Hackers have devised a new scheme to promote fake AI services like OpenAI’s Sora, DALL-E, and Midjourney. Exploiting Facebook’s Sponsored ad system, they are targeting unsuspecting users with promises of exclusive previews of upcoming AI features. These malicious campaigns involve hijacking Facebook pages to impersonate legitimate AI services, enticing users to join fake communities where malware lurks.
Once users click on these ads, they are directed to join Facebook communities where hackers share seemingly legitimate AI-generated images. Subsequently, hackers post fake announcements offering limited-time access to upcoming AI services, laden with links to malware-infected executables like Rilide, Nova, Vidar, and IceRAT.
These malware strains are notorious for stealing sensitive information such as stored credentials, cryptocurrency wallets, credit card details, and more. This stolen data is either sold on the dark web or used by attackers for further scams.
Researchers at Bitdefender discovered a Facebook page impersonating the popular AI-powered text-to-image generator Midjourney, boasting over 1.2 million followers before it was disabled by Meta. Hijacked pages, some accumulating over 600,000 members, continue to spread malware-laden posts, despite Meta’s efforts to shut them down.
To protect yourself from such scams, remember that genuine AI services like Midjourney, ChatGPT, Sora, and DALL-E are exclusively available online and do not offer desktop versions. Be wary of unknown links, pop-ups, or downloads from untrusted sources. If you suspect malware infection, install antivirus software and enable two-factor authentication to safeguard your online accounts. Stay vigilant to avoid falling victim to these deceptive tactics.