Man
Professional
- Messages
- 3,070
- Reaction score
- 606
- Points
- 113
FIN7, a notorious and financially motivated hacking group, is employing new tactics to lure unsuspecting internet users with malware-laden websites that masquerade as deepfake "Deepnude" tools. A recent report from Silent Push reveals that this Russia-based group operates these malicious sites under the aiNude[.]ai brand, specifically designed to attract individuals seeking tools to generate deepfake images.
Victims are enticed by offers for free downloads of a 'Deepnude Generator' and a free trial version. However, clicking on either option leads users to malicious domains that deliver harmful payloads.
Those who choose the “free download” option are redirected to a page with a Dropbox link or another source that hosts the malware, though the exact nature of the malicious payload remains unclear. Meanwhile, users opting for the “free trial” are prompted to upload an image, after which they receive misleading messages indicating that their trial is ready for download.
The deceptive process continues as users are asked to agree to a prompt stating that the access is for personal use only. If they click ‘Download,’ they unwittingly receive a zip file containing a malicious payload.
This particular FIN7 malware is a variant known as Lumma Stealer, which utilizes a DLL side-loading technique for execution. Silent Push also noted that the group has been observed deploying other malware types, such as the Redline Stealer and D3F@ck malware-as-a-service loader, as part of this campaign.
To ensure their sites gain maximum visibility, FIN7 is believed to be employing search engine optimization (SEO) tactics to rank their AI deepnude sites at the top of search listings, effectively increasing the likelihood of attracting victims. Additionally, Silent Push uncovered a second campaign run by FIN7, which covertly distributes NetSupport RAT malware through lookalike websites. These sites often require visitors to install a browser extension and spoof well-known brands like SAP Concur, Microsoft, and Thomson Reuters.
Victims are drawn to these fraudulent sites through malvertising, significantly increasing the risk of malware infection. This multifaceted approach highlights the evolving strategies of cybercriminals like FIN7, making it crucial for users to be vigilant and cautious online.
Don't look for nudes mf.
Victims are enticed by offers for free downloads of a 'Deepnude Generator' and a free trial version. However, clicking on either option leads users to malicious domains that deliver harmful payloads.
Those who choose the “free download” option are redirected to a page with a Dropbox link or another source that hosts the malware, though the exact nature of the malicious payload remains unclear. Meanwhile, users opting for the “free trial” are prompted to upload an image, after which they receive misleading messages indicating that their trial is ready for download.
The deceptive process continues as users are asked to agree to a prompt stating that the access is for personal use only. If they click ‘Download,’ they unwittingly receive a zip file containing a malicious payload.
This particular FIN7 malware is a variant known as Lumma Stealer, which utilizes a DLL side-loading technique for execution. Silent Push also noted that the group has been observed deploying other malware types, such as the Redline Stealer and D3F@ck malware-as-a-service loader, as part of this campaign.
To ensure their sites gain maximum visibility, FIN7 is believed to be employing search engine optimization (SEO) tactics to rank their AI deepnude sites at the top of search listings, effectively increasing the likelihood of attracting victims. Additionally, Silent Push uncovered a second campaign run by FIN7, which covertly distributes NetSupport RAT malware through lookalike websites. These sites often require visitors to install a browser extension and spoof well-known brands like SAP Concur, Microsoft, and Thomson Reuters.
Victims are drawn to these fraudulent sites through malvertising, significantly increasing the risk of malware infection. This multifaceted approach highlights the evolving strategies of cybercriminals like FIN7, making it crucial for users to be vigilant and cautious online.
Don't look for nudes mf.
