EvilAI: The New Malware Using AI to Evade Detection
A new campaign leveraging the EvilAI malware, tracked by researchers at Trend Micro, has demonstrated how artificial intelligence can be weaponized as a tool of cybercrime. In recent weeks, dozens of infections have been recorded worldwide, with malicious programs masquerading as legitimate AI-powered applications. These impostors feature professionally designed interfaces, functioning utilities, and even valid digital certificates — a combination that enables them to bypass defenses on both enterprise systems and personal devices.
Trend Micro analysts began monitoring the threat on August 29, and within just a week noted a surge of large-scale attacks. Europe was hit hardest, with 56 cases, followed by the Americas and AMEA regions, each reporting 29 incidents. By country, India led with 74 infections, followed by the United States with 68 and France with 58. Other affected nations included Italy, Brazil, Germany, the United Kingdom, Norway, Spain, and Canada.
The primary targets of EvilAI span manufacturing, government, healthcare, technology, and retail. Industrial enterprises suffered the greatest impact with 58 confirmed infections, while government agencies and healthcare institutions followed with 51 and 48 cases respectively.
EvilAI spreads through newly registered fraudulent domains, malicious advertisements, and forum links. The installers adopt innocuous yet convincing names such as App Suite, PDF Editor, or JustAskJacky, minimizing suspicion.
Upon execution, the applications deliver real functionality — from document processing to recipes and AI-driven chat — but simultaneously deploy a hidden Node.js loader. This loader installs an obfuscated JavaScript file in the Temp directory, tagged with a unique identifier, and runs it via a minimized node.exe process.
Persistence is achieved through multiple mechanisms: a Windows Task Scheduler job disguised as a system component (sys_component_health_{UID}), a shortcut in the Start Menu, and a registry autorun entry. The task executes every four hours, while the registry key guarantees activation at system login.
This layered persistence makes removal exceptionally challenging. All code is generated with the assistance of large language models, producing clean, modular structures that evade traditional static signature-based detection. Sophisticated obfuscation techniques add further resilience, including control-flow flattening with MurmurHash3-based loops and strings encoded in Unicode.
For data theft, EvilAI leverages Windows Management Instrumentation (WMI) and registry calls to identify active Chrome and Edge processes. These are forcibly terminated to unlock credential files. Browser configuration files (Web Data and Preferences) are duplicated with a “Sync” suffix in the profile directory before being exfiltrated via HTTPS POST requests.
Communication with the command-and-control server is encrypted using AES-256-CBC, with keys derived from each infection’s unique identifier. Compromised machines regularly beacon to the server, receiving instructions to download additional modules, alter registry parameters, or execute remote processes.
Experts emphasize that organizations must not rely solely on digital certificates or polished interfaces as indicators of trustworthiness. Software provenance should always be verified, particularly when dealing with applications from new publishers. Defensive strategies should incorporate behavioral detection mechanisms capable of flagging suspicious Node.js activity, unusual Task Scheduler entries, or unexpected autorun modifications.
Equally vital is user awareness training: employees must understand that a sleek interface does not equate to security. Only a multi-layered defense strategy — combining endpoint detection, network traffic analysis, and anomaly monitoring — can effectively thwart adversaries and prevent large-scale data breaches.
Support Our Threat Intelligence
If you find our technology report and cybersecurity news helpful, consider supporting our work.
Buy Me a Coffee
PayPal
