AI Deepfakes & Laptop Farms: Inside the 2026 Cloudflare Threat Report

Hello everyone and welcome to this week in net. This is a special edition about the 2026 Clare threat report. I'm your host Ronto based in Lisbon, Portugal and with me I have Brian Brian Carter and Chris Pacy. Hello. Hey there. Hey. How's it going? Before we jump into the actual report, why not also give a glimpse to folk that don't know too much about this area of threat intelligence and this type of analysis. But this is the main thing that people don't realize about this area in in particular that they should that is important. And maybe I could start Chris and say that uh I think when it comes to marketing threat intelligence like we have a product around it. We want our customers to be able to use the data that we provide our analysis to make better decisions. In some cases, in some cases, that's a really kind of small tactical thing where they're taking individual indicators from us and using that to block something in their network. And a larger scale or a higher level, they might be making decisions about what's important architecture-wise in their network or which threats they need to prioritize. and um and our data certainly gives us a a unique perspective on that that they won't find from from other researchers. Absolutely echo Brian's points. I guess listeners may know that you know Cloudflare processes over uh 20% of of global internet traffic. Yeah. A huge huge vast swave of the internet comes comes through Cloudflare and I guess that means that we're in a unique position there to see patterns emerging before they they really become widespread. Makes sense. One of the things that is quite obvious in this threat report is it shows and this is the tagline actually how the adversaries are weaponizing the internet. If uh in terms of the main take takeaways that people should also understand of why we did this in terms of doing an actual report that anyone can check other companies customers what the was the main driver of doing the report actually who wants to start yeah so I can I can jump in on that one um so yeah I mean we're really excited for this report I mean it represents uh I guess months of work analyzing through activity across state actors Russia China, Iran, North Korea predominantly, but as as well as cyber criminal activity. And I guess we've distilled all of that into actual in intelligence that security teams can use. And we've seen, you know, the threat landscape constantly evolving fundamentally, I guess, shing this this um this past year seeing kind of weaponization of identity, industrialization of um uh software as a service supply chain attacks, huge increase in kind of hypervoluttric DOS strikes um that kind of out vastly outweighing human intervention. Uh, and so I think it's really exciting for us to to to use, like I said, that kind of visibility that we've got of, uh, you know, 20% of the internet there to to really demonstrate and display the patterns that we're seeing, uh, and hopefully turn that into kind of actual intelligence and information that security teams can use. Anything you want to add there, Brian? Yeah, I think the the report, you know, for people wondering who it might be for, this is something that's written in a very kind of a a way that you might find in news media kind of at that level. It's designed to inform a broad range of people. If you're a very technical person, you probably won't find indicators in there, but I'm certain you'll learn something new about um sort of the interests of different threat actor groups that abuse Cloudflare's infrastructure. Makes sense. In in terms of the period that it covers, it's it's of course current like the latest months. Uh but is there a period that is more focused on in terms of the trends we've seen? Yeah, I think um [clears throat] it's mainly designed to be uh something that covers 2025 up till you know the the data publication, but it's it's often necessary to include uh data before that so that we can kind of measure trends over a longer period of time and do comparisons as well, right? You can compare like new trends because before this was not a topic and now it is. So that comparison with what it was before and what it is now is quite important also to track what is changing and what attackers are more involved now than before. Right? Those things are also relevant in terms of comparisons. Yeah, I think that's uh I just jump in there, Brian. Sorry. I think that's particularly noticeable uh when you start looking at some of the the DOS attacks that we we've seen in the in the last year. And I think that's where it's um although it is a a kind of summary of 2025, I think that's where it's really valuable there to look look back at um past past data, you know, we saw something like 4 47 47.1 million attacks in 2025. That's doubled from 2024. The largest we saw the largest botnet attack reaching kind of over 31 terabytes per second. That's six times the the record in 2024. Uh yeah as you say it does uh really help to look back and kind of see what the trends are and what the kind of scale of of uh the threat is increasing. Yeah, those hypervilltric DOS attacks are definitely and we published many blog posts recently are definitely record upon record being broke uh specifically. So more more tools uh more more possibilities also for attackers to do more harm specifically on the key findings uh take takeaways here specifically what are are AIdriven changes you've seen that we can target and explain to folks who wants to start? Yeah, I think all of this is very interesting and and also quite new. You know, when we started using AI tools a few years ago, you know, like the modern LLM type of tools, they were very interesting