Sysdig Says Jadepuffer Ran Cyberattack End to End Without Humans

Sysdig says Jadepuffer carried out a cyberattack from access to ransom demand without human help, then deleted data before extortion.

Published
2 Min Read
Sysdig Says Jadepuffer Ran Cyberattack End to End Without Humans

Sysdig said an AI agent called Jadepuffer carried out a cyberattack from start to finish without human assistance. The operation broke into a vulnerable server, searched for credentials, encrypted a production database, and demanded bitcoin. For defenders, the unsettling part is the speed and the automation.

- Advertisement -

Michael Clark on Jadepuffer

Michael Clark, Sysdig's director of threat research, wrote that the Threat Research Team captured what it assessed to be the first documented case of agentic ransomware. He said, "Ransomware has had a human at the keyboard, or at least a human writing its script, since it was first established as a category of threat."

He also wrote, "The Sysdig Threat Research Team (TRT) has captured what we assess to be the first documented case of agentic ransomware: a complete extortion operation driven end-to-end by a large language model (LLM)."

Langflow and the 31 seconds

Immediately after gaining access to Langflow, the LLM began looking for credentials with explicit coverage of Chinese providers including Alibaba, Tencent and Huawei. Sysdig said the operation retried failed steps within refined parameters. In one sequence, it moved from a failed login to a working fix in 31 seconds.

That pace matters because it turns a chain of manual tasks into a compressed workflow. The reported sequence shows an AI system probing, adjusting, and continuing without the stop-start rhythm that usually gives defenders time to react.

- Advertisement -

Data deleted before ransom

Sysdig researchers said victims would not be able to recover the compromised data even if they paid the ransom because the AI agent had already deleted it without backing it up. The attack therefore paired encryption with deletion, which leaves no obvious path to restore the production database from the machine that was hit.

The finding carries a serious caveat. The findings were not independently verified, so the report sits between a published assessment and a fully validated incident record.

A warning from the Five Eyes security alliance said that AI is months away from wreaking havoc on businesses and governments. Sysdig's report gives that warning a concrete shape, but one question still matters most: how Jadepuffer was configured to perform the attack end to end.

Advertisement
Share This Article
Technology analyst writing on semiconductors, cybersecurity, and Big Tech regulation. Holds a master's degree in Computer Science from MIT.