Callback

Spotting the impostors: How to identify fake AI tools concealing serious malware threats

With the rise of artificial intelligence, it’s no surprise that we’re seeing a surge of new AI tools claiming to offer the next big thing in tech. But not all these tools are what they seem. Some are cleverly disguised threats designed to infect your system with malware. Knowing how to spot these fake AI tools is essential for keeping your data and devices safe. he use of generative AI as a bait for malware is becoming an increasingly concerning trend. In this guide, we'll walk you through practical tips for identifying and avoiding these deceptive dangers.

How cybercriminals exploit GenAI tools as bait

Cybercriminals are increasingly using fake AI tools as a smokescreen for distributing malware. Here’s how they’re pulling off these schemes:

Phishing Sites
In late 2023, ESET blocked over 650,000 attempts to access phishing sites with names like “chapgpt” or similar variations. These sites often lure victims through links on social media or deceptive email and mobile messages, where they may be prompted to install malware disguised as legitimate GenAI software.

Malicious Browser Extensions
ESET’s first half of 2024 threat report uncovered a malicious browser extension that users were tricked into installing through Facebook ads pretending to link to official sites like OpenAI’s Sora or Google’s Gemini. While this extension was disguised as Google Translate, it was actually an infostealer named “Rilide Stealer V4,” designed to capture Facebook login credentials. Since August 2023, over 4,000 attempts to install this extension have been recorded. Other malicious extensions may offer limited GenAI features while simultaneously deploying malware.

Fake Applications
Reports have surfaced about fake GenAI apps on mobile app stores that come loaded with malware. These fraudulent apps can steal sensitive data such as login credentials, personal IDs, and financial details. Some apps may masquerade as advanced GenAI tools, often requiring payment or subscriptions for services that are either non-existent or of very poor quality.

Deceptive Ads
Cybercriminals are capitalizing on the buzz around GenAI tools to trick users via malicious ads, particularly on platforms like Facebook. Meta has warned that many of these ads are designed to exploit businesses with access to ad accounts across the web. Fraudsters hijack legitimate accounts to run fake ads promoting updates to GenAI tools, only to deploy infostealer malware.

The mechanics of deception

Cybercriminals exploit human nature—our curiosity, desire for the latest tech, and susceptibility to attractive offers. They create compelling lures that often appear credible and official. Their tactics include:

  • Urgency and Temptation: Ads promising exclusive access or significant discounts make the offers seem too good to pass up.
  • Sophisticated Storytelling: They use advanced techniques, sometimes leveraging GenAI itself to craft convincing messages.
  • Hastiness: Users, especially on mobile devices, may act quickly without verifying the authenticity of an offer.

Cybercriminals are skilled at keeping their malicious activities hidden. They continuously evolve their methods and disguise their malware as reputable fake AI tools like ChatGPT, Sora AI, Midjourney, and others, even offering versions that don’t yet exist.

Potential risks of fake AI tools

The risks of falling victim to fake AI tools are substantial. If you download a fake app or click a malicious link, the consequences can include:

  • Info-Stealers: Malware designed to harvest sensitive data such as account credentials, credit card information, and crypto wallet details.
  • Ransomware and RATs: Potentially granting hackers remote control over your device, leading to data theft, identity fraud, and even attacks on organizations you’re affiliated with.

How to protect yourself from fake AI tools

Stick to Official App Stores
Download apps only from Google Play or the Apple App Store to benefit from their rigorous vetting processes.

Verify Developers and Reviews
Check the credibility of app developers and read reviews before downloading. Be cautious of poorly described apps or developers with limited histories.

Be Cautious with Ads
Avoid clicking on digital ads, especially those promising too-good-to-be-true offers. Instead, search for the app directly in official app stores.

Examine Browser Extensions
Investigate the background of browser extensions and read user feedback before installation. Opt for extensions from well-known developers with high ratings.

Use Reliable Security Software
Ensure robust, up-to-date security software is installed on all your devices to guard against malware and phishing attempts.

Be Wary of Phishing Attempts
Treat unsolicited messages with skepticism and verify their authenticity before interacting with any links or attachments.

Enable Multi-Factor Authentication (MFA)
Add an extra layer of security to your accounts with MFA, making it harder for unauthorized users to access them.

Stay Informed
Keep up-to-date with the latest GenAI developments and verify any claims or offers through official sources.

As GenAI technology evolves, so do the tactics of those seeking to exploit it through fake AI tools. Stay vigilant to ensure that your experience with GenAI remains secure and positive, protecting yourself from these deceptive threats.