Sophos discovered and analyzed a sophisticated criminal framework in a customer environment that uses multiple AI agents — including Claude Opus 4.5 — to automate the development and testing of ransomware payloads engineered specifically to defeat endpoint detection and response solutions. The toolkit generated nearly 80 modules and tested over 70 evasion techniques, representing what Sophos describes as an unprecedented use of AI automation in ransomware infrastructure development.
How the AI Ransomware Pipeline Assigns Specialized Agents to Each Attack Stage
The framework operates as a structured development and quality-assurance pipeline, with different AI agents assigned to discrete stages of attack preparation. One agent coordinates the overall attack chain. Separate agents handle payload generation, evasion testing, documentation, and operational security hardening. A dedicated testing agent validates whether each payload successfully evades sandboxes, antivirus engines, and EDR platforms before the module is considered production-ready.
Custom Rust and Go Executables Tested Against 70 Evasion Techniques
The output of this pipeline consists of custom executables and DLLs compiled in Rust and Go — languages chosen for their performance characteristics and relative rarity in legacy malware tooling, which can help bypass signature-based detection. Each payload was tested against more than 70 evasion techniques. The framework also generates Cobalt Strike profiles for post-exploitation, automates Active Directory discovery, and establishes Telegram-based command-and-control infrastructure.
The use of Rust and Go is deliberate: security products have historically accumulated more detection rules for C and C++ malware, making the newer-language binaries comparatively less visible to established signature libraries.
Sophos Confirms Criminal Classification Based on Ransom Notes and Leak Site Evidence
Sophos initially considered whether the framework might represent legitimate red-team tooling — given the sophistication of its structure and the professional development pipeline it implements. The company concluded the operation was criminal based on direct evidence: ransom notes were present in the compromised environment, and victim listings linked to the environment appeared on data leak sites operated by the threat actor. The classification is unambiguous.
What 80 Modules at Near-Zero Marginal Cost Changes for Defenders
Historically, developing custom malware with functional EDR evasion requires significant developer time and deep technical expertise. The AI pipeline described by Sophos compresses that requirement: each new evasion technique can be tested and iterated in automated cycles, with the AI agents handling code generation, compilation, and evaluation without human developer involvement at each step. The nearly 80 modules generated represent an output volume that would take a skilled human developer substantially longer to produce, test, and validate.
This creates an asymmetry that defenders need to account for: the cost of producing novel, evasion-optimized malware variants is falling at the same time that the detection infrastructure for any given variant takes time to update. Security teams relying on behavioral detection rather than signature matching are better positioned against this threat class — the pipeline optimizes against signatures, not against runtime behavior analysis.
The Sophos findings arrived publicly on the same day as a US executive order directing national security review of AI foundation models for dual-use risks, providing a concrete criminal case study for the policy concern driving that order.
