Ransomware 3.0: Self-Composing and LLM-Orchestrated Article Swipe
Md Raz
,
Meet Udeshi
,
P. V. Sai Charan
,
P. Krishnamurthy
,
Farshad Khorrami
,
Ramesh Karri
·
YOU?
·
· 2025
· Open Access
·
· DOI: https://doi.org/10.48550/arxiv.2508.20444
YOU?
·
· 2025
· Open Access
·
· DOI: https://doi.org/10.48550/arxiv.2508.20444
Using automated reasoning, code synthesis, and contextual decision-making, we introduce a new threat that exploits large language models (LLMs) to autonomously plan, adapt, and execute the ransomware attack lifecycle. Ransomware 3.0 represents the first threat model and research prototype of LLM-orchestrated ransomware. Unlike conventional malware, the prototype only requires natural language prompts embedded in the binary; malicious code is synthesized dynamically by the LLM at runtime, yielding polymorphic variants that adapt to the execution environment. The system performs reconnaissance, payload generation, and personalized extortion, in a closed-loop attack campaign without human involvement. We evaluate this threat across personal, enterprise, and embedded environments using a phase-centric methodology that measures quantitative fidelity and qualitative coherence in each attack phase. We show that open source LLMs can generate functional ransomware components and sustain closed-loop execution across diverse environments. Finally, we present behavioral signals and multi-level telemetry of Ransomware 3.0 through a case study to motivate future development of better defenses and policy enforcements to address novel AI-enabled ransomware attacks.
Related Topics
Concepts
No concepts available.
Metadata
- Type
- preprint
- Language
- en
- Landing Page
- http://arxiv.org/abs/2508.20444
- https://arxiv.org/pdf/2508.20444
- OA Status
- green
- OpenAlex ID
- https://openalex.org/W4414448279
All OpenAlex metadata
Raw OpenAlex JSON
- OpenAlex ID
-
https://openalex.org/W4414448279Canonical identifier for this work in OpenAlex
- DOI
-
https://doi.org/10.48550/arxiv.2508.20444Digital Object Identifier
- Title
-
Ransomware 3.0: Self-Composing and LLM-OrchestratedWork title
- Type
-
preprintOpenAlex work type
- Language
-
enPrimary language
- Publication year
-
2025Year of publication
- Publication date
-
2025-08-28Full publication date if available
- Authors
-
Md Raz, Meet Udeshi, P. V. Sai Charan, P. Krishnamurthy, Farshad Khorrami, Ramesh KarriList of authors in order
- Landing page
-
https://arxiv.org/abs/2508.20444Publisher landing page
- PDF URL
-
https://arxiv.org/pdf/2508.20444Direct link to full text PDF
- Open access
-
YesWhether a free full text is available
- OA status
-
greenOpen access status per OpenAlex
- OA URL
-
https://arxiv.org/pdf/2508.20444Direct OA link when available
- Cited by
-
0Total citation count in OpenAlex
Full payload
| id | https://openalex.org/W4414448279 |
|---|---|
| doi | https://doi.org/10.48550/arxiv.2508.20444 |
| ids.doi | https://doi.org/10.48550/arxiv.2508.20444 |
| ids.openalex | https://openalex.org/W4414448279 |
| fwci | |
| type | preprint |
| title | Ransomware 3.0: Self-Composing and LLM-Orchestrated |
| biblio.issue | |
| biblio.volume | |
| biblio.last_page | |
| biblio.first_page | |
| topics[0].id | https://openalex.org/T11241 |
| topics[0].field.id | https://openalex.org/fields/17 |
| topics[0].field.display_name | Computer Science |
| topics[0].score | 0.9986000061035156 |
| topics[0].domain.id | https://openalex.org/domains/3 |
| topics[0].domain.display_name | Physical Sciences |
| topics[0].subfield.id | https://openalex.org/subfields/1711 |
| topics[0].subfield.display_name | Signal Processing |
| topics[0].display_name | Advanced Malware Detection Techniques |
| topics[1].id | https://openalex.org/T10400 |
| topics[1].field.id | https://openalex.org/fields/17 |
| topics[1].field.display_name | Computer Science |
| topics[1].score | 0.9301999807357788 |
| topics[1].domain.id | https://openalex.org/domains/3 |
| topics[1].domain.display_name | Physical Sciences |
| topics[1].subfield.id | https://openalex.org/subfields/1705 |
| topics[1].subfield.display_name | Computer Networks and Communications |
| topics[1].display_name | Network Security and Intrusion Detection |
| is_xpac | False |
| apc_list | |
| apc_paid | |
| language | en |
