Full Report
Check Point has observed cybercriminals toy with Alibaba’s Qwen LLM to develop infostealers
Analysis Summary
# Tool/Technique: DeepSeek LLM and Qwen LLM
## Overview
Large Language Models (LLMs) developed by Chinese entities (DeepSeek and Alibaba's Qwen) are being actively tested and adopted by cybercriminals to aid in the development and improvement of malware and malicious tools. This represents a shift from prior primary use for phishing/scamming toward concrete malware engineering, potentially lowering the barrier to entry for low-skill actors.
## Technical Details
- Type: Tool (AI Model/Framework for Code Generation)
- Platform: N/A (Used by developers to create malware for various platforms)
- Capabilities: Assisting in malware development, code recycling, and generating functional malicious code (e.g., infostealers, ransomware payloads).
- First Seen: Observation of increased malware use associated with these models noted around February 2025.
## MITRE ATT&CK Mapping
The specific models themselves are *tools* used in the development phase, which relates to Adversary Emulation and Resource Development. The generated malware falls under other domains.
- **TA0001 - Initial Access** (If malware is used for this)
- **TA0002 - Execution** (If malware is used for this)
- **TA0004 - Privilege Escalation** (If malware is used for this)
- **TA0011 - Command and Control** (If malware is used for this)
- **TA0012 - Discovery** (If malware is used for this)
- **Resource Development** (Indirectly, as LLMs aid in capability creation)
*Note: Specific technique mappings depend on the resulting malware. The use of LLMs for code generation often maps closely to **T1587 - Develop Capabilities** if the actor is creating custom tools.*
## Functionality
### Core Capabilities
- Assisting less technical actors in creating functional malware (e.g., ransomware, infostealers).
- Processing and recycling existing malicious code effectively.
- Lowering the technical skill required to deploy disruptive malware.
### Advanced Features
- DeepSeek R1 model specifically cited for poor resistance to prompt injection attacks, making it easier for threat actors to bypass intended safety controls. (Related to Prompt Injection techniques).
## Indicators of Compromise
- File Hashes: N/A (The LLMs themselves are not dropped malware)
- File Names: N/A
- Registry Keys: N/A
- Network Indicators: N/A (LLMs usually communicate for service access, but no specific IoCs for the models' use in attacks were provided in the context.)
- Behavioral Indicators: Use of AI-generated code structures in observed malware payloads.
## Associated Threat Actors
- Funksec (Ransomware group utilizing AI for code development).
- Low-skill/less technical cybercriminals utilizing LLMs for developing infostealers and ransomware.
## Detection Methods
- Signature-based detection: N/A (Focus is on behavioral analysis of resulting malware).
- Behavioral detection: Detecting unusual code patterns or complexity that suggests LLM assistance. Monitoring for the deployment of malware variants (like Funksec) known to leverage AI.
- YARA rules if available: N/A
## Mitigation Strategies
- Providers (like OpenAI, Meta, Alibaba) should invest in security guardrails to restrict malicious programming, especially within open-weight or less monitored models.
- Security teams need to anticipate a rise in functional, AI-assisted malware, particularly from less sophisticated threat actors.
- Increase scrutiny of code generated by public AI tools when analyzing suspicious artifacts.
## Related Tools/Techniques
- **Funksec Ransomware:** An example of low-sophistication ransomware leveraging AI for development.
- **Infostealer Malware:** A category of malware explicitly mentioned as being built using Qwen LLM.
- **Prompt Injection:** An attack vector highlighted against DeepSeek R1, demonstrating a vulnerability in the LLM framework itself.
- **Meta Llama models:** Mentioned alongside DeepSeek and Qwen as open-weight alternatives attractive to developers.
- **OpenAI LLMs:** Mentioned as the industry standard that is investing heavily in improving development capabilities, which will eventually benefit both enterprises and criminals.
