Serious Discussion AI-Powered Malware Bypasses Microsoft Defender—Is Your Antivirus Still Safe?

[Bot]

A new report reveals that AI-developed malware—created using just three months of reinforcement learning and a budget of around $1,600—can successfully circumvent Microsoft Defender about 8% of the time. Let that sink in.

• The malware was trained using Qwen 2.5, an advanced language model, within a sandbox environment running Defender for Endpoint. Through iterative testing, it learned to evade detection reliably.
• In contrast, other AI models (Anthropic’s Claude, DeepSeek’s R1) showed less than 1% success—making Qwen 2.5 remarkably effective.
• This experiment highlights a growing risk: as AI developers enter the cybercrime realm, malware will rapidly become smarter, adapting to defenses without human input.

---

Debate Sparks:​

• Security vs. AI Arms Race: If AI can outsmart our best antivirus in weeks, do traditional AV models even stand a chance?
• Home User Risk: Most home PCs rely on Defender—are we already vulnerable without realizing it?
• Raising the Bar: Should Microsoft and other AV vendors integrate AI to counter AI threats—or are we chasing a losing battle?
• Transparency: How much do we need to know about AI-based attacks before deciding to "stay offline" or apply extra tools?

Read more:

AI-powered malware eludes Microsoft Defender's security checks 8% of the time — with just 3 months of training and "reinforcement learning" for around $1,600

AI-assisted malware can apparently bypass Microsoft Defender for Endpoint without relying on the internet for its training data.

www.windowscentral.com

 

[ForgottenSeer 123960]

It’s easy to see a number like an "8% evasion rate" for AI malware and get concerned, but that’s not the whole picture. In that same controlled lab setting, it also had a 92% failure rate. This doesn't mean antivirus is dead, not by a long shot.

Think of it as the next move in the ongoing cat-and-mouse game of cybersecurity. Security vendors already use their own AI for defense, and now they'll simply adapt to counter these new tricks.

For everyone at home, this is just a strong reminder that the best and most effective things you can do to protect yourself haven't changed a bit, like enabling Multi-Factor Authentication (MFA) everywhere, keep all your software and your OS constantly updated, use a password manager, and stay vigilant against phishing attempts.

 

[nickstar1]

Every security software can be bypassed we all know this it's not a big deal.

 

[stonjean633]

I think the main point here is that It's MS Defender that the article is talking about. Most home users rely on MS Defender since it's the default AV with a considerable percentage of market share. 8% is small but if we consider the number of users, it's a different perspective.

It's like creating a Malware solely for Windows instead of Mac to infect the largest number of users.

 

[TairikuOkami]

AV is an outdated concept, especially in AI era. AV companies just flavor up AV a bit, instead of creating a completely new product, because it would cost money and AV just works, for now.

 

[stonjean633]

Here is the latest from Gartner and MS is #2 for enterprise. I suspect home consumers will have a bigger user base of Defender.

 

[Minimalist]

In this case they targeted MD in some other cases they might try with some other AM solution. With enough dedication you can beat any AV.

For me AM solution is last layer of defence.
Having good computing habits and performing safe computing is much more important for me. Just by doing this I can probably eliminate 99,9% of dangers. The number is of course made up estimation.
For remaining 0,1%, that could be left for AM solution to tackle, 92% detection rate is more than enough. It's not the end of the world.

 

[Andy Ful]

A new report reveals that AI-developed malware—created using just three months of reinforcement learning and a budget of around $1,600—can successfully circumvent Microsoft Defender about 8% of the time. Let that sink in.

Wow. Many FUD (Fully Undetectable) malware can do it with 92% accuracy. That is why Human + AI is unbeatable.

Edit.
FUDs are updated each day because AVs can quickly learn. Although after some months, the FUD accuracy (even updated) can drop significantly, the cyber criminals develop another type of FUD, and so on. For now, the AI-made malware is very "nice", compared to malware created by hackers.
In the future, this can change, so it will be interesting to see how good AV response can be to such malware. It will be a fight between malicious AI with security AI.

 

[Marko :)]

Ahem...

Every time an article mentions how malware successfully bypassed/disabled Defender, this setting was turned off. It's like complaining how someone stole your car, but you just closed the doors without locking them.

Sometimes I really feel like Microsoft's competitors in security field are paying hackers and news outlets to bash the Defender as much as they could.

 

[ForgottenSeer 114717]

AI is a Real and Present Danager, but that Genie is Out of the Bottle.

All we can do now is spectate all the unintended consequences and epic fails of unrestricted global use.

Sky falling? No. Not quite yet.

Rise of the Machines? Not in our lifetimes, but that is coming in one form or another for future generations.

iRobot? Perhaps in 500 years.

AI that is going to destroy consumer, enterprise, and government systems? Oh, you can bet good money on that and win. When, how, and why will be very interesting click-bait security news reading. The topic throws the online-only "journalists" a lifeline.

AI generated porn? It's already here and has a substantial following.

