AI-Generated Slopoly Backdoor Powers Interlock Ransomware Attacks

A financially motivated threat group has deployed what researchers believe is one of the first documented cases of AI-generated malware in a ransomware operation. The backdoor, dubbed Slopoly, allowed attackers to maintain persistent access to compromised systems for over a week before deploying Interlock ransomware.

IBM X-Force researchers identified the malware during an investigation into attacks conducted by Hive0163, a threat cluster known for large-scale data exfiltration and ransomware deployment. The discovery signals a concerning evolution in how cybercriminals leverage generative AI to accelerate their operations.

How Researchers Identified LLM-Generated Code

The Slopoly backdoor exhibited several telltale signs of AI authorship that set it apart from traditionally developed malware. X-Force analysts noted extensive inline comments throughout the PowerShell script, structured logging mechanisms, and variables named with unusual clarity for malicious code.

"The naming of variables indicates the model intended to design the script for a malicious purpose, meaning any model guardrails, if present, were successfully circumvented," IBM researchers wrote in their analysis.

Ironically, the code includes comments describing itself as a "Polymorphic C2 Persistence Client" despite lacking actual polymorphic capabilities. An unused Jitter function suggests iterative development with an LLM, where the threat actor requested features that never made it into the final implementation.

Attack Chain Starts With ClickFix

The intrusion began with a ClickFix social engineering attack, a technique that has become increasingly popular among ransomware operators. Victims encountered fake CAPTCHA verification pages that instructed them to press Win+R, paste clipboard contents, and press Enter. This sequence executed a malicious PowerShell command without the victim realizing the danger.

This approach has proven effective enough that multiple threat actors have adopted ClickFix for deploying various ransomware strains, and Microsoft recently warned that cross-platform ClickFix campaigns now target both Windows and macOS systems.

Once executed, the attack progressed through multiple stages:

1. NodeSnake - A Node.js-based malware establishing initial persistence
2. InterlockRAT - A more capable JavaScript backdoor for reconnaissance
3. Slopoly - The AI-generated C2 framework for sustained access
4. Interlock ransomware - The final payload delivered via JunkFiction loader

Slopoly's Capabilities

Despite its AI-generated origins, Slopoly functions as a capable command-and-control client. The backdoor deploys to C:\ProgramData\Microsoft\Windows\Runtime\ and establishes persistence through a scheduled task named "Runtime Broker," mimicking a legitimate Windows process.

Key technical behaviors include:

• Heartbeat beacons sent every 30 seconds to the C2 endpoint
• Command polling every 50 seconds
• Full shell command execution via cmd.exe
• System information collection including IP, hostname, and elevation status
• Detailed logging to a persistence.log file with 1MB rollover

IBM provided indicators of compromise including the Slopoly hash (SHA256: 0884e5590bdf3763f8529453fbd24ee46a3a460bba4c2da5b0141f5ec6a35675), the C2 domain plurfestivalgalaxy[.]com, and associated IP address 94[.]156[.]181[.]89.

Interlock Ransomware Continues to Evolve

The Interlock ransomware payload observed in these attacks arrives as a 64-bit Windows executable through the JunkFiction loader. It uses AES and RSA encryption algorithms and appends either .interlock or .int3R1ock extensions to encrypted files.

According to a joint advisory from CISA, FBI, and HHS, Interlock operators employ a double extortion model, encrypting systems while also exfiltrating data for additional leverage. The group has targeted healthcare, education, and critical infrastructure organizations across North America and Europe.

The ransomware can execute as a scheduled task running as SYSTEM and leverages the Windows Restart Manager API to release file locks before encryption. Unlike some ransomware operations, Interlock actors don't leave initial ransom demands on compromised systems, instead requiring victims to initiate contact through a Tor portal.

Why AI-Generated Malware Matters

IBM X-Force researcher Golo Muhr emphasized that while Slopoly isn't technically sophisticated, its AI-generated nature represents a fundamental shift in threat dynamics.

"Although still relatively unspectacular, AI-generated malware such as Slopoly shows how easily threat actors can weaponize AI to develop new malware frameworks in a fraction of the time it used to take," Muhr stated.

The efficiency gains are the real concern. Threat actors who previously needed programming expertise or had to purchase malware-as-a-service offerings can now generate functional backdoors through careful prompt engineering. This lowers barriers to entry and accelerates attack timelines.

Law enforcement has continued pursuing ransomware affiliates across various operations, but the democratization of malware development through AI tools presents new challenges for attribution and disruption efforts.

Defensive Recommendations

Organizations can implement several mitigations to protect against this attack chain:

• Block ClickFix attacks by monitoring the RunMRU registry key or restricting Win+R functionality where feasible
• Deploy behavioral detection rather than relying solely on signature-based tools, given the ephemeral nature of AI-generated malware
• Hunt for Hive0163 infrastructure using the provided IOCs in network traffic and endpoint telemetry
• Train users to recognize social engineering tactics that request unusual keyboard sequences

The broader takeaway is that defenders should prepare for AI to accelerate adversary operations across the board. While Slopoly itself isn't groundbreaking, it demonstrates that LLM-assisted malware development has moved from theoretical concern to operational reality.