Overview
- Google’s Threat Intelligence Group says APT28 deployed PromptSteal against Ukrainian entities, querying an LLM hosted on Hugging Face to generate commands in live operations.
- Researchers also detailed PromptFlux, a VBScript dropper that calls Gemini via API through a “Thinking Robot” module to rewrite and obfuscate its code, including hourly regeneration prompts.
- Google assesses PromptFlux as experimental and not currently capable of compromising networks, and it has disabled accounts linked to the activity.
- The report cites broader misuse of LLMs by state actors, including Iran’s APT42 testing a natural-language-to-SQL “data processing agent” to analyze sensitive personal data.
- Investigators cataloged additional LLM-enabled tools such as FRUITSHELL, PROMPTLOCK (a ransomware proof-of-concept), and QUIETVAULT, and noted guardrail bypass attempts using capture-the-flag pretexts.