The attackers have resorted to using fake AI-based tools to trick users into downloading the Noodlophile malware, which is designed to steal personal information.
Disguised as video and image editing platforms, these fake services are actively spreading through popular Facebook groups and viral campaigns on social media. A single such message can have over 62,000 views, with the primary target being those actively searching for AI-based tools for content creation.
Users who click on links from these groups are taken to fake websites offering to create videos, logos, and images using AI. After uploading their own images, they receive an infected file instead of the expected content. This file triggers the infection, installing Noodlophile, which steals browser data, crypto wallets, and other sensitive information.
The new Noodlophile virus is part of a new wave of cyberattacks that exploit the popularity of AI services. Previously, such methods were mainly used to distribute pirated programs or games, but now criminals have refocused on a new target audience – content creators and small businesses. The developer of Noodlophile is likely associated with citizens of Vietnam, a country with a developed cybercrime ecosystem.
This campaign is a clear demonstration of how attackers are using the latest technologies to deceive users and distribute malware. Users are advised to be cautious when downloading programs from untrusted sources, even if they appear to be AI-based tools, and to always check the security of websites before downloading any files.
130 
91 
80 