A Slopoly start to AI-enhanced ransomware attacks
Essential information
- Published
- 17/03/2026 10:59
- Modified
- 17/03/2026 11:18
- Tags
- 2026-03-17 ai-generated malware clickfix cybercrime interlock interlockrat nodesnake ransomware slopoly
- Related entities
- 2 observables, 1 intrusion sets (apt), 13 techniques (mitre), 4 malware, 34 others
Description
IBM X-Force discovered a likely AI-generated malware named 'Slopoly' used in a ransomware attack by the Hive0163 group. This marks the beginning of AI adoption among cybercrime groups, potentially transforming the threat landscape. Slopoly, while relatively unsophisticated, demonstrates how easily threat actors can use AI to develop new malware quickly. The attack involved ClickFix social engineering, NodeSnake malware, and InterlockRAT, culminating in the deployment of Interlock ransomware. This incident highlights the growing trend of AI-generated and AI-integrated malware, which could lead to more ephemeral and difficult-to-attribute attacks, challenging traditional threat intelligence methods.