but kind of hard to picture how they might be leveraged um in in cyber security specifically. And then over the last year we've just seen an explosion of different fantastic use cases uh reliable use of agents and unfortunately uh you know threat actors have also learned the capabilities quite well and and leveraging um a range of AI capabilities from how do I do this? how do I accomplish this task in asking a a chatbot all the way to using agents to perform specific recon tasks and so forth. Chris wants to add add on to that for a specific case. Yeah, exactly. You know, at this point, use of AI is not new, but I guess it's interesting to see how threat actors are evolving the use of it and how they're really using it to speed up their operations, whether it's um turning around endday vulnerabilities into capabilities that they can use for mass exploitation and then almost ask the question of well where have we gained access after the fact. So that you know they're very much using capabilities to gain accesses and then figure out kind of what value there is um there. But also we're seeing seeing cases where threat actors are actually using AI join their operations to to navigate new or complex unfamiliar environments um as kind of Brian suggested there you know asking AI how to navigate these environments to find the intelligence that they're after. And so actually the the length of time they're needing to between gaining access and retrieving the sensitive data that they're going after is is significantly reduced by um uh by leveraging AI which is I think quite interesting. One of the things that looking at the report we can also see that I found really interesting is that the the fact that the the attackers are leveraging uh the victim's own cloud or SAS or AI infrastructure to fund and scale the missions and that's happening like in a high velocity as you were saying that it's much easier and fast and efficient to do harm because of those tools and those tools are improving so attackers are also improving there and of course the defenses as Well, but uh in terms of this uh this layer of leveraging a victim's own cloud, SAS or AI AI infrastructure, do you have like specific examples that you can say even like more general ones that you can give us a glimpse of what's what harm is that doing really? For example, who wants to start? I can click quick off uh with a a quick uh example and then um maybe Brian I don't know if you want to follow with a the GR one example but yeah we we've seen um Chinese uh affiliated threat actors so frumpy frumpy toad for example we track um MSS affiliated threat actor using the living off the the cloud tactics really to to blend their C2 traffic into legitimate enterprise ecosystems making that detection u much more difficult. So in this case we actually um observed Frumpy Toad leveraging um a sophisticated cloud to cloud C2 loop using Google calendar to blend in with that legitimate traffic. The attack initially started off with kind of traditional spear fishing in this case redirecting victims compromised government sites hosting malicious um zip files that ultimately triggered the the deployment of a new malware variant called tough progress. And that malware then reads and and writes encrypted commands into uh Google calendar event descriptions allowing then the threat actor to communicate with those infected hosts without the host ever actually connecting to anything that on the wire looks malicious. You know, they've connected to a legitimate government site at the start and the C2 coms are then happening over Google calendar. So yeah, really interesting use there of the cloud and blending their coms to try and avoid detection. Yeah. And then adding on to that some specific examples we see kind of a range or an ecosystem of different crime services that relate to the theft of compute and cloud services like the sort of fishing that collects credentials specifically for these environments that all have themes around a single sign on. And then um you know people who specialize in exploiting access to these different resources that they can find sensitive data that's that's marketable and the the criminal underground and and people who will exploit that stolen data for financial gain. Typically makes sense. One of the things that I I've al also noticed in the the report is it's also about about incentives and who is behind some of these attacks and there's a specific area about those and some of these groups that are created but also about the fact that there's state sponsored groups here compromising critical infrastructure resilience. There's a lot there and why not like explain a bit of what state sponsored attackers are doing and the current situation. These are not new of course over the years there been many but how has those evolved specifically because those have a clear incentive of why they want to destabilize infrastructure and resilience. Yeah, I'll start with this one and and talk about maybe the most obvious attacks on critical infrastructure involve um the battlefield in Ukraine where um you know Russian sponsored actors you know target the energy infrastructure as well as systems that are used for battlefield support. That's probably the most obvious case there where they're trying to turn the lights off and uh take away the ability to to manufacture and deliver weapons in in Ukraine. Yeah, I can I can follow that with um maybe I'll give give two examples here. Yeah, to start with so um Puny Toad um another Chinese state sponsored group and they they really specialize in the kind of exploitation of edge network appliances particularly for persistent prepositioning and long-term espionage and and with a real focus here on um maintaining long-term