Russian hackers are using fake AI websites to steal sensitive information, including cryptocurrency wallet details.
According to a report from cybersecurity firm Silent Push, the hacking group behind the attack, known as FIN7, created deceptive websites that promise AI-generated non-consensual nude images but instead distribute malware.
These fake AI websites lure users by offering seemingly legitimate services that allow individuals to upload images and generate deepfake content. However, when users attempt to download the promised images, they are directed to a Dropbox link that either fails to work or delivers malware to their devices. The malware deployed, identified as RedLine and Lumma Stealer, is designed to collect sensitive data, including login credentials and cryptocurrency wallet information.
Silent Push’s senior analyst, Zach Edwards, explained that this scheme primarily targets tech-savvy users who are interested in AI-based tools. The hackers behind FIN7 have employed effective search engine optimization (SEO) tactics to ensure that their fake websites rank highly on search results, making it easier for users to fall into the trap.
At least seven of these malicious websites have been identified by Silent Push, including “aiNude.ai,” “easynude.website,” and “nude-ai.pro.” Although these sites have been taken down, cybersecurity experts are advising users who visited them to assume that their devices have been compromised. The malware installed can silently extract sensitive information, particularly focusing on crypto wallets.
FIN7 has a long history of cybercrime and is linked to ransomware groups such as DarkSide and BlackMatter, which have been responsible for several high-profile attacks. These groups have been known to demand large ransoms, such as the $20 million demand from UnitedHealth in a previous attack.
The sophisticated phishing tactics employed by FIN7 involve creating websites that look professional and credible. Users are encouraged to upload images to generate deepfakes, but instead, they are met with malware that compromises their devices. The hackers’ ability to disguise these sites as legitimate platforms, combined with their SEO tactics, has made it difficult for users to recognize the threat until it is too late.
ShibaCon, a vision of Shiba Inu creator Ryoshi, is set to make history in Thailand. Join the movement and be part of this landmark event in November. Tickets are available now at shibacon.shib.io.
Read More
- BingX Exchange Suffers $26 Million Hack, Suspends Withdrawals
- Another Security Breach: Decentraland X Account Compromised
- India’s WazirX Exchange Breached, Hacker Siphons Off $230M in Crypto
Lawrence does not hold any crypto asset. This article is provided for informational purposes only and should not be construed as financial advice. The Shib Magazine and The Shib Daily are the official media and publications of the Shiba Inu cryptocurrency project. Readers are encouraged to conduct their own research and consult with a qualified financial adviser before making any investment decisions.