| locations[0].id | pmh:oai:arXiv.org:2508.20444 |
| locations[0].is_oa | True |
| locations[0].source.id | https://openalex.org/S4306400194 |
| locations[0].source.issn | |
| locations[0].source.type | repository |
| locations[0].source.is_oa | True |
| locations[0].source.issn_l | |
| locations[0].source.is_core | False |
| locations[0].source.is_in_doaj | False |
| locations[0].source.display_name | arXiv (Cornell University) |
| locations[0].source.host_organization | https://openalex.org/I205783295 |
| locations[0].source.host_organization_name | Cornell University |
| locations[0].source.host_organization_lineage | https://openalex.org/I205783295 |
| locations[0].license | |
| locations[0].pdf_url | https://arxiv.org/pdf/2508.20444 |
| locations[0].version | submittedVersion |
| locations[0].raw_type | text |
| locations[0].license_id | |
| locations[0].is_accepted | False |
| locations[0].is_published | False |
| locations[0].raw_source_name | |
| locations[0].landing_page_url | http://arxiv.org/abs/2508.20444 |
| locations[1].id | doi:10.48550/arxiv.2508.20444 |
| locations[1].is_oa | True |
| locations[1].source.id | https://openalex.org/S4306400194 |
| locations[1].source.issn | |
| locations[1].source.type | repository |
| locations[1].source.is_oa | True |
| locations[1].source.issn_l | |
| locations[1].source.is_core | False |
| locations[1].source.is_in_doaj | False |
| locations[1].source.display_name | arXiv (Cornell University) |
| locations[1].source.host_organization | https://openalex.org/I205783295 |
| locations[1].source.host_organization_name | Cornell University |
| locations[1].source.host_organization_lineage | https://openalex.org/I205783295 |
| locations[1].license | |
| locations[1].pdf_url | |
| locations[1].version | |
| locations[1].raw_type | article |
| locations[1].license_id | |
| locations[1].is_accepted | False |
| locations[1].is_published | |
| locations[1].raw_source_name | |
| locations[1].landing_page_url | https://doi.org/10.48550/arxiv.2508.20444 |
| indexed_in | arxiv, datacite |
| authorships[0].author.id | https://openalex.org/A5116075597 |
| authorships[0].author.orcid | |
| authorships[0].author.display_name | Md Raz |
| authorships[0].author_position | first |
| authorships[0].raw_author_name | Raz, Md |
| authorships[0].is_corresponding | False |
| authorships[1].author.id | https://openalex.org/A5007457263 |
| authorships[1].author.orcid | https://orcid.org/0000-0001-7297-0880 |
| authorships[1].author.display_name | Meet Udeshi |
| authorships[1].author_position | middle |
| authorships[1].raw_author_name | Udeshi, Meet |
| authorships[1].is_corresponding | False |
| authorships[2].author.id | https://openalex.org/A5112641983 |
| authorships[2].author.orcid | |
| authorships[2].author.display_name | P. V. Sai Charan |
| authorships[2].author_position | middle |
| authorships[2].raw_author_name | Charan, P. V. Sai |
| authorships[2].is_corresponding | False |
| authorships[3].author.id | https://openalex.org/A5054769060 |
| authorships[3].author.orcid | https://orcid.org/0000-0001-8264-7972 |
| authorships[3].author.display_name | P. Krishnamurthy |
| authorships[3].author_position | middle |
| authorships[3].raw_author_name | Krishnamurthy, Prashanth |
| authorships[3].is_corresponding | False |
| authorships[4].author.id | https://openalex.org/A5082413942 |
| authorships[4].author.orcid | https://orcid.org/0000-0002-8418-004X |
| authorships[4].author.display_name | Farshad Khorrami |
| authorships[4].author_position | middle |
| authorships[4].raw_author_name | Khorrami, Farshad |
| authorships[4].is_corresponding | False |
| authorships[5].author.id | https://openalex.org/A5059648257 |
| authorships[5].author.orcid | https://orcid.org/0000-0001-7989-5617 |
| authorships[5].author.display_name | Ramesh Karri |
| authorships[5].author_position | last |
| authorships[5].raw_author_name | Karri, Ramesh |
| authorships[5].is_corresponding | False |
| has_content.pdf | False |
| has_content.grobid_xml | False |
| is_paratext | False |
| open_access.is_oa | True |
| open_access.oa_url | https://arxiv.org/pdf/2508.20444 |
| open_access.oa_status | green |
| open_access.any_repository_has_fulltext | False |
| created_date | 2025-10-10T00:00:00 |