***
# Tool/Technique: Funksec Ransomware
## Overview
Funksec is noted as one of the first active ransomware families specifically employing AI capabilities (leveraging LLMs like Qwen) in its development process. The actor behind it is considered not highly technical, suggesting AI was used to assemble or improve code recycled from other ransomware strains.
## Technical Details
- Type: Malware family (Ransomware)
- Platform: Unknown (Implied Windows/Enterprise systems based on typical ransomware targets)
- Capabilities: Disrupts services and encrypts target data.
- First Seen: Check Point released a report on Funksec in January [2025].
## MITRE ATT&CK Mapping
- **TA0009 - Collection**
- **TA0010 - Exfiltration**
- **TA0011 - Command and Control**
- **TA0018 - Impact**
- **T1486 - Data Encrypted for Impact**
- **T1490 - Inhibit System Recovery**
## Functionality
### Core Capabilities
- Data encryption.
- Service disruption.
### Advanced Features
- Reliance on AI assistance for development, suggesting rapid adaptation or simplified deployment for low-skill actors.
## Indicators of Compromise
- File Hashes: N/A (Specific hashes not provided in context)
- File Names: N/A
- Registry Keys: N/A
- Network Indicators: N/A
- Behavioral Indicators: Execution exhibiting core ransomware actions (encryption, service termination).
## Associated Threat Actors
- Unspecified actor deemed "not very technical" who utilized AI to refine recycled code.
## Detection Methods
- Signature-based detection: Check Point analysts have direct knowledge, suggesting signatures should target its specific deployment method or payload.
- Behavioral detection: Monitoring for file encryption activity characteristic of ransomware.
- YARA rules if available: N/A
## Mitigation Strategies
- Standard ransomware mitigation strategies: Backups, network segmentation, application control, and strong endpoint detection and response (EDR).
- Monitoring for deviations or improvements in ransomware strains known to use AI assistance.
## Related Tools/Techniques
- AI/LLMs (DeepSeek, Qwen) used in its development.
- Other Ransomware families (source of recycled code).
***
# Tool/Technique: Infostealer Malware (AI-Assisted)
## Overview
A category of malware efficiently designed to steal credentials and personal data. A cybercriminal was observed using Alibaba's Qwen LLM to develop a functional version of this malware, indicating LLMs are enabling low-skill actors to create effective data-stealing tools.
## Technical Details
- Type: Malware family (Infostealer)
- Platform: Unknown (Implied Windows/Desktop operating systems based on data theft targets)
- Capabilities: Highly efficient at stealing credentials and personal data.
- First Seen: Observation noted around February 2025.
## MITRE ATT&CK Mapping
- **TA0006 - Credential Access**
- **T1003 - OS Credential Dumping**
- **T1555 - Credentials from Managed Component**
- **TA0009 - Collection**
## Functionality
### Core Capabilities
- Stealing user credentials.
- Exfiltrating personal data.
### Advanced Features
- Simple to develop thanks to LLM assistance (Qwen), requiring low technical skill from the actor.
## Indicators of Compromise
- File Hashes: N/A
- File Names: N/A
- Registry Keys: N/A
- Network Indicators: N/A (Focus is on theft efficiency, C2 structure unknown)
- Behavioral Indicators: Processes attempting to access credential stores or browser data; network activity exfiltrating small packets of structured data.
## Associated Threat Actors
- Low-level malicious actors empowered by LLMs.
## Detection Methods
- Signature-based detection: Signatures targeting known infostealer payloads, enhanced by looking for code artifacts traceable to LLM generation patterns.
- Behavioral detection: Monitoring for common infostealer behaviors like access to specific credential files or credential harvesting APIs.
- YARA rules if available: N/A
## Mitigation Strategies
- Multi-factor authentication (MFA) enforcement.
- Use of credential protection software.
- Limiting user permissions to prevent broad data access.
## Related Tools/Techniques
- Alibaba Qwen LLM (The development tool).
- General Infostealer techniques.