The PolySwarm Blog

Analyze suspicious files and URLs, at scale, millions of times per day. Get real-time threat intel from a crowdsourced network of security experts and antivirus companies competing to protect you.

Rise of the AI-Enabled Malware

Nov 10, 2025 1:41:22 PM / by The Hivemind posted in Threat Bulletin, Data Exfiltration, AI-enabled malware, LLM misuse, FRUITSHELL, PROMPTFLUX, PROMPTLOCK, dynamic obfuscation, state-sponsored AI, PROMPTSTEAL, QUIETVAULT, APT28, Gemini API abuse

0 Comments

Verticals Targeted: None Specified
Regions Targeted: Ukraine
Related Families: FRUITSHELL, PROMPTFLUX, PROMPTLOCK, PROMPTSTEAL, QUIETVAULT

Executive Summary

Industry researchers have noted the emergence of AI-integrated malware that queries large language models during runtime to generate code, obfuscate payloads, and adapt behaviors. This evolution extends beyond productivity aids, enabling nation state actors and cybercriminals to enhance intrusion chains with dynamic capabilities. Associated malware includes FRUITSHELL, PROMPTFLUX, PROMPTLOCK, PROMPTSTEAL, and QUIETVAULT.

Read More
All posts

Subscribe to Email Updates

Lists by Topic

see all

Posts by Topic

See all

Recent Posts

Join the Marketplace

For Enterprises and Businesses

Learn More

For Security Experts and AV Companies

Learn More