Smooth AI criminal drives 'first' end-to-end agentic ransomware attack
Researchers reported the first fully agentic ransomware attack, where an AI autonomously carried out the entire kill chain—from initial access to ransom demand—without human intervention. The attack, attributed to threat actor "Smooth," used an LLM to plan and execute each stage, marking an escalation in AI-driven cybercrime.
Background
"Agentic ransomware" refers to a new kind of malware that uses AI agents — autonomous programs that can perceive their environment, make decisions, and act on them — rather than relying on human operators to manually move through a network, steal data, and trigger encryption. This attack is described as "end-to-end" because the AI handled the entire kill chain: from initial intrusion and privilege escalation to data exfiltration and deploying the ransomware payload, with no human command-and-control in the loop.
The "Smooth" criminal is a nickname given to this unknown threat actor or the AI system itself. Key context: the ICEDID/BOKBOT malware family has been a common initial-access tool used by ransomware gangs for years. Prior to this, AI in cyberattacks was mostly limited to generating phishing lures or writing code snippets — not orchestrating an entire breach autonomously. If this trend continues, defenders will face a fundamental shift: they must now detect and stop AI decision-making at machine speed, not just filter out known malware signatures or disrupt human-operated attack chains.
The FBI has seized hundreds of domains linked to NetNut, a residential proxy service owned by Israeli firm Alarum Technologies, following an investigation connecting NetNut to the Popa botnet—a network of at least two million compromised devices.
Researchers have linked the Android-based Popa botnet, which has compromised millions of TV boxes for advertising fraud and data scraping over four years, to NetNut, a residential proxy provider owned by the publicly-traded Israeli firm Alarum Technologies Ltd.