LIVE THREATS
HIGH Malicious npm Package Targets Claude AI Users via Supply Chain Attack // HIGH Multi-Agent LLM System Discovers 29 Zero-Day Vulnerabilities in Open-Source Projects // HIGH Russia-Linked GreyVibe Weaponises ChatGPT and Gemini Across Full Attack Lifecycle // HIGH Russian GreyVibe Group Weaponises ChatGPT and Gemini for Cyberespionage // MEDIUM SQLite Bans Agentic Code Submissions as AI Bug Report Floods Begin // MEDIUM AI Bills of Materials Emerge as Critical Tool for ML Supply Chain Risk // HIGH Anthropic's Claude Mythos Autonomously Uncovers 10,000 Critical Software Flaws // HIGH LLM Coding Agents Collapse Under Structural Constraints, Study Finds // MEDIUM SentinelOne Prompt Security Targets Agentic AI Trust Verification Gap // MEDIUM Google's Gemini Spark Agent Raises Prompt Injection Risks at Enterprise Scale //
ATLAS OWASP HIGH Significant risk · Prioritise patching LLM Security Adversarial ML Industry News Research RELEVANCE ▲ 7.5

Russia-Linked GreyVibe Weaponises ChatGPT and Gemini Across Full Attack Lifecycle

SOURCE SecurityWeek ↗
TL;DR HIGH
  • What happened: GreyVibe uses ChatGPT, Gemini, and Ideogram AI to accelerate malware development and phishing operations against Ukraine.
  • Who's at risk: Ukrainian military, government, civilian, and business entities are the primary targets, though the AI-assisted TTPs are transferable to any adversary campaign.
  • Act now: Hunt for LLM-characteristic code artefacts (verbose comments, stylistic inconsistencies) in malware samples as detection signals · Deploy behavioural detection rules targeting LegionRelay IOCs and similarly structured AI-generated loaders · Brief threat intelligence teams on AI-augmented adversary workflows to update attribution and triage methodologies
Russia-Linked GreyVibe Weaponises ChatGPT and Gemini Across Full Attack Lifecycle

Overview

WithSecure researchers have published findings on GreyVibe, a previously undocumented threat actor assessed with high confidence as Russia-nexus, operating primarily against Ukrainian military, government, civilian, and business targets since August 2025. What distinguishes GreyVibe from other Russia-aligned groups is the systematic, end-to-end integration of commercial AI tools — including ChatGPT, Google Gemini, and Ideogram AI — across every stage of its attack lifecycle. The case serves as a concrete, documented example of how AI is lowering the technical barrier for moderately skilled threat actors to conduct sophisticated campaigns.

Technical Analysis

GreyVibe’s AI usage spans the full kill chain:

  • Resource Development: AI tools were used to generate obfuscation routines and loader scripts, compressing what would previously have required specialised malware development skill.
  • Lure and Infrastructure Creation: Ideogram AI was used to generate convincing fake website assets and phishing lures targeting Ukrainian entities.
  • Malware Development: The group’s primary implant, LegionRelay (a Windows-targeting backdoor), was substantially generated via LLM-assisted coding workflows using ChatGPT and Gemini.
  • Post-Compromise Tooling: AI-generated scripts were deployed for post-exploitation activity, further reducing operational overhead.

Critically, LLM-assisted development introduced design flaws into LegionRelay that would be atypical of elite state actors. These flaws — likely artefacts of uncritically accepted AI-generated code — inadvertently created stable forensic signatures that allowed WithSecure to monitor GreyVibe activity over an extended period. This represents an underappreciated security dynamic: AI-generated malware may be faster to produce but can carry distinctive and exploitable imperfections.

Additional OPSEC indicators — including naming conventions such as letsrollboyos, totallyunsus, and cuteuwu in development artefacts — suggest at least some GreyVibe operators are not traditional elite state actors, pointing toward a possible hybrid cybercriminal/state-aligned model.

Framework Mapping

  • AML.T0047 (ML-Enabled Product or Service): GreyVibe directly weaponises commercial LLM products (ChatGPT, Gemini) as offensive development infrastructure.
  • AML.T0043 (Craft Adversarial Data): AI-generated phishing lures represent adversarially crafted social engineering content at scale.
  • LLM02 (Insecure Output Handling): The design flaws introduced by uncritical acceptance of LLM-generated malware code exemplify the risks of overreliance on AI output without security review.
  • LLM09 (Overreliance): The threat actor’s dependency on AI-generated code without adequate validation led to exploitable implementation errors.

Impact Assessment

The immediate impact is concentrated on Ukrainian targets across government, military, and civilian sectors. However, the broader implication is strategic: GreyVibe demonstrates that mid-tier threat actors can now achieve attack velocity and sophistication previously associated with elite groups by integrating AI tooling. As LLMs improve, the quality ceiling of AI-assisted malware will rise, reducing the forensic advantages defenders currently gain from AI-introduced flaws.

Mitigation & Recommendations

  1. Develop LLM-artefact detection signatures: AI-generated code carries stylistic fingerprints (verbose inline comments, atypical variable naming, structural repetition). Incorporate these into static malware analysis pipelines.
  2. Track hybrid actor models: Attribution frameworks should account for cybercriminal/state-aligned hybrid groups that may behave inconsistently with established APT profiles.
  3. Monitor AI platform abuse: Work with threat intelligence partners to flag indicators of commercial LLM abuse for offensive tooling development.
  4. Harden Ukrainian-sector organisations: Prioritise phishing-resistant MFA and endpoint detection for organisations operating in sectors targeted by GreyVibe.

References

◉ AI THREAT BRIEFING

Stay ahead of the threat.

Twice-weekly digest of critical AI security developments — every story mapped to MITRE ATLAS and OWASP LLM Top 10. Free.

No spam. Unsubscribe anytime.