Russia-aligned crime group Greyvibe extensively uses AI in attacks
Summary
Researchers discovered Greyvibe, a Russia-aligned crime group that uses large language models (LLMs, AI systems trained to generate text) extensively throughout its cyberattacks against Ukrainian targets, including government and military organizations. The group has used generative AI to create spear phishing emails (fraudulent messages pretending to come from trusted sources), malicious scripts, and custom malware programs like PhantomRelay and LegionRelay (remote access trojans, or RATs, which are tools that let attackers control compromised computers). Greyvibe has conducted multiple campaigns since August 2025 using various attack methods, from fake websites to ClickFix-style attacks (tricks that convince users to run malicious commands on their computers).
Classification
Affected Vendors
Related Issues
Original source: https://www.csoonline.com/article/4178879/russia-aligned-crime-group-greyvibe-extensively-uses-ai-in-attacks.html
First tracked: May 30, 2026 at 02:00 AM
Classified by LLM (prompt v3) · confidence: 85%