Microsoft has identified a new phishing campaign targeting organizations in the United States that uses code likely generated by artificial intelligence. The attackers employ large language models (LLMs) to create complex code that hides malicious actions within seemingly harmless files, making the threats more difficult to detect.
The campaign, first detected on August 28, 2025, utilizes a sophisticated technique to disguise its payload inside a Scalable Vector Graphics (SVG) file. According to Microsoft Threat Intelligence, this method represents a growing trend of cybercriminals incorporating AI tools to enhance their attacks.
Key Takeaways
- Hackers are using AI, specifically LLMs, to write obfuscated code for phishing attacks.
- The campaign uses SVG files disguised as PDF documents to deliver the malicious payload.
- The AI-generated code uses common business terms to appear legitimate and evade security systems.
- The primary goal of the attack is to steal user credentials from U.S.-based organizations.
AI Used to Create Deceptive Code
The core of this new attack method is its use of AI to generate code that is difficult for both humans and security software to identify as malicious. The attackers use what appears to be a compromised business email account to send the phishing messages.
These emails are designed to look like standard file-sharing notifications, encouraging the recipient to open an attached document. However, the attachment is not a PDF but an SVG file, a type of image file that can also contain executable scripts.
Why Attackers Use SVG Files
Scalable Vector Graphics (SVG) files are attractive to cybercriminals because they are based on XML text. This allows attackers to embed JavaScript and other dynamic code directly within the image file. According to Microsoft, this makes it possible to create interactive phishing payloads that can bypass many security tools that primarily scan for traditional malware formats. SVGs also support features like invisible elements and delayed script execution, which helps evade automated security analysis.
Unusual Obfuscation Technique
Once a user opens the SVG file, it redirects them to a webpage that displays a CAPTCHA challenge. Microsoft's analysis suggests that completing this verification step would likely lead the user to a fraudulent login page designed to harvest their credentials, although the company's security systems blocked the threat before this final stage could be confirmed.
What makes this campaign unique is how the malicious code is hidden. The SVG file's code is structured to resemble a business analytics dashboard, using a long sequence of corporate terminology.
"This tactic is designed to mislead anyone casually inspecting the file, making it appear as if the SVG's sole purpose is to visualize business data. In reality, though, it's a decoy," Microsoft Threat Intelligence stated in its report.
The code uses words like "revenue," "operations," "risk," "quarterly," and "growth" as variables and function names. This makes the script look like legitimate business software at first glance.
Identifying AI-Generated Malice
Microsoft researchers concluded that an LLM likely generated the code due to its unusual characteristics. The code was overly complex, highly modular, and contained redundant naming conventions that a human programmer would typically avoid.
To confirm this, Microsoft used its Security Copilot AI to analyze the script. The analysis determined the program was "not something a human would typically write from scratch due to its complexity, verbosity, and lack of practical utility."
Signs of AI-Generated Code
- Overly descriptive names: Functions and variables have long, redundant names.
- Over-engineered structure: The code is more complex than necessary for its function.
- Formulaic obfuscation: It uses a repetitive pattern of business terms to hide its purpose.
- Verbose comments: Generic and extensive comments are included, mimicking documentation examples.
Microsoft noted that while this specific campaign was limited in scope and successfully blocked, the techniques are being adopted by a wider range of threat actors. This signals a new phase in cybersecurity where defenders must also learn to identify and counter AI-generated threats.
Broader Trends in Phishing Attacks
The use of AI is part of a larger trend of attackers evolving their methods to bypass security. Other recent reports highlight different, yet equally sophisticated, phishing strategies.
Security firm Forcepoint recently detailed a multi-stage attack that begins with phishing emails containing .XLAM attachments (Excel add-ins). These attachments execute shellcode to deploy the XWorm Remote Access Trojan (RAT), giving attackers control over the victim's computer.
In that attack, the malware uses multiple layers of obfuscation and memory injection techniques to hide its final payload from antivirus software. The victim is often shown a blank or corrupted Office file to avoid suspicion.
Lures and Payloads Continue to Diversify
Another security company, Cofense, has observed recent phishing campaigns using different social engineering tactics. One campaign impersonates the U.S. Social Security Administration to trick victims into installing the ScreenConnect remote access tool.
Another notable campaign uses copyright infringement claims as a lure. According to Cofense, these emails spoof legal firms and demand the removal of content from a victim's website or social media page. This campaign is distinguished by its use of a Telegram bot profile page to deliver its initial payload, which includes information stealers like Lone None Stealer and PureLogs Stealer.
These evolving tactics demonstrate that cybercriminals are continuously innovating, using everything from AI-generated code to multi-stage infection chains and novel delivery methods to achieve their goals.