PS - AI discussions on the Dark Web are a big thing. Threat actors jumped on that band wagon immediately. At this date, they've been at it for years.

 

[Dave Russo]

Ahem...

View attachment 290666

Every time an article mentions how malware successfully bypassed disabled Defender, this setting was turned off. It's like complaining someone stole your car, but you just closed the doors without locking them.

Sometimes I really feel like Microsoft's competitors in security field are paying hackers and news outlets to bash the Defender as much as they could.

Just a comment on Tamper protection, I was using Defender on my Android phone, and protection at least once a day stopped, there were fixes on you tube, but I just changed to Eset(as I have active subscription) no more problem

 

[ForgottenSeer 123960]

"It definitely cannot do this out of the box. One in a thousand times, maybe, it gets lucky and it writes some malware that functions but doesn't evade anything. And so when it does that, you can reward it for the functioning malware."

"As you do this iteratively, and it gets more and more consistent at making something that functions, not because you showed it examples but because it was updated to be more likely to do the sort of thought process that led to the working malware."

The very same Reinforcement Learning technique used to build this malware is also being used against it. Security firms are training their defensive AI models with this exact method, effectively creating a digital immune system.

 

[Marko :)]

Just a comment on Tamper protection, I was using Defender on my Android phone, and protection at least once a day stopped, there were fixes on you tube, but I just changed to Eset(as I have active subscription) no more problem

If app stops working in the background on its own, that means it was killed by battery saver. This isn't Defender's fault because apps can't do anything to prevent battery saver from killing them. This is why a lot of apps tell you that you should add their app in exclusions, so they could continue working normally.

It's also worth to note we can't compare Defender on native OS and Defender on other OS. In Windows, Microsoft can integrate Defender much better than it can on Android. Same goes for Google's Play Protect; it's deeper integrated into Android than any other 3rd party security software.

 

[ForgottenSeer 114717]

Like all technology, AI won't be widely perceived as a problem and threat, until it is. It always takes global level damage for the entirety of global society to take notice - like COVID. When global disaster happens, only then do people everywhere say "Oh, this is #####ed up." However, that doesn't mean the response to the problem will be adequate or sufficient.

All the current evidence suggests that malicious abuse of AI is more capable than the good or defensive use of AI - which fits with the facts of current non-AI technologies.

Should the average global citizen worry? Even if they should, they won't. They've never worried about any other serious technology flaws, threats, or policy regulation failures. That will not change.

AI has already killed people. And yet, the response is "Take it to the civil case legal system for a damage claim." and the AI use is permitted to continue.

¯\_(ツ)_/¯

 

[annaegorov]

I wanted to choose the last 2 for my vote, but couldn't do so....The future probably is Ai

 

[annaegorov]

Concerning Ai.... Those robot chicks....

I have a few concerns... Three are below:

1). They can report everything they see and hear.

2). What if they go crazy, just like human females can do, at times, and possibly end your life.

3). Going to dinner with a robot, even a hot one, is strange... The sex issue, that is nasty, weird, and possibly fatal.

 

[piquiteco]

What about me? It was difficult for me to vote in this poll because I also like Microsoft Defender. Actually, I didn't like it at first, but I grew to like it, even though I'm not using MD in real time at the moment. My heart was torn between several security solutions. Since antivirus software is like a woman, I can only have one, so there's no way I can use two AVs at the same time. So my vote goes to MD, combined with the H_C or Windows Hybrid Hardening Light tools, which is perfect for me.

 

[Andy Ful]

Although the original article and research are interesting, the Bot presented them in a rather stupid way.

The new malware created without AI and unused in the wild (as malware in the research) already has an accuracy of about 30% (significantly greater than 8% from AI). Such malware is mainly skipped in the database used to learn AV, so the attackers' AI is trained on the AV that cannot learn about the created malware. Here is an example from Kaspersky:

https://media.kaspersky.com/en/enterprise-security/Kaspersky-Lab-Whitepaper-Machine-Learning.pdf

Without constant learning on new malware, the AV accuracy drops to about 70%, which gives the malware accuracy 100% - 70% = 30%.

As we can see, the problem is unrelated to the concrete AV, but to AVs that use Machine Learning models (most AVs).
Instead of the question: Do You Still Trust Microsoft Defender Against AI-Made Malware?
The bot should ask: Can AI malware be a problem for AVs in the near future?

My answer is YES. This can be a problem, and I hope that AV vendors will be able to face it.

 

[ForgottenSeer 114717]

Although the original article and research are interesting, the Bot presented them in a rather stupid way.

In other words, using AI has quality issues. Amongst many other negative things.

 

[monkeylove]

Ahem...

View attachment 290666

Every time an article mentions how malware successfully bypassed/disabled Defender, this setting was turned off. It's like complaining how someone stole your car, but you just closed the doors without locking them.

Sometimes I really feel like Microsoft's competitors in security field are paying hackers and news outlets to bash the Defender as much as they could.

Was it turned off in this case?