Over a million people were targeted by the fake Midjourney Facebook page in an attempt to distribute malware.

Targeting Europeans

Recently, researchers uncovered a Facebook page with more than a million subscribers, pushing the Rilide infostealer to the page’s visitors. According to Bitdefender, hackers first found a vulnerable page and took it over, then renamed it to Midjourney (a generative AI tool for image creation) and aggressively promoted it on the platform through paid advertising. They amassed roughly 1.2 million subscribers by the time they were discovered, and their page was shut down.

Parallel with the Facebook page, the fraudsters also created a website that imitates Midjourney, and which offered the tool for download. It’s important to note that generative AI tools, such as Midjourney, DALL-E, or ChatGPT, don’t have a standalone, downloadable version. They are all simply available online, so any downloadable app that claims to be a genAI tool is most likely malware.

Still, the website, and the downloadable content, was promoted on the Facebook page. Users who fell for the trick and download the program, end up getting the Rilide v4 infostealer, which impersonates a Google Translate extension for the web browser.

The majority of the victims were men, aged 25-55, located in Europe. The bulk of the victims reside in either Germany, Poland, Italy, France, Belgium, Spain, the Netherlands, Romania, or Sweden.

While in this example the attackers impersonated Midjourney, it’s hardly the only generative AI tool whose image is being abused to distribute malware. ChatGPT, SORA, DALL-E, and others, are all equally being used.

Facebook pulled the malicious page down, but others are still out there with new ones popping up every day, the researchers warned. Users are advised to read up on the tools thoroughly, as that will help them avoid such scams.

More from us

  1. The evolution of cybersecurity in the age of generative AI
  2. Here’s a list of the best firewalls around today
  3. These are the best endpoint security tools right now

Cybercriminals are operating Facebook pages with millions of subscribers, through which they’re promoting various fake Generative AI tools.

These tools are actually infostealers and other malware that generate huge databases of sensitive data, which are later sold on the dark web for profit.

Share it

🤞 Don’t miss these tips!

Solverwp- WordPress Theme and Plugin