| display_name | Ransomware 3.0: Self-Composing and LLM-Orchestrated |
| has_fulltext | False |
| is_retracted | False |
| updated_date | 2025-11-06T06:51:31.235846 |
| primary_topic.id | https://openalex.org/T11241 |
| primary_topic.field.id | https://openalex.org/fields/17 |
| primary_topic.field.display_name | Computer Science |
| primary_topic.score | 0.9986000061035156 |
| primary_topic.domain.id | https://openalex.org/domains/3 |
| primary_topic.domain.display_name | Physical Sciences |
| primary_topic.subfield.id | https://openalex.org/subfields/1711 |
| primary_topic.subfield.display_name | Signal Processing |
| primary_topic.display_name | Advanced Malware Detection Techniques |
| cited_by_count | 0 |
| locations_count | 2 |
| best_oa_location.id | pmh:oai:arXiv.org:2508.20444 |
| best_oa_location.is_oa | True |
| best_oa_location.source.id | https://openalex.org/S4306400194 |
| best_oa_location.source.issn | |
| best_oa_location.source.type | repository |
| best_oa_location.source.is_oa | True |
| best_oa_location.source.issn_l | |
| best_oa_location.source.is_core | False |
| best_oa_location.source.is_in_doaj | False |
| best_oa_location.source.display_name | arXiv (Cornell University) |
| best_oa_location.source.host_organization | https://openalex.org/I205783295 |
| best_oa_location.source.host_organization_name | Cornell University |
| best_oa_location.source.host_organization_lineage | https://openalex.org/I205783295 |
| best_oa_location.license | |
| best_oa_location.pdf_url | https://arxiv.org/pdf/2508.20444 |
| best_oa_location.version | submittedVersion |
| best_oa_location.raw_type | text |
| best_oa_location.license_id | |
| best_oa_location.is_accepted | False |
| best_oa_location.is_published | False |
| best_oa_location.raw_source_name | |
| best_oa_location.landing_page_url | http://arxiv.org/abs/2508.20444 |
| primary_location.id | pmh:oai:arXiv.org:2508.20444 |
| primary_location.is_oa | True |
| primary_location.source.id | https://openalex.org/S4306400194 |
| primary_location.source.issn | |
| primary_location.source.type | repository |
| primary_location.source.is_oa | True |
| primary_location.source.issn_l | |
| primary_location.source.is_core | False |
| primary_location.source.is_in_doaj | False |
| primary_location.source.display_name | arXiv (Cornell University) |
| primary_location.source.host_organization | https://openalex.org/I205783295 |
| primary_location.source.host_organization_name | Cornell University |
| primary_location.source.host_organization_lineage | https://openalex.org/I205783295 |
| primary_location.license | |
| primary_location.pdf_url | https://arxiv.org/pdf/2508.20444 |
| primary_location.version | submittedVersion |
| primary_location.raw_type | text |
| primary_location.license_id | |
| primary_location.is_accepted | False |
| primary_location.is_published | False |
| primary_location.raw_source_name | |
| primary_location.landing_page_url | http://arxiv.org/abs/2508.20444 |
| publication_date | 2025-08-28 |
| publication_year | 2025 |
| referenced_works_count | 0 |
| abstract_inverted_index.a | 10, 85, 103, 147 |
| abstract_inverted_index.We | 92, 117 |
| abstract_inverted_index.at | 64 |
| abstract_inverted_index.by | 61 |
| abstract_inverted_index.in | 53, 84, 113 |
| abstract_inverted_index.is | 58 |
| abstract_inverted_index.of | 39, 143, 154 |
| abstract_inverted_index.to | 19, 71, 150, 160 |
| abstract_inverted_index.we | 8, 136 |
| abstract_inverted_index.3.0 | 30, 145 |
| abstract_inverted_index.LLM | 63 |
| abstract_inverted_index.The | 75 |
| abstract_inverted_index.and | 5, 23, 36, 81, 99, 110, 128, 140, 157 |
| abstract_inverted_index.can | 123 |
| abstract_inverted_index.new | 11 |
| abstract_inverted_index.the | 25, 32, 45, 54, 62, 72 |
| abstract_inverted_index.LLMs | 122 |
| abstract_inverted_index.case | 148 |
| abstract_inverted_index.code | 3, 57 |
| abstract_inverted_index.each | 114 |
| abstract_inverted_index.only | 47 |
| abstract_inverted_index.open | 120 |
| abstract_inverted_index.show | 118 |
| abstract_inverted_index.that | 13, 69, 106, 119 |
| abstract_inverted_index.this | 94 |
| abstract_inverted_index.Using | 0 |
| abstract_inverted_index.adapt | 70 |
| abstract_inverted_index.first | 33 |
