## **PoC** Dreadnode have released code for [lolmil](https://github.com/dreadnode/lolmil?tab=readme-ov-file) a PoC for an attacker to make the victim computer run inference for C2 and malware creation if the victim computer is also running a local model, like one shipping with the ONNX runtime in Windows. Enabling Malware that doesn't need C2 right away to function. ## **Details** "Microsoft released CoPilot+ PCs which have a Neural Processing Unit (NPU), and they ship it with the [Phi-3 model](https://azure.microsoft.com/en-us/blog/one-year-of-phi-small-language-models-making-big-leaps-in-ai/). To run inference and make developing an inference library simple, Microsoft has also provided users ONNX Runtime within [Windows 1809](https://onnxruntime.ai/docs/get-started/with-windows.html) builds and onward. So, with CoPilot+ PCs, it's entirely possible to live off the land!" [Blog](https://dreadnode.io/blog/lolmil-living-off-the-land-models-and-inference-libraries) ## Threat Intel Malware dubbed "PromptLock" was exposed by [ESET](https://x.com/ESETresearch/status/1960365364300087724) . The malware reached out to an LLM provider to develop code for ransomware without human involvement: It was C2-less malware. It came out later that this malware was part of an NYU research paper ([Ransomware 3.0: Self-Composing and LLM-Orchestrated](https://arxiv.org/pdf/2508.20444v1)) by Haz et al. and not malware deployed in a victim environment. -- But it's nevertheless interesting directionally to consider.