Infosecurity Europe: AI Adoption Creates New Opportunities for Attackers to Distribute Malware, Microsoft Warns

AI adoption is accelerating across enterprises, promising productivity gains from natural‑language assistants to automated code generation. Yet the rapid rollout often outpaces security controls, and recent research shows nearly 50% of AI‑generated code contains vulnerabilities. When these flaws are embedded in tools that employees trust, they become a fertile ground for threat actors seeking low‑effort entry points into corporate environments.

The "JustAskJacky" operation illustrated how malicious actors can weaponize AI’s credibility. By packaging a backdoor‑laden Java component within a seemingly legitimate AI assistant, the attackers secured a valid digital signature and a polished user interface, allowing the payload to slip past conventional antivirus and endpoint detection solutions. Once installed, the malware creates a scheduled task that runs every four hours, ensuring persistent command‑and‑control communication and data exfiltration without raising alarms. This blend of social engineering and technical evasion underscores a shift toward AI‑augmented attack chains that blend legitimacy with stealth.

To counter this emerging threat, organizations must embed AI risk management into their broader security governance. This includes establishing board‑level policies for AI procurement, conducting rigorous code reviews of AI‑generated scripts, and maintaining an inventory of approved AI applications. Continuous monitoring for anomalous behavior—such as unexpected scheduled tasks or unsigned network traffic—can catch malicious activity early. As AI tools become ubiquitous, a proactive, layered defense that combines technical controls with employee education will be critical to safeguarding digital assets.