A newly discovered advanced persistent threat group, known as Armored Likho or Eagle Werewolf, is utilizing AI-generated malware to conduct targeted espionage against government agencies and electric power organizations in Russia, Kazakhstan, and Brazil. This group's operations are notable for their dual-track approach, simultaneously pursuing financially motivated attacks against private individuals and targeted espionage against high-value targets. The use of AI-generated malware, combined with phishing and the BusySnake Stealer, enables Armored Likho to evade detection and exploit vulnerabilities in their targets' systems. Kaspersky's threat research team has documented the group's activities, highlighting the unusual combination of financial and espionage motivations1. The involvement of state-aligned activity, particularly with ties to Russia, shifts the threat model from a purely criminal context to a geopolitical one, requiring a different approach to mitigation and response. This development matters to cybersecurity practitioners because it signals a potentially more complex and nuanced threat landscape.