PromptRiskDBThreat intelligence atlas

LAMEHUG: Malware Leveraging Dynamic AI-Generated Commands - AI Case Study

AI Case Study

In July 2025, Ukrainian authorities reported the emergence of LAMEHUG, a new AI-powered malware attributed to the Russian state-backed threat actor APT28 (also tracked as Forest Blizzard or UAC-0001). LAMEHUG uses a large language model (LLM) to dynamically generate commands on the infected hosts. The campaign began with a phishing attack leveraging a compromised governmen...

Overview

Case steps8Steps described in the case record.
Techniques8Attack methods mentioned in the case steps.
Linked CVEs0Known vulnerabilities mentioned in the record.

Risk patterns

Patterns found in the case record and its linked vulnerabilities.

  • 1Dominant ATLAS tactic. Defense Evasion appears in 2 case steps.
  • 2Multiple attack methods. The case connects to 8 unique AI attack methods.

Procedure timeline

Search the case steps or filter them by attacker goal.

Defense Evasion2Initial Access1Lateral Movement1Execution1AI Attack Staging1Collection1Exfiltration1
  1. Step 2

    Phishing

    Lateral Movement

    APT28 sent a phishing email from the compromised account with an attachment containing malware.

  2. Defense Evasion

    The attachment was called “Appendix.pdf.zip” which could confuse the recipient into thinking it was a legitimate PDF file.

  3. Execution

    The attachment contained an executable file with a .pif extension, created using PyInstaller from Python source code which CERT-UA classified it as LAMEHUG malware. Files with the .pif extension are executable on Windows.

  4. Collection

    The LAMEHUG malware used the AI generated commands to collect system information (saved to %PROGRAMDATA%\info\info.txt) and recursively searched Documents, Desktop, and Downloads to stage files for exfiltration.

Mitigations

Defenses connected to the attack methods in this case.

AI Bill of Materials

An AI Bill of Materials (AI BOM) contains a full listing of artifacts and resources that were used in building the AI. The AI BOM can help mitigate supply chain risks and enable rapid response to reported vulnerabilities.

This can include maintaining dataset provenance, i.e. a detailed history of datasets used for AI applications. The history can include information about the dataset source as well as well as a complete record of any modifications.

Deepfake Detection

Apply deepfake detection algorithms against any untrusted or user-provided data, especially in impactful applications such as biometric verification, to block generated content.

Detectors may use a combination of approaches, including:

  • AI models trained to differentiate between real and deepfake content.
  • Identifying common inconsistencies in deepfake content, such as unnatural facial movements, audio mismatches, or pixel-level artifacts.
  • Biometrics analysis, such blinking, eye movements, and microexpressions.

Restrict Library Loading

Prevent abuse of library loading mechanisms in the operating system and software to load untrusted code by configuring appropriate library loading mechanisms and investigating potential vulnerable software.

File formats such as pickle files that are commonly used to store AI models can contain exploits that allow for loading of malicious libraries.

Showing 4 of 7

Source evidence

Original public records and references for this case.

Original source

Original source links

Open the MITRE ATLAS data and public references used for this case study.