An ugly duckling has appeared among AI lovers.
Cybercriminals distribute fake versions of ChatGPT, Google Bard, Midjourney, and Jasper on Facebook*, which are designed to steal passwords, cryptocurrency wallets, and other sensitive information.
A new malware campaign discovered by Check Point Research (CPR) involves attackers creating fake pages or groups of popular companies , publishing attractive content, and then encouraging users to click on links containing malware. Many of the fake pages offer tips, news, and improved versions of the Google Bard or ChatGPT chatbots. Users often don't even know that this is a scam.
The malware in this campaign is designed to steal various types of information from all major browsers, including cookies, bookmarks, browsing history, and passwords. The malware also targets cryptocurrency wallets and steals FTP accounts from Filezilla and sessions from various social networks and gaming platforms.
The stolen data is combined into a single archive and uploaded to the Gofile file sharing site. The infostealer then sends a message to Discord with information about all the data collected, along with a link to access the archive with the stolen data.
The growing public interest in AI-based solutions has led attackers to take advantage of this trend to spread malware. This surge in hacking activity can be attributed to the expanding shadow markets, where Initial Access Brokers (IAB) specialize in buying and selling access to compromised systems.
Cybercriminals distribute fake versions of ChatGPT, Google Bard, Midjourney, and Jasper on Facebook*, which are designed to steal passwords, cryptocurrency wallets, and other sensitive information.
A new malware campaign discovered by Check Point Research (CPR) involves attackers creating fake pages or groups of popular companies , publishing attractive content, and then encouraging users to click on links containing malware. Many of the fake pages offer tips, news, and improved versions of the Google Bard or ChatGPT chatbots. Users often don't even know that this is a scam.
The malware in this campaign is designed to steal various types of information from all major browsers, including cookies, bookmarks, browsing history, and passwords. The malware also targets cryptocurrency wallets and steals FTP accounts from Filezilla and sessions from various social networks and gaming platforms.
The stolen data is combined into a single archive and uploaded to the Gofile file sharing site. The infostealer then sends a message to Discord with information about all the data collected, along with a link to access the archive with the stolen data.
The growing public interest in AI-based solutions has led attackers to take advantage of this trend to spread malware. This surge in hacking activity can be attributed to the expanding shadow markets, where Initial Access Brokers (IAB) specialize in buying and selling access to compromised systems.
