AI-powered trojan horse disguised as a legitimate application

A new wave of trojan horses is emerging, challenging traditional defenses as they disguise themselves as legitimate applications like recipe savers and AI image enhancers. These threats embed malicious capabilities directly into their core functionality, making detection difficult.

AI-powered trojan horse disguised as a legitimate applicationAI-powered trojan horse disguised as a legitimate application

For instance, the JustAskJacky app covertly executes code from a command-and-control (C2) server, while the TamperedChef app interprets whitespace in recipes as executable commands. These trojans have gone undetected by VirusTotal for weeks, highlighting a shift in how malware is integrated into functional applications.

AI-powered trojan horse disguised as a legitimate applicationAI-powered trojan horse disguised as a legitimate application

The resurgence of these "true" trojans is largely due to the accessibility of Large Language Models (LLMs), which allow threat actors to create convincing applications and websites. LLMs also enable the generation of new, unpacked code that evades static scanners.

NPAV offers a robust solution to combat cyber fraud. Protect yourself with our top-tier security product, Z Plus Security