JadePuffer: the first case of a full-fledged autonomous cyber attack using agent AI

Sysdig researchers have officially confirmed the first known case where an agent based on a large language model (LLM) was able to independently execute a complete cycle of a cyberattack. The malicious ransomware, called JadePuffer, worked autonomously, eliminating the need for human involvement in the management process.

During the attack, the AI ​​​​agent performed system reconnaissance, successfully stole credentials, secured a foothold in a compromised environment, elevated its privileges, and eventually encrypted the victim’s files.

Attack vector and technical details

The JadePuffer penetration began with the exploitation of the critical vulnerability CVE-2025-3248 in the Langflow platform, which is widely used by developers to build AI-based applications.

Results of automated hacking

  • System information collection and credential search are automated.
  • Unauthorized access to linked servers.
  • Successful attack on Alibaba Nacos server.
  • Encryption of 1342 configuration records.

Features of agent AI work

The main difference between JadePuffer and traditional malware is a high level of autonomy and adaptability. If the execution of a certain command led to an error, the agent did not stop work, but independently analyzed the situation, adjusted its actions and continued the attack. One of the clear examples is bypassing the authentication system in just 31 seconds.

Sysdig experts also noted unique artifacts in the generated code. The agent left comments in natural language that explained in detail the logic of the actions taken.

Code errors as a result of using LLM

Despite the technical complexity of the attack, the researchers emphasized the errors inherent in the work of current models. For example, the attacker used a test wallet, which is often found in training documentation, and instead of the claimed AES-256, the weaker encryption algorithm AES-128-ECB was actually used.

The future of cyber security

Experts warn that the use of such agents can significantly lower the entry threshold for cybercriminals, allowing for the automation of complex attack chains. However, there are still predictable traces (patterns) in the operation of current LLMs that allow modern monitoring systems to detect such threats. The expert community calls for more attention to be paid to the protection of environments using LLM development tools.


Don't miss interesting news

Subscribe to our channels and read announcements of high-tech news, tes

Leave a Reply

Your email address will not be published. Required fields are marked *





Articles & testsArticles

Oppo A6 Pro smartphone review: ambitious Oppo A6 Pro (CPH2799)

Creating new mid-range smartphones is no easy task. Manufacturers have to balance performance, camera capabilities, displays, and the overall cost impact of each component. How the new Oppo A6 Pro balances these factors is discussed in our review.


Sony WF-1000XM6 Bluetooth headphones review: full power

The new Sony WF-1000XM6 headphones have slightly changed their shape compared to their predecessor, received a new processor, an improved noise cancellation system, more microphones, and generally made a noticeable step forward technically.


NewsNews
| 11.04
Trendnet TPE-BG350: meet the budget switch with 2.5 Gbps and PoE++ 135W

Trendnet introduced the TPE-BG350 5-port switch supporting 2.5 Gbps multi-gigabit speed and PoE++ with 135 W power. The device is designed for easy modernization of office networks without replacing wiring.

| 10.08
JadePuffer: the first case of a full-fledged autonomous cyber attack using agent AI

Cyber ​​security experts Sysdig recorded a precedent when the LLM-based JadePuffer ransomware independently carried out an attack without human intervention.