Cisco Talos has reported on an increase in cybercriminals using fake AI software installers to distribute ransomware and other malware. Legitimate-looking websites are set up with domain names similar to actual AI vendors, making it easy for users to be deceived. Talos discovered CyberLock ransomware and a novel malware dubbed "Numero," capable of damaging Windows systems. A related Mandiant report identified a Vietnamese group targeting AI video generator interest through malicious ads, highlighting ongoing risks in downloading AI tools without careful scrutiny.
Cybercriminals are distributing a variety of malware, including stealers, backdoors, RATs, ransomware, and destructive malware, exploiting public interest in legitimate AI tools.
Individuals, small-scale businesses, startups, and other users in established business sectors should evaluate the sources of the AI tools they download and install on their machines.
We believe we are observing an increase in cybercriminals misusing the names of legitimate AI tools for their malware or using fake installers that deliver malware.
A new Vietnam-based threat group has been exploiting people's interest in AI video generators by planting malicious ads on social media platforms.
Collection
[
|
...
]