Evilai Operators Use AI-Generated Code and Fake Apps for Far-Reaching Attacks

Postedabout 1 month agoActiveabout 1 month ago

LiamPowell

2 points

1 comments

trendmicro.comSecuritystory

informativenegative

Debate

40/100

AI SecurityMalwareCyber Attacks

Key topics

AI Security

Malware

Cyber Attacks

Discussion Activity

Light discussion

First comment

46s

Peak period

0-1h

Avg / period

Key moments

01Story posted
Nov 30, 2025 at 3:22 AM EST
about 1 month ago
Step 01
02First comment
Nov 30, 2025 at 3:23 AM EST
46s after posting
Step 02
03Peak activity
1 comments in 0-1h
Hottest window of the conversation
Step 03
04Latest activity
Nov 30, 2025 at 3:23 AM EST
about 1 month ago
Step 04

Generating AI Summary...

Analyzing up to 500 comments to identify key contributors and discussion patterns

Discussion (1 comments)

Showing 1 comments

LiamPowellAuthor

about 1 month ago

The main reason I'm posting this is not because this malware is particularly interesting (although seeing this sort of AI use in the wild is interesting) but because of how it's ending up on people's machines. Specifically, it's being widely advertised via Google ads using the most obviously malicious ads I've seen in a very long time: https://adstransparency.google.com/advertiser/AR129387695568...

I'm really surprised to see that Google has let 2000 of these ads through without catching them and that they have not removed them after reports from weeks ago. When clicking in the ads an exe file is immediately downloaded, which you'd think some tool at Google would be able to trivially catch.

View full discussion on Hacker News

ID: 46094878Type: storyLast synced: 11/30/2025, 8:48:06 AM

Want the full context?

Jump to the original sources

Read the primary article or dive into the live Hacker News thread when you're ready.

Open link View on HN