Cybercriminals are exploiting the AI boom by distributing fake installers for popular tools like ChatGPT and InVideo AI, infecting users with ransomware and data-wiping malware.
These attacks are not just about stealing data—they're about undermining trust in the very tools that drive modern business.
According to The Hacker News, attackers are leveraging fake websites, such as novaleadsai[.]com, to distribute malware disguised as legitimate AI tools.
 Using a VPN like NordVPN encrypts your internet connection, making it harder for hackers, data brokers, or nosy networks to see what you’re doing or steal your info.
These sites often use search engine optimization (SEO) poisoning techniques to appear credible.
Once users download and execute the malicious installers, they unwittingly deploy threats like CyberLock ransomware, which encrypts files and demands a $50,000 ransom in Monero, and Lucky_Gh0$t ransomware, a variant of the Chaos ransomware series.
Another malware, dubbed Numero, manipulates the graphical user interface components of Windows systems, rendering machines unusable.
These campaigns primarily target professionals in business-to-business sales and marketing sectors, exploiting the widespread adoption of AI tools in these industries.
The attackers' methods are sophisticated, utilizing living-off-the-land binaries like cipher.exe to hinder forensic recovery of deleted files.
This surge in AI-themed cyberattacks underscores the need for heightened vigilance.
Users should be cautious when downloading AI tools, ensuring they source software from official websites and verify the authenticity of installers.
Employing reputable antivirus solutions and keeping systems updated can also mitigate risks.
As AI continues to integrate into various facets of business and daily life, understanding and addressing these emerging threats is crucial to maintaining cybersecurity.
|
