In recent months, cybersecurity researchers have detected an increasingly active malicious campaign that uses seemingly legitimate artificial intelligence tools to silently and strategically distribute malware.
According to the team at Trend Micro, attackers are taking advantage of the popularity of AI-powered or productivity-related applications to sneak malicious software onto devices worldwide. The malware has targeted organizations across diverse regions including Europe, the Americas, Asia, the Middle East, and Africa—highlighting the global reach of this threat.
The most heavily impacted sectors so far include:
-
Manufacturing
-
Government
-
Healthcare
-
Technology
-
Retail
As for countries, India, the United States, France, Italy, Brazil, Germany, the United Kingdom, Norway, Spain, and Canada are among the most affected. All signs indicate that this campaign—dubbed EvilAI—is not an isolated incident, but a well-organized attack that remains active and is rapidly evolving.
What Makes EvilAI So Dangerous?
Researchers describe the attackers as “highly sophisticated,” largely because they manage to camouflage their malware within applications that appear fully functional and legitimate. Essentially, the software does what it promises—but it also carries out malicious tasks in the background.
This represents a new level of deception: users believe they’re installing a helpful app, such as a PDF editor or an AI productivity tool, without realizing they’re opening the door to an attack.
Which Apps Are Involved?
Some of the applications used to distribute the malware include names like:
-
AppSuite
-
Epi Browser
-
JustAskJacky
-
Manual Finder
-
OneStart
-
PDF Editor
-
Recipe Lister
-
Tampered Chef
Although their names sound innocent (and even useful), these apps are designed to steal data, access sensitive systems, or pave the way for more complex attacks in the future.
Read more: New Spear Phishing Attack Distributes DarkCloud Malware
Malware with a Legitimate Signature? How Campaigns Behind AppSuite, TamperedChef, and More Operate
What seemed like a simple collection of innocently named applications—such as OneStart, ManualFinder, or AppSuite—has turned out to be part of a much more complex and well-coordinated malware campaign.
A deep analysis conducted by cybersecurity firm G DATA revealed that all these applications share the same server infrastructure and are being operated by the same group of malicious actors. In other words, these aren’t isolated cases—they're pieces of the same puzzle.
“They’ve been selling malware disguised as all sorts of things: games, recipe apps, manual search tools… and now they even slap ‘AI’ on the name to make it more appealing,” explained Banu Ramakrishnan, a security researcher.
Legitimate-Looking Malware: Fake Certificates to Appear Trustworthy
Another key finding came from security company Expel, which has been closely tracking campaigns related to AppSuite and PDF Editor. According to their report, the developers behind these apps have used at least 26 digital code-signing certificates over the past seven years. These certificates, typically used to verify the authenticity of software, were issued to companies based in Panama, Malaysia, and other countries.
This approach has a clear goal: to make the malicious software appear legitimate to both users and security systems.
BaoLoader vs. TamperedChef: Different Names, Same Goal
Expel identified that many of the malware samples signed with these certificates fall under the name BaoLoader—a threat that, while similar to another known as TamperedChef, shows notable differences in behavior and structure.
While BaoLoader uses certificates from Panama and Malaysia, TamperedChef has been linked to certificates issued to companies in Ukraine and the United Kingdom.
TamperedChef was first detected through an app that appeared to be a harmless recipe tool, but in reality, it opened a covert channel to communicate with remote servers, receive commands, and steal sensitive information.
Read more: Hidden Cyber Risks of Generative Artificial Intelligence
Everyday Tools Turned into Threats
More recently, new variants of this malware have been detected posing as common applications such as calendars, image viewers, or desktop utilities. These versions use technologies like NeutralinoJS—a legitimate app development framework that allows JavaScript code to run on desktop environments.
The problem is that frameworks like these, while legitimate, can be exploited by attackers to:
-
Execute malicious code
-
Access the file system
-
Launch processes without user awareness
-
Communicate with remote servers undetected
Moreover, more advanced techniques have been found, such as the use of Unicode homoglyphs—characters that look identical to regular ones but are used to hide malicious payloads in seemingly normal API responses. This allows attackers to evade detection systems that rely on signatures or text-matching.
Are We Facing a Malware-as-a-Service Market?
One of the most troubling findings is the presence of multiple digital signing certificates used across different samples of the malware. This suggests the possibility of a shared provider offering code-signing services to the developers behind these campaigns.
It’s also possible that we’re witnessing a Malware-as-a-Service (MaaS) model, where multiple groups use the same platform to distribute their variants—making global spread and long-term persistence much easier.
What Can We Learn From This?
These types of threats make one thing clear: the appearance of legitimacy is no longer a guarantee of safety. Just because an app is digitally signed or appears to function properly doesn’t mean it’s secure.
That’s why it’s more important than ever to:
-
Avoid downloading software from unverified sources
-
Verify the legitimacy of tools before installing them
-
Keep your operating system and security software up to date
-
Stay alert to any strange behavior after installing new apps
The line between legitimate and malicious is increasingly blurred—and attackers know it. It's not enough to trust an app’s appearance or its supposed connection to artificial intelligence. Robust defense tools and processes are essential.
How Can TecnetOne Help You?
If you’re looking for a reliable way to protect your organization against threats like EvilAI, TecnetOne offers advanced security solutions that can make a real difference:
-
Endpoint protection with real-time monitoring to detect malicious behavior before it causes damage.
-
AI-powered threat analysis, capable of identifying anomalies even in digitally signed software.
-
System auditing and hardening, to reinforce weak points before attackers exploit them.
-
Cybersecurity awareness and training, one of the best defenses against social engineering campaigns.
With a comprehensive approach that combines technology, monitoring, and prevention, TecnetOne helps businesses stay one step ahead of modern threats—even those hiding behind an innocent-looking façade. If you don’t yet have a solid cybersecurity plan in place or need to strengthen the one you already have, it’s worth exploring what we can do for your organization.