access to to organizations across a range of industry verticals but predominantly focused on on the United States. And so we've tracked throughout 2025 and continue to see the evolution of of the group gain initial access through these edge network devices and in many cases employing a malware variant bricktorm to for for long-term persistence. The dwell time here of these actors is significantly longer than um we see in in in other cases. For example, we we saw Punito maintain persistent access to F5 systems for over a year, exfiltrating source code and and documentation and under closed vulnerabilities to to then go on and feed future operations as well. So that's that's a constantly evolving landscape there. But we also see on the Iranian front as well, we we see we see particularly some of the Iranians start to to blur the lines between kind of traditional cyber espionage and kinetic strikes and military action. And so we've observed some of the uh IRGC related threat actors conducting uh reconnaissance of maritime vessels, shipping vessels, monitoring CCTV um footage for battle damage assessment. Um uh and we're seeing this activity kind of both in the buildup to kind of connecting action and then afterwards as well for for like I said for battle damage assessment. So um yeah, seeing the kind of blurring of the lines between the digital and the kind of physical space. One of the things that actually I think is actually the first uh case study the first uh thing that we have in the report is about mo oversophistication. What can you we explain what is that specifically and why is that important? Who wants to go? Yeah, I can start with uh yeah absolutely. So I think this is around you know measure of effectiveness really mattering more than technical elegance. you know, if you if you went back a few years, uh I think there was very much a trend of um threat actors coming up with the the most elaborate, sophisticated, elegant, you know, solution to their to their to their operations. And you know, we saw this with very large scale [snorts] um malware. Today, you know, with with the aid of um AI, we're very much seeing a kind of in favor of industrialized high volume attacks, reducing the amount of effort they're having to put in to to achieve much higher levels actually of success. So whether that's turning around new vulnerabilities into exploits, whether that's weaponizing uh new capabilities quicker, mass exploitation, gaining access wherever they can, and then you know like I said retrospectively conducting that analysis of you know actually what access is is valuable. Um uh and we touched on it already in terms of how then uh the actual speed of the operations once they gained access is being increased with AI to actually help them navigate those complex environments. And there's even a case study about open code exploit here specifically open code it's very much used these days as an AI tool uh to build things quite sonic machine but there's possibilities for attackers there as well in terms of of this AI a very specific tool right yeah I think there's many avenues for exploitation in these environments where people are developing very quickly and learning about the the potential risks as as they're exploited in real time practically and the use of tools like open code with agents and MCP and other tools that make them very very useful. uh I think we'll we'll continue to see exploitation of MCP services or other things where the sort of supply chain of services that make open code and other tools very useful will be targets for for exploitation in the future. for for those that are concerned about the things that we're discussing, what are the the things they should be aware of in terms of protection in terms of not letting some of of these issues touch them and be problematic for them. What can we say there? I missed the first part of that. I missed the first part of your question there. Oh, sorry. So the for those who want to be protected and are a bit scared for from the things that we just said including like open code and things like that, what should they know to be protected? What should be on their minds to be safe from from harm? I think there are there are a wide variety of concerns and and unfortunately we're still learning about a lot of the the potential for exploitation there. And the first approach that I would take and it's something in internally at Cloudflare that we have limitations you know what developers and people like Chris and me are allowed to do with AI tools so that as an individual I can't just say I want to try all these different tools out there and um expose myself to a much broader range of potential risks um and so maybe limiting the field of risk I think is is probably the first step and beyond that using tools that will kind of evaluate requests to an MCP or any third party service from an agent, especially those that that can work independently. Yeah. And just just to touch on a couple of things that we haven't spoken too much about, but um you know, we've seen several examples of um I guess SAS environments and third party integrations being used by threat actors to to gain access to the target environments. The Salesforce breach earlier last year was a a key example of this. And so I think really looking at those uh I guess integrations and emissions that go along with that and applying kind of lease privilege and looking for those overprivileged tokens I think is is really important as we kind of um operate in a more interconnected world. Um and then I guess again we haven't really touched on too much around the DPRK North Korean um IT workers but really I'm seeing a huge I guess shift in their the scale of those those operations um in terms of embedding