Campaigns
Rise of the AI-Driven Espionage Engine: Inside the New Age of Autonomous Cyber Operations

Rise of the AI-Driven Espionage Engine: Inside the New Age of Autonomous Cyber Operations

AgenticAIGTG-1002AI-orchestrated cyberattackAIDrivenIntrusion
A Chinese state-linked group misused autonomous AI to launch a large cyber espionage campaign in September 2025, targeting about thirty major global organizations. Only a few breaches succeeded, but the operation stands out as one of the first large-scale attacks carried out with minimal human involvement, showing how quickly AI-driven threats are advancing.

Indicators of Compromise

No domains found for this campaign

Campaign Guidance

Remediation, mitigation, notes, history and related intelligence

REMEDIATION REF


T1595-Active Scanning


ID

Name

Analytic ID

Analytic Description

DET0830

Detection of Active Scanning

AN1962

Monitor network data for uncommon data flows. Processes utilizing the network that do not normally have network communication or have never been seen before are suspicious.
Monitor and analyze traffic patterns and packet inspection associated to protocol(s) that do not follow the expected protocol standards and traffic flows (e.g extraneous packets that do not belong to established flows, gratuitous or anomalous traffic patterns, anomalous syntax, or structure). Consider correlation with process monitoring and command line to detect anomalous processes execution and command line arguments associated to traffic patterns (e.g. monitor anomalies in use of files that do not normally initiate connections for respective protocol(s)).


T1590-Gather Victim Network Information


ID

Name

Analytic ID

Analytic Description

DET0869

Detection of Gather Victim Network Information

AN2001

Much of this activity may have a very high occurrence and associated false positive rate, as well as potentially taking place outside the visibility of the target organization, making detection difficult for defenders.

Detection efforts may be focused on related stages of the adversary lifecycle, such as during Initial Access.


T1593-Search Open Websites/Domains


ID

Name

Analytic ID

Analytic Description

DET0856

Detection of Search Open Websites/Domains

AN1988

Much of this activity may have a very high occurrence and associated false positive rate, as well as potentially taking place outside the visibility of the target organization, making detection difficult for defenders.

Detection efforts may be focused on related stages of the adversary lifecycle, such as during Initial Access.


T1190-Exploit Public-Facing Application


ID

Name

Analytic ID

Analytic Description

DET0080

Exploit Public-Facing Application – multi-signal correlation (request → error → post-exploit process/egress)

AN0219

Adversary sends crafted HTTP/S (or other service) input to an Internet-facing app (IIS/ASP.NET, API, device portal). Chain: (1) abnormal request patterns to public endpoint → (2) elevated 4xx/5xx or unusual methods/paths → (3) server process (w3wp.exe/other service) spawns shell/LOLbins or loads non-standard modules → (4) optional outbound callback from the host/container.

AN0220

Adversary exploits Apache/Nginx/app servers. Chain: (1) suspicious requests in access logs → (2) spike of 5xx or WAF blocks → (3) web server or interpreter (apache2/nginx/php-fpm/node/python) spawns /bin/sh, curl, wget, socat, or writes webshell → (4) outbound callback.

AN0221

Adversary targets macOS-hosted public services (e.g., nginx, node). Chain: suspicious inbound request → service crash/5xx → service spawns shell or writes file → new outbound connection.

AN0222

Adversary exploits containerized app via ingress or service. Chain: (1) suspicious request in ingress/app logs → (2) container process spawns a shell/exec/sidecar (kubectl exec/docker exec) → (3) egress to Internet or metadata service (169.254.169.254).

AN0223

Adversary targets cloud-hosted public endpoints. Chain: (1) ALB/ELB/Cloud LB logs show exploit-like inputs or error spikes → (2) workload spawns shell or reaches metadata API → (3) egress to new external hosts.

AN0224

Adversary exploits exposed OpenSLP on ESXi or vCenter public endpoints. Chain: inbound request pattern to mgmt service → hostd/vpxd error/crash/restart → unexpected process behavior or datastore access → outbound callback.

AN0225

Adversary exploits public admin services on routers/firewalls/switches. Chain: anomalous HTTP/SNMP/SmartInstall inputs → device syslog errors/restarts → config changes/CLI spawn → egress to attacker C2.


T1078-Valid Accounts


ID

Name

Analytic ID

Analytic Description

DET0560

Detection of Valid Account Abuse Across Platforms

AN1543

Detection of compromised or misused valid accounts via anomalous logon patterns, abnormal logon types, and inconsistent geographic or time-based activity across Windows endpoints.

AN1544

Detection of valid account misuse through SSH logins, sudo/su abuse, and service account anomalies outside expected patterns.

AN1545

Detection of interactive and remote logins by service accounts or users at unusual times, with unexpected child process activity.

AN1546

Detection of valid account abuse in IdP logs via geographic anomalies, impossible travel, risky sign-ins, and multiple MFA attempts or failures.

AN1547

Detection of containerized service accounts or compromised kubeconfigs being used for cluster access from unexpected nodes or IPs.


 T1059-Command and Scripting Interpreter


ID

Name

Analytic ID

Analytic Description

DET0516

Behavioral Detection of Command and Scripting Interpreter Abuse

AN1428

Detects the execution of scripting or command interpreters (e.g., powershell.exe, cmd.exe, wscript.exe) outside expected administrative time windows or from abnormal user contexts, often followed by encoded/obfuscated arguments or secondary execution events.

