Reports suggest that hackers are employing a novel strategy to endorse counterfeit AI services like OpenAI’s Sora, DALL-E, and Midjourney.
Reports suggest that hackers are employing a novel strategy to endorse counterfeit AI services like OpenAI’s Sora, DALL-E, and Midjourney. Capitalizing on the AI frenzy, malicious actors utilize Facebook’s Sponsored ad mechanism to entice unsuspecting individuals and infiltrate their systems with password-snatching malware. These malicious advertising endeavors involve commandeering existing Facebook pages to mimic prominent AI services purportedly offering a preview of forthcoming features.
Individuals who interact with these advertisements are prompted to join Facebook communities, where hackers disseminate news and AI-generated imagery to lend an air of authenticity. Subsequently, hackers publish community updates purporting to grant time-limited access to forthcoming AI services. These fraudulent community posts are replete with links to Windows executables laden with viruses such as Rilide, Nova, Vidar, and IceRAT.
For the uninitiated, these malware strains are notorious for pilfering sensitive data such as stored credentials, cryptocurrency wallet details, autofill information, credit card particulars, and cookies. Subsequently, this information is either vented on the dark web or utilized by malefactors themselves to perpetrate financial fraud or propagate further scams.
Although most of these spurious Facebook pages boast thousands of followers, Bitdefender researchers assert that a Facebook page impersonating the renowned AI-driven text-to-image generator Midjourney amassed over 1.2 million adherents. According to the researchers, the page remained active for approximately a year before Meta disabled it.
Instead of erecting new pages, hackers frequently opt to hijack existing ones. Numerous posts on these pages furnish links to download the desktop iteration of Midjourney. For those not privy to the details, Midjourney is a cloud-based AI service exclusively accessible via the official Discord channel.
Certain posts also assert that users can fashion NFTs with Midjourney and monetize these artistic creations. Regarding the spurious Midjourney page, Bitdefender researchers observed that these packages were dispensed via a genuine-looking website mimicking the official Midjourney landing page.
While Meta has since dismantled the page, hackers have already commandeered fresh pages, some of which boast over 600,000 members. Cybercriminals have been orchestrating deceitful ad campaigns impersonating popular AI services since June 2023.
Precautionary Measures Against Such Scams
Prominent AI services like Midjourney, ChatGPT, Sora, and DALL-E are solely accessible online and lack a desktop variant. Hence, encountering a post facilitating the download of these tools raises suspicions of counterfeiting.
Exercise caution when confronted with unfamiliar or dubious links, pop-ups, or downloads from unverified sources. In the event of suspected malware infiltration, contemplate installing antivirus software and activating two-factor authentication to forestall threat actors from compromising your online accounts.
In conclusion, the surge in cybercriminal activity leveraging counterfeit AI services, notably through Facebook-sponsored ads, underscores the critical need for heightened vigilance and cybersecurity awareness among users. With hackers exploiting the allure of cutting-edge AI technologies like Sora, DALL-E, and Midjourney, individuals must exercise caution when encountering suspicious links or downloads, especially from unverified sources. The prevalence of malware strains such as Rilide, Nova, Vidar, and IceRAT underscores the potential risks of falling victim to these fraudulent schemes, which can result in the theft of sensitive data and financial fraud. As such, implementing precautionary measures such as installing antivirus software and enabling two-factor authentication becomes imperative in safeguarding against these evolving threats in the digital landscape.
COMMENTS