Sysdig says JadePuffer is the 1st documented autonomous AI ransomware
Cybersecurity firm Sysdig just spotted JadePuffer, a new ransomware that it said is making history: it is the first documented attack run entirely by an autonomous AI agent.
Powered by a large language model, this AI broke into systems, stole credentials, moved across networks, and encrypted data, all without any human hacker behind the scenes.
JadePuffer rewrote code, encrypted 1,342 configs
JadePuffer rewrote its own code on the fly to dodge obstacles, like fixing login errors in seconds and adapting to weird data formats.
It exploited a Langflow vulnerability to steal cloud credentials and hit an Alibaba Nacos server, locking up all 1,342 config items with a Bitcoin ransom demand.
But here is the twist: the ransom note included a placeholder cryptocurrency address copied from its training data, so the attackers likely couldn't collect any money even if the victim paid.
That mistake helped researchers identify it as AI-driven.