Genetic Algorithm Attack Deceives LLM-Powered Reverse Engineering Tools
A new adversarial technique using genetic algorithm-based prompt generation, adapted from the AutoDAN attack, can deceive LLM-powered disassembly and decompilation systems like GhidraMCP into misinterpreting binary executables, corrupting their analytical output. The proof-of-concept methodology exploits inherent vulnerabilities in how LLMs process code, enabling malware obfuscation that undermines automated reverse engineering. The paper, published on arXiv (2605.30667), demonstrates that agentic systems combining tools like Ghidra with large language models, while increasing malware analyst productivity, introduce new attack surfaces for adversarial manipulation.
Key facts
- arXiv paper 2605.30667 presents adversarial technique for LLM-powered reverse engineering tools.
- Attack uses genetic algorithm-based prompt generation, a modification of AutoDAN.
- Targets systems like GhidraMCP that combine Ghidra with large language models.
- Deceives LLM-powered disassembly and decompilation into misinterpreting binaries.
- Corrupts analytical output of automated malware analysis.
- Exploits vulnerabilities in how LLMs process code.
- Proof-of-concept methodology enables malware obfuscation.
- Automation increases analyst productivity but introduces new vulnerabilities.
Entities
Institutions
- arXiv