Smooth AI criminal drives 'first' end-to-end agentic ransomware attack

https://image.theregister.com/5266109.jpg?imageId=5266109&x=0&y=0&cropw=100&croph=100&panox=0&panoy=0&panow=100&panoh=100&width=1200&height=683

Don't count on the LLM to return your data - even if you pay up

They're not bad; they're just prompted that way. Sysdig threat hunters documented what they say is the first-ever documented agentic ransomware infection with an LLM - not a human - driving the entire extortion operation, from gaining initial access to compromising a production database server and destroying data.

The security shop’s research team named the agentic intruder JadePuffer and said it gained initial access to an internet-facing Langflow instance by exploiting CVE-2025-3248, and then ran a fully automated attack.

“The most striking characteristic, however, was the LLM's behavior,” Sysdig director of threat research Michael Clark said in a blog about the agentic ransomware and extortion operation.

JadePuffer’s “self-narrating” payloads “contained natural language reasoning, target prioritization, and the kind of detailed annotations that human operators don’t often write but LLM-generated code produces reflexively,” Clark added....

Copyright of this story solely belongs to theregister.com. To see the full text click HERE