EvilAI Operators Use AI-Generated Code and Fake Apps for Far-Reaching Attacks | Trend Micro (US)<\/title> <link href=\"https:\/\/fonts.googleapis.com\/css?family=Open+Sans:300,300i,400,400i,600\" rel=\"stylesheet\">\n<link href=\"\/\/customer.cludo.com\/css\/296\/1798\/cludo-search.min.css\" type=\"text\/css\" rel=\"stylesheet\"> <link rel=\"stylesheet\" href=\"\/etc.clientlibs\/trendresearch\/clientlibs\/clientlib-trendresearch.min.eef9161aa6f636be94dc8f75bd21e83f.css\" type=\"text\/css\">\n<link rel=\"stylesheet\" href=\"\/etc.clientlibs\/trendmicro\/clientlibs\/trendmicro-core-2\/clientlibs\/header-footer.min.ed72bbd5ec8a033bb224030ee7e2c12e.css\" type=\"text\/css\"> <meta property=\"og:url\" content=\"https:\/\/www.trendmicro.com\/en_us\/research\/25\/i\/evilai.html\"><br \/>\n<meta property=\"og:title\" content=\"EvilAI Operators Use AI-Generated Code and Fake Apps for Far-Reaching Attacks \"><br \/>\n<meta property=\"og:site_name\" content=\"Trend Micro\"><br \/>\n<meta property=\"og:image\" content=\"https:\/\/www.trendmicro.com\/content\/dam\/trendmicro\/global\/en\/research\/thumbnails\/25\/EvilAI-thumbnail.png\"><br \/>\n<meta property=\"og:locale\" content=\"en_US\"> <meta name=\"twitter:card\" content=\"summary_large_image\"><br \/>\n<meta name=\"twitter:site\" content=\"@TrendMicro\"><br \/>\n<meta name=\"twitter:title\" content=\"EvilAI Operators Use AI-Generated Code and Fake Apps for Far-Reaching Attacks \"><br \/>\n<meta name=\"twitter:image\" content=\"https:\/\/www.trendmicro.com\/content\/dam\/trendmicro\/global\/en\/research\/thumbnails\/25\/EvilAI-thumbnail.png\"> <\/head> <body class=\"articlepage page basicpage context-business\" id=\"readabilityBody\" readability=\"51.147123207109\">  <a id=\"page-scroll\" title=\"VerticalPageScroll\" href=\"javascript:jumpScroll($(this).scrollTop());\"> <span class=\"icon-chevron-up\"><\/span> <\/a>  <\/p>\n<div class=\"root responsivegrid\">\n<div class=\"aem-Grid aem-Grid--12 aem-Grid--default--12 \">\n<div class=\"articleBodyNoHero aem-GridColumn aem-GridColumn--default--12\">\n<div class=\"research-layout article container\" role=\"contentinfo\">\n<article class=\"research-layout--wrapper row\" data-article-pageid=\"369991646\">\n<div class=\"col-xs-12 col-md-12 one-column\">\n<div class=\"col-xs-12 col-md-12\" readability=\"15.5\">\n<div class=\"article-details\" role=\"heading\" readability=\"51\"> <span class=\"article-details__bar\" role=\"img\"><\/span> <\/p>\n<p class=\"article-details__description\">Combining AI-generated code and social engineering, EvilAI operators are executing a rapidly expanding campaign, disguising their malware as legitimate applications to bypass security, steal credentials, and persistently compromise organizations worldwide.<\/p>\n<p class=\"article-details__author-by\">By: Jeffrey Francis Bonaobra, Joshua Aquino, Emmanuel Panopio, Emmanuel Roll, Joshua Lijandro Tsang, Armando Nathaniel Pedragoza, Melvin Singwa, Mohammed Malubay, Marco Dela Vega <time class=\"article-details__date\">September 11, 2025<\/time> <span>Read time: <\/span><span class=\"eta\"><\/span> (<span class=\"words\"><\/span> words) <\/p>\n<div class=\"article-details__icons\">  <\/p>\n<div class=\"a2a_kit a2a_default_style\" data-a2a-icon-color=\"#717172\"> <a class=\"a2a_dd addthis_link\" href=\"https:\/\/www.addtoany.com\/share\"> <img decoding=\"async\" src=\"https:\/\/www.trendmicro.com\/etc.clientlibs\/trendresearch\/clientlibs\/clientlib-trendresearch\/resources\/img\/share-more.svg\" class=\"svg-icon\" alt=\"Share\"> <\/a> <a class=\"a2a_button_print addthis_link\"> <img decoding=\"async\" src=\"https:\/\/www.trendmicro.com\/etc.clientlibs\/trendresearch\/clientlibs\/clientlib-trendresearch\/resources\/img\/printer.svg\" class=\"svg-icon\" alt=\"Print\"> <\/a> <\/div>\n<p>   <\/div>\n<\/div><\/div>\n<\/p><\/div>\n<hr class=\"research-layout-divider\"> <main class=\"main--content col-xs-12 col-lg-8 col-lg-push-2\"> <\/p>\n<div>\n<div class=\"richText\" readability=\"38.961271102284\">\n<div readability=\"22.977159880834\">\n<h2><span class=\"body-subhead-title\">Key takeaways<\/span><\/h2>\n<ul>\n<li><span class=\"rte-red-bullet\">EvilAI disguises itself as productivity or AI-enhanced tools, with professional-looking interfaces and valid digital signatures that make it difficult for users and security tools to distinguish it from legitimate software. <\/span><\/li>\n<li><span class=\"rte-red-bullet\">Based on our telemetry, EvilAI infections have appeared globally, with the highest impact in Europe, the Americas, and the AMEA region. The EvilAI malware campaign has predominantly impacted organizations in manufacturing, government\/public services, and healthcare.<\/span><\/li>\n<li><span class=\"rte-red-bullet\">It exfiltrates sensitive browser data and maintains encrypted, real-time communication with its command-and-control servers using AES-encrypted channels to receive attacker commands and deploy additional payloads.<\/span><\/li>\n<li><span class=\"rte-red-bullet\">Trend Vision One\u2122 safeguards against EvilAI by detecting and blocking the IOCs outlined in this post. Customers also have access to targeted threat hunting queries, intelligence reports, and actionable threat insights, enabling a proactive approach to defense against EvilAI infections.<\/span><\/li>\n<\/ul>\n<p>In recent weeks, Trend Research has observed a new wave of malware campaigns that infiltrate systems by posing as legitimate AI tools and software \u2013 complete with realistic interfaces, code signing, and convincing utility features \u2013 making them appear legitimate to end users. Rather than relying on obviously malicious files, these trojans mimic the appearance of real software to go unnoticed into both corporate and personal environments, often gaining persistent access before raising any suspicion.<\/p>\n<p>The sophistication and adaptability observed suggests the work of a highly capable threat actor. Increasingly, attackers are leveraging <a href=\"https:\/\/www.trendmicro.com\/en_us\/what-is\/ai.html\" target=\"_blank\">AI<\/a> tools to generate malware code that looks clean and legitimate, allowing it to evade detection by traditional security solutions. This blurring line between authentic and deceptive software highlights the mounting challenges faced by defenders. For clarity and consistency in our reporting, Trend Micro will be tracking this malware family as EvilAI. <\/p>\n<\/p><\/div>\n<\/p><\/div>\n<div class=\"richText\" readability=\"37.5\">\n<div class=\"responsive-table-wrap\" readability=\"20\">\n<h2><span class=\"body-subhead-title\">Victimology: Early signs of a global campaign<\/span><\/h2>\n<p>Although data collection from our internal telemetry began on August 29, just one week of monitoring has revealed the aggressive and rapid spread of the EvilAI malware. Trend\u2019s threat intelligence data showed detections of EvilAI on a global scale. Europe has reported the highest number of cases with 56 incidents, followed by the Americas (North, Central, and South) and AMEA (Asia, Middle East, and Africa), each with 29. This swift, widespread distribution across multiple regions strongly indicates that EvilAI is not an isolated incident but rather an active and evolving campaign currently circulating in the wild.<\/p>\n<p><center><\/p>\n<table border=\"1\" cellspacing=\"0\" cellpadding=\"0\">\n<tbody>\n<tr>\n<td width=\"132\" valign=\"top\"><b>Region<\/b><\/td>\n<td width=\"96\" valign=\"top\"><b>Count<\/b><\/td>\n<\/tr>\n<tr>\n<td width=\"132\" valign=\"top\">Europe<\/td>\n<td width=\"96\" valign=\"top\">56<\/td>\n<\/tr>\n<tr>\n<td width=\"132\" valign=\"top\">Americas<\/td>\n<td width=\"96\" valign=\"top\">29<\/td>\n<\/tr>\n<tr>\n<td width=\"132\" valign=\"top\">AMEA<\/td>\n<td width=\"96\" valign=\"top\">29<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<p><\/center><\/p>\n<p><span class=\"rte-icon-component-text\">Table 1. Top three regions with EvilAI malware infection cases<\/span><\/p>\n<\/p><\/div>\n<\/p><\/div>\n<div class=\"richText\" readability=\"35.5\">\n<div class=\"responsive-table-wrap\" readability=\"16\">\n<p><b>Affected countries<\/b><\/p>\n<p>The global reach of the EvilAI malware is evident, with the highest number of cases shown in Table 2. This widespread distribution across diverse regions highlights EvilAI\u2019s non-selective targeting, leveraging sophisticated social engineering and AI-generated, legitimate-looking code to seamlessly infiltrate systems, evading detection and gaining persistent access to maximize disruption worldwide.