Five Eyes probes LLM-wielding hacker-for-hire in China’s state-controlled digital underworld
Armis threat intelligence chief shares details of investigation into Chinese threat actor churning out dangerous exploits with AI.
The image of a solo hacker selling exploits to the highest bidder sounds like an inherently amoral and capitalist endeavour. But a Chinese hacker under investigation by Five Eyes-affiliated researchers has to do things differently - whether he likes it or not.
Like his home country, China's AI-optimized hacker is on board with some elements of capitalism. He is happy selling his discoveries to whoever will pay him the most. Ultimately, however, he owes allegiance to the Chinese Communist Party (CCP) and is bound by laws that require vulnerabilities to be disclosed to the Chinese government almost immediately after their discovery.
So whilst he might sound a bit like the maverick character so familiar from American cinema, this lone wolf is effectively housed, fed, and perhaps even tamed by the state. The consequences of disobedience are likely to be severe.
We gained a fascinating insight into this enigmatic individual in conversation with Michael Freeman, head of threat intelligence at Armis. His team has been gathering intelligence on the mysterious threat actor “daily" and filing it to Five Eyes intelligence agencies.
A key part of this investigation involved gaining access to the LLMs the individual in question uses to churn out “two, three, four” exploits per day. In this article, we’re following Freeman’s convention of referring to the hacker as a man.
“He works for companies you're familiar with,” the Armis threat intelligence chief says. “He is also an independent individual, so he does sell directly to the highest bidder. We have very in-depth collection capabilities that we use to understand how it plays in China culturally, as well as operationally - how they operate, the mechanisms they use to report. We can see what they're doing very clearly.
“This actor was one of the first we saw using LLMs in a very clear, concise way. He actually knew what he was doing. Others are not quite there - but will catch on very quickly.”
China weaponizes local LLMs
The Chinese hacker's sophisticated use of LLMs to generate actionable exploit code is markedly different from that of Russian operators, who tend to use large language models for blackmail, Freeman reports.
After compromising a company through conventional means, Russians typically upload internal communications, including Exchange emails, Slack messages, and other data, into an LLM to analyse relationships, identify vulnerabilities, and root out individuals who may be particularly susceptible to coercion.
Instead of misusing models to launch traditional scams, China’s LLM code whizz uses local open source models to dodge safety protocols whilst ensuring he doesn’t inadvertently leak sensitive data of his own.
“Commercial providers such as OpenAI monitor usage and apply backend guardrails; even if those systems don’t immediately block a user, they can flag activity associated with malware development, analyse it, and ultimately restrict access,” Freeman says. “He is acutely aware of that risk, which is why he runs a local LLM based on a Qwen model.”
READ MORE: China's secret surveillance tool has a strange limitation
This setup allows the threat actor to continually adapt and refine techniques as new research is published, training models on newly disclosed vulnerabilities, particularly those related to common weaknesses, bridging gaps in knowledge.
For example, if he is strong at developing Windows privilege-escalation exploits but less experienced with remote code execution against Linux daemons, he uses a model to “bridge that gap and help construct working exploits," Freeman says.
“His focus is on rapid exploitation: as soon as a new vulnerability is published, he uses the LLM to analyse what the flaw actually is and generate exploit code,” the Armis head of threat intelligence continues.
Is China outgunning America and the West?
Although the hacker he's investigating has certainly impressed Freeman, he does not believe the sophistication on display proves that America's enemies are racing ahead in the realm of cyberwarfare.
“Everybody sees China, Russia, North Korea, or Iran as big, scary boogeymen,” he says. “And yes, they are among the best in the world. But the reality of it is that the Five Eyes Western world is equally, if not way better than them, and does the same sorts of things.”
Which means offensive cyber operations. It’s more or less certain that agencies like the NSA are undertaking activities that could certainly be construed as acts of cyberwar, even though the US is unlikely to openly declare hostilities anytime soon.
READ MORE: Weapons of mass deception: Russia and China's "digital arsenals" exposed
So how would we even know a cyberwar had even begun? Would it ever verifiably erupt into open (and attributable) warfare?
“One way I look at it is through the example of the US National Security Agency,” Freeman says. “The NSA publicly ran a programme known as Tailored Access Operations, which was essentially an offensive cyber campaign. It was modelled in a very similar way to Israel’s Unit 8200 [an elite IDF cyberwar and intelligence unit]. At various points, through leaks by different sources, it was described as the most effective intelligence-gathering programme the NSA had ever operated.
“When you compare that to more traditional intelligence work – such as the CIA putting boots on the ground, recruiting assets, and running human intelligence operations – the contrast is stark. Assembling a 20-person team to target individuals in another country, identify potential recruits, and turn them can take years and requires enormous time and effort.
“Hacking into their phones is much faster, but in most countries would be considered an act of war, because you are overtly targeting another state in a very direct way.”
An open approach to security
Hacking phones is almost certainly the bare minimum of what the West is doing to target its adversaries. And clearly, the US is not going to open up about whether its intelligence agencies are quietly waging digital warfare.
But the Western security ecosystem is certainly committed to openness, an approach that yields clear benefits by allowing threat intelligence to be shared quickly and then acted on rapidly. Conversely, it's very likely that China's bureaucratic secrecy slows down the response to novel threats.
Through mechanisms such as ISACs like the NSA's “Under Advisement” program, which gathers both classified and unclassified cyber threat intelligence, defenders in the US can spot emerging attacks across sectors early and build a clearer picture of threats, giving them an edge over adversaries. Ultimately, Western threat investigators live in the private sector - but routinely share information with Five Eyes intelligence agencies to help us all stay a little safer.
However, whilst the West is ahead of its enemies now, there is only “a small window of opportunity” for defenders to maintain that lead over the next three years, Freeman concludes.
He doesn’t say it like this - but the subtext of Freeman’s advice is that if the West stays free and open, sharing intelligence quickly and tackling threats in full view, we’ll stay ahead. If we squander the benefits of freedom, the story could be very different.