workers into western companies the scale at which they're applying for for roles and getting those in western companies. So again it's not just the traditional kind of security network edge boundaries but it's it's everything through recruitment process you know that human verification during that remote hiring loop is is um ever increasingly important. That's really interesting. Why not go more there? One of the the things that report definitely mentions as a new trend is the industrialization of insider threats that goes along what you were saying and this goes to the realm I would say that is a bit more physical world not only internet world in terms of attacks about recruitment. So a different area of a company than usually you see the typical attack. It can be an attack via recruitment because uh a threat like the North Korean situation you mentioned goes and tries to go to into a company to have access to those to the internal tools because someone hired someone that that is a bad actor. First, how more frequent is that now that we're seeing? And then what are the main takeaways we can share? You already share a few, but maybe more specifics there would be interesting. Who wants to go? Chris, you were talking about that. You want to go or Brian? Brian, did you want to jump in about the IT workers, Chris? Then then maybe I can pick it up. Yeah. Yeah, exactly. So um uh yeah picking up on the I guess the INC workers scheme they um will be using AIdriven deep fakes to bypass video interviews like I said applying at industrial scale for roles and and I guess the ultimate objective is is to maintain that illusion of kind of residency in you know typically western western nations predominantly kind of US-based workers where they would operate a laptop farm. So you know you've got a room full of laptops. They are logged into the the corporate networks of the organizations that they manage to gain roles within. But actually ultimately that is providing a a proxy through various different remote management tools VPNs any all sorts of different solutions there to provide a proxy back to actual kind of North Korean cyber actors. So, um, and you know, we're seeing interesting, um, developments in how they, uh, pretend to be legitimate users when they're not there with kind of jiggling software and, um, specific kind of video metadata artifacts and so on. And, and that's increasingly becoming a huge threat to, I would say, a huge wave of of organizations. Yeah. One recent case that we learned about because of a Department of Justice report was a Ukrainian national was recently extra extradited to the US for running one of these laptop farms in Kev. And but all the payments were going to US-based uh bank accounts. Um and and this individual, one of the reasons this is significant is that he ran a website recruiting people for this purpose. people came to the website and sort of the individual orchestrated both ship ship me your laptops and I'll coordinate the payments to US accounts and then transfer the money back to uh North Korea. So yeah, there's there's maybe an increasing level of sophistication and interest from actors outside the US as well and participating in uh you know receiving money for these IT worker schemes. It's interesting because it's it goes remote workers are really frequent since the pandemic and you can see that they're leveraging exactly that and with AI deep fakes are also easy someone talking with the different face it's really easy in terms even voice is really easy to change so if it's virtual you're not sure that will be real it's interesting that attackers use that for for this purpose having like real world conversations will will solve that potentially hopefully at least make that a little bit more tricky. and I interview a lot of people. We interview a lot of people for jobs at Cloud Force One and that's the first thing on our mind is like are we talking to the person that we think we're talking to and then subtle sort of behavior ticks and things like that. We all discuss it like could this have been some kind of AI generated thing or are they you know is somebody else feeding them answers or something like that. Yeah. Uh yeah. One other thing that's worth mentioning when it comes to insiders is on the cyber crime front, uh, there's been a series of different ransomware groups that are trying to recruit people inside of companies. Uh, I'm sorry they changed the subject from AI here, but really kind of a very direct approach to try to recruit people in these large companies to install malware or post exploitation tools that would give criminals access to that large enterprise and they could spread the malware with the help of an inside employee. And there aren't a lot of reports of success about this, but there are many many reports of people receiving these sort of recruiting offers and some very well-known companies. I was actually one of we already touched a bit on the fishing as a service bots to bypass standard protection. But uh there was another key takeaway from the the report that I find really interesting which is the token theft is neutralizing multiffactor authentication which is also an important one in terms of we're always saying multiffactor authentication is really important to be safe but in this situation there could be issues there can we say about this one specifically yeah two things there the first one is I would not you know hesitate to recommend two-factor authentication or multiffactor authentication I think what's being exploited here are really the adaptive systems that try to measure, you know, what do I know about Chris's laptop here? Where is he connecting from? And what are the attributes of his web browser? And if those are off a little