Cato Networks report details new malware creation method using generative AI tools

In the 2025 Cato CTRL Threat Report, Cato Networks details a new technique that allows individuals to create malware using Generative AI (GenAI) tools, including ChatGPT, Copilot, and DeepSeek. This technique, named “Immersive World,” was developed by a threat intelligence researcher with no prior malware coding experience. By crafting a detailed fictional scenario where the Artificial Intelligence (AI) tools were assigned specific roles, the researcher managed to bypass security measures and have the tools develop malware capable of stealing login credentials from Google Chrome.

Vitaly Simonovich, a threat intelligence researcher at Cato Networks, stated, “Infostealers play a significant role in credential theft by enabling threat actors to breach enterprises. Our new LLM jailbreak technique, which we've uncovered and called Immersive World, showcases the dangerous potential of creating an infostealer with ease.” This highlights the growing concern over the democratization of cybercrime, emphasizing that anyone with basic tools can now launch attacks against organizations.

The report indicates that the rise of these zero-knowledge threat actors represents a considerable change in the threat landscape, necessitating proactive AI security strategies. Chief Security Strategist Etay Maor noted, “As the technology industry fixates on GenAI, it's clear the risks are as big as the potential benefits. Our report highlights the dangers associated with GenAI tools to educate and raise awareness, so that we can implement better safeguards.”

For further information, the report analyzes 1.46 trillion network flows across over 3,000 enterprise customers in 2024 and highlights the importance of understanding these emerging threats and the role of GenAI tools in cybercrime.