According to a report from 404 Media, Russian hackers are using fake AI websites as a trap to steal crypto wallet details. Silent Push, a cybersecurity firm, revealed that a notorious hacking group called “FIN7” is behind this scam.
These websites promise users non-consensual nude images generated by AI, but when a user attempts to download the images, they unknowingly download the malware instead.
This malware, known as RedLine and Lumma Stealer, is designed to collect login credentials and other sensitive data, including information from crypto wallets.
Zach Edwards, a senior analyst at Silent Push, explains that the majority of people targeted in this scam are tech-savvy individuals interested in AI tools.
The hackers cleverly disguised these sites to appear legitimate. They make use of effective search engine optimization (SEO) tactics to ensure their sites rank highly on search results. The sites also appear professional, with options to upload images and generate deepfake nudes.
However, when users try to access their supposed images, they are directed to a Dropbox link that often doesn’t work, leaving them with nothing but malware on their devices.
Silent Push has identified at least seven of these deceptive sites, including “aiNude.ai”, “easynude.website” and “nude-ai.pro.”
Although these sites have been taken down, experts warn that anyone who interacted with them should consider their devices compromised.
The FIN7 has a long history of financial fraud, and they are connected to several ransomware gangs, including DarkSide and BlackMatter. These gangs are responsible for attacks like the $20 million ransom demanded from UnitedHealth.
They are also known for their clever phishing tactics, like pretending to be legitimate companies to trick people into downloading malicious software.
Also Read: Crypto Hacker Behind $2 Million Theft Receives Job Offer