AI brings back real trojan horse malware

Aug. 13, 2025, 3:17 p.m.

Description

Trojan horses, once rare, are making a resurgence due to AI and Large Language Models (LLMs). These new trojans, disguised as legitimate applications like recipe apps or AI-powered image search tools, are evading traditional security measures. They appear professional, pass VirusTotal scans, and exploit users' trust. Examples include JustAskJacky, which executes hidden commands, and TamperedChef, which hides malicious code in recipe whitespace. LLMs enable threat actors to create convincing websites and functional applications easily, making trojans indistinguishable from legitimate software. This trend challenges conventional user caution and static antivirus scanning, necessitating advanced security measures like context, behavior, and dynamic analysis for detection.

External References

https://www.gdatasoftware.com/blog/2025/08/38247-justaskjacky-ai-trojan-horse-comeback
https://feeds.feedblitz.com/~/923165480/0/gdatasecurityblog-en~JustAskJacky-AI-causes-a-Trojan-Horse-Comeback
https://www.gdatasoftware.com/fileadmin/_processed_/b/2/G_DATA_Blog_TrojanHorsesComeback_Title_EN_b2e3c2cec1.jpg
https://otx.alienvault.com/pulse/689c6f07a14917dcce906882
Tags
steganography
ai
virustotal
llm
2025-08-13
justaskjacky
antivirus evasion
tamperedchef
trojan horse

Date

  • Created: Aug. 13, 2025, 10:55 a.m.
  • Published: Aug. 13, 2025, 10:55 a.m.
  • Modified: Aug. 13, 2025, 3:17 p.m.

Attack Patterns

  • TamperedChef
  • JustAskJacky

Additional Informations

  • Healthcare