Gialoma

    Life Solutions
    Check Point Research reveals AI assistants used as covert command and control (C2) servers.
    Inteligencia Artificial (IA)

    Check Point Research reveals AI assistants used as covert command and control (C2) servers.

    Gianro Compagno
    2026-02-20
    5 min read
    The mass adoption of artificial intelligence services in business environments is transforming the cybersecurity landscape. As AI-generated traffic integrates with companies' regular activities, the attack surface expands and new threats emerge. A recent report from Check Point Research, the Threat Intelligence division of Check Point® Software Technologies Ltd. (NASDAQ: CHKP), a global leader in cybersecurity, reveals an innovative attack technique: the use of AI assistants with web browsing capabilities as relay servers for Command and Control (C2). In this new model, attackers exploit the trust and ubiquity of AI services to camouflage their malicious communications. Unlike traditional methods, where malware connects directly to the attacker's infrastructure, here AI acts as an invisible intermediary. The malicious code uses native functions of the assistants, such as accessing and summarizing URLs, to send stolen data and receive instructions, all disguised as legitimate and everyday traffic. Check Point Research highlights that this type of abuse can occur without the need for API keys or user authentication, making the application of conventional mitigation measures more difficult. Additionally, by not relying on their own servers, attackers benefit from the high availability and trust that companies place in AI services, making the detection and neutralization of these threats much more complex. This finding represents a significant shift in the nature of attacks: malware moves from operating with fixed instructions to being dynamically driven and controlled by AI. Microsoft, after being alerted by Check Point Research, has implemented adjustments in Copilot to limit such abuses, although the risk persists on any AI platform that allows access to external resources. As a preventive measure, Check Point Research recommends treating AI domains as potential data exfiltration hotspots and monitoring automated usage patterns that may indicate the presence of covert C2 servers. The Check Point AI Security solution already offers capabilities to inspect and block this type of traffic before it becomes a control channel for attackers. Source: madridiario.es
    Gianro Compagno

    Gianro Compagno

    CTO

    Gianro aporta una gran experiencia en gestión de proyectos tecnológicos en entornos multinacionales. Su experiencia técnica combinada con un MBA y una maestría en Psicología Investigativa crea un enfoque único para las soluciones tecnológicas. Como Experto en IA y Automatización, aplica conocimientos psicológicos para diseñar sistemas más intuitivos y centrados en el ser humano. Su enfoque orientado al detalle y mentalidad positiva aseguran que nuestras soluciones no solo sean innovadoras y confiables, sino que también se alineen con cómo las personas piensan y trabajan naturalmente.

    Recent Articles

    Claude Mythos: the AI model from Anthropic so advanced that its use is restricted.

    Claude Mythos: the AI model from Anthropic so advanced that its use is restricted.

    2026-04-08

    The SEO Evolves: Discover the Power of GEO and AEO in 2026

    The SEO Evolves: Discover the Power of GEO and AEO in 2026

    2026-04-07

    DeepSeek from China announces the launch of its V4 version in April: A Revolution in AI?

    DeepSeek from China announces the launch of its V4 version in April: A Revolution in AI?

    2026-04-07

    Popular Categories

    Applied AICase StudiesTrendsAI & Automation