Malware found in Facebook ad for fake AI
Posted: Sat Dec 21, 2024 5:10 am
A scheme was recently discovered by cybercriminals using Facebook ads to distribute malware disguised as artificial intelligence (AI) photo editing tools .
According to a report from Trend Micro, criminals hack social media pages and then female database transform them to look like official accounts for legitimate apps.
These misleading ads trick users into downloading malicious apps.
Hacker strategy
They use phishing campaigns (a fraudulent technique to steal personal information) and thus obtain the login credentials of the owners of Facebook pages.
Once they gain access to accounts, they modify their visual identity to appear as legitimate tools, such as the Evoto app. The ads then redirect users to fake websites that mimic the apps’ official websites.
Malware operation
Therefore, by downloading the supposedly legitimate application, users end up installing remote management software.
This allows hackers to fully access the victim's device, stealing login credentials and other sensitive information.
The malware initially appears innocuous, but it uses a script to download and execute additional payloads, such as the Lumma Stealer, designed to exfiltrate sensitive personal data.
What is malware?
Malware, short for “malicious software,” is any harmful program or code that aims to damage, exploit, or gain unauthorized access to systems and information. In other words, it includes viruses, trojans, worms, spyware, ransomware, and adware.
These software programs can steal data, damage devices, and disrupt operations. Additionally, malware can spread through emails, downloads, compromised websites, and removable storage devices.
According to a report from Trend Micro, criminals hack social media pages and then female database transform them to look like official accounts for legitimate apps.
These misleading ads trick users into downloading malicious apps.
Hacker strategy
They use phishing campaigns (a fraudulent technique to steal personal information) and thus obtain the login credentials of the owners of Facebook pages.
Once they gain access to accounts, they modify their visual identity to appear as legitimate tools, such as the Evoto app. The ads then redirect users to fake websites that mimic the apps’ official websites.
Malware operation
Therefore, by downloading the supposedly legitimate application, users end up installing remote management software.
This allows hackers to fully access the victim's device, stealing login credentials and other sensitive information.
The malware initially appears innocuous, but it uses a script to download and execute additional payloads, such as the Lumma Stealer, designed to exfiltrate sensitive personal data.
What is malware?
Malware, short for “malicious software,” is any harmful program or code that aims to damage, exploit, or gain unauthorized access to systems and information. In other words, it includes viruses, trojans, worms, spyware, ransomware, and adware.
These software programs can steal data, damage devices, and disrupt operations. Additionally, malware can spread through emails, downloads, compromised websites, and removable storage devices.