• AI assistants like Copilot and Grok can be hijacked as stealthy C2 proxies, blending into legitimate traffic. • Check Point researchers demonstrated the technique using anonymous web access and browsing prompts to retrieve attacker URLs. • The method bypasses API keys, making traditional key revocation ineffective against such covert channels. • Attackers can generate reconnaissance workflows, script actions, and adapt code at runtime via AI-generated commands. • This evolution turns AI tools into force multipliers, enabling dynamic, evasive malware operations. • Enterprises must reassess AI integration policies and monitor outbound web requests for malicious patterns.

Article Summaries:

  • Cybersecurity researchers have disclosed that artificial intelligence (AI) assistants that support web browsing or URL fetching capabilities can be turned into stealthy command-and-control (C2) relays, a technique that could allow attackers to blend into legitimate enterprise communications and evade detection. The attack method, which has been demonstrated against Microsoft Copilot and xAI Grok, has been codenamed AI as a C2 proxy by Check Point. It leverages “anonymous web access combined with browsing and summarization prompts,” the cybersecurity company said. “The same mechanism can also e
  • Cybersecurity researchers have shown that AI assistants with web‑browsing capabilities-specifically Microsoft Copilot and xAI Grok-can be repurposed as stealthy command‑and‑control (C2) relays. Check Point dubbed the technique “AI as a C2 proxy,” noting that attackers can use anonymous web access, browsing, and summarization prompts to fetch attacker‑controlled URLs and return responses through the AI’s web interface. The method works without an API key, making traditional revocation ineffective, and can generate reconnaissance, scripting, and evasion instructions in real time. While it requires an initial compromise, the approach mirrors “living‑off‑trusted‑sites” tactics and signals a move toward AI‑driven, adaptive malware operations.

Sources: