"For years, defenders have battled "living off the land" attacks-where adversaries progress using the tools already present on compromised systems ( PowerShell, WMI, and the like). Then came " living off the cloud," as threat actors hid in plain sight behind ubiquitous cloud services for malware delivery and data exfiltration. We're now entering the next phase: living off the AI."
"Organizations are rapidly adopting AI assistants, agents, and the emerging Model Context Protocol (MCP) ecosystem to stay competitive. Attackers have noticed. Let's look at how different MCPs and AI agents can be targeted and how, in practice, enterprise AI becomes part of the attacker's playbook. ( MCP is an open source framework for LLMs and AI agents to securely connect with external systems.)"
"From "jailbreaks" to zero‑knowledge threat actors Model behavior can be shifted by context, not just code. In a previous article I wrote about using an "immersive world" technique to persuade a model that generating malware was beneficial. The result was a working password‑stealing malware targeting Chrome-a proof point that the barrier to entry has collapsed. We called this the age of the zero‑knowledge threat actor. With access to AI tools, someone with minimal expertise can assemble credible offensive capabilities."
Organizations rapidly deploy AI assistants, agents, and Model Context Protocol (MCP) integrations that grant models access to code execution, file systems, internal search, ticketing, and payments. Attackers exploit model context and prompts to shift behavior, enabling low-skill "zero-knowledge" threat actors to generate malware and leverage sanctioned connectors for data theft and task automation. Campaigns blend into legitimate AI workflows, abusing identities, connectors, and retrieval-augmented-generation (RAG) indices to find secrets, schedule actions, or exfiltrate information. The convergence of productivity gains and powerful model capabilities raises the risk that minor control lapses produce major operational and security impacts.
#living-off-the-ai #model-context-protocol-mcp #zero-knowledge-threat-actors #prompt-born-tool-abuse
Read at SecurityWeek
Unable to calculate read time
Collection
[
|
...
]