Activity observed to distribute malware by hijacking Facebook accounts and pretending to provide AI services such as ChatGPT
It has been discovered that existing Facebook accounts have been hijacked, and while posing as AI services such as ChatGPT and Midjourney, they distribute AI-generated images and news content, ultimately leading users to become infected with malware. It has been found that accounts with as many as 1.2 million followers have been used for fraud.
AI meets next-gen info stealers in social media malvertising campaigns
Fake Facebook MidJourney AI page promoted malware to 1.2 million people
An investigation by researchers working on the security software Bitdefender has uncovered malware distribution activities disguised as Midjourney , Sora , DALL-E 3 , Evoto , ChatGPT , and others.
Malicious actors first take over Facebook accounts and set up the account profiles as if they were official for various AI services. They then post AI-generated images, videos, news, etc., and use Facebook ads to attract users and trick them into downloading malware under the guise of offering new features.
The malicious actor created a site that looked like the official Midjourney page and included a link to the file-sharing service GoFile. If the user runs the malware, it will collect credit card information, cryptocurrency wallet information, various account authentication information, autocomplete information, and other information.
Users who are fooled by Facebook ads from fake sites become members of the Facebook community without realizing that they are fake, and inadvertently access information that catches their eye, such as 'coming soon.' When the researchers tracked the ads, they found that about 500,000 people in Europe alone had accessed the ads from the fake accounts.
These fake ads were made 'creative' by AI.
According to researchers, they have found a fake Midjourney account with about 1.2 million followers. This fake Midjourney account was shut down on March 8, 2024, but it had been active for nearly a year.
It is unclear how the attackers hijacked the accounts, but the fake Midjourney accounts were apparently managed by multiple individuals, and it is possible that authentication information was leaked from somewhere.
'With so much interest in AI right now, these campaigns can be surprising in some cases, and it's not easy for people to tell the difference between real and fake. The fact that these campaigns were successful highlights the sophistication of social media advertising strategies and the fact that users who come into contact with online ads should be wary,' said BleepingComputer, a technology media outlet.
Related Posts:
in Software, Web Service, Security, Posted by log1p_kr