They probably used AI to write it!
MIT Sloan quietly shelves AI ransomware study after researcher calls BS
Do 80 percent of ransomware attacks really come from AI? MIT Sloan has now withdrawn a working paper that made that eyebrow-raising claim after criticism from security researcher Kevin Beaumont. The withdrawn paper [PDF], co-authored by researchers from MIT Sloan and Safe Security, claimed, "Our recent analysis of over 2800 …
-
-
Monday 3rd November 2025 23:11 GMT vogon00
2/10, Must try harder
Had a quick read of it and came to the conclusion that I am not competent to comment seriously.
Others are though. Based on their assessments, I have to say I expected better from MIT. Having said that, MIT Sloan is a school of business/leadership...what on earth made them think they were competent to comment on or research the technical subject of hacking with AI when most of the ROW can't make sense of it. Just re-spinning the hype to suit their own agenda.
MIT Engineering qualifications still appear trustable, the business school qualifications less so -)
-
-
-
Tuesday 4th November 2025 19:22 GMT Bill Gray
I'll occasionally see instances where (say) an asteroid has been estimated to be roughly 200 km in diameter, and a press release will duly divide by 1.609344 and tell us that, according to the Institute for Advanced Meaningless Precision, the asteroid is 124.2745 miles across. When I see a precise figure given in non-metric units, I'll often convert to metric and be amused to see how close it comes to a "round" number.
-
-
-
-
Tuesday 4th November 2025 05:35 GMT Pascal Monett
Brilliant career move, there
MIT authors Michael Siegel, Sander Zeijlemaker, alongside Safe Security's Vidit Baxi and Sharavanan Raajah.
These people have just completely trashed their professional reputation. They will forever be remembered for publishing a piece of AI-written filth.
They're going to have to work very hard to regain a veneer of competence in the industry.
Serves them right.
-
Tuesday 4th November 2025 10:21 GMT Graham Cobb
Re: Brilliant career move, there
Actually, the corporate guys (Baxi and Raajah) have done little harm to their reputation, and probably increased their value to their employers (and future employers). It is a few years now since I did corporate technical marketing but companies are always looking for ways to get external validation of the benefits of their product. Even if you do have a great product it is has hard to let the world know; and if you don't you still need to highlight what it can do. This support from MIT Sloan authors was quite a feather in their cap!
Respected institutions (including various publications, universities, research groups, analysts, etc) are always underfunded and are looking for corporate sponsorships or sponsored gigs (speaking at conferences, tradeshows, user group meetings, etc). Their views often carry a lot of weight with customers so they can charge a lot of money for endorsing suppliers. Of course, they don't normally go as far as saying one supplier is better than another but they are often willing to endorse or promote a particular talking point which highlights something which happens to be a competitive strength of one supplier.
But it is a very difficult tightrope to walk. Even while avoiding direct endorsement of a product, they have to be careful not to just endorse the marketing talking points of the supplier. I had many difficult calls and negotiations with various experts we were sponsoring in various ways in order to arrive at words they would use which supported our talking points and strengths, without endorsing or recommending our products. Some of them were very good at getting to a reasonable and fair compromise protecting their position, reputation and institution while saying enough to support our claims that we would pay them (and come back again for another article or speaking gig). I understood their position and they understood mine, and we negotiated like adults.
I suspect that Siegel and Zeijlemaker have had a roasting from MIT and will be much more careful next time.
-
-
-
Tuesday 4th November 2025 09:41 GMT Bebu sa Ware
Re: Even AIs don't agree?
"To paraphrase Christine Keeler, well it would say that wouldn't it"
Mandy Rice-Davies surely ?
Christine is the one sitting astride a chair in her birthday suit. (unfortunately there isn't a cold shower icon.)
-
-
Tuesday 4th November 2025 09:52 GMT Bebu sa Ware
"When 80% of Ransomware Attacks are AI-Driven"
Without fear of contradiction I would say 100% of Ransomware Attacks are money driven — your money at that.
I imagine a fair number of papers in this area are similarly driven.
"The incentives are… not well managed here, and the industry is very sick,"
One might say that of the nation as a whole — "the unrelenting drift into grift."
-
Tuesday 4th November 2025 10:36 GMT Eric 9001
It's not clear as to what use LLM's would have for writing ransomware.
It's really not that hard - all that is needed;
* id+encryption key generation.
* Sending that data to a remote server.
* Encryption of user files + deletion of originals.
* Popping up the ransom message with instructions how to pay and receive the decryptor (or writing the ransom message to a file on the desktop) and of course the attacker can also just take payment and not supply decryption.
* Or if the encryption and payment checking is too hard, add an .encrypted extension to every file (windows will make the files mostly unusable and also makes it hard to remove the extension) and make the program remove the extension when the "payment has been made (non-payment will result in deletion of all files)" button is pressed.
All of that is mostly a copy-paste job from stackoverflow.
A LLM could be used to write the email demanding that the "pdf.exe" file is viewed immediately and the ransom message, but it's really easier to just type the 1 or 2 needed sentences and copy-paste the cryptocurrency address (using a LLM even risks the cryptocurrency address being modified to the wrong one).
Biting the hand that feeds IT