<\/p>\n<p><center><\/p>\n<table border=\"1\" cellspacing=\"0\" cellpadding=\"0\" width=\"288\">\n<tbody>\n<tr>\n<td width=\"216\" valign=\"top\"><b>Country<\/b><\/td>\n<td width=\"72\" valign=\"top\"><b>Count<\/b><\/td>\n<\/tr>\n<tr>\n<td width=\"216\" valign=\"top\">India<\/td>\n<td width=\"72\" valign=\"top\">74<\/td>\n<\/tr>\n<tr>\n<td width=\"216\" valign=\"top\">United States<\/td>\n<td width=\"72\" valign=\"top\">68<\/td>\n<\/tr>\n<tr>\n<td width=\"216\" valign=\"top\">France<\/td>\n<td width=\"72\" valign=\"top\">58<\/td>\n<\/tr>\n<tr>\n<td width=\"216\" valign=\"top\">Italy<\/td>\n<td width=\"72\" valign=\"top\">31<\/td>\n<\/tr>\n<tr>\n<td width=\"216\" valign=\"top\">Brazil<\/td>\n<td width=\"72\" valign=\"top\">26<\/td>\n<\/tr>\n<tr>\n<td width=\"216\" valign=\"top\">Germany<\/td>\n<td width=\"72\" valign=\"top\">23<\/td>\n<\/tr>\n<tr>\n<td width=\"216\" valign=\"top\">United Kingdom<\/td>\n<td width=\"72\" valign=\"top\">14<\/td>\n<\/tr>\n<tr>\n<td width=\"216\" valign=\"top\">Norway<\/td>\n<td width=\"72\" valign=\"top\">10<\/td>\n<\/tr>\n<tr>\n<td width=\"216\" valign=\"top\">Spain<\/td>\n<td width=\"72\" valign=\"top\">10<\/td>\n<\/tr>\n<tr>\n<td width=\"216\" valign=\"top\">Canada<\/td>\n<td width=\"72\" valign=\"top\">8<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<p><\/center><\/p>\n<p><span class=\"rte-icon-component-text\">Table 2. Top 10 countries with EvilAI malware infection cases<\/span><\/p>\n<\/p><\/div>\n<\/p><\/div>\n<div class=\"richText\" readability=\"39.5\">\n<div class=\"responsive-table-wrap\" readability=\"24\">\n<p><b>Affected industries<\/b><\/p>\n<p>Industry analysis further reinforces this picture. Infections have struck critical sectors, including manufacturing at 58 cases, government\/public services with 51, and 48 in healthcare among the top impacted areas. Even smaller sectors have reported cases, as shown below in Table 3. Using sophisticated social engineering and AI-generated legitimate-looking code, EvilAI’s non-selective targeting allows seamless infiltration across critical and non-critical sectors, evading detection and gaining persistent access before raising suspicion.<\/p>\n<p><center><\/p>\n<table border=\"1\" cellspacing=\"0\" cellpadding=\"0\" width=\"230\">\n<tbody>\n<tr>\n<td width=\"172\" valign=\"top\"><b>Industry<\/b><\/td>\n<td width=\"58\" valign=\"top\"><b>Count<\/b><\/td>\n<\/tr>\n<tr>\n<td width=\"172\" valign=\"top\">Manufacturing<\/td>\n<td width=\"58\" valign=\"top\">58<\/td>\n<\/tr>\n<tr>\n<td width=\"172\" valign=\"top\">Government<\/td>\n<td width=\"58\" valign=\"top\">51<\/td>\n<\/tr>\n<tr>\n<td width=\"172\" valign=\"top\">Healthcare<\/td>\n<td width=\"58\" valign=\"top\">48<\/td>\n<\/tr>\n<tr>\n<td width=\"172\" valign=\"top\">Technology<\/td>\n<td width=\"58\" valign=\"top\">43<\/td>\n<\/tr>\n<tr>\n<td width=\"172\" valign=\"top\">Retail<\/td>\n<td width=\"58\" valign=\"top\">31<\/td>\n<\/tr>\n<tr>\n<td width=\"172\" valign=\"top\">Education<\/td>\n<td width=\"58\" valign=\"top\">27<\/td>\n<\/tr>\n<tr>\n<td width=\"172\" valign=\"top\">Financial Services<\/td>\n<td width=\"58\" valign=\"top\">22<\/td>\n<\/tr>\n<tr>\n<td width=\"172\" valign=\"top\">Construction<\/td>\n<td width=\"58\" valign=\"top\">20<\/td>\n<\/tr>\n<tr>\n<td width=\"172\" valign=\"top\">Non-profit<\/td>\n<td width=\"58\" valign=\"top\">19<\/td>\n<\/tr>\n<tr>\n<td width=\"172\" valign=\"top\">Utilities<\/td>\n<td width=\"58\" valign=\"top\">9<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<p><\/center><\/p>\n<p><span class=\"rte-icon-component-text\">Table 3. Top affected industries with EvilAI malware infection cases<\/span><\/p>\n<p>The early victimology confirms that EvilAI is a broad and indiscriminate campaign, already achieving significant global impact within a short tracking window. If left unchecked, this trajectory suggests the potential for rapid escalation in scope and severity.<\/p>\n<\/p><\/div>\n<\/p><\/div>\n<div class=\"richText\" readability=\"34.5\">\n<div readability=\"14\">\n<h4><span class=\"body-subhead-title\">Technical details<\/span><\/h4>\n<p><b>Trojans disguised as legitimate software<\/b><\/p>\n<p>A common and highly effective evasion tactic used by EvilAI is making malicious software appear legitimate at every level. This starts with the use of plausible, purpose-driven file names \u2013 each chosen to match the advertised utility of the application. While these names may not mimic popular software brands, they are generic and purposeful enough to appear authentic when seen by users. These include:<\/p>\n<ul>\n<li><span class=\"rte-red-bullet\">App Suite<\/span><\/li>\n<li><span class=\"rte-red-bullet\">Epi Browser<\/span><\/li>\n<li><span class=\"rte-red-bullet\">JustAskJacky<\/span><\/li>\n<li><span class=\"rte-red-bullet\">Manual Finder<\/span><\/li>\n<li><span class=\"rte-red-bullet\">One Start<\/span><\/li>\n<li><span class=\"rte-red-bullet\">PDF Editor<\/span><\/li>\n<li><span class=\"rte-red-bullet\">Recipe Lister<\/span><\/li>\n<li><span class=\"rte-red-bullet\">Tampered Chef<\/span><\/li>\n<\/ul><\/div>\n<\/p><\/div>\n<div class=\"richText\" readability=\"45.844031193761\">\n<div readability=\"38.040791841632\">\n<p><b><i>Widespread malware distribution<\/i><\/b><\/p>\n<p>These malicious applications have been widely distributed online, often circulating for months before being identified as threats, enabling broad penetration of both corporate and personal environments. Rather than compromising trusted vendors, attackers spread these fake programs by:<\/p>\n<ul>\n<li><span class=\"rte-red-bullet\">Hosting them on newly registered websites that imitate vendor portals or tech solution pages<\/span><\/li>\n<li><span class=\"rte-red-bullet\">Using malicious advertisements, SEO manipulation, and promoted download links on forums and social media<\/span><\/li>\n<li><span class=\"rte-red-bullet\">Encouraging users to download tools for productivity, document handling, or AI-enhanced capabilities<\/span><\/li>\n<\/ul>\n<p>Because the installers often function like legitimate software and may offer basic features, users are less likely to suspect foul play, allowing the malware to operate unnoticed.<\/p>\n<p><b><i>High-fidelity mimicry of software interfaces, file naming, and digital signatures<\/i><\/b><\/p>\n<p>This masquerade is further reinforced by professionally crafted user interfaces and real, working features that match the expectations set by the application’s name. For example, a user opening “Recipe Lister” is presented with recipe-management functionalities, while “Manual Finder” supplies documentation search features. This direct alignment between name and function helps dispel user suspicion and encourages engagement.<\/p>\n<p>To enhance credibility, attackers often abuse digital signatures and trusted certificates (Figure 1). Some groups go so far as to obtain or misuse code-signing certificates, granting their malware an additional layer of trust by making it appear as \u201cverified\u201d software. In many cases, <a href=\"https:\/\/blog.dingusxmcgee.com\/blog\/2025\/06\/06\/Recipe-For-Adware.html\" target=\"_blank\">these certificates are eventually revoked<\/a> once the abuse is discovered.<\/p>\n<\/p><\/div>\n<\/p><\/div>\n<div class=\"image\">\n<figure class=\"image-figure\"> <img decoding=\"async\" src=\"https:\/\/www.trendmicro.com\/content\/dam\/trendmicro\/global\/en\/research\/25\/i\/evilai\/EvilAI-Figure01.png\" alt=\"Figure 1. Digital signature used to make malware appear legitimate\"> <\/p>\n<div class=\"caption-image-container \"><figcaption>Figure 1. Digital signature used to make malware appear legitimate<\/figcaption><\/div>\n<\/figure><\/div>\n<div class=\"richText\" readability=\"50.168490153173\">\n<div readability=\"45.698030634573\">\n<p>The following digital signatures were observed in samples identified during our threat hunting:<\/p>\n<ul>\n<li><span class=\"rte-red-bullet\">App Interplace LLC<\/span><\/li>\n<li><span class=\"rte-red-bullet\">Byte Media Sdn Bhd<\/span><\/li>\n<li><span class=\"rte-red-bullet\">Echo Infini Sdn. Bhd.<\/span><\/li>\n<li><span class=\"rte-red-bullet\">GLINT SOFTWARE SDN. BHD.