AI Malware Evades Microsoft Defender 8% of the Time, Study Shows

Alan V Gutnov
Alan V Gutnov

Director of Strategy

 
July 16, 2025 2 min read

AI Malware Bypassing Microsoft Defender

A recent study reveals that AI-powered malware can evade Microsoft Defender approximately 8% of the time. This finding comes from researchers at Outflank, who will present their work at the Black Hat 2025 conference. The malware utilizes an open-source language model, Qwen 2.5, which was developed over three months with a budget of around $1,500.

Cybersecurity
Image courtesy of Tom's Hardware

According to Kyle Avery, principal offensive specialist lead at Outflank, the capability of this AI malware is significant when considering the scale of potential attacks. "If deployed at a large enough scale to access one in every 10 of the 1.4 billion active Windows machines, this could result in over 11 million compromised PCs," he stated.

This new development poses a challenge for Microsoft, as the AI malware can generate variants that bypass security measures without needing internet access for training. The implications are serious as the sophistication of AI tools rises, making it easier for cybercriminals to create effective phishing schemes and malicious software.

For further reading, see PCWorld, Windows Central, and Tom's Hardware.

Reinforcement Learning Techniques

The training process for this AI malware involved reinforcement learning, a technique that improves models based on feedback. Avery explained, "I wrote a program to grade how close the AI model came to outputting an evasion tool." This iterative process allowed the model to become increasingly effective at generating functional malware.

Anonymous computer hacker
Image courtesy of Windows Central

Avery highlighted the challenges faced during development, noting that traditional LLMs typically require internet data for training. However, by utilizing reinforcement learning, he was able to create a program that could generate malware while circumventing Microsoft Defender's alerts effectively.

This development showcases the potential for AI to disrupt traditional cybersecurity methods, as it allows for more adaptive and innovative approaches to malware creation. For a deeper examination of this topic, see Dark Reading, and Windows Central.

Impact and Future Considerations

The emergence of AI malware that can bypass Microsoft Defender raises questions about the future of cybersecurity. As Avery noted, "It's important to consider what happens when Microsoft Defender is improved to compensate for these new threats." The ongoing arms race between cybersecurity and cybercriminals continues to evolve, with AI advancements influencing the landscape.

Windows 11 start search
Image courtesy of PCWorld

With AI tools becoming increasingly accessible, the potential for widespread misuse becomes a pressing concern. The cybersecurity industry must adapt to these developments, ensuring that defenses evolve alongside emerging threats. For more on this, explore Tom's Hardware, PCWorld, and Windows Central.

Alan V Gutnov
Alan V Gutnov

Director of Strategy

 

MBA-credentialed cybersecurity expert specializing in Post-Quantum Cybersecurity solutions with proven capability to reduce attack surfaces by 90%.

Related Articles

Ransomware Attacks Target Russian Vodka and Healthcare Sectors

The Novabev Group, parent company of the Beluga vodka brand, experienced a ransomware attack on July 14, 2025, causing significant disruptions. The attack affected WineLab, the company's liquor store chain, leading to a three-day closure of over 2,000 locations in Russia. The company reported that the attack crippled its IT infrastructure, particularly point-of-sale systems and online services. Novabev Group stated, "The company maintains a principled position of rejecting any interaction with cybercriminals and refuses to fulfill their demands."

By Alan V Gutnov July 19, 2025 3 min read
Read full article

Retail Sector Faces Surge in Ransomware Attacks: A 2025 Analysis

Publicly disclosed ransomware attacks on the retail sector globally surged by 58% in Q2 2025 compared to Q1, with UK-based firms being particularly targeted, according to a report by BlackFog. This spike in attacks follows high-profile breaches affecting retailers like Marks & Spencer (M&S), The Co-op, and Harrods, attributed to the threat actor known as Scattered Spider.

By Alan V Gutnov July 19, 2025 2 min read
Read full article

AI-Driven Lcryx Ransomware Emerges in Cryptomining Botnet

A cryptomining botnet active since 2019 has incorporated a likely AI-generated ransomware known as Lcryx into its operations. Recent analysis by the FortiCNAPP team at FortiGuard Labs identified the first documented incident linking H2miner and Lcryx ransomware. This investigation focused on a cluster of virtual private servers (VPS) utilized for mining Monero.

By Edward Zhou July 19, 2025 3 min read
Read full article

Preventing ClickFix Attacks: Safeguarding Against Human Error

ClickFix is an emerging social engineering technique utilized by threat actors to exploit human error. This technique involves misleading users into executing malicious commands under the guise of providing "quick fixes" for common computer issues. Threat actors use familiar platforms and deceptive prompts to encourage victims to paste and run harmful scripts.

By Alan V Gutnov July 19, 2025 3 min read
Read full article