Cyber Warning: Fake AI Tools Spreading Noodlophile Malware
Artificial Intelligencefalsehoods deployed for propagating Noodlophile digital wallet-stealing malware
Be Aware! Fake AI tools are spreading Noodlophile malware on social media platforms.
This malicious software, known as Noodlophile Stealer, is designed to hijack sensitive data such as browser credentials, cryptocurrency wallet information, and more. According to Morphisec researcher Shmuel Uzan, the attackers construct enticing AI-themed platforms to trick users into downloading the malicious software.
These platforms, often advertised via Facebook groups and viral social media campaigns, may seem legitimate but are just fronts for distributing the malware. Cunning posts have garnered as much as 62,000 views from a single post alone. Some of the fake social media pages identified include Luma Dreammachine AI, Luma Dreammaching, and gratistuslibros.
Users are lured into downloading the malware by being offered seemingly free AI editing tools. They are then prompted to upload their images or videos, and asked to download what appears to be the AI tool but is actually a malicious ZIP archive called VideoDreamAI.zip. This Python binary paves the way for deploying the Noodlophile Stealer.
Certain instances have also seen the data stealer bundled with remote access trojans like XWorm for enhanced control over the host's machine and data.
Believed to be of Vietnamese origin, the Noodlophile malware is another example of the cybercrime epidemic in Southeast Asia. Historically, this region has seen a surge in the distribution of stealer software using the Facebook platform specifically.
Stay vigilant and be careful when engaging with artificial intelligence tools advertised on social media platforms. Treat every offer with skepticism and be conscious of the risk of downloading unknown files.
Edited by Stacy Elliott.
Did You Know?
- Noodlophile Stealer can access sensitive data such as browser credentials, cryptocurrency wallet details, and more.
- The malware may also include remote access trojans like XWorm, giving attackers greater control over infected systems.
- The malware is part of Malware-as-a-Service (MaaS) schemes sold on cybercrime forums, making it accessible to a wide range of attackers.
- The thriving cybercrime ecosystem in Southeast Asia, along with the use of social media, makes the region a prime target for such malware distribution.
- Cryptocurrency wallet information is among the sensitive data that Noodlophile Stealer, a malicious software, is designed to hijack.
- Some of the fake social media pages identified in the distribution of Noodlophile Stealer include Luma Dreammachine AI, Luma Dreammaching, and gratistuslibros.
- In certain instances, the Noodlophile Stealer has been bundled with remote access trojans like XWorm, granting attackers enhanced control over the host's machine and data.
- Noodlophile Stealer, believed to be of Vietnamese origin, is another example of the cybercrime epidemic in Southeast Asia.
- Users should be careful when engaging with artificial intelligence tools advertised on social media platforms to avoid downloading malicious software like Noodlophile Stealer.
