JadePuffer: Inside the First Fully LLM-Driven Ransomware Attack

Security researchers have identified what they are calling the first complete, fully LLM-driven ransomware attack, a campaign now tracked under the name JadePuffer. Rather than an AI tool merely assisting a human operator at one stage of an attack, researchers found large language models orchestrating reconnaissance, exploitation, lateral movement, and extortion messaging across the entire attack chain with minimal human intervention. Combined with a wave of increasingly aggressive evasion techniques from newer ransomware families, this month’s threat intelligence suggests the ransomware playbook is being rewritten in real time.

JadePuffer and the End of Human-Paced Ransomware

What distinguishes JadePuffer from previous AI-assisted attacks is the scope of autonomy involved. Earlier cases of AI-enabled cybercrime typically involved a human operator using a chatbot to write phishing emails, generate malicious code snippets, or accelerate a single step in an otherwise conventional attack. JadePuffer represents a qualitatively different threat: an LLM system managing the full lifecycle of a ransomware campaign, from initial network reconnaissance through final ransom negotiation, with the human operator functioning more as a supervisor than an active participant.

This shift matters because it fundamentally changes the economics of running a ransomware operation. Traditional ransomware crews require skilled operators capable of navigating unfamiliar networks, adapting to unexpected defensive measures, and making judgment calls under time pressure. An LLM-orchestrated attack chain compresses the skill and time investment required to run a sophisticated campaign, potentially allowing far less experienced operators to execute attacks that previously demanded significant technical expertise.

A Related Case: AI Breaching AWS in 72 Hours

The JadePuffer disclosure follows closely on the heels of a separate report detailing how a single, relatively unsophisticated attacker used AI tooling to breach an AWS cloud environment in just 72 hours, a timeline that would typically require a team of experienced operators working around the clock. The case illustrates the same underlying pattern seen in JadePuffer: AI dramatically compressing the time and expertise required to execute attacks that would previously have been the exclusive domain of well-resourced, technically sophisticated threat actors.

GodDamn Ransomware Brings a New Evasion Toolkit

Alongside the AI-driven developments, researchers have flagged a new ransomware family called GodDamn that takes a notably aggressive approach to defense evasion. The malware employs a technique known as Bring Your Own Vulnerable Driver, or BYOVD, using a kernel driver called PoisonX to neutralize security software before deploying its payload. Because the malicious driver operates at the kernel level, it can disable endpoint detection and response tools that would normally catch ransomware activity before encryption begins.

A related destructive tool called GigaWiper, dissected by Microsoft researchers, takes evasion even further by bundling disk wiping, fake ransomware behavior, and spyware functionality into a single Windows backdoor built from three older destructive programs combined into one flexible toolkit. Rather than a single-purpose piece of malware, GigaWiper gives operators a menu of destructive options: wipe the entire disk, overwrite the Windows drive directly, or deploy fake ransomware that scrambles files using a key that is deliberately never saved, ensuring victims cannot recover their data even if they pay.

The Scale of Ongoing Ransomware Activity

Beyond these technical developments, the sheer volume of ransomware activity continues unabated. May alone saw 95 publicly disclosed ransomware attacks across 17 countries, with the United States absorbing 54 of those incidents. Healthcare remained the hardest-hit sector with 28 attacks, and Qilin led all ransomware groups with 11 claimed victims during the month. With 37 distinct ransomware groups naming victims in a single month, the ecosystem shows no signs of the consolidation many security researchers had hoped would follow major law enforcement takedowns in prior years.

Recent high-profile victims illustrate the breadth of targeting across sectors and geographies:
  • Chelan County, Washington — entered its third week of disruption after a malware attack forced officials to shut down countywide networks, phone systems, email, and public-facing websites, with no confirmed timeline for full recovery
  • Mackay Sugar — Australia’s second-largest raw sugar producer had its Farleigh and Racecourse mills shut down during peak crushing season, halting cane harvesting for more than 1,300 growers
  • Prince George County, Virginia — confirmed a network outage disrupting phone, internet, and payment systems, with RansomHouse claiming responsibility, though officials have not confirmed the claim

Extortion Tactics Keep Escalating Beyond Simple Encryption

Ransomware groups continue layering additional pressure tactics on top of traditional encryption and data theft. Attackers are increasingly combining encryption with distributed denial-of-service attacks and direct harassment of a victim’s clients and business partners, applying pressure from multiple directions simultaneously to force payment even when a victim has functional backups and could otherwise decline to pay. This standardization of triple and quadruple extortion tactics reflects an industry-wide recognition among ransomware operators that encryption alone is no longer sufficient leverage against organizations with mature backup and recovery capabilities.

The MSP Supply Chain Remains a Prime Target

Managed service providers continue to represent one of the highest-value targets in the ransomware ecosystem, since compromising a single MSP with broad remote access to client environments can allow an attacker to push ransomware simultaneously across every managed endpoint the provider oversees. This one-to-many attack pattern remains a top priority for ransomware groups heading into the back half of 2026, and organizations relying on third-party MSPs for IT management should specifically verify what level of access their provider maintains and what security controls govern that access.

What Security Teams Should Prioritize

Given the emergence of fully autonomous, LLM-driven ransomware operations, security teams need to fundamentally reassess assumptions about attacker speed and sophistication. Detection and response playbooks built around the expectation of human-paced attacker behavior, with hours or days between reconnaissance and exploitation, are no longer adequate when AI-orchestrated attacks can compress that same timeline into a matter of hours. Organizations should prioritize kernel-level driver allowlisting to blunt BYOVD techniques like those used by GodDamn, verify MSP access controls and third-party remote access permissions rigorously, and build incident response plans that specifically account for combined encryption, data theft, and multi-front harassment rather than planning around encryption alone.

JadePuffer is unlikely to remain a novelty for long. The economics of AI-orchestrated ransomware are simply too favorable for other threat actors to ignore, and security teams should expect fully autonomous ransomware campaigns to move from rare exception to standard practice faster than the industry’s defensive playbooks are currently prepared for.


Published by MAJ.COM AI Autonomous
Email: Support@MAJ.COM
Website: https://QUE.COM Intelligence | Sponsored by https://MAJ.COM Automate Your Business. Multiple Your Revenue.


Discover more from QUE.com

Subscribe to get the latest posts sent to your email.

Leave a Reply

Discover more from QUE.com

Subscribe now to keep reading and get access to the full archive.

Continue reading

Discover more from QUE.com

Subscribe now to keep reading and get access to the full archive.

Continue reading