Shadow AI Malware 'Vamps' Abuses LLM Traffic for Stealthy C2

A new malware strain named Vamps has emerged, leveraging Shadow AI tactics to hide command-and-control traffic within legitimate LLM service calls. The malware routes exfiltration and C2 through standardized /v1/chat/completions API traffic, blending malicious behavior with normal enterprise usage. MITRE mappings include T1071.001 (Exfiltration Over Web Protocols), T1090 (Proxy Use), and T1105 (Ingress Tool Transfer). This technique exploits widespread outbound HTTPS and organizational tolerance for machine-generated traffic. Vamps embeds malicious payloads inside requests that appear to be routine AI-agent interactions, allowing it to bypass many detection controls. Attackers rely on legitimate cloud infrastructure and use long-lived, trusted endpoints to camouflage C2 signaling. The campaign aligns with the rise of unmonitored AI agent traffic inside corporate environments, creating blind spots where conventional security tools lack context to validate payload intent. The business impact includes stealthy data exfiltration, persistent espionage, and loss of intellectual property. Since enterprises increasingly integrate AI agents into workflows, malicious traffic can blend seamlessly with automated operational processes. The technique raises compliance concerns for SOC organizations governed by NIST, ISO 27001, and industry regulators requiring validated outbound traffic controls. Mitigation requires implementing LLM-traffic inspection, adopting zero-trust egress controls, and monitoring AI agent behaviors. Organizations should tag and classify AI-related traffic, enforce outbound restrictions on cloud APIs, and deploy anomaly detection capable of identifying suspicious LLM request patterns.