FTFuture Technology
SECURITY

The 'First' AI-Run Ransomware Attack Still Needed a Human to Pull It Off

· 3 min read · By Nath Connell

Key takeaways

  • AI handled reconnaissance, personalised phishing at scale, and real-time malware adaptation to evade antivirus detection
  • A human operator was still required to authorise final deployment and manage extortion negotiations
  • AI-assisted phishing collapses the cost of personalised spear-phishing from hours per target to near zero at scale

Everyone has been bracing for the moment AI goes fully rogue in the cybercrime world. A fully autonomous ransomware operation, no humans required, systems compromised and ransoms demanded without a single person lifting a finger. According to new reporting from TechCrunch, we are not there yet, and the story of why is actually more reassuring than the headline suggests.

What's being billed as the 'first AI-run ransomware attack' turned out to still require a human operator at a critical stage. Security researchers analysing the incident found that while AI was used extensively throughout the attack chain, including for reconnaissance, crafting phishing messages, and adapting the malware payload to evade detection, a human had to step in to authorise the final deployment and manage the extortion communication.

What the AI Actually Did

The breakdown is telling. The AI components handled the time-consuming, repetitive groundwork that human hackers traditionally find tedious and error-prone. It scanned targets for vulnerabilities, personalised lure emails based on scraped information about specific employees, and modified the ransomware code in real time to dodge antivirus signatures. That is genuinely new, and genuinely concerning.

Before this, personalised spear-phishing at scale was expensive and slow. A skilled attacker might spend hours crafting a convincing email for one high-value target. AI collapses that cost to near zero across thousands of potential victims simultaneously. The attack surface grows enormously when attackers can individualise every lure without additional effort.

But here is where the human bottleneck matters. The authorisation and negotiation steps, the parts that require real-world judgment about when to strike, how much to demand, and how to respond to a panicked IT team, still relied on a person. That is partly because current AI models are still cautious about explicitly facilitating harm when directly prompted, and partly because the attackers apparently did not trust the AI to negotiate without making costly mistakes.

Why 'Still Needed a Human' Is Not a Comfort

It would be a mistake to read this story as good news. The human-in-the-loop is a technical limitation right now, not a permanent feature. Each generation of models is more capable of autonomous multi-step reasoning, and the gap between 'AI helps with ransomware' and 'AI runs ransomware end-to-end' is narrowing faster than most security teams are prepared for.

The future, in 3 minutes a day. The biggest tech story explained every morning, free. Get the briefing →

There is also a skills threshold implication. Ransomware operations have historically required serious technical expertise to run effectively. If AI handles the hard parts, the barrier to entry drops dramatically. Researchers call this the 'script kiddie upgrade path', where attackers with limited skills can now operate at a level that previously required years of experience and specialist knowledge.

Defenders are not standing still. Several security companies are deploying their own AI systems specifically to detect AI-generated phishing, which tends to have statistical patterns distinguishable from human-written text. Whether that detection arms race stays even is an open question.

What Organisations Should Do Now

The practical implications are fairly clear. Multi-factor authentication and zero-trust architecture matter more than ever, because AI-assisted phishing is significantly better at fooling employees than the generic 'Nigerian prince' era of attacks. Security awareness training needs updating, because the old advice to look for spelling errors and awkward phrasing is increasingly useless against AI-polished lures.

Backup hygiene remains the most boring and most effective defence. If your data is backed up securely and can be restored quickly, ransomware loses most of its leverage regardless of how cleverly it was deployed.

The Canadian Security Intelligence Service, separately reported this week to have hacked drug traffickers and a ransomware gang last year, is one signal that governments are moving toward more aggressive offensive postures against cybercriminal infrastructure. That is a different lever entirely, but it suggests the threat environment is serious enough that state actors are taking direct action.

The first 'AI-run' ransomware attack needed a human. The second one might not.

Sources

Get the briefing, free

The biggest tech story, explained in 3 minutes every weekday. Choose your briefings →

Free. No spam. Unsubscribe in one click.