Skip to main content
Live Webinar with SANS (June 25)— Agentic CTI Automation for Fun & ProfitRegister Free
Mallory
Back to malware
Malware

FruitShell

FruitShell is a publicly available PowerShell reverse shell malware family observed in operations. It establishes a remote connection to a configured command-and-control (C2) server and enables arbitrary command execution on compromised hosts. Multiple sources in the content describe it as a reverse shell written in PowerShell and note that it contains hard-coded prompts intended to bypass detection or analysis by LLM-powered or AI-powered security systems. The reporting places FruitShell at AIM3 Level 2 (Adopting), characterizing it as AI-related malware that embeds prompt instructions for evasion rather than a fully autonomous capability. Google Threat Intelligence Group included FruitShell among AI-enabled malware families it analyzed and reported as observed in active operations, alongside PromptSteal and QuietVault. The content does not provide specific infection vectors, victim sectors, or concrete IOCs for FruitShell.

Share:
For your environment

Hunt this family in your stack

Mallory pivots from this family to the IOCs, detections, and named campaigns that touch your stack, and pages you when something new lands.

Start free trial
MITRE ATT&CK

Techniques & procedures

4 distinct techniques documented for this family, organized by ATT&CK tactic.

Execution

3 techniques
T1059Command and Scripting InterpreterEvidence1

“FruitShell (reverse shell designed to bypass AI-powered security)”

T1059.001PowerShellEvidence2

"FruitShell, a PowerShell reverse shell..."

T1059.004Unix ShellEvidence1

„FRUITSHELL, eine Reverse-Shell, die eine Remote-Verbindung zu einem Command-and-Control (C2)-Server herstellt… beliebige Befehle auszuführen.“

Stealth

1 technique
T1027Obfuscated Files or InformationEvidence1

"request specific VBScript obfuscation and evasion techniques"; "obfuscated version"; "expert VB Script obfuscator"

ACTIVITY FEED

Recent activity

12 sources tracked across advisories, community write-ups, and news. New activity surfaces here as Mallory finds it.

12 SOURCESView more in app
techtrenches blogNews
Feb 23, 2026
AI Agent Platforms: The Security Nightmare Nobody Sees

Reverse shell malware engineered to evade or bypass AI-assisted security controls/detections.

Read more
zdnet zero dayNews
Jan 25, 2026
10 ways AI can inflict unprecedented damage in 2026 | ZDNET

Named as an example of 'AI-enabled malware' observed/covered by Google GTIG; specific functionality not described in the provided content.

Read more
recorded future blogNews
Dec 1, 2025
AI Malware: Hype vs. Reality

PowerShell reverse shell script with LLM-aware prompt instructions, designed to bypass LLM-based analysis; primarily a penetration testing tool.

Read more
dark readingNews
Nov 26, 2025
How Malware Authors Are Incorporating LLMs to Evade Detection

Reverse shell malware that incorporates hard-coded LLM prompts to evade detection during execution.

Read more
+8 more in the timeline
What this page doesn’t show

The version that knows your environment.

This page is what’s public. Mallory adds the parts that aren’t: which of your assets match these IOCs, which detections are missing, which campaigns to expect next, and what to do in the next 30 minutes.
Start free trial
IOC matching

Match every observed IP, domain, and hash against your live telemetry.

Threat actor attribution

Named campaigns wielding this family, with evidence pinned to each claim.

Exploited vulnerabilities

CVEs this family uses for access and lateral movement.

Detection signatures

YARA, Sigma, Snort, and vendor rules, auto-deployed to your SIEM.

MITRE ATT&CK mapping4

Every documented technique, ranked by evidence weight.

Researcher chatter

Reddit, Mastodon, and CTI community discussion around this family.