<\/span><\/li>\n<li><span class=\"rte-red-bullet\">Global Tech Allies ltd<\/span><\/li>\n<li><span class=\"rte-red-bullet\">Pixel Catalyst Media LLC<\/span><\/li>\n<\/ul>\n<p>Their registration dates, which fall between 2024 and 2025, indicate that these entities are relatively new. This timing may correspond with a tactic commonly observed in malware-signing campaigns, in which disposable companies are established to obtain new digital certificates after old ones are revoked.<\/p>\n<p><b><i>Malware in functional software<\/i><\/b><\/p>\n<p>Additionally, EvilAI\u2019s operators often create entirely novel applications that do not correspond to any true, legitimate product. Rather than copying established software brands, the threat actors invent new application names and features, making detection even harder. In many cases, the malware is bundled with functional applications, allowing users to interact with software that works as expected while the hidden malicious payload operates in the background. This dual-purpose approach ensures the user\u2019s expectations are met, further lowering the chance of suspicion or investigation.<\/p>\n<p><b><i>Use of AI for defense evasion<\/i><\/b><\/p>\n<p>AI is increasingly being used to help malware slip past security tools. With AI for coding, website, and app generation becoming mainstream, attackers are now leveraging LLMs to create new malware code that is clean, normal-looking, and does not trigger static scanners. In the case of <a href=\"https:\/\/www.gdatasoftware.com\/blog\/2025\/08\/38247-justaskjacky-ai-trojan-horse-comeback\" target=\"_blank\">JustAskJacky<\/a>, the malware leveraged AI to produce code that appears legitimate at first glance, unlike older, noisy samples, making detection much harder. By combining believable functionality with stealthy payload delivery, AI is reviving classic threats like Trojans and giving them new evasion capabilities against modern antivirus (AV) defenses.<\/p>\n<\/p><\/div>\n<\/p><\/div>\n<div class=\"richText\" readability=\"33.5\">\n<div readability=\"12\">\n<p><b>Infection flow<\/b><\/p>\n<p>Trend\u2019s internal telemetry has uncovered an attack chain where seemingly legitimate applications \u2013 often advertised and distributed through newly registered or imitation websites \u2013 are used as decoys to deliver malicious payloads (Figure 2). When users launch these applications, the expected user interface appears, masking the execution of harmful activities in the background.<\/p>\n<\/p><\/div>\n<\/p><\/div>\n<div class=\"image\">\n<figure class=\"image-figure\"> <img decoding=\"async\" src=\"https:\/\/www.trendmicro.com\/content\/dam\/trendmicro\/global\/en\/research\/25\/i\/evilai\/EvilAI-Figure02.png\" alt=\"Figure 2. EvilAI\u2019s observed infection flow\"> <\/p>\n<div class=\"caption-image-container \"><figcaption>Figure 2. EvilAI\u2019s observed infection flow<\/figcaption><\/div>\n<\/figure><\/div>\n<div class=\"richText\" readability=\"36\">\n<div readability=\"17\">\n<p><b><i>Node.js-based malware delivery<\/i><\/b><\/p>\n<p>Unbeknownst to the user, the application triggers a command that silently launches Node.js (node.exe) via the Windows command line, executing a JavaScript payload stored in the user\u2019s temporary directory (Figure 3). The payload is dropped during the installation of the application. The execution chain resembles the following example:<\/p>\n<p><span class=\"blockquote\">cmd.exe \/c start “” \/min “C:\\Users\\<user>\\AppData\\Roaming\\NodeJs\\node.exe” “C:\\Users\\<user>\\AppData\\Local\\TEMP\\[GUID]of.js”<\/span><\/p>\n<\/p><\/div>\n<\/p><\/div>\n<div class=\"image\">\n<figure class=\"image-figure\"> <img decoding=\"async\" src=\"https:\/\/www.trendmicro.com\/content\/dam\/trendmicro\/global\/en\/research\/25\/i\/evilai\/EvilAI-Figure03.png\" alt=\"Figure 3. PDF Editor executing the malicious JavaScript using node.exe\"> <\/p>\n<div class=\"caption-image-container \"><figcaption>Figure 3. PDF Editor executing the malicious JavaScript using node.exe<\/figcaption><\/div>\n<\/figure><\/div>\n<div class=\"richText\" readability=\"38.5\">\n<div readability=\"22\">\n<p>The JavaScript files are typically named with a GUID suffix and end in two characters \u2013 commonly \u201cor\u201d, \u201cro\u201d, or \u201cof\u201d \u2013 a pattern consistently observed both in our internal investigations and in samples identified from public repositories.<\/p>\n<p>While the legitimate application window operates in the foreground, this covert process enables the malware to execute unnoticed.<\/p>\n<p><b><i>Persistence mechanisms<\/i><\/b><\/p>\n<p>The malware establishes persistence by creating a scheduled task named sys_component_health_{UID}, disguised to look like a legitimate Windows process. This task runs Node.js (node.exe) in minimized mode to execute a malicious JavaScript file hidden in the user\u2019s Temp folder. It triggers daily at 10:51 AM and repeats every four hours, ensuring the malware is relaunched multiple times a day even after system reboots (Figure 4). The following command was directly observed during our investigation:<\/p>\n<\/p><\/div>\n<\/p><\/div>\n<div class=\"image\">\n<figure class=\"image-figure\"> <img decoding=\"async\" src=\"https:\/\/www.trendmicro.com\/content\/dam\/trendmicro\/global\/en\/research\/25\/i\/evilai\/EvilAI-Figure04.png\" alt=\"Figure 4. Scheduled task creation\"> <\/p>\n<div class=\"caption-image-container \"><figcaption>Figure 4. Scheduled task creation<\/figcaption><\/div>\n<\/figure><\/div>\n<div class=\"richText\" readability=\"33\">\n<div readability=\"11\">\n<p><span class=\"blockquote\">C:\\windows\\system32\\cmd.exe \/d \/s \/c “schtasks \/Create \/TN “sys_component_health_{UID}” \/TR “\\”C:\\Windows\\system32\\cmd.exe\\” \/c start \\”\\” \/min \\”%^LOCALAPPDATA^%\\Programs\\nodejs\\node.exe\\” \\”%^LOCALAPPDATA^%\\TEMP\\{UID}or.js\\”” \/SC DAILY \/ST 10:51 \/RI 240 \/DU 24:00 \/F”<\/span><\/p>\n<p>An associated scheduled task file was also identified (Figure 5).<\/p>\n<\/p><\/div>\n<\/p><\/div>\n<div class=\"image\">\n<figure class=\"image-figure\"> <img decoding=\"async\" src=\"https:\/\/www.trendmicro.com\/content\/dam\/trendmicro\/global\/en\/research\/25\/i\/evilai\/EvilAI-Figure05.png\" alt=\"Figure 5. Created scheduled task file\"> <\/p>\n<div class=\"caption-image-container \"><figcaption>Figure 5. Created scheduled task file<\/figcaption><\/div>\n<\/figure><\/div>\n<div class=\"richText\" readability=\"33\">\n<div readability=\"11\">\n<p><span class=\"blockquote\">C:\\Windows\\System32\\Tasks\\PDFEditorUScheduledTask<\/span><\/p>\n<p>In addition to scheduled task creation, the malware creates a shortcut file for PDF Editor in the Start Menu Programs folder (Figure 6).<\/p>\n<\/p><\/div>\n<\/p><\/div>\n<div class=\"image\">\n<figure class=\"image-figure\"> <img decoding=\"async\" src=\"https:\/\/www.trendmicro.com\/content\/dam\/trendmicro\/global\/en\/research\/25\/i\/evilai\/EvilAI-Figure06.png\" alt=\"Figure 6. Created PDF Editor shortcut file\"> <\/p>\n<div class=\"caption-image-container \"><figcaption>Figure 6. Created PDF Editor shortcut file<\/figcaption><\/div>\n<\/figure><\/div>\n<div class=\"richText\" readability=\"33.5\">\n<div readability=\"12\">\n<p><span class=\"blockquote\">C:\\Users\\{User Name}\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\PDF Editor.lnk<\/span><\/p>\n<p>Furthermore, persistence is strengthened by adding an entry to the Windows Registry Run key, which ensures that PDFEditorUpdater executes at user logon (Figure 7).