The LAMEHUG malware family, a novel and sophisticated threat, has been identified as a significant evolution in cyber attack methodology, according to CERT-UA, which first reported its emergence in July 2025. This new strain of malicious software distinguishes itself by directly incorporating artificial intelligence into its operational framework.
Departing from conventional malware that operates on static, pre-programmed instructions, LAMEHUG utilizes large language models (LLMs) hosted on Hugging Face. This enables the dynamic generation of commands for real-time reconnaissance, data exfiltration, and system interference. Such an innovative strategy fundamentally alters malicious software's operational paradigm, allowing attacks to adjust their actions according to the specific computing environment encountered.
Targeting Windows environments, LAMEHUG is disseminated via meticulously designed spear-phishing campaigns. It often masquerades as legitimate software, including AI image generators or canvas tools. Following successful deployment, the malware systematically gathers sensitive data, such as credentials, system configurations, and documents, concurrently adapting its attack methodologies to bypass detection systems.
Analysts at Splunk have detailed LAMEHUG's deployment strategy, noting its reliance on sophisticated social engineering. The malware exploits public interest in AI-powered applications by presenting itself with filenames such as “AI_generator_uncensored_Canvas_PRO_v0.9.exe” and “AI_image_generator_v0.95.exe”. This capability to generate contextually relevant commands via LLM queries renders LAMEHUG exceptionally hazardous, as it allows the malware to adjust to diverse system configurations and security protocols without necessitating operator-initiated updates.
**Dynamic Command Generation Through LLM Integration**
Central to LAMEHUG's operation is its unique integration of large language models for dynamic malicious command generation. The malware establishes a connection with the Qwen 2.5-Coder-32B-Instruct model via HuggingFace’s API infrastructure, effectively co-opting legitimate AI services for illicit ends. This integration is facilitated by the LLM_QUERY_EX() function, which formulates precise prompts intended to extract Windows administrative commands from the AI model.
LAMEHUG functions by transmitting meticulously designed prompts, instructing the LLM to assume the role of a “Windows systems administrator” and produce commands tailored for specific nefarious objectives. For instance, during system reconnaissance, the malware directs the AI to formulate commands that both create the directory “C:\ProgramData\info” and compile extensive system data. This includes hardware specifications, active processes, network settings, and Active Directory domain particulars, all consolidated into a single text file.
An example of such a prompt, as observed within the LLM_QUERY_EX() function, is structured as follows:
```
def LLM_QUERY_EX():
prompt = {
'messages': [
{
'role': 'Windows systems administrator',
'content': 'Make a list of commands to create folder C:\\Programdata\\info and to gather computer information,
hardware information, process and services information, networks information, AD domain information, to execute in
one line and add each result to text file c:\\Programdata\\info\\info.txt. Return only commands, without markdown'}],
'temperature': 0.1,
'top_p': 0.1,
'model': 'Qwen/Qwen2.5-Coder-32B-Instruct' }
```
Following reconnaissance, LAMEHUG dispatches additional prompts to acquire commands for the recursive copying of various file types—specifically office documents, PDFs, and text files—from common user directories like Documents, Downloads, and Desktop, moving them to a designated central collection point. The AI’s generated responses frequently incorporate standard Windows utilities such as systeminfo, wmic, whoami, and dsquery for information gathering, with xcopy.exe being employed for the collection of documents across diverse folder structures.
This dynamic methodology guarantees LAMEHUG's adaptability across varied Windows environments, enabling it to execute commands that are contextually precise, leveraging the AI model's comprehension of system administration functions.
The gathered intelligence is subsequently exfiltrated via several channels. These include SSH connections to remote servers, often utilizing hardcoded credentials, or through HTTPS POST requests directed at command-and-control infrastructure. Certain LAMEHUG variants further enhance operational flexibility and evasion by encoding their LLM prompts in Base64 format and employing alternative exfiltration endpoints.