Cyber Security News

AI Operator Agents Helping Hackers Generate Malicious Code

Symantec’s Threat Hunter Team has demonstrated how AI agents like OpenAI’s Operator can now perform end-to-end phishing attacks with minimal human intervention, marking a significant evolution in AI-enabled threats.

Successful Operator prompt

A year ago, Large Language Model (LLM) AIs were primarily passive tools that could assist attackers in creating phishing materials or writing code.

Now, with the introduction of agents such as OpenAI’s Operator (launched as a research preview on January 23), these AI systems can actively interact with web pages and perform complex tasks autonomously.

Symantec researchers successfully prompted Operator to identify a specific employee, determine their email address, create a malicious PowerShell script, and send a convincing phishing email, all with minimal guidance.

While their first attempt was blocked by the AI’s safety measures, they bypassed these restrictions by claiming authorization to send the email.

Email that Operator sent to target, Symantec’s Dick O’Brien

Increasing Sophistication and Future Risks

The demonstration revealed the operator’s concerning capabilities.

It successfully deduced an employee’s email address that wasn’t publicly available, drafted a PowerShell script after researching how to create one, and composed a convincing phishing email without requiring proof of authorization.

PowerShell script created by Operator

Although current agent technology remains relatively basic compared to skilled human attackers, the rapid advancement in this field suggests more sophisticated threats are on the horizon.

Researchers warn that future iterations could enable attackers to simply instruct an agent to “breach Acme Corp,” leaving the AI to determine and execute optimal attack strategies, including writing executables, establishing command-and-control infrastructure, and maintaining persistent network access.

This evolution significantly lowers the barrier to entry for potential attackers.

While agents like Operator may ultimately enhance productivity for legitimate users, they simultaneously open new avenues for exploitation that security professionals must prepare to counter.

The demonstration highlights the dual-use nature of AI agent technology and underscores the need for robust security measures as these tools become more powerful and accessible.

Are you from SOC/DFIR Teams? – Analyse Malware Incidents & get live Access with ANY.RUN -> Start Now for Free. 

Aman Mishra

Aman Mishra is a Security and privacy Reporter covering various data breach, cyber crime, malware, & vulnerability.

Recent Posts

Top Ransomware Groups Target Financial Sector, 406 Incidents Revealed

Flashpoint analysts have reported that between April 2024 and April 2025, the financial sector emerged…

40 minutes ago

Agenda Ransomware Group Enhances Tactics with SmokeLoader and NETXLOADER

The Agenda ransomware group, also known as Qilin, has been reported to intensify its attacks…

53 minutes ago

SpyCloud Analysis Reveals 94% of Fortune 50 Companies Have Employee Data Exposed in Phishing Attacks

SpyCloud, the leading identity threat protection company, today released an analysis of nearly 6 million…

2 hours ago

PoC Tool Released to Detect Servers Affected by Critical Apache Parquet Vulnerability

F5 Labs has released a new proof-of-concept (PoC) tool designed to help organizations detect servers…

3 hours ago

Healthcare Sector Becomes a Major Target for Cyber Attacks in 2025

The healthcare sector has emerged as a prime target for cyber attackers, driven by the…

3 hours ago

SysAid ITSM Vulnerabilities Enables Pre-Auth Remote Command Execution

Security researchers have disclosed a chain of critical vulnerabilities affecting SysAid ITSM’s On-Premise solution, enabling…

4 hours ago