Criminals are using installers for fake AI software to distribute ransomware and other destructive malware.
Cisco Talos recently uncovered three of these threats, which use legit-looking websites whose domain names vary the titles of actual AI vendors by just a letter or two. The software installers on the sites are poisoned with malware, including the CyberLock ransomware and a never-before-seen malware named “Numero” that breaks Windows machines.
The Talos research follows a similar Mandiant report published this week that uncovered a new Vietnam-based threat group exploiting people’s interest in AI video generators by planting malicious ads on social media platforms. The ads lead to fake websites laced with malware that steals people’s credentials or digital wallets.
“We believe we are observing an increase in cybercriminals misusing the names of legitimate AI tools for their malware or using fake installers that deliver malware,” Talos research engineer technical lead Chetan Raghuprasad told The Register.
Cybercriminals are misusing the names of legitimate AI tools to deliver malware
“These criminals are distributing a variety of malware, including stealers, backdoors, RATs, ransomware, and destructive malware,” he added. “Individuals, small-scale businesses, startups, and other users in established business sectors should evaluate the sources of the AI tools they download and install on their machines to avoid falling prey to such threats.”
CyberLock ransomware emerges from the depths
Raghuprasad said his team ran across the CyberLock ransomware while researching fake installation files that crims claim are legitimate AI applications. The phony website on which they found the ransomware, novaleadsai[.]com, appeared at the top of a Google search. The name preys on people looking for the legitimate domain novaleads.app, which is run by a digital agency that monetizes sales leads.
“Stop struggling with B2B sales: We can help you generate 480+ qualified calls in just 365 days,” the scam website proclaims in large type. It also promises free access to the AI-based tool for a year.
But when the user clicks on the “Get NovaLeads AI Now” button and downloads a ZIP archive, the fake AI product contains a .NET executable named “NovaLeadsAI.exe” that loads the PowerShell-based CyberLock ransomware.
Whomever is behind CyberLock ransomware – Talos hasn’t attributed it to a particular group or individual – has operated since at least February. The malware was compiled on February 2, which is the same day that someone created the fraudulent website, we’re told.
Once it runs, the ransomware targets sensitive business documents, personal information, and confidential databases. In addition to encrypting victims’ documents, CyberLock can elevate privileges and re-execute itself with administrative privileges if needed.
After encrypting sensitive files, the attacker demands a payment of $50,000 paid in the cryptocurrency Monero and specifies tells victims to communicate using an onionmail[.]org address that allows email to be encrypted and accessed on the Tor network.
The criminal threatens to leak stolen data, however Talos didn’t spot any signs of data exfiltration capability in the ransomware code.
Plus, the ransom note also – oddly – claims that the extortion payment will be used to fund humanitarian aid efforts in Palestine, Ukraine, Africa, and Asia.
Don’t believe it, Raghuprasad said.
“It seems to be merely propaganda or psychological manipulation aimed at reducing backlash and justifying their criminal actions,” he noted. “In the past, ransomware groups like DarkSide and DoppelPaymer claimed that they donate portions of ransom to charitable organizations, but that has never happened.”
Talos hasn’t spotted this ransomware infecting any Cisco customers, and the attacker doesn’t have a leak site.
All of these things make the miscreant more “challenging to track,” according to Raghuprasad. “Therefore, we cannot determine exactly how many victims there are or the scope of this campaign,” he said. “Still, we have observed that the fake AI installer tool the actor was using mimics a legitimate application that is utilized by B2B sector users, who are potential targets.”
Another ransomware-disguised-as-AI-installer aims to infect devices with Lucky_Gh0$t, a Yashma ransomware variant that can evade anti-virus detection and anti-malware scanners, delete volume shadow copies and backups, and uses AES-256 and RSA-2048 encryption to lockup victims’ files.
The ransomware disguises itself as a ChatGPT installer with the file name “ChatGPT 4.0 full version – Premium.exe.”
While Talos doesn’t have a victim count for this scam, “the attack approach seems to be to spread the application with no specific target in mind, exploiting the popularity of the ChatGPT application, which is widely utilized by individuals and various business sectors,” Raghuprasad said.
Numero’s Windows doomloop
The third AI-lure scam pwns victims’ Windows computer with a previously unknown piece of malware that Talos named “Numero”. It impersonates an AI video creation tool installer called InVideo AI.
The fake installer contains a malicious Windows batch file, VB script, and a 32-bit Windows executable written in C++ with the file name ‘wintitle.exe’.
We’re told crims compiled the malware on January 24. It manipulates the graphical user interface (GUI) components of victims’ Windows operating systems and executes the script in an infinite loop, “corrupting the victim machine to become unusable,” the Talos report says.
“During our research, we did not observe any fake sites hosting the malware, but we believe it is a part of a trend where threat actors create fake copies of legitimate AI applications to exploit their popularity,” Raghuprasad told The Register. ®
