GOOGLE owned threat hunters have warned Facebook users of a post that you must never click or you will risk getting your passwords stolen & your texts spied on.
Thousands of malicious ads on and about 10 on have been identified since November 2024.
A group of criminals tracked as UNC6032 is exploiting interest in AI video generators and users need to be vigilant.
They do so by planting malicious ads on social media platforms to steal credentials, credit card details, and other sensitive information.
Fake AI Video Generator Tools
These ads directed viewers to more than 30 phony websites masquerading as legitimate AI video generator tools.
Including Luma AI, Canva Dream Lab, and Kling AI, falsely promising text- and image-to-video generation reports The Register.
If a user visits the fake website and clicks on the “Start Free Now”;; button, they’re led through a bogus video-generation interface that mimics a real AI tool.
After selecting an option and watching a fake loading bar, the site delivers a ZIP file containing malware that, once executed, backdoors the victim’s device, logs keystrokes, and scans for password managers and digital wallets.
UNC6032, assessed by Mandiant and Threat Intelligence as having ties to , has found success with this campaign.
Malicious ads reached two million users
The malicious ads have reached more than two million users across and .
Mandiant used both companies’ Ad Library tools, designed to comply with the ‘s Digital Services Act (DSA), to identify the fake websites and the malicious ads’ reach.
Threat analysts Diana Ion, Rommel Joven, and Yash Gupta said: “Mandiant Threat Defense performed further analysis of a sample of over 120 malicious ads and, from the EU transparency section of the ads, their total reach for EU countries was over 2.3 million users.”;;
Although they note that the “reach does not equate to the number of victims.”;;
The 10 LinkedIn ads had a total impression estimate of 50,000 to 250,000, with the US accounting for the highest percentage of impressions.
Facebook ads were published on both attacker-created pages and compromised accounts.
New ads are created daily
With UNC6032 “constantly”;; rotating the domains mentioned in the ads to avoid detection and account bans, while new ads are “created on a daily basis.”;;
A spokesperson said the social media company doesn’t know how many victims the campaign may have affected.
“ removed the malicious ads, blocked the URLs, and took down accounts behind them — many before they were shared with us,”;; the spokesperson toldThe Register.
“Cyber criminals constantly evolve their tactics to evade detection and target many platforms at once, and that’s why we collaborate with industry peers like to strengthen our collective defences to protect our users.”;;
Mandiant, in its report, does give Meta credit for its “collaborative and proactive threat hunting efforts in removing the identified malicious ads, domains, and accounts.”;;
And explained that a “significant portion”;; of these detections and removals began last year, prior to Mandiant alerting Meta about its .
The malware is designed for information theft
All of the websites investigated served up the same payload: STARKVEIL, a malware dropper that deploys three different modular malware families designed for information theft, all capable of downloading plugins.
The Mandiant team provides a deep dive into one particular attack that started with a Facebook ad for “Luma Dream AI Machine,”;; mimicking a text-to-video AI tool called Luma AI, but instead redirecting the user to an attacker-created website.
After visitors to the phony website click the download button, they receive a ZIP archive containing a Rust-based malware dropper named STARKVEIL.
When executed, it extracts its payloads and displays a fake error message to coax the user into running it a second time, completing the infection chain.
In reality, however, its alleged that for a successful compromise, the executable needs to run twice.
It drops its components during the first execution, and then runs a launcher during the second execution.
Fake ‘AI websites’ pose a significant threat
One of the malware dropped is GRIMPULL, a .NET-based downloader with anti-VM and anti-malware analysis capabilities, which uses Tor for C2 server connections.
Another is XWORM, also a .NET-based backdoor with capabilities including keylogging, command execution, screen capture, and spreading to USB drives.
The third is FROSTRIFT, a .NET backdoor loaded via DLL sideloading into a legitimate Windows process.
This malware attempts to establish persistence on the compromised machine, and checks for the existence of 48 browser extensions related to password managers, authenticators, and digital wallets.
The Mandiant team wrote: “Although our was limited in scope, we discovered that well-crafted fake ‘AI websites’ pose a significant threat to both organizations and individual users.
“These AI tools no longer target just graphic designers; anyone can be lured in by a seemingly harmless ad.”;;
Meanwhile, Android users who follow are putting themselves at risk from Big Brother-style spying.
Plus, three new Google warnings you must obey or risk having your bank emptied in seconds – and the exact pop-up signs to look out for.
And a warning was given to all as Google shared how long you have to act if you fall for the scam.
Finally, millions of Netflix users were warned of ‘red alert’ scam that could wipe your bank account as customers are told ‘don’t click’.
