An AI Ransomware Gang Just Fired Its Entire Human Staff

An AI Ransomware Gang Just Fired Its Entire Human Staff

Somewhere in the criminal underworld, a ransomware crew's HR department just got very, very small. Turns out you don't need a team of hackers to pull off a full-blown extortion attack anymore — you just need one very motivated AI agent and a security hole to crawl through. Welcome to the future; it's dystopian and, thankfully, well-documented.

The Attack That Ran Itself

Sysdig's threat research team says it caught the first fully documented "agentic" ransomware attack in the wild, dubbed JADEPUFFER. An LLM agent broke into an exposed Langflow instance via a known vulnerability (CVE-2025-3248), then handled everything from there: reconnaissance, credential theft, lateral movement, privilege escalation, persistence, and ultimately encrypting a production database — all without a human steering each individual step.

The tell wasn't just the speed, it was the chattiness. Researchers found the payloads stuffed with natural-language commentary explaining the AI's own reasoning — why it picked a target, why one database looked juicier than another, even ROI-style prioritization notes — the kind of narration a human writing disposable one-liners never bothers with. When one login attempt failed, the agent diagnosed the problem and course-corrected in 31 seconds flat. Researchers counted more than 600 distinct, purposeful actions executed in a single compressed window.

Why Your Security Team Should Care

The victim's data, ironically, may be unrecoverable even if someone wanted to pay up: the AI generated its own encryption key from scratch, printed it to a log, and never saved or transmitted it anywhere — so nobody, attacker included, can unlock it. Petty theft, meet AI's chaotic literalism.

The real story isn't this one bungled payday, though — it's what JADEPUFFER represents. Ransomware used to require real skill: patience, expertise, working knowledge of a dozen different systems strung together by a human who knew what they were doing. Now it apparently just requires a jailbroken agent and a to-do list. That collapses the barrier to entry for cybercrime in a way most defenders aren't remotely staffed or budgeted to handle.

The good news: this particular heist was a comedy of errors. The bad news: the next AI probably won't forget to save its own keys.

Source: Sysdig