bit, maybe we'll force force him to reauthenticate. And you know, the dynamics or the sort of decision trees for making these determinations about whether or not to reauthenticate can be quite complex. And in some cases, people have just decided, hey, let's let's just let these tokens live for a very long time. And if an information stealer like Luma or, you know, before that, Red Line would steal these tokens from a user's browser, a criminal would be able to use that to sign into somebody's YouTube account, for example, and then pump crypto scams to people on that very popular channels platform. And so that's a really common approach, but it doesn't work all the time, right? We look at crime markets that sell these tokens along with browser fingerprints and the credentials necessary to sign in. And compared to say all the computers that are available in a crime market with accounts for common services, there there's a much smaller fraction of tokens that are available and they don't live forever, right? like you're going to there'll be a point at where this this token expires and if you're buying that, you know, you may have to deal with that many times. So, I wouldn't say don't rely on multiffactor authentication. Instead, I would say think about the compromise of these tokens when you design a system that might prompt somebody to authenticate again and and and when should that happen. Makes sense. Regarding the key takeaways, there's a section also of the report that actually gives very specifics on the attackers, where are they based, what we know about them. That's also really interesting in terms of specifics. People can check that out from the report. But from all of that list of different attackers, we already mentioned Iranians, North Korea. What are the other things that we should I highlight by them? Is there like one or two that is more dangerous than the others that we could highlight there? Uh yeah. Yeah. So I can jump in there with an example. We see um a huge number of human in the loop approach the cyber activity across across the range of threat actors. The Iranians in particularly and some of the IRGC actors are very prolific for this. And this goes kind of beyond the traditional spear fishing to to the point where they are really trying to um build a relationship with their victims, build that trust and that understanding rather than just delivering a traditional kind of fishing links out of the blue that maybe aren't very effective. So, you know, being cognizant of who you're talking to, do you understand that person? Do you trust that person? because you know we're seeing many recruitment career themed job application themed campaigns now targeting targeting epitims in this way and and they're incredibly successful and they're incredibly believable as well. So you know being invited to a um an interview but using actually kind of a fake Google meet or Microsoft Teams invitation again [clears throat] where we talked about the kind of uh using cloud services for you know an air of legitimacy. So, you know, hosting what are actually malicious payloads on legitimate sites such as kind of one drive or or only office which which ultimately then um we're seeing deploy malware which in turn again in terms of that kind of legitimate use of sorry malicious use of legitimate cloud infrastructure we're seeing then that malicious activity call out to places such as GitHub or Azure websites for C2 or Discord channels all again blending in with that that normal looking traffic making it harder to detect. So um yeah, so I think that's sort of quite an interesting uh evolution of some of their tactics. I think as as far as um Russia and and more broadly cyber crime for for Cloudflare, when we introduce a new researcher to the environment, one of the first things that that they'll learn is that not every nation state exploits or abuses Cloudflare's infrastructure, but some of the ones that do seem to really like Cloudflare. And nasty shrew for example that's mentioned in the report is one that we spend quite a lot of time studying both internally uh also with uh within trust groups and directly with people who are dealing with it in Ukraine and they can tell us what the effects of these different campaigns are. You know, to contrast that with cyber crime, when we rug pull all the infrastructure out from under a problem set like Lumacy, they don't really come back to Cloudflare. You know, the the free tier of access that Cloudflare offers has become too expensive for them. So, they they go to other providers, right? And so with the case of Nashy Shrew and and some others, they we rugpull their infrastructure and they just come right back the next day with with new accounts and new kind of approaches and procedures. And so it's been, I would say, relentless in the persistence and something that that we spend a great deal of time on um and and worth spending some time reading in the report. you know, Nasty Shrew specifically and the the industry it's more widely known as Gamma Redin and um makes sense. One of the things maybe we can do a little game of very short questions. One would be related to actions. If I'm a CISO watching this and seeing the report, what is the one thing I should fix this quarter I should be aware of uh from the report specifically? I think well, first of all, I've never heard anybody say CISO. Chris, how do you how do you say CISO? SISO or sayiso. Sorry, Portuguese. Portuguese pronunciation. I'm going to start saying that now and just see what what Yeah. Um, yeah. Yeah. I would say probably the the top thing for enterprises uh in in the US and Europe specifically North Korean IT workers I think you really need to get a handle on that especially if your organization has a