the agentic intruder JadePuffer and said it gained initial access to an internet-facing Langflow instance by exploiting CVE-2025-3248, and then ran a fully automated attack.
“The most striking characteristic, however, was the LLM's behavior,” Sysdig director of threat research Michael Clark said in a blog about the agentic ransomware and extortion operation.
JadePuffer’s “self-narrating” payloads “contained natural language reasoning, target prioritization, and the kind of detailed annotations that human operators don’t often write but LLM-generated code produces reflexively,” Clark added....
Copyright of this story solely belongs to theregister.com. To see the full text click HERE