Generative AI is currently experiencing a bit of a boom in the tech world, with new and potentially interesting AI tools appearing on a regular basis, enticing everyday users to try out the latest AI software.
But just because AI is all the rage right now doesn’t mean that every AI tool you encounter is legitimate. Quite the opposite, in fact: Bad actors will always try to take advantage of whatever’s popular at the time, and current AI trends make potential AI users especially vulnerable to hackers and scammers.
Android users beware! Text message-stealing malware targets smartphones to access user data
for example, New reports Trend Micro research has found that bad actors are using a tried-and-true technique: weaponizing Facebook ads to lure AI users into downloading malware disguised as an AI photo-editing tool.
Malware disguised as AI software
Mashable has previously reported on how online criminals are using hacked Facebook pages to scam victims.
Mashable Lightspeed
Scammers are using these Facebook ads to Advertise products that are never delivered To the buyer. The hacker Rebranding stolen Facebook page They are made to look like official accounts from companies like Google and Facebook’s parent company Meta in order to trick users into downloading malware.
Bad actors are now updating this tactic, spreading malware under the guise of AI image editing tools.
(Update: Meta has responded) Scammers are using Meta’s copyright removal tool against influencers
According to a Trend Micro report, scammers are using basic phishing campaigns to trick page owners into handing over their login credentials. Once they gain access to an already-established account, the scammers rebrand the Facebook page as an AI photo editing tool. In the case analyzed by Trend Micro, the scammers posed as Evoto, a genuine AI photo editing tool.
After rebranding the stolen pages as Evoto, the scammers ran paid Facebook ads through them, directing users to fake websites where they could download an AI photo editing tool. Of course, the targets weren’t downloading AI software; in this case, the unwitting victims were downloading endpoint management software, which gives attackers remote access to the device. From there, the hackers could steal users’ login credentials and other sensitive data.
Social media users should be wary of unknown downloadable software promoted through ads on the platform, as it is highly likely to be disguised malware.