| abstract_inverted_index.human | 90 |
| abstract_inverted_index.large | 15 |
| abstract_inverted_index.model | 35 |
| abstract_inverted_index.novel | 162 |
| abstract_inverted_index.plan, | 21 |
| abstract_inverted_index.study | 149 |
| abstract_inverted_index.using | 102 |
| abstract_inverted_index.(LLMs) | 18 |
| abstract_inverted_index.Unlike | 42 |
| abstract_inverted_index.across | 96, 132 |
| abstract_inverted_index.adapt, | 22 |
| abstract_inverted_index.attack | 27, 87, 115 |
| abstract_inverted_index.better | 155 |
| abstract_inverted_index.future | 152 |
| abstract_inverted_index.models | 17 |
| abstract_inverted_index.phase. | 116 |
| abstract_inverted_index.policy | 158 |
| abstract_inverted_index.source | 121 |
| abstract_inverted_index.system | 76 |
| abstract_inverted_index.threat | 12, 34, 95 |
| abstract_inverted_index.address | 161 |
| abstract_inverted_index.binary; | 55 |
| abstract_inverted_index.diverse | 133 |
| abstract_inverted_index.execute | 24 |
| abstract_inverted_index.natural | 49 |
| abstract_inverted_index.payload | 79 |
| abstract_inverted_index.present | 137 |
| abstract_inverted_index.prompts | 51 |
| abstract_inverted_index.signals | 139 |
| abstract_inverted_index.sustain | 129 |
| abstract_inverted_index.through | 146 |
| abstract_inverted_index.without | 89 |
| abstract_inverted_index.Finally, | 135 |
| abstract_inverted_index.attacks. | 165 |
| abstract_inverted_index.campaign | 88 |
| abstract_inverted_index.defenses | 156 |
| abstract_inverted_index.embedded | 52, 100 |
| abstract_inverted_index.evaluate | 93 |
| abstract_inverted_index.exploits | 14 |
| abstract_inverted_index.fidelity | 109 |
| abstract_inverted_index.generate | 124 |
| abstract_inverted_index.language | 16, 50 |
| abstract_inverted_index.malware, | 44 |
| abstract_inverted_index.measures | 107 |
| abstract_inverted_index.motivate | 151 |
| abstract_inverted_index.performs | 77 |
| abstract_inverted_index.requires | 48 |
| abstract_inverted_index.research | 37 |
| abstract_inverted_index.runtime, | 65 |
| abstract_inverted_index.variants | 68 |
| abstract_inverted_index.yielding | 66 |
| abstract_inverted_index.automated | 1 |
| abstract_inverted_index.coherence | 112 |
| abstract_inverted_index.execution | 73, 131 |
| abstract_inverted_index.introduce | 9 |
| abstract_inverted_index.malicious | 56 |
| abstract_inverted_index.personal, | 97 |
| abstract_inverted_index.prototype | 38, 46 |
| abstract_inverted_index.telemetry | 142 |
| abstract_inverted_index.AI-enabled | 163 |
| abstract_inverted_index.Ransomware | 29, 144 |
| abstract_inverted_index.behavioral | 138 |
| abstract_inverted_index.components | 127 |
| abstract_inverted_index.contextual | 6 |
| abstract_inverted_index.extortion, | 83 |
| abstract_inverted_index.functional | 125 |
| abstract_inverted_index.lifecycle. | 28 |
| abstract_inverted_index.ransomware | 26, 126, 164 |
| abstract_inverted_index.reasoning, | 2 |
| abstract_inverted_index.represents | 31 |
| abstract_inverted_index.synthesis, | 4 |
| abstract_inverted_index.closed-loop | 86, 130 |
| abstract_inverted_index.development | 153 |
| abstract_inverted_index.dynamically | 60 |
| abstract_inverted_index.enterprise, | 98 |
| abstract_inverted_index.generation, | 80 |
| abstract_inverted_index.methodology | 105 |
| abstract_inverted_index.multi-level | 141 |
| abstract_inverted_index.polymorphic | 67 |
| abstract_inverted_index.qualitative | 111 |
| abstract_inverted_index.ransomware. | 41 |
| abstract_inverted_index.synthesized | 59 |
| abstract_inverted_index.autonomously | 20 |
| abstract_inverted_index.conventional | 43 |
| abstract_inverted_index.enforcements | 159 |
| abstract_inverted_index.environment. | 74 |
| abstract_inverted_index.environments | 101 |
| abstract_inverted_index.involvement. | 91 |
| abstract_inverted_index.personalized | 82 |
| abstract_inverted_index.quantitative | 108 |
| abstract_inverted_index.environments. | 134 |
| abstract_inverted_index.phase-centric | 104 |
| abstract_inverted_index.reconnaissance, | 78 |
| abstract_inverted_index.LLM-orchestrated | 40 |
| abstract_inverted_index.decision-making, | 7 |
| cited_by_percentile_year | |
| countries_distinct_count | 0 |
| institutions_distinct_count | 6 |
| citation_normalized_percentile |