Redazione RHC : 15 September 2025 19:44
A new EvilAI malware campaign tracked by Trend Micro has demonstrated how artificial intelligence is increasingly becoming a tool for cybercriminals. In recent weeks, dozens of infections have been reported worldwide, with the malware masquerading as legitimate AI-powered apps and displaying professional-looking interfaces, functional features, and even valid digital signatures. This approach allows it to bypass the security of both corporate systems and home devices.
| Country | Count |
| India | 74 |
| United States | 68 |
| France | 58 |
| Italy | 31 |
| Brazil | 26 |
| Germany | 23 |
| United Kingdom | 14 |
| Norway | 10 |
| Spain | 10 |
| Canada | 8 |
analysts began monitoring the threat on August 29 and within a week had already noticed a wave of large-scale attacks. The largest number of cases was detected in Europe (56), followed by the Americas and AMEA regions (29 each). By country, India leads with 74 incidents, followed by the United States with 68 and France with 58. The list of victims also included Italy, Brazil, Germany, Great Britain, Norway, Spain, and Canada.
The most affected sectors are manufacturing, public, medical, technology, and retail. The spread was particularly severe in the manufacturing sector, with 58 cases, and in the public and healthcare sectors, with 51 and 48 cases, respectively.
EvilAI is distributed via newly registered fake domains, malicious advertisements, and forum links. The installers use neutral but plausible names like App Suite, PDF Editor, or JustAskJacky, which reduces suspicion.
Once launched, these apps offer real functionality, from document processing to recipes to AI-powered chat, but they also incorporate a hidden Node.js loader. It injects obfuscated JavaScript code with a unique identifier into the Temp folder and executes it via a minimized node.exe process.
Persistence on the system occurs in several ways simultaneously: a Windows scheduler task is created in the form of a system component named sys_component_health_{UID}, a Start menu shortcut and an autoload key are added to the registry. The task is triggered every four hours, and the registry ensures it’s activated on login.
This multi-layered approach makes threat removal particularly laborious. All code is built using language models, which allow for a clean, modular structure and bypasses static signature analyzers. Complex obfuscation provides additional protection: control flow alignment with MurmurHash3-based loops and Unicode-encoded strings.
To steal data, EvilAI uses Windows Management Instrumentation and registry queries to identify active Chrome and Edge processes. These are then forcibly terminated to unlock the credential files. The “Web Data” and “Preferences” browser settings are copied with the Sync suffix to the original profile directories and then stolen via HTTPS POST requests.
The communication channel with the command and control server is encrypted using the AES-256-CBC algorithm with a key generated based on the unique infection ID. Infected machines regularly query the server, receiving commands to download additional modules, modify registry parameters, or launch remote processes.
Experts advise organizations to rely not only on digital signatures and application appearance, but also to check distribution sources and pay particular attention to programs from new publishers. Behavioral mechanisms that record unexpected Node.js launches, suspicious scheduler activity, or startup entries can provide protection.
Redazione