AN1429

Detects use of shell interpreters (e.g., bash, sh, python, perl) initiated by users or processes not normally executing them, especially when chaining suspicious utilities like netcat, curl, or ssh.

AN1430

Detects launch of command-line interpreters via Terminal, Automator, or hidden osascript, especially when parent process lineage deviates from user-initiated applications.

AN1431

Detects use of 'esxcli system' or direct interpreter commands (e.g., busybox shell) invoked from SSH or host terminal unexpectedly.

AN1432

Identifies CLI interpreter access (e.g., Cisco IOS, Juniper JUNOS) via enable mode or scripting-capable sessions used by uncommon accounts or from unknown IPs.


T1068-Exploitation for Privilege Escalation


ID

Name

Analytic ID

Analytic Description

DET0514

Detection Strategy for Exploitation for Privilege Escalation

AN1419

Detects exploitation attempts targeting vulnerable kernel drivers or OS components, often followed by unusual process or token behavior.

AN1420

Detects escalation via vulnerable setuid binaries or kernel modules, often chained with unusual access to /proc/kallsyms or /dev/kmem.

AN1421

Detects use of vulnerable kernel extensions or entitlements abused via setuid or AppleScript injection chains.

AN1422

Detects container breakout behavior via exploitation (e.g., DirtyPipe, CVE-2022-0847), followed by host OS interaction or escalated capability assignment.


CONTINUE


Reports & References1

Observed Countries250

AD (245)
AE (276)
AF (282)
AG (985)
AI (917)
AL (315)
AM (682)
AO (51)
AQ (270)
AR (750)
AS (926)
AT (287)
AU (153)
AW (805)
AX (308)
AZ (820)
BA (865)
BB (540)
BD (495)
BE (116)
BF (292)
BG (937)
BH (343)
BI (583)
BJ (278)
BL (737)
BM (142)
BN (900)
BO (543)
BQ (513)
BR (747)
BS (241)
BT (753)
BV (966)
BW (617)
BY (779)
BZ (640)
CA (941)
CC (290)
CD (756)
CF (171)
CG (418)
CH (849)
CI (242)
CK (834)
CL (561)
CM (90)
CN (675)
CO (644)
CR (520)
CU (784)
CV (419)
CW (690)
CX (772)
CY (943)
CZ (606)
DE (970)
DJ (547)
DK (718)
DM (889)
DO (71)
DZ (195)
EC (187)
EE (717)
EG (527)
EH (426)
ER (871)
ES (162)
ET (989)
FI (664)
FJ (194)
FK (406)
FM (133)
FO (68)
FR (770)
GA (661)
GB (932)
GD (829)
GE (808)
GF (622)
GG (706)
GH (358)
GI (77)
GL (425)
GM (172)
GN (51)
GP (313)
GQ (927)
GR (445)
GS (439)
GT (18)
GU (405)
GW (478)
GY (732)
HK (508)
HM (938)
HN (381)
HR (971)
HT (876)
HU (136)
ID (76)
IE (596)
IL (266)
IM (227)
IN (851)
IO (270)
IQ (730)
IR (360)
IS (248)
IT (453)
JE (385)
JM (604)
JO (304)
JP (853)
KE (178)
KG (252)
KH (159)
KI (91)
KM (463)
KN (876)
KP (380)
KR (758)
KW (441)
KY (212)
KZ (277)
LA (183)
LB (971)
LC (794)
LI (341)
LK (750)
LR (903)
LS (307)
LT (622)
LU (849)
LV (397)
LY (559)
MA (366)
MC (754)
MD (509)
ME (349)
MF (197)
MG (956)
MH (28)
MK (793)
ML (827)
MM (428)
MN (455)
MO (962)
MP (209)
MQ (84)
MR (241)
MS (304)
MT (855)
MU (738)
MV (576)
MW (360)
MX (32)
MY (207)
MZ (792)
NA (953)
NC (715)
NE (646)
NF (108)
NG (490)
NI (863)
NL (920)
NO (124)
NP (46)
NR (764)
NU (504)
NZ (151)
OM (955)
PA (132)
PE (411)
PF (560)
PG (453)
PH (900)
PK (754)
PL (389)
PM (747)
PN (150)
PR (650)
PS (425)
PT (899)
PW (664)
PY (267)
QA (369)
RE (104)
RO (579)
RS (848)
RU (371)
RW (115)
SA (74)
SB (785)
SC (696)
SD (751)
SE (837)
SG (74)
SH (467)
SI (633)
SJ (737)
SK (897)
SL (840)
SM (885)
SN (604)
SO (154)
SR (449)
SS (58)
ST (369)
SV (253)
SX (40)
SY (870)
SZ (453)
TC (597)
TD (296)
TF (885)
TG (177)
TH (43)
TJ (435)
TK (700)
TL (521)
TM (642)
TN (579)
TO (396)
TR (619)
TT (864)
TV (213)
TW (436)
TZ (126)
UA (326)
UG (259)
UM (227)
US (268)
UY (123)
UZ (602)
VA (586)
VC (84)
VE (831)
VG (243)
VI (734)
VN (5)
VU (693)
WF (990)
WS (829)
XK (644)
YE (748)
YT (27)
ZA (871)
ZM (157)
ZW (876)