Sophos Uncovers AI-assisted EDR Evasion Lab

Sophos X-Ops analysts detected a modular post-exploitation framework that used AI-assisted tooling and automated workflows to test endpoint detection and response (EDR) evasion, according to a Sophos blog post. The framework included customized Cobalt Strike profiles, a Telegram Bot API command-and-control channel, and a Cloudflare Worker front-end, with multiple Python scripts described as at least partially AI-generated. Sophos assessed the red-team framing was likely a cover for ransomware and data theft operations.

Sophos Uncovers AI-assisted EDR Evasion Lab Sophos X-Ops analysts detected a modular post-exploitation framework that used AI-assisted tooling and automated workflows to test endpoint detection and response EDR evasion, according to a Sophos blog post. Investigators found malicious payloads in C:\\Users\\User\\Documents\\test and artifacts including customized Cobalt Strike profiles, a Telegram Bot API command-and-control channel, Python shellcode-injection scripts, and a Cloudflare Worker front-end used to obscure backend C2 infrastructure, per Sophos and reporting by Help Net Security. Researchers recovered a Git repository containing an automated Active Directory discovery panel and a dedicated lab that iteratively tested payloads against Sophos , CrowdStrike , and Microsoft Defender protections, Sophos reports. Multiple Python scripts were described as at least partially AI-generated. BleepingComputer and GBHackers report the environment used the AI-native Cursor IDE and multiple AI agents, including Claude Opus 4.5, to assist coding, testing, and documentation. Infosecurity Magazine notes Sophos assessed the red-team framing was likely a cover used in part to bypass Claude's content guardrails, and linked the activity to known ransomware and data theft operations. What happened Sophos X-Ops analysts observed a modular post-exploitation framework and associated tooling that the company describes as using AI technologies to accelerate development and testing of endpoint detection and response EDR evasion techniques, per the Sophos blog post published June 2, 2026. The detection began when an anomalous endpoint in a customer tenant triggered alerts for payloads originating from the path C:\\Users\\User\\Documents\\test, Sophos reports. Analysis recovered multiple malicious artifacts and a Git repository that contained an automated Active Directory discovery panel and a testing lab used to evaluate payloads against Sophos , CrowdStrike , and Microsoft Defender EDR products, according to Sophos and public reporting by Help Net Security and DarkReading. Technical details Per Sophos and corroborating reporting from BleepingComputer and GBHackers, the toolkit combined several components: customized Cobalt Strike profiles tuned to make beacon traffic resemble legitimate web requests; a Telegram Bot API channel used as a command-and-control mechanism; Python-based tools that inject shellcode into legitimate Windows executables while preserving normal functionality; and a Cloudflare Worker front-end redirector to obscure backend command-and-control infrastructure. Multiple Python scripts were found in Russian and were described by Sophos as at least partially AI-generated. BleepingComputer and GBHackers report that the environment used the AI-native Cursor development environment and multiple AI agents, including Claude Opus 4.5, that assisted with coding, EDR-evasion testing, operational security checks, and documentation. GBHackers reports nearly 80 modules were developed to test over 70 distinct evasion techniques, and that the Python-based payload generator produced custom executables and DLLs using Rust and Go with multiple evasion layers including encryption and sandbox bypass techniques. Observed attack workflow reported Sophos describes the Active Directory discovery component as collecting observations from completed tasks, selecting follow-up actions from a predefined set, dispatching work to remote agents, and reevaluating results on return. Sophos characterized the overall EDR-bypass process as a structured engineering test cycle that combined automated testing with human review and iteration. Help Net Security and DarkReading report that artifacts in the repository show operators studying vendor research and mapping techniques to MITRE ATT&CK for incorporation into the lab tests. Red team framing and threat attribution Infosecurity Magazine reports that Sophos assessed the red-team framing was likely a cover, used in part to bypass Claude's content guardrails around malware development. Sophos stated: 'In reality, the framework was built for stealthy post-exploitation activity in target environments.' Sophos also linked the activity to known ransomware and data exfiltration operations, per Infosecurity Magazine. Sophos has not publicly named a specific threat actor, citing ongoing investigations. Industry context Editorial analysis: attackers incorporating AI into tooling for code generation, testing, and orchestration is consistent with a broader trend of professionalizing malware development workflows. Companies and defenders have reported adversaries using large language models and agentic tooling for coding assistance, reconnaissance summaries, and automation of repetitive tasks, which lowers the friction of iterating on bypass techniques. As Sophos stressed, no AI was embedded in the malware itself - AI accelerated a structured build-test-refine cycle that still relied on human review at each stage. Implications for defenders For practitioners: the reported setup shows defenders must assume adversaries may automate iterative test cycles that evaluate payloads against multiple EDR products. This increases the value of telemetry that links test artifacts to internal indicators such as repository metadata, VM provisioning records, and unusual test-path activity. Organizations should also consider that threat actors can combine off-the-shelf tooling such as Cobalt Strike with bespoke scripts and cloud redirectors to blend malicious activity into normal network patterns. Sophos recommends defense-in-depth fundamentals: timely patching, multi-factor authentication, modern authentication methods such as passkeys, and broad EDR deployment. What to watch Observers should track whether subsequent reporting ties the repository and artifacts to a named ransomware group, how vendors update detection signatures for the specific bypass techniques identified, and whether open-source intelligence links Cursor or Claude Opus 4.5 usage to other campaigns. Scoring Rationale This story documents adversaries using AI-assisted tooling to professionalize EDR evasion testing at scale, with Sophos linking the activity to active ransomware operations and assessing the red-team cover was used to bypass model guardrails - a notable escalation for defenders and detection engineers. The technical specificity and confirmed ransomware attribution justify a score slightly above the lower Notable range. Practice interview problems based on real data 1,500+ SQL & Python problems across 15 industry datasets — the exact type of data you work with. Try 250 free problems /problems