<\/p>\n<\/p><\/div>\n<\/p><\/div>\n<div class=\"image\">\n<figure class=\"image-figure\"> <img decoding=\"async\" src=\"https:\/\/www.trendmicro.com\/content\/dam\/trendmicro\/global\/en\/research\/25\/i\/evilai\/EvilAI-Figure07.png\" alt=\"Figure 7. Created Registry Run key\"> <\/p>\n<div class=\"caption-image-container \"><figcaption>Figure 7. Created Registry Run key<\/figcaption><\/div>\n<\/figure><\/div>\n<div class=\"richText\" readability=\"35\">\n<div readability=\"15\">\n<p><span class=\"blockquote\">HKEY_USERS\\<User_SID>\\Software\\Microsoft\\Windows\\CurrentVersion\\Run\\PDFEditorUpdater<\/span><\/p>\n<p><b><i>Use of WMI for process enumeration<\/i><\/b><\/p>\n<p>The attacker utilized Windows Management Instrumentation (WMI) to determine if Microsoft Edge or Google Chrome was running on the system. By leveraging PowerShell commands that query WMI objects, the attacker was able to enumerate active processes associated with these web browsers (Figure 8). The following commands were observed:<\/p>\n<\/p><\/div>\n<\/p><\/div>\n<div class=\"image\">\n<figure class=\"image-figure\"> <img decoding=\"async\" src=\"https:\/\/www.trendmicro.com\/content\/dam\/trendmicro\/global\/en\/research\/25\/i\/evilai\/EvilAI-Figure08.png\" alt=\"Figure 8. WMI command execution via PowerShell\"> <\/p>\n<div class=\"caption-image-container \"><figcaption>Figure 8. WMI command execution via PowerShell<\/figcaption><\/div>\n<\/figure><\/div>\n<div class=\"richText\" readability=\"38\">\n<div readability=\"21\">\n<p><span class=\"blockquote\">C:\\windows\\system32\\cmd.exe \/d \/s \/c “powershell.exe “Get-WmiObject Win32_Process | Where-Object { $_.Name -eq ‘chrome.exe’ }””<\/span><\/p>\n<p><span class=\"blockquote\">C:\\windows\\system32\\cmd.exe \/d \/s \/c “powershell.exe “Get-WmiObject Win32_Process | Where-Object { $_.Name -eq ‘msedge.exe’ }””<\/span><\/p>\n<p><b><i>Software enumeration via registry queries<\/i><\/b><\/p>\n<p>Shortly after checking for browsers, the attacker performed a series of registry queries to enumerate installed software, the majority of which were security and AV products (Figure 9). During this process, the attacker also attempted to discover uninstall strings or configuration settings present in the registry that could potentially be used for further automated actions.<\/p>\n<\/p><\/div>\n<\/p><\/div>\n<div class=\"image\">\n<figure class=\"image-figure\"> <img decoding=\"async\" src=\"https:\/\/www.trendmicro.com\/content\/dam\/trendmicro\/global\/en\/research\/25\/i\/evilai\/EvilAI-Figure09.png\" alt=\"Figure 9. Reg query command execution\"> <\/p>\n<div class=\"caption-image-container \"><figcaption>Figure 9. Reg query command execution<\/figcaption><\/div>\n<\/figure><\/div>\n<div class=\"richText\" readability=\"43\">\n<div readability=\"31\">\n<p><span class=\"blockquote\">C:\\windows\\system32\\cmd.exe \/d \/s \/c “reg query “HKLM\\Software\\Microsoft\\Windows\\CurrentVersion\\Run\\Bitdefender” \/v “UninstallString””<\/span><\/p>\n<p><span class=\"blockquote\">C:\\windows\\system32\\cmd.exe \/d \/s \/c “reg query “HKCU\\Software\\KasperskyLabSetup””<\/span><\/p>\n<p><span class=\"blockquote\">C:\\windows\\system32\\cmd.exe \/d \/s \/c “reg query “HKLM\\Software\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\REC” \/v “UninstallString””<\/span><\/p>\n<p><span class=\"blockquote\">C:\\windows\\system32\\cmd.exe \/d \/s \/c “reg query “HKLM\\Software\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\G DATA ANTIVIRUS” \/v “UninstallString””<\/span><\/p>\n<p><span class=\"blockquote\">C:\\windows\\system32\\cmd.exe \/d \/s \/c “reg query “HKCU\\Software\\Zillya\\Zillya Antivirus””<\/span><\/p>\n<p><span class=\"blockquote\">C:\\windows\\system32\\cmd.exe \/d \/s \/c “reg query “HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\EPISoftware EpiBrowser” \/v “UninstallString””<\/span><\/p>\n<p><span class=\"blockquote\">C:\\windows\\system32\\cmd.exe \/d \/s \/c “reg query “HKCU\\Software\\CheckPoint\\ZANG””<\/span><\/p>\n<p><span class=\"blockquote\">C:\\windows\\system32\\cmd.exe \/d \/s \/c “reg query “HKLM\\Software\\Fortinet””<\/span><\/p>\n<p><b><i>Process termination<\/i><\/b><\/p>\n<p>Following process inspection and security product enumeration, the adversary forcibly terminated the Microsoft Edge and Chrome browser, likely to free files for credential theft or to avoid user detection (Figure 10).<\/p>\n<\/p><\/div>\n<\/p><\/div>\n<div class=\"image\">\n<figure class=\"image-figure\"> <img decoding=\"async\" src=\"https:\/\/www.trendmicro.com\/content\/dam\/trendmicro\/global\/en\/research\/25\/i\/evilai\/EvilAI-Figure10.png\" alt=\"Figure 10. Process termination via taskkill\"> <\/p>\n<div class=\"caption-image-container \"><figcaption>Figure 10. Process termination via taskkill<\/figcaption><\/div>\n<\/figure><\/div>\n<div class=\"richText\" readability=\"36.5\">\n<div readability=\"18\">\n<p><span class=\"blockquote\">taskkill \/F \/IM msedge.exe<\/span><\/p>\n<p><span class=\"blockquote\">taskkill \/IM msedge.exe<\/span><\/p>\n<p><span class=\"blockquote\">taskkill \/F \/IM chrome.exe<\/span><\/p>\n<p><span class=\"blockquote\">taskkill \/IM chrome.exe<\/span><\/p>\n<p><b><i>Credential data duplication from browser profiles<\/i><\/b><\/p>\n<p>Based on telemetry, the attacker created copies of both the \u201cWeb Data\u201d and \u201cPreferences\u201d files from Microsoft Edge and Google Chrome browser profiles (Figure 11). They then append \u201cSync\u201d to the filenames (resulting in \u201cWeb Data Sync\u201d and \u201cPreferences Sync\u201d) and store them in the same directory paths, such as:<\/p>\n<ul>\n<li><span class=\"rte-red-bullet\">C:\\Users\\{User Name}\\AppData\\Local\\Microsoft\\Edge\\User Data\\Default\\Web Data Sync<\/span><\/li>\n<li><span class=\"rte-red-bullet\">C:\\Users\\{User Name}\\AppData\\Local\\Microsoft\\Edge\\User Data\\Default\\Preferences Sync<\/span><\/li>\n<li><span class=\"rte-red-bullet\">C:\\Users\\{User Name}\\AppData\\Local\\Google\\Chrome\\User Data\\Default\\Web Data Sync<\/span><\/li>\n<li><span class=\"rte-red-bullet\">C:\\Users\\{User Name}\\AppData\\Local\\Google\\Chrome\\User Data\\Default\\Preferences Sync <\/span><\/li>\n<\/ul><\/div>\n<\/p><\/div>\n<div class=\"image\">\n<figure class=\"image-figure\"> <img decoding=\"async\" src=\"https:\/\/www.trendmicro.com\/content\/dam\/trendmicro\/global\/en\/research\/25\/i\/evilai\/EvilAI-Figure11.png\" alt=\"Figure 11. Credential data duplication\"> <\/p>\n<div class=\"caption-image-container \"><figcaption>Figure 11. Credential data duplication<\/figcaption><\/div>\n<\/figure><\/div>\n<div class=\"richText\" readability=\"40\">\n<div readability=\"25\">\n<p><b>Malicious JavaScript file analysis<\/b><\/p>\n<p><b><i>Obfuscation techniques<\/i><\/b><\/p>\n<p>The malware employs multiple layers of code obfuscation to hinder analysis and evade detection, primarily through control flow flattening. It encodes all function names and strings using Unicode escape sequences to conceal their true purpose, uses meaningless variable names, and implements self-cleaning techniques that temporarily modify system objects before erasing all traces of activity. These methods turn otherwise simple operations into complex puzzles that are extremely difficult for security tools to analyze statically.<\/p>\n<p><b><i>Anti-analysis loops<\/i><\/b><\/p>\n<p>The malware uses advanced anti-analysis techniques that significantly hinder static code analysis and increase reverse engineering difficulty. The following summarizes its approach:<\/p>\n<ul>\n<li><span class=\"rte-red-bullet\">Implements anti-analysis loops using MurmurHash3 32-bit hashing to generate unpredictable control flow conditions.<\/span><\/li>\n<li><span class=\"rte-red-bullet\">Each loop operates by converting its counter to a string, calculating a hash (using the counter value, string length, and specific magic constants), and then comparing the result to pre-calculated target values intended to match only on the first iteration.<\/span><\/li>\n<li><span class=\"rte-red-bullet\">This technique creates the appearance of potentially infinite loops to static analysis tools; in reality, each loop executes only once.<\/span><\/li>\n<li><span class=\"rte-red-bullet\">Within these loops, the malware dynamically constructs critical strings (such as \u201cNextUrl,\u201d \u201cActivity,\u201d and \u201ciid\u201d) and performs other operations disguised as complex mathematical verification routines.<\/span><\/li>\n<li><span class=\"rte-red-bullet\">Employs dual hash verification layers, utilizing primary and fallback checks to further complicate analysis.<\/span><\/li>\n<li><span class=\"rte-red-bullet\">Adds additional obfuscation through bitwise operations and negative constants, making the logic more challenging to deduce.<\/span><\/li>\n<li><span class=\"rte-red-bullet\">Ensures that altering or skipping the loops disrupts the hash calculations and impedes proper malware execution, effectively compelling analysts to rely on dynamic rather than static analysis.