Facebook is now a target for cybercriminals spreading counterfeit versions of popular AI chatbots, such as ChatGPT, Google Bard, Midjourney, and Jasper. The intention behind these fake chatbots is to deceive users into revealing sensitive information, such as passwords and cryptocurrency wallets.
Deceptive Malware Campaigns: Exploiting AI Trends
Check Point Research (CPR) discovered a new malware campaign that relies on fake pages or groups, mimicking well-known companies. The attackers use attractive content to lure users into clicking on links that contain malware. Many users are unaware of the scam and fall victim to these deceptive tactics.
The malware employed in this campaign is multifaceted, aiming to steal various types of data from major browsers, including cookies, bookmarks, browsing history, and passwords. Additionally, the attackers target cryptocurrency wallets, FTP accounts from Filezilla, and sessions from social media and gaming platforms.
To compile the stolen data efficiently, cybercriminals upload it to the file-sharing site Gofile. Furthermore, an infostyler sends a message on Discord, providing information about the collected data along with a link to access the stolen archive.
This surge in hacking activity is driven by the public’s increasing interest in AI-based solutions, creating an opportunity for attackers to exploit the trend and spread malware. The cybercrime rise is further fueled by the growth of shadow markets, where Initial Access Brokers (IABs) specialize in buying and selling access to compromised systems.