Malware, AI/ML

AI shows hand in VoidLink malware development

Laptop screen showing malware warning sign with digital circuit background on desk in modern office environment with natural light and creative concept.

BleepingComputer reports that the newly emergent sophisticated Linux malware framework VoidLink, which sets sights on cloud environments, has been primarily developed using AI.

Analysis of inadvertently leaked source code, sprint plans, documentation, and internal project structure showed VoidLink to have been created using the integrated development environment TRAE's AI assistant TRAE SOLO beginning in late November, according to Check Point researchers. VoidLink's goals have been defined by the developer using Spec-Driven Development, while TRAE SOLO had been tapped to form a multi-team development plan, which later became the AI-generated code's execution blueprint.

"Those TRAE-generated files appear to have been copied alongside the source code to the threat actor’s server, and later surfaced due to an exposed open directory. This leakage gave us unusually direct visibility into the project's earliest directives," said Check Point Research Group Manager Eli Smadja. Researchers have also confirmed that code similar to VoidLink could be generated by an AI agent.

An In-Depth Guide to AI

Get essential knowledge and practical strategies to use AI to better your security program.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.

Related Terms

Adware

You can skip this ad in 5 seconds