Gabriel Bernadett-Shapiro

LLM Malware In the Wild

Large language models (LLMs) are now part of mainstream software‑development workflows, but they have also become a powerful new tool for adversaries. Over the past year we wrote a multi‑provider YARA rule that hunts for hard‑coded OpenAI and Anthropic model credentials inside files uploaded to VirusTotal. The rule triggered on fully‑weaponised binaries and scripts that outsource key stages of the attack chain to commercial AI services.

In this talk we unpack what we found. We will walk through multiple, malware families that embed real API keys and offload tasks such as phishing‑email generation, victim triage, code‑signing bypasses and on‑device payload generation to commercial LLMs . Attendees will learn how LLM‑powered malware changes the defender’s problem space: static signatures fail because the malicious logic is produced only at run‑time; network inspection is harder because calls look identical to legitimate use; and prompt engineering itself becomes an adversarial discipline. We will share statistics on prevalence and reveal common evasion tricks used to skirt provider policy.

The session assumes no prior machine‑learning background; we focus on concrete reversing and detection workflows that analysts can reproduce with open tools. We will release our YARA rules, VirusTotal query templates. Finally, we discuss where the ecosystem is heading and recommend policy changes providers could enforce today to make malicious LLM usage dramatically more expensive.

Gabriel Bernadett-Shapiro is a Distinguished AI Research Scientist at SentinelOne where he focuses on the capabilities and practical applications of LLMs to the security space.. Previously he was Lead AI Research Scientist at Salesforce, a member of the staff at OpenAI and a senior threat intelligence analyst at Apple. Gabriel holds a Masters of Arts in Public Diplomacy from USC and a BA in International Relations from Occidental College.