PoC: ONNX living-off-the-land malware delivery via Windows AI model loading
Technical Analysis
Summary
Hide ▲
Show ▼
A researcher demonstrated a proof-of-concept that turns ONNX model loading into a stealthy malware delivery path, increasing the chance that malicious payloads can evade EDR and antivirus controls. The technique abuses the Windows Machine Learning API and trusted Windows components so a malicious model can resemble benign AI inference.
Related Happenings
JustAskJacky fake AI assistant malware campaign
Campaign
H score33
First: 04.06.2026 17:00
Last: 04.06.2026 17:00
Sources 1
About this happening:
The **JustAskJacky** campaign is distributing a fake **AI assistant** that installs a **backdoor**, turning trusted-looking software into a malware delivery path. The operation us...
JustAskJacky fake AI assistant malware campaign
CampaignAbout this happening: The **JustAskJacky** campaign is distributing a fake **AI assistant** that installs a **backdoor**, turning trusted-looking software into a malware delivery path. The operation us...
AI-assisted EDR-evasion malware development lab
Malware Activity
H score12
First: 02.06.2026 14:00
Last: 02.06.2026 14:00
Sources 1
About this happening:
A threat actor is using **AI coding tools** to build and refine **EDR-evasion malware**, accelerating the creation of custom loaders that can bypass endpoint defenses. The lab tes...
AI-assisted EDR-evasion malware development lab
Malware ActivityAbout this happening: A threat actor is using **AI coding tools** to build and refine **EDR-evasion malware**, accelerating the creation of custom loaders that can bypass endpoint defenses. The lab tes...
APT28 Windows Shell LNK campaign targeting Ukraine and E.U. nations
Campaign
H score39
First: 28.04.2026 08:50
Last: 28.04.2026 08:50
Sources 1
About this happening:
A **December 2025** **APT28** campaign targeted **Ukraine** and **E.U. nations** with a **malicious Windows Shortcut (LNK)** chain that bypassed **Microsoft Defender SmartScreen**...
APT28 Windows Shell LNK campaign targeting Ukraine and E.U. nations
CampaignAbout this happening: A **December 2025** **APT28** campaign targeted **Ukraine** and **E.U. nations** with a **malicious Windows Shortcut (LNK)** chain that bypassed **Microsoft Defender SmartScreen**...
External Microsoft Teams helpdesk-impersonation campaign
Campaign
H score32
First: 20.04.2026 18:11
Last: 20.04.2026 18:11
Sources 1
About this happening:
A **campaign** abusing **external Microsoft Teams collaboration** is letting attackers impersonate **IT/helpdesk staff**, gain remote access, and stage **targeted data exfiltratio...
External Microsoft Teams helpdesk-impersonation campaign
CampaignAbout this happening: A **campaign** abusing **external Microsoft Teams collaboration** is letting attackers impersonate **IT/helpdesk staff**, gain remote access, and stage **targeted data exfiltratio...
WhatsApp-delivered VBS Windows infection campaign
Campaign
H score34
First: 01.04.2026 14:49
Last: 01.04.2026 14:49
Sources 1
About this happening:
A **new WhatsApp-delivered campaign** is spreading malicious **VBS files** that launch a **multi-stage Windows infection chain**, raising the risk of persistence and remote access...
WhatsApp-delivered VBS Windows infection campaign
CampaignAbout this happening: A **new WhatsApp-delivered campaign** is spreading malicious **VBS files** that launch a **multi-stage Windows infection chain**, raising the risk of persistence and remote access...
Timeline
-
30.10.2025 21:47 2 articles · 8mo ago
PoC demonstrates ONNX model loading as a malware delivery vector on Windows
Technical Analysis UpdateSecurity researcher hxr1 demonstrated a proof-of-concept living-off-the-land attack that hides malware in ONNX model files and uses the Windows Machine Learning (ML) application programming interface (API) and Microsoft-signed DLLs to make execution look like benign AI inference. The technique can bypass EDR and antivirus defenses, and suggested countermeasures include monitoring who loads models, what data is extracted, where extracted data is passed, plus static analysis with YARA rules and application controls like AppLocker.
Show sources
- LotL Attack Hides Malware in Windows Native AI Stack — www.darkreading.com — 30.10.2025 21:47
- LotL Attack Hides Malware in Windows Native AI Stack — www.darkreading.com — 30.10.2025 21:47