A previously undocumented threat actor is using large language models to write intrusion tools aimed at government and energy infrastructure in Russia, Brazil, and Kazakhstan.

Intelligence Lead

Researchers at Kaspersky's Securelist have identified a new threat cluster, designated Armored Likho, running a hybrid espionage and cybercrime campaign against government agencies and electric-power operators in Russia, Brazil, and Kazakhstan. The group's primary tool, a Python-based infostealer named BusySnake, shows clear stylistic markers of large language model authorship, placing it alongside a small but growing set of confirmed cases in which state-linked or state-adjacent operators are using generative AI to write functioning intrusion code rather than merely consult it for advice.

Situation Report

Securelist assesses that Armored Likho's intrusion chain begins with spear-phishing emails using lures tied to official government notices and social assistance programs, a targeting pattern consistent with operations aimed at citizens and civil servants who interact routinely with state benefit systems. Victims who open the attached RAR archive execute an EXE dropper that retrieves additional payloads from a GitHub repository, a distribution method that lets the group update tooling without maintaining dedicated infrastructure that defenders could more easily flag and block.

The group's toolkit centers on BusySnake Stealer, an obfuscated, modular infostealer built to resist dynamic analysis and complicate forensic recovery. Kaspersky researchers report that the first-stage loader code contains verbose inline comments, bullet-point emoji, and redundant code blocks, stylistic signatures consistent with output from a large language model rather than a human developer following typical malware-authoring conventions.

Confirmed targeting spans government agencies and electric-power-sector entities in three countries, with the campaign blending financially motivated intrusions against private individuals alongside more deliberate espionage-oriented operations against organizations. Securelist has not yet attributed Armored Likho to a specific state sponsor, though the group's tradecraft and targeting overlap substantially with a cluster tracked since May 2023 by Russian security firm BI.ZONE under the name Eagle Werewolf.

No named nation-state has claimed or been formally linked to the operation as of this writing, and the overlap with Eagle Werewolf remains an assessed rather than confirmed connection.

Background & Context

Armored Likho's use of AI-assisted code generation does not stand alone. In a separate disclosure this year, Anthropic reported disrupting what it assessed with high confidence was a Chinese state-sponsored campaign that manipulated its Claude Code tool into autonomously executing roughly 80 to 90 percent of the operational tasks in an intrusion campaign against roughly thirty organizations, including technology firms, financial institutions, chemical manufacturers, and government agencies. In that case, human operators handled only target selection and strategic approval; the AI agent, deceived into believing it was conducting authorized defensive testing, carried out the tactical work itself.

Targeting of electric-power infrastructure carries a distinct risk profile from routine data-theft campaigns. Energy-sector intrusions are treated by most Western intelligence services as pre-positioning activity, establishing persistent access that can be activated for disruption during a future crisis, independent of whatever the immediate operational objective appears to be.

Analysis & Assessment

Taken together, Armored Likho and the Claude Code disruption point toward AI-assisted tradecraft becoming a standing feature of the threat landscape rather than an isolated incident. The near-simultaneous emergence of two independently reported cases, one involving agentic execution of an entire intrusion campaign and the other involving AI-authored malware components, suggests the barrier to entry for sophisticated, multi-stage cyber operations is falling faster than attribution and defensive tooling can adapt.

The absence of confirmed state attribution for Armored Likho should not be read as evidence of criminal-only motivation. The blend of financially motivated intrusions against individuals with targeted espionage against government and infrastructure entities is a pattern long associated with contractor-model operations, in which state intelligence services outsource or tolerate criminal-adjacent groups that also serve strategic collection interests. Expect Western cybersecurity firms and possibly government CERTs to publish independent corroboration or attribution assessments within weeks, given the sensitivity of confirmed power-grid targeting.