<\/span><i><\/i><\/li>\n<\/ul>\n<p><b><i>Network communication configuration<\/i><\/b><\/p>\n<p>The malware begins execution by setting up the command-and-control (C&C) configuration and initializing the obfuscated runtime environment. It includes a DEFAULT_CONFIG section that contains all the essential parameters required to establish and maintain communication with its C&C infrastructure (Figure 12). <\/p>\n<\/p><\/div>\n<\/p><\/div>\n<div class=\"image\">\n<figure class=\"image-figure\"> <img decoding=\"async\" src=\"https:\/\/www.trendmicro.com\/content\/dam\/trendmicro\/global\/en\/research\/25\/i\/evilai\/EvilAI-Figure12.png\" alt=\"Figure 12. Command-and-control configuration object \"> <\/p>\n<div class=\"caption-image-container \"><figcaption>Figure 12. Command-and-control configuration object <\/figcaption><\/div>\n<\/figure><\/div>\n<div class=\"richText\">\n<div>\n<ul>\n<li><span class=\"rte-red-bullet\"><b>domain<\/b> – <span>specifies the C&C server endpoint used for sending and receiving information<\/span><\/span><\/li>\n<li><span class=\"rte-red-bullet\"><b>iid <\/b>– <span>acts as a unique instance identifier, serving both as a means of tracking individual infections and as a cryptographic key to encrypt transmitted data<\/span><\/span><\/li>\n<li><span class=\"rte-red-bullet\"><b>progress<\/b> – <span>appears in the JSON payload and may function as an additional identifier<\/span><\/span><\/li>\n<li><span class=\"rte-red-bullet\"><b>version<\/b> – <span>sent via the URL and is likely used to indicate the malware build version<\/span><\/span><\/li>\n<\/ul><\/div>\n<\/p><\/div>\n<div class=\"image\">\n<figure class=\"image-figure\"> <img decoding=\"async\" src=\"https:\/\/www.trendmicro.com\/content\/dam\/trendmicro\/global\/en\/research\/25\/i\/evilai\/EvilAI-Figure13.png\" alt=\"Figure 13. Runtime environment initialization\"> <\/p>\n<div class=\"caption-image-container \"><figcaption>Figure 13. Runtime environment initialization<\/figcaption><\/div>\n<\/figure><\/div>\n<div class=\"richText\" readability=\"36.5\">\n<div readability=\"18\">\n<p><b><i>Main execution loop<\/i><\/b><\/p>\n<p>EvilAI has a main command processing function that orchestrates the complete malware workflow (Figure 14). It communicates with the C&C server to retrieve encrypted commands, decrypts the response using a session key, and parses the JSON command structure. The function then processes commands by type, including file operations (download\/write), registry modifications, process execution, and script handling. After execution, it reports the completion status and may use the NextUrl parameter to fetch additional commands. This cycle is repeated continuously, enabling the malware to maintain control and execute complex operations.<\/p>\n<\/p><\/div>\n<\/p><\/div>\n<div class=\"image\">\n<figure class=\"image-figure\"> <img decoding=\"async\" src=\"https:\/\/www.trendmicro.com\/content\/dam\/trendmicro\/global\/en\/research\/25\/i\/evilai\/EvilAI-Figure14.png\" alt=\"Figure 14. Main command processing function\"> <\/p>\n<div class=\"caption-image-container \"><figcaption>Figure 14. Main command processing function<\/figcaption><\/div>\n<\/figure><\/div>\n<div class=\"richText\" readability=\"37.5\">\n<div readability=\"20\">\n<p><b><i>Main command-and-control communication<\/i><\/b><\/p>\n<p>EvilAI initiates communication with its C&C server by sending encrypted session data that includes activity status, progress identifier from configuration, and timestamps (Figure 15). The communication workflow covers the entire process \u2013 creating JSON payloads, encrypting the data, transmitting it over HTTPS, and parsing the server\u2019s encrypted response to extract command data. Once commands are decrypted, the malware executes them, reports the results back to the C&C via HTTPS POST, and continues the cycle to maintain ongoing control.<\/p>\n<\/p><\/div>\n<\/p><\/div>\n<div class=\"image\">\n<figure class=\"image-figure\"> <img decoding=\"async\" src=\"https:\/\/www.trendmicro.com\/content\/dam\/trendmicro\/global\/en\/research\/25\/i\/evilai\/EvilAI-Figure15.png\" alt=\"Figure 15. C&C communication function\"> <\/p>\n<div class=\"caption-image-container \"><figcaption>Figure 15. C&C communication function<\/figcaption><\/div>\n<\/figure><\/div>\n<div class=\"richText\" readability=\"35\">\n<div readability=\"15\">\n<p><b><i>HTTP\/HTTPS communication handler<\/i><\/b><\/p>\n<p>EvilAI leverages Node.js http and https modules to create and execute HTTP POST requests with Promise-based handling. The function automatically determines whether to use HTTP or HTTPS, constructs request options with the required headers, and manages response data through streaming (Figure 16). It also incorporates robust error handling to ensure resilience against network failures, allowing reliable communication with the C&C infrastructure.<\/p>\n<\/p><\/div>\n<\/p><\/div>\n<div class=\"image\">\n<figure class=\"image-figure\"> <img decoding=\"async\" src=\"https:\/\/www.trendmicro.com\/content\/dam\/trendmicro\/global\/en\/research\/25\/i\/evilai\/EvilAI-Figure16.png\" alt=\"Figure 16. HTTP\/HTTPS request handler function\"> <\/p>\n<div class=\"caption-image-container \"><figcaption>Figure 16. HTTP\/HTTPS request handler function<\/figcaption><\/div>\n<\/figure><\/div>\n<div class=\"richText\" readability=\"36\">\n<div readability=\"17\">\n<p><b><i>Data encryption\/decryption function<\/i><\/b><\/p>\n<p>EvilAI employs AES-256-CBC encryption to secure JSON payloads sent to its C&C server, including session data such as activity status, progress identifiers, timestamps, and command responses (Figure 17). The encryption key is derived from the malware\u2019s unique instance ID (UUID), and the data is further encoded with base64 before transmission. <\/p>\n<\/p><\/div>\n<\/p><\/div>\n<div class=\"image\">\n<figure class=\"image-figure\"> <img decoding=\"async\" src=\"https:\/\/www.trendmicro.com\/content\/dam\/trendmicro\/global\/en\/research\/25\/i\/evilai\/EvilAI-Figure17.png\" alt=\"Figure 17. AES-256-CBC encryption routine\"> <\/p>\n<div class=\"caption-image-container \"><figcaption>Figure 17. AES-256-CBC encryption routine<\/figcaption><\/div>\n<\/figure><\/div>\n<div class=\"richText\" readability=\"34\">\n<div readability=\"13\">\n<p>The malware also performs AES-256-CBC decryption on command data received from its C&C server, using the malware\u2019s unique instance ID to derive the decryption key (Figure 18). The function extracts the first 32 bytes as the initialization vector (IV), builds an AES decipher with the derived key and IV, and processes the remaining encrypted payload while skipping the first 36 bytes.<\/p>\n<\/p><\/div>\n<\/p><\/div>\n<div class=\"image\">\n<figure class=\"image-figure\"> <img decoding=\"async\" src=\"https:\/\/www.trendmicro.com\/content\/dam\/trendmicro\/global\/en\/research\/25\/i\/evilai\/EvilAI-Figure18.png\" alt=\"Figure 18. AES-256-CBC decryption routine\"> <\/p>\n<div class=\"caption-image-container \"><figcaption>Figure 18. AES-256-CBC decryption routine<\/figcaption><\/div>\n<\/figure><\/div>\n<div class=\"richText\" readability=\"32.5\">\n<div readability=\"10\">\n<p>With communication and encryption established, EvilAI proceeds to interpret the decrypted payloads, which contain the backdoor commands that drive its core malicious operations.<\/p>\n<\/p><\/div>\n<\/p><\/div>\n<div class=\"richText\" readability=\"36.5\">\n<div readability=\"18\">\n<p><b><i>Backdoor commands<\/i><\/b><\/p>\n<p>EvilAI\u2019s backdoor operations are driven by a central command-handling function that continuously interprets decrypted JSON payloads from the C&C server. Rather than relying on specific trigger strings, the malware maintains persistent, autonomous communication, instantly processing any structured commands it receives and ensuring the attacker retains uninterrupted control of the infected system.<\/p>\n<p>At the core of this workflow is the main command execution dispatcher (Figure 19), which validates that each command structure contains the required Value field before systematically executing four categories of operations in sequence:<\/p>\n<ol>\n<li>File downloads via the dedicated downloader<\/li>\n<li>File write operations<\/li>\n<li>Registry manipulations<\/li>\n<li>Process executions<\/li>\n<\/ol><\/div>\n<\/p><\/div>\n<div class=\"image\">\n<figure class=\"image-figure\"> <img decoding=\"async\" src=\"https:\/\/www.trendmicro.com\/content\/dam\/trendmicro\/global\/en\/research\/25\/i\/evilai\/EvilAI-Figure19.png\" alt=\"Figure 19. Command execution dispatcher function\"> <\/p>\n<div class=\"caption-image-container \"><figcaption>Figure 19. Command execution dispatcher function<\/figcaption><\/div>\n<\/figure><\/div>\n<div class=\"richText\" readability=\"34.5\">\n<div readability=\"14\">\n<p>EvilAI\u2019s file download mechanism is divided into two complementary routines. As shown in Figure 20, the low-level HTTPS helper \u2013 function u() \u2013 handles individual network operations: it takes a URL and target file path, creates an HTTPS GET request, streams the response data directly to a file using fs.createWriteStream, and validates HTTP status codes (ensuring 200 OK).