Behind the Curtain: How Hackers Hijacked n8n’s AI Automation for Stealth Malware Attacks

It started with a flurry of emails - seemingly innocent, cleverly disguised, and bearing the familiar trappings of trusted digital infrastructure. But behind the scenes, cybercriminals were orchestrating a new breed of attack, weaponizing the n8n automation platform’s webhooks to deliver malware with surgical precision. For months, the invisible war raged on, with threat actors blending seamlessly into the workflows of modern business.

AI automation platforms like n8n have become indispensable for businesses seeking to connect apps and streamline operations. By integrating tools like Slack, Gmail, and even advanced AI models such as GPT-4, these platforms offer unprecedented efficiency. But their very flexibility - and the ability to host customizable webhooks - has presented cybercriminals with a golden opportunity.

According to Cisco Talos researchers, the abuse began in late 2025. Hackers embedded n8n-generated webhook URLs in phishing emails, making malicious payloads appear to originate from a trusted, legitimate source. These webhooks are typically intended to automate real-time data transfers, but in the wrong hands, they become chameleons - adapting their behavior based on the victim’s device or browser.

In one campaign, victims received emails claiming to share Microsoft OneDrive folders. Clicking the link led to a convincing CAPTCHA page, after which a file named “DownloadedOneDriveDocument.exe” was downloaded. Instead of a document, victims installed a modified Datto Remote Monitoring and Management tool, granting attackers persistent remote access. Another variant disguised itself as a “Document Reader,” dropping a weaponized MSI installer that quietly exfiltrated sensitive data while displaying a fake error message.

The deception didn’t stop at malware. Attackers also leveraged n8n’s webhook URLs to embed invisible 1×1-pixel images in emails - tiny tracking pixels that, when loaded, sent back information about the victim’s device, location, and email activity. This reconnaissance allowed criminals to build detailed profiles for future attacks, all under the radar of conventional security tools.

The lesson is clear: as organizations embrace AI-driven automation, the platforms they trust are now double-edged swords. The same tools that fuel productivity can serve as launchpads for sophisticated cybercrime. Security teams must treat these systems as both assets and potential threats - monitoring for suspicious webhook traffic, tightening email defenses, and educating users about the dangers of seemingly benign automation links.

In the escalating arms race between automation and exploitation, vigilance is the price of progress. The future of work may be automated, but so, it seems, is the future of cybercrime.

WIKICROOK

• Webhook: A webhook is a way for software to instantly send data or alerts to another application’s web address when specific events happen.
• Phishing: Phishing is a cybercrime where attackers send fake messages to trick users into revealing sensitive data or clicking malicious links.
• Payload: A payload is the harmful part of a cyberattack, like a virus or spyware, delivered through malicious emails or files when a victim interacts with them.
• Device Fingerprinting: Device fingerprinting gathers unique details from your device to identify or track it online, often used for security, advertising, or bypassing privacy controls.
• Remote Monitoring and Management (RMM): Remote Monitoring and Management (RMM) are IT tools that let professionals remotely control, monitor, and maintain computers - helpful for support, but risky if misused.