Among the latest opportunities cybercriminals have seized on, the popularity of AI image editing tools has become a prime target for distributing malware. In a classic move, attackers exploit this interest and convincingly pull users into downloading malware instead of the relevant applications.
The Cybercriminals’ Tactics
The hackers behind the attack have resorted to hijacking Facebook accounts to distribute their malware. In this case, they hack into user accounts by tricking the owners into divulging their login credentials. Once inside, the attackers use the accounts to post ads touting their fake AI image editors.
These advertisements redirect users to websites that resemble the legitimate websites of some popular AI photo editing tools. The users are then tricked into installing malware, thinking it is a legitimate application for editing photos with AI. The campaign came with a software package masquerading as an AI image editor, which in reality utilizes the tool Itarian remote desktop; the Itarian remote desktop tool deploys the Lumma Stealer malware on the victim’s device.
Impact of Lumma Stealer Malware
After infection, the malware of Lumma Stealer scans an infected user’s device in search of highly valued data: cryptocurrency wallet information, credentials, files of password managers, browser data, etc. All this harvested sensitive information is either sold on the dark web or leveraged to further compromise more accounts for a variety of scams.
Safeguarding Yourself From These Risks
Jaromir Horejsi, a threat researcher for Trend Micro who analyzed this campaign, offers several recommendations for staying safe:
- Multi-Factor Authentication (MFA): Additional security within all social media accounts will prevent it from getting accessed by unwanted eyes.
- Educate on Dangers of Phishing: Organizations need to educate their employees how to identify and avoid such phishing attempts.
- Check Link Legitimacy: Check that links are real, especially those asking for personal information or login details.
With these tips, users will be better at preventing themselves from becoming victims of such cyber attacks.
Conclusion
Knowing that AI image editing tools, because of their great popularity, have just entered the crosshairs of cybercriminals, one should be at a vantage point to maintain vigil, coupled with security measures like MFA and education on phishing, toward the safekeeping of personal information from malicious software. Be informed, be cautious, and protect your digital life against these ever-evolving threats.
