Cybercriminals have developed a fake installer for the Chinese AI model DeepSeek-R1 that is infected with a new malware, BrowserVenom. This malware redirects browser traffic through an attacker-controlled server, allowing the perpetrators to steal sensitive information such as login credentials, session cookies, and financial data. The campaign has infected computers in various countries, including Brazil and India, and exploits the rising interest in AI through phishing schemes. Google has since suspended the malicious ads promoting the URL linked to this malware's distribution, but Kaspersky warns that this method remains a significant global threat.
The malware BrowserVenom redirects browser traffic through an attacker-controlled server to steal sensitive data, posing significant threats to digital security and privacy.
Kaspersky warns that while this malware is new, the tactic of phishing for AI-related interests to seed malicious software is increasingly common among cybercriminals.
Collection
[
|
...
]