Pakistan News

AI Malware Ka Apna Hi ‘Self-Goal’: Hacker Ne Apni Token Leak Kardi!

May 28, 2026 JauntyM 0
AI Malware Ka Apna Hi ‘Self-Goal’: Hacker Ne Apni Token Leak Kardi!

Hum sab ne suna hai ke AI future hai, aur yeh bade bade kaam kar sakta hai, yahan tak ke khatarnak malware bhi bana sakta hai. Lekin kabhi kabhi, technology bhi apna hi nuksan kar baithti hai, aur criminals ke plans par paani pher deti hai. Ek aisi hi dilchasp kahani saamne aayi hai jahan AI se banaya gaya ek data-chori karne wala malware apni hi wajah se pakra gaya!

Ox Security ke researchers ne ek badnaam npm package, jiska naam mouse5212-super-formatter tha, usse dhoond nikala. Yeh koi aam software nahi tha; yeh ek infostealer tha jo khaas taur par Claude users ko nishana bana raha tha. Isse pakde jaane se pehle, is kharab code ko hairani ki baat hai ke 676 baar download kiya ja chuka tha.

Ab yahan aata hai asli “self-own” wala hissa. Yeh AI-coded malware apni hi galti ki wajah se pakda gaya – isne galti se apna GitHub private token leak kar diya! Sochye, ek chor chori karte waqt apna identity card hi mauke par chhod jaaye. Is badi galti ki wajah se security experts ko chori kiye gaye files ko trace karne aur malware ki poori working ko samajhne mein madad mili, jiski wajah se aakhirkar iska parda faash ho gaya.

Malware ne shuru mein kaafi chalaki dikhayi thi. Isne apne aap ko ek “archive deployment sync utility” ke roop mein chhupaya tha. Iska maqsad GitHub par login karna, target repositories ko check karna, zaroorat padne par naye banane, aur phir victim ke local directory se har file ko upload karna tha. Apne tracks chhupane ke liye, isne yahan tak ke jhoote network connection logs bhi banaye taake chori system diagnostics jaisi lage. Lekin, woh saari chalaki us ek choti si galti ki wajah se bekar ho gayi: woh leaked token.

Ox Security, jinhone yeh sab expose kiya, unhone ise “Infostealer/Malware-Slop” ka naam diya. Unka kehna hai ke yeh waqeya dikhata hai ke AI, agarche malicious code banane ka tareeqa aasan bana deta hai, lekin yeh operational security ki samajh apne aap nahi deta. Aane wale waqt mein hum shayad aur bhi “sloppy” malware dekhenge, kyunki zyada amateur threat actors is game mein enter honge, jo bade aur sophisticated hacking groups ki naqal karne ki koshish karenge.

Filhaal, yeh khaas digital khatra neutralise ho gaya hai, aur is hacker ka GitHub account bhi delete kar diya gaya hai. Yeh ek achi misaal hai ke kaise, itni advanced AI hone ke bawajood, insani (ya AI-induced) galtiyan bhi din bacha sakti hain. Toh jab tak hum AI se paida hone wale khatron par nazar rakhte hain, chalo in lamhon ka bhi lutf uthate hain jab bad guys khud apne hi pairon par gir jaate hain!

Share
Tags: AI malware AI tools cybersecurity Data Theft GitHub security hacking fail infostealer npm package online safety Tech News Pakistan
← Previous ByteDance Dives into Chip Making to Amp Up AI Capabilities
Next → Overwatch's 10th Anniversary Hits Different: Classic 6v6 Mode Makes a Triumphant Return!

Leave a Comment