AI Assistants Abused as Command-and-Control Proxies

First reported

17.02.2026 20:08

Last updated

1 unique sources, 1 articles

Summary

Hide ▲

Researchers have demonstrated that AI assistants like Microsoft Copilot and xAI Grok can be exploited as command-and-control (C2) proxies. This technique leverages the AI's web-browsing capabilities to create a bidirectional communication channel for malware operations, enabling attackers to blend into legitimate enterprise communications and evade detection. The method, codenamed AI as a C2 proxy, allows attackers to generate reconnaissance workflows, script actions, and dynamically decide the next steps during an intrusion. The attack requires prior compromise of a machine and installation of malware, which then uses the AI assistant as a C2 channel through specially crafted prompts. This approach bypasses traditional defenses like API key revocation or account suspension. The disclosure highlights the evolving tactics of threat actors in abusing AI systems for cyber operations.

Timeline

17.02.2026 20:08 1 articles · 5h ago

AI Assistants Abused as Command-and-Control Proxies
Researchers have demonstrated that AI assistants like Microsoft Copilot and xAI Grok can be exploited as command-and-control (C2) proxies. This technique leverages the AI's web-browsing capabilities to create a bidirectional communication channel for malware operations, enabling attackers to blend into legitimate enterprise communications and evade detection. The method, codenamed AI as a C2 proxy, allows attackers to generate reconnaissance workflows, script actions, and dynamically decide the next steps during an intrusion. The attack requires prior compromise of a machine and installation of malware, which then uses the AI assistant as a C2 channel through specially crafted prompts. This approach bypasses traditional defenses like API key revocation or account suspension.
Show sources

Researchers Show Copilot and Grok Can Be Abused as Malware C2 Proxies — thehackernews.com — 17.02.2026 20:08
Open in new tab

Information Snippets

AI assistants with web-browsing capabilities can be turned into stealthy C2 relays.
First reported: 17.02.2026 20:08

1 source, 1 article
Show sources
- Researchers Show Copilot and Grok Can Be Abused as Malware C2 Proxies — thehackernews.com — 17.02.2026 20:08
The technique leverages 'anonymous web access combined with browsing and summarization prompts.'
First reported: 17.02.2026 20:08

1 source, 1 article
Show sources
- Researchers Show Copilot and Grok Can Be Abused as Malware C2 Proxies — thehackernews.com — 17.02.2026 20:08
Attackers can use AI assistants to generate reconnaissance workflows, script actions, and dynamically decide the next steps during an intrusion.
First reported: 17.02.2026 20:08

1 source, 1 article
Show sources
- Researchers Show Copilot and Grok Can Be Abused as Malware C2 Proxies — thehackernews.com — 17.02.2026 20:08
The method requires prior compromise of a machine and installation of malware.
First reported: 17.02.2026 20:08

1 source, 1 article
Show sources
- Researchers Show Copilot and Grok Can Be Abused as Malware C2 Proxies — thehackernews.com — 17.02.2026 20:08
This approach bypasses traditional defenses like API key revocation or account suspension.
First reported: 17.02.2026 20:08

1 source, 1 article
Show sources
- Researchers Show Copilot and Grok Can Be Abused as Malware C2 Proxies — thehackernews.com — 17.02.2026 20:08
The technique is similar to living-off-trusted-sites (LOTS) attacks.
First reported: 17.02.2026 20:08

1 source, 1 article
Show sources
- Researchers Show Copilot and Grok Can Be Abused as Malware C2 Proxies — thehackernews.com — 17.02.2026 20:08