AI Waifu RAT Attacking Users With Novel Social Engineering Techniques

Cybersecurity

A recent malware campaign has been detected targeting specific communities focused on Large Language Model (LLM) role-playing. This campaign utilizes advanced social engineering techniques to distribute a Remote Access Trojan (RAT), known as “AI Waifu RAT.”

The malware is disguised as an AI character enhancement tool, claiming to offer “meta” interactions between users and their virtual AI companions. The attack is initiated through appealing propositions on LLM role-playing forums.

The threat actor presents their creation as a research project, allowing users’ AI character “Win11 Waifu” to interact directly with real-world computer systems. This tactic exploits the community’s interest in advanced AI capabilities, misleading users into perceiving Arbitrary Code Execution (ACE) as a feature rather than a security risk.

Technical Architecture and Command Structure

The AI Waifu RAT operates through a simple yet efficient architecture. It sets up a local HTTP server on port 9999, facilitating communication between the victim’s system and the LLM-controlled interface. This design enables integration with web-based AI platforms, maintaining persistent access to the compromised machine.

The RAT includes three main command and control endpoints:

• /execute_trusted: Accepts plaintext JSON commands, executing them through PowerShell processes, which allows arbitrary command execution.
• /execute: Contains a superficial security prompt that is easily bypassed using the trusted endpoint.
• /readfile: Provides complete filesystem access, facilitating data exfiltration and reconnaissance.

The malware ensures persistence by writing registry entries for automatic startup. It also employs evasion techniques by instructing users to disable antivirus software, purportedly to avoid “false positives,” thereby bypassing primary defense mechanisms.