In a worrying trend, cybercriminal groups are exploiting the popularity of generative AI technology to deceive unsuspecting people and infect their systems with malware through elaborate advertising campaigns on Facebook.
According to a recent blog from cybersecurity researchers at Bitdefender, malicious actors have hijacked Facebook profiles and pages to run sponsored ads impersonating official desktop versions of popular AI software like Midjourney, DALL-E 3, ChatGPT, and others. These malicious advertisement campaigns were meticulously designed with convincing descriptions, AI-generated videos and images to lure unsuspecting users into downloading compromised software loaded with malware.
The malicious links in these AI software impersonation ads direct victims to webpages that install an array of invasive information stealers like Rilide, Vidar, IceRAT and Nova on compromised devices. These stealers can harvest sensitive user data including login credentials, autocomplete information, payment details and cryptocurrency wallet data.
One campaign impersonating the AI image generator Midjourney had amassed over 1.2 million followers on Facebook before being shut down in March 2024 after nearly a year of active operation. However, new fraudulent pages continue to emerge, demonstrating the persistent efforts by these cybercriminals.
The Midjourney malvertising campaign primarily targeted male Facebook users in Europe aged 25 to 55, reaching an estimated 500,000 individuals across countries like Germany, Poland, Italy, France and others through Facebook’s ad network.
In Conclusion:
Cybercriminals are constantly adapting their tactics to leverage emerging technologies that can improve their deceptive practices. The increased interest in generative AI has provided a new avenue for these criminals to easily spread malware through social engineering schemes for financial gain.
This is a wake up call to take caution when encountering AI software advertisements online.
About the author:
