AI-driven malware and ransomware: what practitioners need to do now

TL;DR: Automated ransomware extortion across 17+ critical-sector organisations and the use of Claude to build modular ransomware show a growing operational shift, according to Abnormal AI. NYU research found full ransomware attacks can cost as little as $0.70 per attempt via commercial APIs, underscoring not just speed but the collapse of skill barriers and trust assumptions in everyday workflows.

NHIMG editorial — based on content published by Abnormal AI: Key Insights on AI-driven malware, ransomware extortion, and behavioural detection

By the numbers:

• GTG-2002 automated ransomware extortion chains hit 17+ critical-sector orgs.
• LLMs can execute full ransomware attacks for as little as $0.70 per attempt via commercial APIs, per NYU research.
• Only 13% of organisations feel extremely prepared for the reality of agentic AI despite the majority racing toward autonomous adoption.

Questions worth separating out

Q: How should security teams detect AI-driven malware when payloads keep changing?

A: Security teams should focus on behaviour, not just file signatures.

Q: Why do trusted SaaS workflows become higher-risk when attackers use AI?

A: Trusted SaaS workflows become higher-risk because AI can hide malicious instructions inside ordinary content and exploit the natural trust users place in collaboration tools.

Q: What do security teams get wrong about AI-driven ransomware?

A: They often focus on whether the malware is novel instead of whether the operator behaviour is familiar.

Practitioner guidance

• Baseline normal identity and application behaviour across SaaS workflows Track normal patterns for users, vendors, applications, and document-processing actions so that AI-generated variation stands out.
• Restrict automatic actions in content-processing tools Limit what summarisers, automation bots, and connected apps can do when they ingest documents or messages.
• Correlate identity context with malware and phishing signals Use identity, device, and application context together so that unusual login paths, improbable invite patterns, and abnormal document activity can be tied back to a specific account or service identity.

What's in the full article

Abnormal AI's full analysis covers the operational detail this post intentionally leaves for the source:

• The specific attack chain examples behind GTG-2002 and GTG-5004, including how the ransomware was assembled and delivered.
• The NYU PromptLocker research context and how commercial APIs reduce the economics of ransomware generation.
• Examples of malicious instructions hidden in documents and how summarisation tools can activate them in practice.
• Additional defensive guidance on behavioural AI detection across email, SaaS, and collaboration tooling.

👉 Read Abnormal AI's analysis of AI-driven malware and ransomware extortion →

AI-driven malware and ransomware: what practitioners need to do now?

Explore further

View Full Forum →  |  NHI Foundation Course →