Microsoft reports hackers deploy AI at every stage of cyberattacks

Microsoft’s internal telemetry shows that AI‑generated payloads now appear in > 30 percent of the nation‑state malware families it monitors, a jump that dwarfs the modest 5‑percent AI usage seen a year ago, according to the company’s “Hackers Using AI at Every Stage of Cyberattacks” report. The shift is not limited to code; the same data reveal that AI‑crafted phishing lures are being deployed at every point in the kill chain, from the initial reconnaissance email to the post‑exploitation “living‑off‑the‑land” scripts that maintain persistence. In practice, attackers feed large language models with target‑specific data—company names, recent press releases, even internal jargon—to produce messages that slip past both human users and automated filters, a technique Microsoft says makes phishing 4.5 times more effective than traditional templates (The Register).

The report also details a new “AI‑assisted weaponization” stage where threat actors use generative tools to automatically obfuscate malicious code, rewrite signatures, and even generate novel exploits for zero‑day vulnerabilities. Forbes notes a recent multi‑stage attack on Microsoft Teams that leveraged legitimate Microsoft 365 email headers to bypass security controls, then used an AI‑driven script to inject a backdoor into the Teams client. The attackers reportedly iterated the payload in real time, tweaking it based on the victim’s environment feedback—a capability that would have required a team of developers just months ago.

Exploitation, the point where the malicious code actually runs, is now being amplified by AI‑powered decision engines that scan compromised hosts for high‑value assets and automatically pivot to the most lucrative foothold. Microsoft’s threat‑intel team observed that state‑backed groups from China, Russia and Iran are “honing their skills” with tools built on OpenAI’s models, which they can query directly from compromised machines to generate on‑the‑fly commands (Reuters). This on‑demand code generation shortens the typical dwell time from weeks to hours, giving adversaries a decisive edge in stealing credentials, exfiltrating data, and encrypting files before defenders can react.

Post‑intrusion activities—data exfiltration, credential dumping, and lateral movement—are likewise being orchestrated by AI. Microsoft’s analysts found that once inside a network, AI scripts can enumerate user accounts, map trust relationships, and even fabricate legitimate‑looking service tickets to evade detection. The same report flags a surge in “AI‑enhanced ransomware” that tailors ransom notes to the victim’s industry language, increasing the likelihood of payment. The convergence of these capabilities means that a single AI‑augmented tool can shepherd an attack from start to finish, reducing the need for large, coordinated hacker teams.

The implications for defenders are stark. Microsoft urges enterprises to adopt AI‑driven detection alongside traditional security controls, emphasizing that “human‑in‑the‑loop” analysis remains essential to verify AI‑generated alerts. The company also recommends tightening email authentication, deploying zero‑trust architectures, and monitoring for anomalous API calls that could indicate an AI model is being queried from within the network. As the report concludes, the weaponization of generative AI is no longer a futuristic threat—it is the new baseline for sophisticated cyber‑espionage, and organizations must evolve at the same pace to stay ahead.