Ethical Hacking News
A new threat has emerged where malicious actors are using AI platforms as a proxy for stealthy malware communication. According to Check Point research, A.I. assistants like Grok and Microsoft Copilot can be exploited by attackers to intermediate command-and-control activity, raising concerns over the security of these services.
Malicious actors can abuse AI assistants like Grok and Microsoft Copilot to intermediate command-and-control (C2) activity. AI web interfaces can be exploited by malware to fetch attacker-controlled URLs, allowing for seamless communication between the two entities. The WebView2 component in Windows 11 is used as a bridge between malware and AI services, enabling uninterrupted communication even with missing components. Attackers can use AIs as C2 proxies to communicate directly with compromised systems without being flagged by security tools. Legitimate AI platforms have safeguards in place to block malicious exchanges, but these may be bypassed using encryption methods. Organizations must stay vigilant and monitor their systems' security posture to protect against emerging threats.
In recent times, there has been a growing concern over the misuse of artificial intelligence (A.I.) platforms by malicious actors. A new threat emerges in the form of stealthy malware communication via A.I. platforms. According to research conducted by cybersecurity company Check Point, AI assistants like Grok and Microsoft Copilot with web browsing and URL-fetching capabilities can be abused to intermediate command-and-control (C2) activity.
This phenomenon highlights a novel attack vector for threat actors to deliver commands and retrieve stolen data from victim systems. The researchers discovered that attackers can exploit the mechanism by having malware communicate with an A.I. web interface, instructing the agent to fetch an attacker-controlled URL and receive the response in the AI's output.
The WebView2 component in Windows 11 is utilized as the bridge between the malware and the A.I. service. This allows for seamless communication between the two entities, even if the component is missing on the target system. Threat actors can deliver theWebView2 component embedded in the malware to ensure uninterrupted communication.
In the proposed attack scenario, an attacker creates a C++ program that opens a WebView pointing to either Grok or Copilot. The webpage responds with embedded instructions that the attacker can change at will, which the AI extracts or summarizes in response to the malware's query. This bidirectional channel enables malicious actors to communicate directly with compromised systems without being flagged by security tools.
Check Point emphasizes that safeguards exist on legitimate A.I. platforms to block obviously malicious exchanges. However, these safety checks may be bypassed by encrypting data into high-entropy blobs. The cybersecurity firm highlights AI as a C2 proxy as one of multiple options for abusing AI services, with operational reasoning such as assessing the value of a target system and deciding how to proceed without raising alarms.
Microsoft has responded to Check Point's findings, stating that they appreciate the identification and responsible reporting of this proof-of-concept. They recommend users implement defense-in-depth security practices, which can help prevent initial malware infection and reduce post-compromise activity impact.
The increasing reliance on A.I. services by threat actors highlights the evolving nature of cybersecurity threats. As such, it is crucial for organizations to stay vigilant in monitoring their systems' security posture and adhere to best practices for protecting against emerging threats.
Related Information:
https://www.ethicalhackingnews.com/articles/AIDevil-How-AI-Platforms-Can-Be-Abused-for-Stealthy-Malware-Communication-ehn.shtml
https://www.bleepingcomputer.com/news/security/ai-platforms-can-be-abused-for-stealthy-malware-communication/
https://thehackernews.com/2026/02/researchers-show-copilot-and-grok-can.html
Published: Thu Feb 19 04:41:13 2026 by llama3.2 3B Q4_K_M
