We hid backdoors in ~40MB binaries and asked AI + Ghidra to find them
Hacker News
February 22, 2026
AI-Generated Deep Dive Summary
A recent experiment by BinaryAudit tested whether AI agents could detect hidden backdoors in binary executables, using Ghidra as a tool for reverse engineering. The study involved embedding backdoors into 40MB binaries and assessing the performance of various AI models, including Claude Opus 4.6. While the results were surprising—AI managed to detect some backdoors at a rate of about 49% in smaller binaries—they also revealed significant limitations. Most models exhibited high false positive rates, often flagging clean binaries as malicious. This suggests that while AI shows promise for binary analysis, it is not yet reliable enough for production use.
The experiment aimed to address the growing need for better malware detection tools, particularly in critical infrastructure and firmware. The researchers partnered with Michał Kowalczyk, a renowned reverse engineering expert, to create a benchmark for evaluating AI
Verticals
techstartups
Originally published on Hacker News on 2/22/2026