The trick npm worms use to evade AI detection
🚨 Attn all counter abuse friends. The cool trick used by Mini Shai-Hulud, Miasma, and Hades worms to evade AI detections.
They add nuclear and biological weapons text to derail LLM scanners or analyst copilots that feed the file to an LLM without sanitization.
This can cause refusal behavior, prompt confusion, context pollution, or premature classification before the scanner reaches the actual malware.
As the Socket team put down it's not a magical bypass against static detection. YARA rules, entropy checks, AST parsing, string extraction, deobfuscation, and behavioral rules still work.
I'm sure that it's not the first case and many counter abuse and security teams have already seen similar techniques in their pipelines.
We are in the earliest days of the attackers using such features, so sharing observations publicly can benefit all defenders.