large cohort of developers where you know that's the most likely path into an enterprise is you know open developer jobs or even contractors that deliver services on behalf of a large company like that. Uh yeah, that would be my the first on my list. I think Chris has to come everyone now. Yeah, we've touched on it briefly, but I think the the most concerning thing from my perspective and and that we're seeing more of and that will affect probably the widest number of organizations are those third party integrations, whether it's the Salesforce breach that we saw, workday incidents, the Notepad++ supply chain operations, npm attacks, you know, there's numerous examples kind of every month. And so really looking at what your environment connects to and what permissions you're giving those kind of third party integrations and and how much you are confident in those in the defenses and security of of um those organizations and software supply chains that you connect to I think is for me probably the the biggest concern and probably something we'll see more examples of over the coming [snorts] year. It's it's interesting that one one of the things about AI that we're seeing is hey one person can be like a one billion company one of these days Molton said that maybe it will be in recent months but for attackers that's also the case one person just a few people can actually do an industry as we say in this uh in this report in terms of industrialization actually creating more processes to attack even more at scale that's really scary even The fishing numbers are really scary in terms of supply chain sabotage and things like that. Also really interesting to to see scary but but interesting at the same time in a way. Anything we want to add specifically about main takeaways from the report we haven't done. So Brian, I don't have anything to add to the report except that uh Chris and I spent a lot of time and so did a lot of other people trying to decide what's important and coming up with ways to distill that for a very broad audience. I'm really excited about the report and proud of it and I hope you know our our customers and partners around the world will receive it well. Makes sense. Anything to add Chris there? Actually I have one uh but about identity and infrastructure what's now the primary target is that one or the other? Are we officially in the attack this the session era? In my opinion, they're not mutually exclusive. In cyber crime especially, I see there's specializations in different approaches. One cyber criminal enterprise might uh have learned something important about um identity services that makes that um makes them uniquely positioned to succeed as a criminal in that space. Others uh have spent more time uh compromising infrastructure, using compute on someone else's dime. Makes sense. Anything you want to add there, Chris? No, I think just one other um takeaway as a a slight tangent to to what we were just discussing was like Brian said, we we look across a number of wide range of different threat actors and activity. And um importantly, we are well positioned to actually disrupt that as well and not just identify emerging threats, but actually work with partners, whether it be other security vendors or organizations or law enforcement to actually um actually disrupt these operations and and ultimately see if we can um give the attackers a harder day than the defenders. And you know, we touched on a few few examples there in terms of the cyber crime space, but we've also done in in the the AP space as well. Uh, and I think it's it's important to work together as a community to um to understand the the breadth of these campaigns and and all the different components going into them. Like for example, you know, we continue to see like the evolution of the the kind of Chinese state sponsored threat actors and their activity and their stealth capabilities through 2025, but actually towards the back end of 2025. We work with partners to um to disrupt Konzi to otherwise known as as Mustang Panda and one of the Chinese state sponsored threat actors there. Uh so we we terminated over 20 uh malicious Cloudflare counts over 400 domains, neutralized around uh 90 different kind of core assets. So that's C2 domains or proxies or uh infrastructure being used to to deliver payloads. um actually making sure that we're not just recognizing and identifying these these attacks, but actually doing something to disrupt them. Makes sense. Regarding the the call to action perspective, we we have of course our thread research available online in our website. I'll post the the link here for those who want to be interested. anything that we should highlight about what people can do with some of this information other than seeing the the report about threat intelligence, managed defense, cyber response and readiness. Yeah, I think if if you have already um a security organization maybe under the CISO at at your enterprise that is already collecting based on priorities or you know collection requirements then I hope this report will help them maybe decide what investments to make in cyber security, what things to anticipate in the coming year and for a retrospective looking back on maybe all the data that they have available. in the enterprise to see if maybe some of these problems have crossed uh you know their boundaries. Yeah. Sorry for the ramble there. Makes sense. No worries. Anything you want to add Chris there? No, I think that's a that's a a good summary. Okay, I think we're we're done here. Many things for people to explore in the report, the actual report where there's many more details on the attackers and solutions as well. So, thank you Chris. Thank you Brian. And that's a wrap. Thanks. Thanks a lot.