344
Productivity & Workflow355
Automation & Workflow224
Software Development251
Marketing & Growth192
AI Infrastructure & MLOps174
Writing & Content Creation203
Data & Analytics141
Design & Creative170
Photography & Imaging156
Customer Support131
Sales & Outreach125
Voice & Speech135
Education & Learning131
Operations & Admin87
Sysdig says an AI agent ran the technical steps of a ransomware attack, but a person still picked the target and supplied stolen login details.
In short: Researchers described a ransomware attack where an AI agent did the hacking steps, but later details show a human still set it up and chose the victim.
Security researchers at Sysdig reported what they called the first known case of “agentic ransomware,” meaning a software agent (an AI program that can take actions on its own) carried out the technical work of a real ransomware attack. Ransomware is a type of digital break-in where attackers lock up a company’s files and demand money to unlock them.
The operation, dubbed JadePuffer, used an AI agent to break into a vulnerable server, move through the victim’s network, encrypt files, and write a ransom note. Sysdig said the AI adapted to obstacles, including fixing a failed login quickly, while leaving behind notes that explained what it was doing.
After some early headlines suggested there was “no human at the keyboard,” Sysdig’s Michael Clark told CyberScoop that a person was still involved. He said a human chose the victim, set up the servers used to run and manage the attack (like setting up a base of operations), and provided stolen login credentials. Those credentials were obtained earlier and handed to the operation, rather than being stolen by the AI agent during the attack.
Sysdig also clarified a separate detail about stolen keys for services like OpenAI, Anthropic, DeepSeek, and Gemini. Clark told TechCrunch those keys were items the attacker stole, not proof that multiple AI models powered the attack. Sysdig said it could not identify which specific model was driving the agent.
This shows AI can speed up parts of cybercrime, even if people still handle key decisions and setup. For everyday users and businesses, it is another reminder that known software flaws and reused or stolen passwords can be the weak link.
Source: TechCrunch AI