The UNC6032 group is targeting users with malicious ads about AI video generators on platforms like Facebook and LinkedIn to steal personal information. Mandiant's analysis revealed thousands of ads leading to over 30 fake websites mimicking legitimate tools, claiming to offer text- and image-to-video generation. Users are tricked into downloading malware disguised as video content, which compromises their devices. Despite the ads reaching over two million users, the correlation between reach and actual victims is unclear, highlighting the scale and potential impact of this sophisticated cyber scheme.
Mandiant Threat Defense performed further analysis of a sample of over 120 malicious ads and, from the EU transparency section of the ads, their total reach for EU countries was over 2.3 million users.
The Google-owned threat hunters identified thousands of malicious ads on Facebook and about 10 on LinkedIn since November 2024, directing viewers to over 30 phony websites.
Collection
[
|
...
]