Cybersecurity researchers have uncovered a previously unknown modular malware framework called Avalon, a sophisticated threat that combines credential theft, remote access, lateral movement, data exfiltration, and ransomware deployment into a single attack platform.
According to researchers at Blackpoint Cyber, the malware is delivered through a carefully crafted multi-stage phishing campaign designed to evade traditional email security solutions. The ransomware component used in the final stage has been named CrownX.
How the Attack Begins
The infection starts with a phishing email disguised as a legal document. Instead of attaching a malicious file directly, attackers provide a link to a password-protected archive hosted on Proton Drive.
Inside the archive is an ISO disk image containing a Windows shortcut file disguised as a PDF document. When the victim opens the shortcut, it silently launches an MSBuild project stored within the ISO image.
This project loads an embedded .NET assembly that disables portions of Event Tracing for Windows (ETW), making security monitoring and forensic analysis more difficult. It then downloads the next-stage payload over HTTPS, ultimately installing the Avalon malware framework.
Advanced Defense Evasion Techniques
Avalon includes an extensive collection of defense-evasion capabilities that allow it to avoid detection by many enterprise security products.
Researchers observed techniques specifically designed to interfere with or bypass monitoring from several popular endpoint protection platforms, including Microsoft Defender, SentinelOne, CrowdStrike, Sophos, Elastic Endpoint, FortiEDR, ESET, McAfee, and Bitdefender.
These capabilities help the malware reduce security telemetry, evade user-mode monitoring, and adjust its behavior depending on the security tools installed on the compromised system.
What Avalon Can Do
Unlike traditional ransomware that focuses solely on encrypting files, Avalon functions as a complete cyberattack framework with multiple built-in modules.
Its capabilities include:
- Stealing browser passwords, cookies, browsing history, and bookmarks from Chromium-based browsers and Mozilla Firefox.
- Extracting information from cryptocurrency wallets such as MetaMask, Phantom, Coinbase Wallet, Exodus, Electrum, Atomic Wallet, Ledger Live, and Bitcoin Core.
- Collecting credentials from applications including Discord, Slack, Microsoft Teams, OpenVPN, WireGuard, and Windows Credential Manager.
- Gathering SSH known hosts, saved Remote Desktop connections, Wi-Fi profiles, and Group Policy Preference credentials.
- Sending stolen information to a remote command-and-control server while continuously checking for new attacker instructions.
- Performing network reconnaissance to identify additional systems for lateral movement.
- Encrypting business-critical files using the Windows Cryptography API before displaying a ransom note with payment instructions and escalating deadlines.
- Disabling recovery mechanisms by deleting Volume Shadow Copies and stopping recovery-related services.
- Removing forensic evidence to complicate incident response.
- Directly interacting with disk structures in an apparent attempt to damage partitions or boot records, potentially rendering affected systems unusable.
CrownX Ransomware Is Only the Final Stage
Researchers emphasize that the ransomware encryption is only one part of a much broader attack.
By the time victims see the ransom note, Avalon has already harvested credentials, established command-and-control communications, mapped the network, weakened recovery options, and prepared for additional compromise across the environment.
This layered approach significantly increases the impact of an attack and makes recovery far more challenging.
Evidence Points to AI-Assisted Malware Development
One of the most interesting findings is that Avalon appears to show signs of AI-assisted development.
Researchers believe the malware combines numerous independent components into a single framework without demonstrating the highly refined coding practices typically associated with experienced threat groups.
This highlights how generative AI is lowering the barrier to malware development, enabling attackers with limited technical expertise to build complex attack frameworks much faster than before.
As a result, advanced malware capabilities are no longer a reliable indicator of an attacker’s experience or sophistication.
Sysdig Reports First Fully Agentic AI-Driven Ransomware Attack
In a separate report, Sysdig revealed what it describes as the first publicly documented ransomware attack executed almost entirely by an AI agent.
The campaign, tracked under the name JADEPUFFER, reportedly exploited the Langflow vulnerability (CVE-2025-3248) to compromise an internet-facing server.
Instead of relying on continuous human intervention, the AI agent adapted its actions in real time, retried failed steps automatically, pivoted through the victim’s infrastructure, and ultimately launched a database-focused ransomware and extortion attack.
Researchers warn that AI agents could dramatically reduce the technical skills required to conduct sophisticated ransomware campaigns, making advanced cyberattacks accessible to a much wider range of threat actors.
AI Malware Executes Commands Without Coding Knowledge
Researchers have also identified a new proof-of-concept malware that combines a Telegram bot with a public large language model (LLM) API to perform codeless attacks.
After infecting a system, the malware sends basic system information to an attacker’s Telegram bot and waits for instructions.
Instead of sending shell commands directly, the attacker simply types plain-language instructions. These instructions are forwarded to a public LLM API, which translates them into executable shell commands before returning them to the infected system.
The malware then executes the generated commands and sends the results back to the attacker through Telegram.
This approach removes the need for attackers to know command-line syntax, demonstrating how AI services can simplify offensive operations while making malware easier to operate.
Final Thoughts
The emergence of Avalon, CrownX ransomware, and AI-assisted attack techniques reflects a rapidly evolving cybersecurity landscape.
Modern malware is no longer limited to encrypting files—it now combines credential theft, persistence, lateral movement, intelligence gathering, and destructive capabilities into unified frameworks. At the same time, artificial intelligence is lowering the technical barriers to cybercrime, allowing increasingly sophisticated attacks to be developed and operated with minimal expertise.
Organizations should strengthen phishing defenses, deploy multi-layered endpoint protection, monitor for unusual system behavior, and ensure reliable offline backups to reduce the impact of these emerging threats.
