A New Era in Cybercrime: First Autonomous AI Agent Attack Recorded

A historic yet alarming event has occurred in the field of cybersecurity. Experts at the cloud security company Sysdig have recorded the world's first ransomware attack managed entirely by an artificial intelligence (AI) agent. Known as JadePuffer, this operation surprised industry experts because it was executed technically by the software itself without human intervention. This was reported by Techcrunch.com reports.
Sysdig research shows that the AI agent independently performed all processes, from identifying server vulnerabilities to stealing data, moving across the network, and encrypting files. The AI even wrote the ransom note itself and left a Bitcoin wallet address for payment. This indicates that cybercrime has reached a new technical level.
Human Factor and Technical Execution
Although the technical execution was entirely handled by AI, Michael Clark, Director of Threat Research at Sysdig, told CyberScoop that the human factor has not disappeared entirely. Specifically, planning the operation, configuring the infrastructure, and selecting the victim were still carried out by humans. Furthermore, the initial credentials used to access the system were not obtained by the AI, but through a previous breach.During the attack, the JadePuffer agent exploited vulnerabilities in open-source tools like Langflow. The agent acted with surprising speed, gaining admin privileges on a MySQL server and encrypting over 1,300 configuration records. Most interestingly, the AI agent explained its actions in natural language and independently fixed a system access error in just 31 seconds.
Which Model Poses the Threat?
It is not yet clear which Large Language Model (LLM) is behind the attack. Although API keys for platforms like OpenAI, Anthropic, DeepSeek, and Gemini were found among the stolen data, it turned out they were stolen loot rather than the driving force behind the agent. Microsoft researcher Geoff McDonald believes it is highly likely that open-source models with removed security guardrails are being used for such attacks.This event is a serious warning for the cybersecurity world. Experts are concerned about the potential to carry out thousands of simultaneous attacks using AI. For countries with developing digital economies, implementing modern defense systems against such threats and paying special attention to cloud infrastructure security is becoming increasingly urgent.
- AI agents can adapt to obstacles like humans;
- Attack speed is several times higher than traditional methods;
- Lower costs could lead to an increase in the number of cyberattacks.






















Comments 0
…