New Malware Spreads Via Fake AI Video Tool - 1

Image by WangXina, from Freepik

New Malware Spreads Via Fake AI Video Tool

  • Written by Kiara Fabbri Former Tech News Writer
  • Fact-Checked by Sarah Frazier Former Content Manager

A new malware campaign is targeting creators and small businesses by disguising itself as an AI-powered video tool.

In a rush? Here are the quick facts:

  • Malware disguises as free AI video tool targeting creators and small businesses.
  • Victims are tricked into downloading “Video Dream MachineAI.mp4.exe” malware.
  • Malware steals browser credentials, crypto data, and allows remote access.

The scam, first reported by Morphisec , tricks users into uploading images to what appears to be a free AI platform, only to infect their computers with a dangerous new infostealer known as Noodlophile Stealer.

These fake AI sites are promoted through Facebook groups and viral posts, some reaching over 62,000 views. Victims believe they’re receiving AI-generated videos based on their uploads.

Instead, they download malware that steals browser credentials, cryptocurrency wallet data, and can even give hackers remote access to their systems using a tool called XWorm.

This research report explains that the campaign stands out for its use of AI hype to target a newer, more trusting audience. Unlike older scams tied to pirated software, this one focuses on the boom in AI tools.

The malware is hidden in a file called Video Dream MachineAI.mp4.exe, which pretends to be a video but is actually a disguised version of CapCut, a real video editor. Once clicked, it silently installs a chain of hidden programs that collect data and establish a backdoor.

The final payload is controlled via a Telegram bot, which acts as a secret communication channel between the infected computer and the attacker. Investigators say the malware’s developer is likely Vietnamese, based on online traces and social media posts.

“Noodlophile” is now being sold in cybercrime markets as a malware-as-a-service product. The operation uses complex tricks like file renaming, command-line obfuscation, and password-protected archives to avoid detection.

This new threat highlights how cybercriminals are evolving, using the popularity of AI tools to lure victims into traps.

Sextortion Scam “Hello Pervert” Continues To Spread - 2

Photo by Jonas Leupe on Unsplash

Sextortion Scam “Hello Pervert” Continues To Spread

  • Written by Andrea Miliani Former Tech News Expert
  • Fact-Checked by Sarah Frazier Former Content Manager

A sextortion scam identified as “Hello Pervert” has been circulating in recent days, threatening email users with the release of videos allegedly showing them watching adult content unless they pay a large sum of money.

In a rush? Here are the quick facts:

  • A sextortion scam identified as “Hello Pervert” has been targeting more victims.
  • Scammers send an email threatening users with releasing videos recorded with spyware Pegasus unless they pay a sum of money.
  • Experts warn email users not to engage and report it to the authorities.

According to The Guardian , malicious actors send an email that begins with “Hello pervert,” attempting to convince recipients that their devices have been compromised. The scammers claim to have accessed the victims’ email accounts and recorded them using a spyware called Pegasus—developed by the surveillance firm NSO Group, which recently lost a case against Meta .

The email includes a ransom note with threatening messages such as “this is a very bad situation for you” and “your privacy is gone,” claiming to have a video of the victim masturbating or watching pornography. The attackers threaten to send the footage to all the victim’s contacts unless a payment is made.

In the email accessed by The Guardian, the scammers requested $1,450, instructing the victim to transfer the amount to a cryptocurrency wallet within 48 hours. They promised to delete the videos and uninstall the spyware after receiving the payment

The message may also include real passwords that victims have used in the past, obtained through data breaches. Experts advise targeted users not to engage with the attackers, but instead to ignore the messages and report them to the authorities.

Multiple users have reported similar cases on social media since last year. The messages follow a consistent pattern and have primarily targeted Microsoft accounts.

Starting an email with Hello pervert grabs my attention 🤣🤣 pic.twitter.com/J8r9rufKdV — Stacey (@staceynwing) September 14, 2024

While some users can easily recognize the scam, there is growing concern about teenage victims of this type of attack. The FBI has issued a warning , highlighting the particular risks this age group faces.

“The FBI also has recently seen an increase in financial sextortion cases targeting minor victims in the U.S.,” states the document. “This increasing threat has resulted in an alarming number of deaths by suicide.”

Tech companies such as Meta have taken action to prevent teenagers from falling into these attacks. A few months ago, Instagram launched a tool that informs users about scammy behaviours and blocks disappearing images and nudes to protect young users from sextortion scams.