AI appears to have powered the development of the Koske malware.

Koske is a Linux cryptomining threat that leverages AI-generated, modular code and stealthy polyglot JPEG payloads to avoid detection. It spreads via misconfigured JupyterLab instances, installs backdoors, and unpacks shellcode and a rootkit hidden inside Panda images. The malware selects CPU- or GPU-based miners to mine a variety of cryptocurrencies and self-heals its network access by resetting proxies and firewall rules if needed. Its sophisticated persistence mechanisms and clean, defensive scripting strongly indicate significant use of large language models in its creation.

Read more:

https://www.securityweek.com/sophisticated-koske-linux-malware-developed-with-ai-aid/