Skip to Content
logologo
AI Incident Database
Open TwitterOpen RSS FeedOpen FacebookOpen LinkedInOpen GitHub
Open Menu
Descubrir
Enviar
  • Bienvenido a la AIID
  • Descubrir Incidentes
  • Vista espacial
  • Vista Tabular
  • Vista de lista
  • Entidades
  • Taxonomías
  • Enviar Informes de Incidentes
  • Ranking de Reportadores
  • Blog
  • Resumen de noticias de IA
  • Control de Riesgos
  • Incidente aleatorio
  • Registrarse
Colapsar
Descubrir
Enviar
  • Bienvenido a la AIID
  • Descubrir Incidentes
  • Vista espacial
  • Vista Tabular
  • Vista de lista
  • Entidades
  • Taxonomías
  • Enviar Informes de Incidentes
  • Ranking de Reportadores
  • Blog
  • Resumen de noticias de IA
  • Control de Riesgos
  • Incidente aleatorio
  • Registrarse
Colapsar
Entidades

Fancy Bear

Incidents involved as Deployer

Incidente 12202 Reportes
LAMEHUG Malware Reportedly Integrates Large Language Model for Real-Time Command Generation in a Purported APT28-Linked Cyberattack

2025-07-10

Ukraine's CERT-UA and Cato CTRL reported LAMEHUG, the first known malware to integrate a large language model (Qwen2.5-Coder-32B-Instruct via Hugging Face) for real-time command generation. Attributed with moderate confidence to APT28 (Fancy Bear), the malware reportedly targeted Ukrainian officials through phishing emails. The LLM is reported to have dynamically generated reconnaissance and data-exfiltration commands executed on infected systems.

Más

Entidades relacionadas
Otras entidades que están relacionadas con el mismo incidente. Por ejemplo, si el desarrollador de un incidente es esta entidad pero el implementador es otra entidad, se marcan como entidades relacionadas.
 

Entity

APT28

Incidents involved as Deployer
  • Incidente 1220
    2 Report

    LAMEHUG Malware Reportedly Integrates Large Language Model for Real-Time Command Generation in a Purported APT28-Linked Cyberattack

Más
Entity

Alibaba

Incidents involved as Developer
  • Incidente 1220
    2 Report

    LAMEHUG Malware Reportedly Integrates Large Language Model for Real-Time Command Generation in a Purported APT28-Linked Cyberattack

Más
Entity

hugging face

Incidents involved as Developer
  • Incidente 1220
    2 Report

    LAMEHUG Malware Reportedly Integrates Large Language Model for Real-Time Command Generation in a Purported APT28-Linked Cyberattack

Más
Entity

Government of Ukraine

Afectado por Incidentes
  • Incidente 1220
    2 Report

    LAMEHUG Malware Reportedly Integrates Large Language Model for Real-Time Command Generation in a Purported APT28-Linked Cyberattack

Más
Entity

Ukrainian government ministries

Afectado por Incidentes
  • Incidente 1220
    2 Report

    LAMEHUG Malware Reportedly Integrates Large Language Model for Real-Time Command Generation in a Purported APT28-Linked Cyberattack

Más
Entity

Ukrainian government officials

Afectado por Incidentes
  • Incidente 1220
    2 Report

    LAMEHUG Malware Reportedly Integrates Large Language Model for Real-Time Command Generation in a Purported APT28-Linked Cyberattack

Más
Entity

Public sector information systems

Afectado por Incidentes
  • Incidente 1220
    2 Report

    LAMEHUG Malware Reportedly Integrates Large Language Model for Real-Time Command Generation in a Purported APT28-Linked Cyberattack

Más
Entity

National cybersecurity infrastructure of Ukraine

Afectado por Incidentes
  • Incidente 1220
    2 Report

    LAMEHUG Malware Reportedly Integrates Large Language Model for Real-Time Command Generation in a Purported APT28-Linked Cyberattack

Más
Entity

State institutions targeted by espionage operations

Afectado por Incidentes
  • Incidente 1220
    2 Report

    LAMEHUG Malware Reportedly Integrates Large Language Model for Real-Time Command Generation in a Purported APT28-Linked Cyberattack

Más
Entity

Qwen2.5-Coder-32B-Instruct

Incidents implicated systems
  • Incidente 1220
    2 Report

    LAMEHUG Malware Reportedly Integrates Large Language Model for Real-Time Command Generation in a Purported APT28-Linked Cyberattack

Más
Entity

Hugging Face API platform

Incidents implicated systems
  • Incidente 1220
    2 Report

    LAMEHUG Malware Reportedly Integrates Large Language Model for Real-Time Command Generation in a Purported APT28-Linked Cyberattack

Más
Entity

LAMEHUG malware family

Incidents implicated systems
  • Incidente 1220
    2 Report

    LAMEHUG Malware Reportedly Integrates Large Language Model for Real-Time Command Generation in a Purported APT28-Linked Cyberattack

Más
Entity

PyInstaller-compiled Python executables

Incidents implicated systems
  • Incidente 1220
    2 Report

    LAMEHUG Malware Reportedly Integrates Large Language Model for Real-Time Command Generation in a Purported APT28-Linked Cyberattack

Más
Entity

Flux AI image generation API

Incidents implicated systems
  • Incidente 1220
    2 Report

    LAMEHUG Malware Reportedly Integrates Large Language Model for Real-Time Command Generation in a Purported APT28-Linked Cyberattack

Más
Entity

stayathomeclasses[.]com exfiltration endpoint

Incidents implicated systems
  • Incidente 1220
    2 Report

    LAMEHUG Malware Reportedly Integrates Large Language Model for Real-Time Command Generation in a Purported APT28-Linked Cyberattack

Más
Entity

144[.]126[.]202[.]227 SFTP server

Incidents implicated systems
  • Incidente 1220
    2 Report

    LAMEHUG Malware Reportedly Integrates Large Language Model for Real-Time Command Generation in a Purported APT28-Linked Cyberattack

Más

Investigación

  • Definición de un “Incidente de IA”
  • Definición de una “Respuesta a incidentes de IA”
  • Hoja de ruta de la base de datos
  • Trabajo relacionado
  • Descargar Base de Datos Completa

Proyecto y Comunidad

  • Acerca de
  • Contactar y Seguir
  • Aplicaciones y resúmenes
  • Guía del editor

Incidencias

  • Todos los incidentes en forma de lista
  • Incidentes marcados
  • Cola de envío
  • Vista de clasificaciones
  • Taxonomías

2024 - AI Incident Database

  • Condiciones de uso
  • Política de privacidad
  • Open twitterOpen githubOpen rssOpen facebookOpen linkedin
  • 3303e65