<\/p>\n<\/p><\/div>\n<\/p><\/div>\n<div class=\"image\">\n<figure class=\"image-figure\"> <img decoding=\"async\" src=\"https:\/\/www.trendmicro.com\/content\/dam\/trendmicro\/global\/en\/research\/25\/i\/evilai\/EvilAI-Figure20.png\" alt=\"Figure 20. Low-level download helper\"> <\/p>\n<div class=\"caption-image-container \"><figcaption>Figure 20. Low-level download helper<\/figcaption><\/div>\n<\/figure><\/div>\n<div class=\"richText\" readability=\"34\">\n<div readability=\"13\">\n<p>The malware uses a high-level command processor that manages multiple downloads from C&C server commands (Figure 21). It processes arrays of download command objects, validates each command\u2019s structure for required Path and Data fields, expands Windows environment variables (like %TEMP%) in file paths, and calls the low-level helper for each download to retrieve files from remote URLs and save them locally.<\/p>\n<\/p><\/div>\n<\/p><\/div>\n<div class=\"image\">\n<figure class=\"image-figure\"> <img decoding=\"async\" src=\"https:\/\/www.trendmicro.com\/content\/dam\/trendmicro\/global\/en\/research\/25\/i\/evilai\/EvilAI-Figure21.png\" alt=\"Figure 21. High-level download command handler\"> <\/p>\n<div class=\"caption-image-container \"><figcaption>Figure 21. High-level download command handler<\/figcaption><\/div>\n<\/figure><\/div>\n<div class=\"richText\" readability=\"34.5\">\n<div readability=\"14\">\n<p>EvilAI\u2019s registry manipulation capabilities are managed through a multi-tiered function structure. The registry operations dispatcher (Figure 22) processes arrays of commands received from the C&C server, parsing registry paths to extract root keys (like HKEY_LOCAL_MACHINE) and subkey components, expanding environment variables in registry data values, and routing commands based on the Action field (3 for add, 4 for delete). It then calls the appropriate helper functions to execute the modifications. <\/p>\n<\/p><\/div>\n<\/p><\/div>\n<div class=\"image\">\n<figure class=\"image-figure\"> <img decoding=\"async\" src=\"https:\/\/www.trendmicro.com\/content\/dam\/trendmicro\/global\/en\/research\/25\/i\/evilai\/EvilAI-Figure22.png\" alt=\"Figure 22. Registry operations command handler\"> <\/p>\n<div class=\"caption-image-container \"><figcaption>Figure 22. Registry operations command handler<\/figcaption><\/div>\n<\/figure><\/div>\n<div class=\"richText\" readability=\"35\">\n<div readability=\"15\">\n<p>The addition routine constructs Windows registry paths and executes reg add via spawnSync, specifying the root key, subkey, value name, type (REG_SZ), and data content, forcibly overwriting existing values and returning numeric status codes to indicate success or failure (Figure 23).<\/p>\n<\/p><\/div>\n<\/p><\/div>\n<div class=\"image\">\n<figure class=\"image-figure\"> <img decoding=\"async\" src=\"https:\/\/www.trendmicro.com\/content\/dam\/trendmicro\/global\/en\/research\/25\/i\/evilai\/EvilAI-Figure23.png\" alt=\"Figure 23. Registry add operations command helper\"> <\/p>\n<div class=\"caption-image-container \"><figcaption>Figure 23. Registry add operations command helper<\/figcaption><\/div>\n<\/figure><\/div>\n<div class=\"richText\" readability=\"33.5\">\n<div readability=\"12\">\n<p>Conversely, the deletion routine constructs paths and executes reg delete via spawnSync with the \/f force flag, removing specified values while returning status codes to indicate success or failure, enabling the malware to perform cleanup or anti-forensics operations on the system (Figure 24).<\/p>\n<\/p><\/div>\n<\/p><\/div>\n<div class=\"image\">\n<figure class=\"image-figure\"> <img decoding=\"async\" src=\"https:\/\/www.trendmicro.com\/content\/dam\/trendmicro\/global\/en\/research\/25\/i\/evilai\/EvilAI-Figure24.png\" alt=\"Figure 24. Registry delete operations command helper\"> <\/p>\n<div class=\"caption-image-container \"><figcaption>Figure 24. Registry delete operations command helper<\/figcaption><\/div>\n<\/figure><\/div>\n<div class=\"richText\" readability=\"35\">\n<div readability=\"15\">\n<p>EvilAI uses a process execution handler that manages arrays of command execution requests from the C&C server (Figure 25). It validates each command to ensure it contains a valid Data field (the command string) and an Action field set to 6, indicating process execution. The function then spawns detached processes using Node.js child_process.exec with detached: true and stdio: ‘ignore’ for stealth, running each command independently of the malware\u2019s main process via unref() to prevent blocking. This routine serves as EvilAI\u2019s primary mechanism for executing arbitrary system commands, scripts, or additional malicious payloads, providing full remote command execution capabilities under the control of the C&C server.<\/p>\n<\/p><\/div>\n<\/p><\/div>\n<div class=\"image\">\n<figure class=\"image-figure\"> <img decoding=\"async\" src=\"https:\/\/www.trendmicro.com\/content\/dam\/trendmicro\/global\/en\/research\/25\/i\/evilai\/EvilAI-Figure25.png\" alt=\"Figure 25. Process execution helper\"> <\/p>\n<div class=\"caption-image-container \"><figcaption>Figure 25. Process execution helper<\/figcaption><\/div>\n<\/figure><\/div>\n<div class=\"richText\" readability=\"35.5\">\n<div readability=\"16\">\n<p>EvilAI uses a file writing operations processor that manages arrays of file write commands received from the C&C server (Figure 26). Each command is validated to ensure it contains a valid Path and Data field, with the Action field set to 3 to indicate a file write operation. The processor expands Windows environment variables (such as %TEMP% and %APPDATA%) in target file paths using regex replacement with process.env substitution, decodes hexadecimal-encoded data from the Data field, and writes the resulting binary content to the specified path using a helper routine with UTF-8 encoding. This routine serves as a critical component of the malware\u2019s payload deployment system, enabling the C&C server to remotely create configuration files, malicious scripts, or other files necessary for persistence and further operations on the infected Windows system.<\/p>\n<\/p><\/div>\n<\/p><\/div>\n<div class=\"image\">\n<figure class=\"image-figure\"> <img decoding=\"async\" src=\"https:\/\/www.trendmicro.com\/content\/dam\/trendmicro\/global\/en\/research\/25\/i\/evilai\/EvilAI-Figure26.png\" alt=\"Figure 26. File write operations helper\"> <\/p>\n<div class=\"caption-image-container \"><figcaption>Figure 26. File write operations helper<\/figcaption><\/div>\n<\/figure><\/div>\n<div class=\"richText\" readability=\"35.5\">\n<div readability=\"16\">\n<h4>Defense strategies<\/h4>\n<p>With the rapid advancement of threats like EvilAI, it is more important than ever to combine strong cyber hygiene with state-of-the-art protection. Trend recommends the following strategies to help readers defend against sophisticated, AI-powered malware:<\/p>\n<ul>\n<li><span class=\"rte-red-bullet\"><b>Download software only from trusted sources.<\/b><span> Stick to official websites and reputable app stores. Be skeptical of programs advertised on forums, social media, or unfamiliar websites \u2013 even if they look professional or have digital signatures.<\/span><\/span><\/li>\n<li><span class=\"rte-red-bullet\"><b>Leverage advanced security solutions.<\/b><span> Deploy solutions which use behavioral analysis and AI-driven detection to block novel and stealthy threats that traditional security may miss.<\/span><\/span><\/li>\n<li><span class=\"rte-red-bullet\"><b>Keep systems and applications updated.<\/b><span> Ensure operating systems and all critical applications are regularly patched to address vulnerabilities that attackers may exploit.<\/span><\/span><\/li>\n<li><span class=\"rte-red-bullet\"><b>Educate and alert users.<\/b><span> Train everyone in your organization or home about the dangers of social engineering, and make it clear that even polished or signed software can pose risks.<\/span><\/span><\/li>\n<li><span class=\"rte-red-bullet\"><b>Monitor for suspicious behavior.<\/b><span> Look out for unexpected process launches, new scheduled tasks, unusual registry entries, or connections to unknown domains \u2013 all signs that may indicate malware activity.