Invisible C2 — thanks to AI-powered techniques
Just about every cyberattack needs a Command and Control (C2) channel — a way for attackers to send instructions to compromised systems and receive stolen data. This gives us all a chance to see attacks that are putting us at risk.

Traditionally, C2 traffic might be disguised as normal web traffic, DNS queries, or go through known platforms like Slack or Telegram. Now, LLMs are helping attackers to even better hide C2 communications in plain sight and even to automate the decision-making on the attacker’s behalf, reducing or eliminating the need for C2. In this post, I explore how AI models can be used to obfuscate C2, making detection extremely challenging. Building off the last post about polymorphic attacks, I look at real examples, why updated approaches escape the detection of network security, and conclude by briefly examining how adaptive models might help.
Once again, this is not intended to be a DeepTempo pitch. Rather, I am examining advanced and emerging attack patterns in some depth. It is only by understanding today’s rapidly innovating adversaries that we can effectively respond.
The Emergence of AI-Covert Channels
Using well-known legitimate services for C2 is not new — “domain fronting” and “living off the land” have been around for a while. What LLMs add is flexibility and improved believability:
- Using AI APIs as C2: As detailed in my last blog, some malware authors have realized they can piggyback on AI APIs, including OpenAI to fetch instructions or code. To a defender, traffic to api.openai.com doesn’t raise an eyebrow, whereas traffic to an unknown IP would. The malware can ask the AI for instructions in natural language, effectively turning the AI into an unwitting proxy for the attacker.
- Natural Language Steganography: LLMs can generate human-like text that includes hidden instructions. For example, an attacker could prompt an LLM to produce an innocuous-looking email or document containing encoded commands, such as the first letter of each sentence or another pattern that the malware knows to parse
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.This article has been indexed from Security BoulevardRead the original article: