"Malicious PowerShell Script Pushing Malware Looks AI-Written"

A threat actor, tracked as "TA547," is running a PowerShell script believed to have been developed with the help of an Artificial Intelligence (AI) system, such as OpenAI's ChatGPT, Google's Gemini, or Microsoft's Copilot. In March, the adversary used the script in an email campaign to deliver the Rhadamanthys information stealer to organizations in Germany. Proofpoint researchers attributed the attack to TA547, who is suspected of being an Initial Access Broker (IAB). TA547 has been active since at least 2017, delivering malware to Windows and Android systems. The threat actor recently began using the Rhadamanthys modular stealer, which continuously expands its data collection capabilities. This article continues to discuss the malicious PowerShell script that is believed to be AI-written.

Bleeping Computer reports "Malicious PowerShell Script Pushing Malware Looks AI-Written"

Submitted by grigby1

Submitted by Gregory Rigby on