<\/span><\/span><\/li>\n<li><span class=\"rte-red-bullet\"><b>Adopt a layered security approach.<\/b><span> Combine multiple defensive measures and maintain ongoing vigilance, as advanced threats like EvilAI constantly evolve to bypass single-layer protections.<\/span><\/span><\/li>\n<\/ul>\n<p>By practicing these security fundamentals and enhancing your defenses with Trend\u2019s next-generation solutions, you can significantly reduce your risk of EvilAI infection and stay ahead of emerging malware threats.<\/p>\n<\/p><\/div>\n<\/p><\/div>\n<div class=\"richText\" readability=\"47.5\">\n<div readability=\"40\">\n<h4>Conclusion<\/h4>\n<p>Recent analysis indicates that EvilAI is being used primarily as a stager \u2013 its role is to gain initial access, establish persistence, and prepare the infected system for additional payloads. Based on behavioral patterns observed during sandbox analysis and live telemetry, researchers suspect a secondary infostealer component is being deployed in follow-up stages. However, the exact nature and capabilities of this payload remain undiscovered, leaving critical gaps in defenders\u2019 visibility and response efforts.<\/p>\n<p>This lack of clarity poses a significant risk. Without knowing what\u2019s being delivered post-infection, organizations cannot fully assess the damage or implement effective containment. It also suggests the campaign is still active and evolving, with attackers possibly testing or rotating payloads in real time.<\/p>\n<p>The rise of AI-powered malware like EvilAI underscores a broader shift in the threat landscape. AI is no longer just a tool for defenders \u2013 it\u2019s now being weaponized by threat actors to produce malware that is smarter, stealthier, and more scalable than ever before. In this environment, familiar software, signed certificates, and polished interfaces can no longer be taken at face value.<\/p>\n<p>As attackers continue to innovate, so must defenders. Relying solely on signature-based detection or user awareness is no longer enough. The EvilAI campaign is a clear reminder that layered, adaptive, and AI-aware defenses are now essential to stay ahead of threats that are constantly learning and evolving.<\/p>\n<\/p><\/div>\n<\/p><\/div>\n<div class=\"richText\" readability=\"34.484817813765\">\n<div readability=\"22.70951417004\">\n<h4>Proactive security with Trend Vision One\u2122<\/h4>\n<p><a href=\"https:\/\/www.trendmicro.com\/en_ph\/business\/products\/one-platform.html\" target=\"_blank\">Trend Vision One\ufe0f\u2122<\/a> is the only AI-powered enterprise cybersecurity platform that centralizes cyber risk exposure management, security operations, and robust layered protection. This holistic approach helps enterprises predict and prevent threats, accelerating proactive security outcomes across their respective digital estate. With Trend Vision One, you\u2019re enabled to eliminate security blind spots, focus on what matters most, and elevate security into a strategic partner for innovation.<\/p>\n<p><b>Trend Vision One\u2122 Threat Intelligence<\/b><\/p>\n<p>To stay ahead of evolving threats, Trend customers can access <a href=\"https:\/\/www.trendmicro.com\/en_us\/business\/products\/threat-intelligence.html\" target=\"_blank\">Trend Vision One\u2122 Threat Insights<\/a>, which provides the latest insights from Trend Research on emerging threats and threat actors. <\/p>\n<p><b>Trend Vision One Threat Insights<\/b><\/p>\n<p><b>Trend Vision One Intelligence Reports (IOC Sweeping)\u202f<\/b><\/p>\n<\/p><\/div>\n<\/p><\/div>\n<div class=\"richText\" readability=\"34.203488372093\">\n<div readability=\"17.563953488372\">\n<h3><span class=\"body-subhead-title\">Hunting Queries\u202f<\/span><\/h3>\n<p><b>Trend Vision One Search App\u202f<\/b><\/p>\n<p>Trend Vision One customers can use the Search App to match or hunt the malicious indicators mentioned in this blog post with data in their environment.\u202f\u202f\u202f\u202f<\/p>\n<p><b>Detection of EVILAI samples<\/b><\/p>\n<p><span class=\"blockquote\">malName: *.EVILAI.* AND eventName: MALWARE_DETECTION<\/span><i><\/i><\/p>\n<p>More hunting queries are available for Trend Vision One customers with\u202f<a href=\"https:\/\/www.trendmicro.com\/en_us\/business\/products\/one-platform\/threat-insights.html\" target=\"_blank\">Threat Insights Entitlement enabled<\/a>. \u202f\u202f\u202f\u202f<\/p>\n<h4>Indicators of compromise (IOCs)<\/h4>\n<p>The indicators of compromise for this entry can be found <a href=\"https:\/\/documents.trendmicro.com\/assets\/txt\/IOCsEvilAI-qzMsGT2.txt\"><span class=\"bs-modal\">here<\/span><\/a>. <\/p>\n<\/p><\/div>\n<\/p><\/div>\n<\/p><\/div>\n<section class=\"tag--list\">\n<p>Tags<\/p>\n<\/section>\n<p> <\/main> <\/article>\n<\/div>\n<\/div><\/div>\n<\/div>\n<p>   <\/p>\n<p> <span>sXpIBdPeKzI9PC2p0SWMpUSM2NSxWzPyXTMLlbXmYa0R20xk<\/span> <\/p>\n<p>  <\/body> Read More <a href=\"https:\/\/www.trendmicro.com\/en_us\/research\/25\/i\/evilai.html\">HERE<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Combining AI-generated code and social engineering, EvilAI operators are executing a rapidly expanding campaign, disguising their malware as legitimate applications to bypass security, steal credentials, and persistently compromise organizations worldwide. Read More HERE…<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"colormag_page_layout":"default_layout","footnotes":""},"categories":[61],"tags":[10938,9513,9509],"class_list":["post-59338","post","type-post","status-publish","format-standard","hentry","category-trendmicro","tag-trend-micro-research-artificial-intelligence-ai","tag-trend-micro-research-malware","tag-trend-micro-research-research"],"yoast_head":"\n<title>EvilAI Operators Use AI-Generated Code and Fake Apps for Far-Reaching Attacks 2026 | ThreatsHub Cybersecurity News<\/title>\n<meta name=\"description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.threatshub.org\/blog\/evilai-operators-use-ai-generated-code-and-fake-apps-for-far-reaching-attacks\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"EvilAI Operators Use AI-Generated Code and Fake Apps for Far-Reaching Attacks 2026 | ThreatsHub Cybersecurity News\" \/>\n<meta property=\"og:description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.threatshub.org\/blog\/evilai-operators-use-ai-generated-code-and-fake-apps-for-far-reaching-attacks\/\" \/>\n<meta property=\"og:site_name\" content=\"ThreatsHub Cybersecurity News\" \/>\n<meta property=\"article:published_time\" content=\"2025-09-11T00:00:00+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/trendmicro.scene7.com\/is\/image\/trendmicro\/EvilAI-thumbnail:Large?qlt=80\" \/>\n<meta name=\"author\" content=\"TH Author\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatshub\" \/>\n<meta name=\"twitter:site\" content=\"@threatshub\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"TH Author\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"21 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/evilai-operators-use-ai-generated-code-and-fake-apps-for-far-reaching-attacks\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/evilai-operators-use-ai-generated-code-and-fake-apps-for-far-reaching-attacks\\\/\"},\"author\":{\"name\":\"TH Author\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\"},\"headline\":\"EvilAI Operators Use AI-Generated Code and Fake Apps for Far-Reaching Attacks\",\"datePublished\":\"2025-09-11T00:00:00+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/evilai-operators-use-ai-generated-code-and-fake-apps-for-far-reaching-attacks\\\/\"},\"wordCount\":4296,\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/evilai-operators-use-ai-generated-code-and-fake-apps-for-far-reaching-attacks\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/trendmicro.scene7.com\\\/is\\\/image\\\/trendmicro\\\/EvilAI-thumbnail:Large?qlt=80\",\"keywords\":[\"Trend Micro Research : Artificial Intelligence (AI)\",\"Trend Micro Research : Malware\",\"Trend Micro Research : Research\"],\"articleSection\":[\"TrendMicro\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/evilai-operators-use-ai-generated-code-and-fake-apps-for-far-reaching-attacks\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/evilai-operators-use-ai-generated-code-and-fake-apps-for-far-reaching-attacks\\\/\",\"name\":\"EvilAI Operators Use AI-Generated Code and Fake Apps for Far-Reaching Attacks 2026 | ThreatsHub