Premium

Think before you download: How hackers are spreading malware using fake AI video tools

Threat actors are targeting users by luring them into downloading a malware laced AI video generator called EditPro.

Hackers even created a legitimate looking EditPro AI website with a cookie banner at the bottom. (Image Source: Bleeping Computer)

With Artificial Intelligence powered tools available on the internet, threat actors are using the opportunity to infect Windows and macOS-powered machines. These malware not only steal your cryptocurrency wallet credentials but also target your passwords and browsing history.

According to a recent report by Bleeping Computer, threat actors are spreading malware via fake websites that impersonate an AI video and image generator named EditPro.

In the image below, you can see that the new AI video tools are being spread via posts on X, claiming that users do not need any ‘special skills’ and can use the AI video generators for free. The report states that clicking on the images redirects you to a fake website offering the EditProAI tool, with ‘.pro’ and ‘.org’ domains used to spread Windows and macOS malware respectively.

Story continues below this ad

Also Read | STALKER 2: Heart of Chornobyl now available on Steam: From price to specs, here’s what you need to know

Threat actors are using EditPro AI video generator to spread info-stealing malware.

Threat actors are using the EditPro AI video generator to spread info-stealing malware. (Image Source: Bleeping Computer)

As it turns out, these fake websites look real and even have a cookie banner on the bottom, which adds to the legitimacy. When users tap on the ‘Get now’ button, your system will start downloading a file called “Edit-ProAI-Setup-newest_release.exe” for Windows and “EditProAi_v.4.36.dmg” for macOS.

When cybersecurity experts analyzed the ‘.exe’ file, they noticed that the AI tool setup was laced with the Lumma Stealer malware. In case you accidentally downloaded the program, we recommend you change your saved passwords as your accounts may have been compromised.

To give you a quick recap, Lummar Stealer is a Windows malware while AMOS infects devices running macOS. However, both malware are designed to steal cryptocurrency wallets, login credentials and browsing history from popular browsers like Google Chrome, Mozilla Firefox and Microsoft Edge. The data collected is then sent back to the hacker, who can then use it for future attacks or sell it on the dark web.