On the other hand, fake AI image and video generators infect Windows and macOS with information-stealing malware, Lumma Stealer and AMOS, which are used to steal credentials and cryptocurrency wallets from infected devices.
Lumma Stealer is a Windows malware and AMOS a macOS malware. Both are equally dangerous because they steal cryptocurrency wallets and cookies, credentials, passwords, credit cards, and browsing history from Google Chrome, Microsoft Edge, Mozilla Firefox, and other Chromium browsers.
This data is collected into an archive and sent back to the attacker, where they can use the information for further attacks or sell it on the dark web.
Last month, cybercriminals created a fake website masquerading as an AI video and image editor called EditPro.
As cybersecurity researcher g0njxa discovered, the sites were promoted through search results and ads on X that shared deepfake political videos, such as President Biden and Trump enjoying ice cream together.
By clicking on these images, you will be redirected to fake websites for the EditProAI app (editproai.pro) created to spread Windows malware and editproai.org to spread macOS malware.
The sites look professional and even contain the ubiquitous cookie banner, so they appear legitimate.
When the victim clicks on the “Get Now” link, the malware downloads an executable file (pretending to be the EditProAI application).