“The long-awaited era of sophisticated AI-generated malware has likely begun”
Check Point warns that VoidLink may be only the first glimpse of a far larger, largely invisible threat.
Check Point Research has identified what it describes as the first documented case of advanced malware developed using AI, according to a report released by the company on Tuesday. The malware, dubbed VoidLink, was built through an AI-driven development process and reached an operational stage in under a week.
“During the initial investigation, we believed the malware, VoidLink, had been developed by a well-resourced organization, potentially for commercial use or as part of a targeted espionage operation,” the report said. “This was not the case. It is spyware built by a single actor through an AI-driven development process, reaching an operational stage in under a week.”
Since the rise of chatbots based on large language models (LLMs), which enable users to write code and develop applications by providing instructions to a chatbot, cyber researchers have already identified several malware samples written with AI assistance. However, those examples were generally low quality and limited in capability. “Until now, AI-based malware has been primarily linked either to inexperienced actors or to malware that largely replicates the functionality of existing open-source tools. VoidLink is the first case that demonstrates how dangerous AI can become in the hands of more experienced threat actors,” Check Point said.
According to the researchers, the malware shows a high level of maturity, advanced functionality, an efficient architecture, and a dynamic, flexible operational structure. “VoidLink was built in a modular way, allowing new capabilities to be added quickly as needed,” Eli Smadja, a group manager in Check Point’s research, told Calcalist. “It includes particularly deep concealment layers that allow it to embed itself in the system, hide its presence, and disappear entirely if attempts are made to inspect or analyze it.
“This is not just malicious code, but almost a full operating system for attacks,” Smadja added. “It includes a management server, a control interface, and a dashboard that enables structured operation of the attack. The malware’s central focus is on controlling cloud services by stealing access credentials for cloud systems, development tools, and code repositories. The implication is not only access to a single computer, but the ability to take over entire infrastructures, business services, and even software development and distribution processes.” Smadja added that the malware was likely developed by an actor with ties to China.
The development of the malware likely took place in November and was carried out using Trae Solo, an AI-based programming and development environment. A mistake by the developer exposed supporting files and explanatory materials generated by the environment, enabling Check Point researchers to track its development and capabilities. “We were able to see in real time how it changed rapidly and evolved from a functional application into a broad, modular framework,” the report said. “Over time, components such as a command-and-control system were added. Leaked documents indicated that three separate teams worked on different aspects of the project over 30 weeks. However, in real time, we observed the malware’s capabilities developing at a far faster pace. A deeper investigation revealed that the development plan itself was generated by an AI model, and that in less than a week, a single individual was able to turn VoidLink from a concept into a functioning and evolving system.”
According to the report, the reason for the gap is that the AI model planned the malware’s development as a 30-week project to be carried out by a human team. However, because the model effectively executed the project itself, it was able to complete the roughly 88,000 lines of code required within about a week from the start of the project.
“The long-awaited era of sophisticated AI-generated malware has likely begun,” the report concluded. “In the hands of individual experienced threat actors or malware developers, AI can build sophisticated, stealthy, and stable malware frameworks that resemble those created by sophisticated and experienced threat groups.
“Our investigation into VoidLink leaves many open questions, one of them deeply unsettling. We only uncovered its true development story because we had a rare glimpse into the developer’s environment, a visibility we almost never get. Which begs the question: how many other sophisticated malware frameworks out there were built using AI, but left no artifacts to tell?”