Cybersecurity News\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/evilai-operators-use-ai-generated-code-and-fake-apps-for-far-reaching-attacks\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/evilai-operators-use-ai-generated-code-and-fake-apps-for-far-reaching-attacks\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/trendmicro.scene7.com\\\/is\\\/image\\\/trendmicro\\\/EvilAI-thumbnail:Large?qlt=80\",\"datePublished\":\"2025-09-11T00:00:00+00:00\",\"description\":\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/evilai-operators-use-ai-generated-code-and-fake-apps-for-far-reaching-attacks\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/evilai-operators-use-ai-generated-code-and-fake-apps-for-far-reaching-attacks\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/evilai-operators-use-ai-generated-code-and-fake-apps-for-far-reaching-attacks\\\/#primaryimage\",\"url\":\"https:\\\/\\\/trendmicro.scene7.com\\\/is\\\/image\\\/trendmicro\\\/EvilAI-thumbnail:Large?qlt=80\",\"contentUrl\":\"https:\\\/\\\/trendmicro.scene7.com\\\/is\\\/image\\\/trendmicro\\\/EvilAI-thumbnail:Large?qlt=80\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/evilai-operators-use-ai-generated-code-and-fake-apps-for-far-reaching-attacks\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Trend Micro Research : Artificial Intelligence (AI)\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/tag\\\/trend-micro-research-artificial-intelligence-ai\\\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"EvilAI Operators Use AI-Generated Code and Fake Apps for Far-Reaching Attacks\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"name\":\"ThreatsHub Cybersecurity News\",\"description\":\"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"alternateName\":\"Threatshub.org\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\",\"name\":\"ThreatsHub.org\",\"alternateName\":\"Threatshub.org\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"width\":432,\"height\":435,\"caption\":\"ThreatsHub.org\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/threatshub\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\",\"name\":\"TH Author\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"caption\":\"TH Author\"}}]}<\/script>\n","yoast_head_json":{"title":"EvilAI Operators Use AI-Generated Code and Fake Apps for Far-Reaching Attacks 2026 | ThreatsHub Cybersecurity News","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.threatshub.org\/blog\/evilai-operators-use-ai-generated-code-and-fake-apps-for-far-reaching-attacks\/","og_locale":"en_US","og_type":"article","og_title":"EvilAI Operators Use AI-Generated Code and Fake Apps for Far-Reaching Attacks 2026 | ThreatsHub Cybersecurity News","og_description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","og_url":"https:\/\/www.threatshub.org\/blog\/evilai-operators-use-ai-generated-code-and-fake-apps-for-far-reaching-attacks\/","og_site_name":"ThreatsHub Cybersecurity News","article_published_time":"2025-09-11T00:00:00+00:00","og_image":[{"url":"https:\/\/trendmicro.scene7.com\/is\/image\/trendmicro\/EvilAI-thumbnail:Large?qlt=80","type":"","width":"","height":""}],"author":"TH Author","twitter_card":"summary_large_image","twitter_creator":"@threatshub","twitter_site":"@threatshub","twitter_misc":{"Written by":"TH Author","Est. reading time":"21 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.threatshub.org\/blog\/evilai-operators-use-ai-generated-code-and-fake-apps-for-far-reaching-attacks\/#article","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/evilai-operators-use-ai-generated-code-and-fake-apps-for-far-reaching-attacks\/"},"author":{"name":"TH Author","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476"},"headline":"EvilAI Operators Use AI-Generated Code and Fake Apps for Far-Reaching Attacks","datePublished":"2025-09-11T00:00:00+00:00","mainEntityOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/evilai-operators-use-ai-generated-code-and-fake-apps-for-far-reaching-attacks\/"},"wordCount":4296,"publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/evilai-operators-use-ai-generated-code-and-fake-apps-for-far-reaching-attacks\/#primaryimage"},"thumbnailUrl":"https:\/\/trendmicro.scene7.com\/is\/image\/trendmicro\/EvilAI-thumbnail:Large?qlt=80","keywords":["Trend Micro Research : Artificial Intelligence (AI)","Trend Micro Research : Malware","Trend Micro Research : Research"],"articleSection":["TrendMicro"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.threatshub.org\/blog\/evilai-operators-use-ai-generated-code-and-fake-apps-for-far-reaching-attacks\/","url":"https:\/\/www.threatshub.org\/blog\/evilai-operators-use-ai-generated-code-and-fake-apps-for-far-reaching-attacks\/","name":"EvilAI Operators Use AI-Generated Code and Fake Apps for Far-Reaching Attacks 2026 | ThreatsHub Cybersecurity News","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/evilai-operators-use-ai-generated-code-and-fake-apps-for-far-reaching-attacks\/#primaryimage"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/evilai-operators-use-ai-generated-code-and-fake-apps-for-far-reaching-attacks\/#primaryimage"},"thumbnailUrl":"https:\/\/trendmicro.scene7.com\/is\/image\/trendmicro\/EvilAI-thumbnail:Large?qlt=80","datePublished":"2025-09-11T00:00:00+00:00","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","breadcrumb":{"@id":"https:\/\/www.threatshub.org\/blog\/evilai-operators-use-ai-generated-code-and-fake-apps-for-far-reaching-attacks\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.threatshub.org\/blog\/evilai-operators-use-ai-generated-code-and-fake-apps-for-far-reaching-attacks\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/evilai-operators-use-ai-generated-code-and-fake-apps-for-far-reaching-attacks\/#primaryimage","url":"https:\/\/trendmicro.scene7.com\/is\/image\/trendmicro\/EvilAI-thumbnail:Large?qlt=80","contentUrl":"https:\/\/trendmicro.scene7.com\/is\/image\/trendmicro\/EvilAI-thumbnail:Large?qlt=80"},{"@type":"BreadcrumbList","@id":"https:\/\/www.threatshub.org\/blog\/evilai-operators-use-ai-generated-code-and-fake-apps-for-far-reaching-attacks\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.threatshub.org\/blog\/"},{"@type":"ListItem","position":2,"name":"Trend Micro Research : Artificial Intelligence (AI)","item":"https:\/\/www.threatshub.org\/blog\/tag\/trend-micro-research-artificial-intelligence-ai\/"},{"@type":"ListItem","position":3,"name":"EvilAI Operators Use AI-Generated Code and Fake Apps for Far-Reaching Attacks"}]},{"@type":"WebSite","@id":"https:\/\/www.threatshub.org\/blog\/#website","url":"https:\/\/www.threatshub.org\/blog\/","name":"ThreatsHub Cybersecurity News","description":"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform","publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"alternateName":"Threatshub.org","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.threatshub.org\/blog\/#organization","name":"ThreatsHub.org","alternateName":"Threatshub.org","url":"https:\/\/www.threatshub.org\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","width":432,"height":435,"caption":"ThreatsHub.org"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/threatshub"]},{"@type":"Person","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476","name":"TH Author","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","caption":"TH Author"}}]}},"_links":{"self":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/59338","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/comments?post=59338"}],"version-history":[{"count":0,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/59338\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media?parent=59338"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/categories?post=59338"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/tags?post=59338"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}

{"id":59338,"date":"2025-09-11T00:00:00","date_gmt":"2025-09-11T00:00:00","guid":{"rendered":"urn:uuid:4e5df924-0b88-e22c-eb63-e51319d7bcfb"},"modified":"2025-09-11T00:00:00","modified_gmt":"2025-09-11T00:00:00","slug":"evilai-operators-use-ai-generated-code-and-fake-apps-for-far-reaching-attacks","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/evilai-operators-use-ai-generated-code-and-fake-apps-for-far-reaching-attacks\/","title":{"rendered":"EvilAI Operators Use AI-Generated Code and Fake Apps for Far-Reaching Attacks"},"content":{"rendered":"