Image by Freepik
AI-Fueled Cyberbullying: Teen’s Ordeal Sparks Outrage
- Written by Kiara Fabbri Former Tech News Writer
- Fact-Checked by Justyn Newman Former Lead Cybersecurity Editor
At 14, Francesca Mani was called to the principal’s office at Westfield High School, New Jersey, where she discovered a photo of her had been altered into a nude image using artificial intelligence, as reported by CBS News .
In a Rush? Here are the Quick Facts!
- A 14-year-old girl was targeted by a classmate who used AI to create a nude image of her.
- The AI-powered “nudify” website, Clothoff, has been used to create explicit images of numerous students.
- Experts warn of the severe psychological and reputational harm caused by AI-generated nudes, even if they are fake.
Last October, rumors spread at Westfield High about boys possessing explicit images of female classmates. Mani learned she and several others were targeted.
According to a lawsuit filed by another victim, a boy uploaded Instagram photos to Clothoff, a popular AI-powered “nudify” site. The site, which received over 3 million visits last month, creates realistic fake nudes in seconds, as reported by CBS.
Mani never saw the manipulated image of herself but was deeply affected by how the school handled the situation. Victims were publicly called to the office, while the boys involved were privately removed from class.
“I feel like that was a major violation of our privacy while, like, the bad actors were taken out of their classes privately,” Mani said as reported by CBS.
That same day, the principal emailed parents, confirming students had used AI to create explicit images, reports CBS. The email assured parents the images had been deleted and were not being circulated, but Mani’s mother, Dorota, remained skeptical.
“You can’t really wipe it out,” Dorota said to CBS, expressing concern about screenshots or downloads.
The school district declined to provide details about the incident or disciplinary actions but stated it updated its harassment policies to address AI misuse—a change the Manis had urged for months, as reported by CBS.
Yiota Souras, chief legal officer at the National Center for Missing and Exploited Children, stressed the lasting harm such images cause, even if they are fake. Victims often suffer mental distress, reputational damage, and a loss of trust, as noted by CBS.
CBS reports that over the past 20 months, nearly 30 similar cases involving AI nudes have surfaced in U.S. schools, with additional incidents reported globally.
In at least three cases, Snapchat was used to circulate the images. Parents have reported delays of up to eight months in getting such content removed from the platform, as reported by CBS.
Snapchat, in response to one parent’s criticism, claimed to have “efficient mechanisms” for handling these reports and stated it has a “zero-tolerance policy” for such content, reported CBS.
Federal law prohibits AI-generated child pornography if it depicts sexually explicit conduct, but Souras warns that some AI nudes may fall outside the legal definition, noted CBS.
Since the incident, Francesca and Dorota Mani have advocated for AI-related policies in schools and worked with Congress to address the issue, reported CBS.
Image by DC Studio, from Freepik
Social Media Scams And AI Deepfakes Fuel Surge In Financial And Data Theft
- Written by Kiara Fabbri Former Tech News Writer
- Fact-Checked by Justyn Newman Former Lead Cybersecurity Editor
Cybersecurity experts are raising alarms about a wave of new scams and malware that are increasingly targeting individuals and businesses alike.
In a Rush? Here are the Quick Facts!
- Lumma Stealer saw a 369% increase in detections in H2 2024.
- Bitcoin’s rise triggered a surge in cryptostealer activity, especially targeting macOS.
- Telekopye toolkit is being used to scam users of booking platforms like Booking.com.
These threats combine sophisticated techniques like AI-generated deepfakes , fake company posts on social media, and innovative malvertising strategies, leading to significant financial and data theft.
In its H2 2024 Threat Report , ESET highlighted the rise of a dangerous new malware-as-a-service (MaaS) tool, Lumma Stealer. Since its discovery in 2022, Lumma has seen a staggering 369% increase in detections, making it one of the most prominent threats in the cybercriminal world.
This malware primarily targets cryptocurrency wallets, user credentials, and browser extensions used for two-factor authentication.
Its rapid growth has been fueled by a variety of clever campaigns, including fake GitHub fixes, AI software impersonations , and compromised CAPTCHA sites. Notably, Lumma has been spread through patched files, including Key Management Service (KMS) activators for pirated Windows versions.
Alongside Lumma, Formbook has regained its position as one of the top threats among infostealers, surpassing Agent Tesla. With a 200% increase in detections, Formbook’s ability to gather sensitive data, including clipboard information, keystrokes, and cached browser data, continues to make it a significant threat.
Despite being active since 2016, Formbook remains highly effective due to its continuous development and use of advanced obfuscation techniques that help it evade detection. The malware is often spread through phishing emails .
The rise of Bitcoin, especially after its surge past $90,000 following the 2024 U.S. presidential election, has also fueled an increase in cryptostealers across multiple platforms .
ESET’s telemetry data reveals a dramatic rise in cryptostealer activity in the second half of 2024, especially on macOS , with a 127% increase in password-stealing malware like AMOS. Windows and Android devices also experienced significant increases, with Lumma Stealer variants leading the charge.
Techniques like Google ad poisoning, phishing, and optical character recognition (OCR) malware are being used to exploit vulnerabilities, making cryptocurrency wallet security a critical concern.
Mobile banking credentials are also at risk due to attackers exploiting Progressive Web Apps (PWAs) and WebAPKs. These technologies allow apps to be installed directly from websites, bypassing traditional app store security measures.
The apps often mimic legitimate banking apps, capturing login details, passwords, and two-factor authentication codes once installed. Users are urged to install apps only from trusted sources and employ robust security tools to protect their personal information.
On social media, a new scam is gaining traction, using deepfake videos and company-branded posts to deceive users into investing in fraudulent schemes. These scams, known as HTML/Nomani, promise secret investment opportunities or miracle products endorsed by AI-generated videos of celebrities.
Victims are directed to phishing websites where personal information is stolen, and the fraudsters manipulate them into making investments in non-existent products or even taking loans. This scam has become increasingly sophisticated, with tailored ads for different countries and regions.
Accommodation booking platforms, such as Booking.com and Airbnb, are also being targeted by cybercriminals using the Telekopye toolkit. Scammers are exploiting compromised hotel accounts to send fake payment issue messages to users who recently made bookings.
These messages lead victims to phishing sites that closely resemble legitimate booking platforms. Once victims enter their card information, it is stolen by the scammers. The Telekopye toolkit, which was originally designed for online marketplace fraud, has been adapted for use in accommodation booking scams.
The rise in these scams is particularly concerning as holiday booking seasons peak, increasing the likelihood of victims falling prey to these sophisticated attacks.
As these scams and malware continue to evolve, it is crucial for users to remain vigilant and implement robust cybersecurity practices to protect their personal and financial data.
