AI as a C2 proxy abuse of Microsoft Copilot and xAI Grok browsing channels
Technical Analysis
Summary
Hide ▲
Show ▼
Researchers disclosed AI as a C2 proxy, a technique that can turn Microsoft Copilot and xAI Grok browsing features into stealthy command-and-control relays, increasing the chance that attacker traffic blends into legitimate enterprise communications. The method can also help adversaries use AI systems for reconnaissance, malware scripting, and real-time decision-making during an intrusion. It matters because the channel can operate without an API key or registered account, limiting the value of simple account-based blocking.
Related Happenings
HalluSquatting indirect prompt-injection attack on AI coding assistants
Technical Analysis
H score3
First: 08.07.2026 18:07
Last: 08.07.2026 18:07
Sources 1
About this happening:
Researchers demonstrated **HalluSquatting**, an indirect prompt-injection technique that can push **AI coding assistants** to fetch attacker-controlled resources and execute code....
HalluSquatting indirect prompt-injection attack on AI coding assistants
Technical AnalysisAbout this happening: Researchers demonstrated **HalluSquatting**, an indirect prompt-injection technique that can push **AI coding assistants** to fetch attacker-controlled resources and execute code....
Microsoft Teams admin policy adds approval-based control for third-party bots
Security Tool/Service
H score11
First: 30.06.2026 13:52
Last: 30.06.2026 13:52
Sources 1
About this happening:
Microsoft Teams introduced an **admin policy** that lets organizers prevent **third-party bots** from joining meetings without approval. The control improves **visibility** over e...
Microsoft Teams admin policy adds approval-based control for third-party bots
Security Tool/ServiceAbout this happening: Microsoft Teams introduced an **admin policy** that lets organizers prevent **third-party bots** from joining meetings without approval. The control improves **visibility** over e...
Microsoft Teams third-party bot approval controls for meeting social-engineering risk
Defensive Guidance
H score11
First: 30.06.2026 13:52
Last: 30.06.2026 13:52
Sources 1
About this happening:
**Microsoft Teams** has added admin controls that block **third-party bots** without approval, reducing **meeting social-engineering risk** across managed tenants. The policy impr...
Microsoft Teams third-party bot approval controls for meeting social-engineering risk
Defensive GuidanceAbout this happening: **Microsoft Teams** has added admin controls that block **third-party bots** without approval, reducing **meeting social-engineering risk** across managed tenants. The policy impr...
Fake AI study guide AsyncRAT lure campaign targeting Windows users
Campaign
H score33
First: 11.06.2026 17:00
Last: 11.06.2026 17:00
Sources 1
About this happening:
A **malware-luring campaign** now uses fake **AI study guides** and **developer resources** to target **Windows users** at organizations, increasing the risk of stealthy **AsyncRA...
Fake AI study guide AsyncRAT lure campaign targeting Windows users
CampaignAbout this happening: A **malware-luring campaign** now uses fake **AI study guides** and **developer resources** to target **Windows users** at organizations, increasing the risk of stealthy **AsyncRA...
JustAskJacky fake AI assistant malware campaign
Campaign
H score33
First: 04.06.2026 17:00
Last: 04.06.2026 17:00
Sources 1
About this happening:
The **JustAskJacky** campaign is distributing a fake **AI assistant** that installs a **backdoor**, turning trusted-looking software into a malware delivery path. The operation us...
JustAskJacky fake AI assistant malware campaign
CampaignAbout this happening: The **JustAskJacky** campaign is distributing a fake **AI assistant** that installs a **backdoor**, turning trusted-looking software into a malware delivery path. The operation us...
Timeline
-
17.02.2026 20:08 2 articles · 4mo ago
Check Point discloses AI as a C2 proxy abuse of Microsoft Copilot and xAI Grok
Technical Analysis UpdateCheck Point disclosed AI as a C2 proxy, a technique that abuses Microsoft Copilot and xAI Grok web-browsing and URL-fetch features to relay operator commands through legitimate AI interfaces and tunnel victim data. The method can support reconnaissance workflows, attacker scripting, and real-time evasion decisions, and it can work without an API key or registered account, although a prior host compromise and installed malware are still required.
Show sources
- Researchers Show Copilot and Grok Can Be Abused as Malware C2 Proxies — thehackernews.com — 17.02.2026 20:08
- AI platforms can be abused for stealthy malware communication — www.bleepingcomputer.com — 18.02.2026 22:18