Criminal hackers hack these channels of influence to promote dangerous links. Hackers have started using AI-generated faces to spruce up their scam.
AI, the cybercriminal’s new weapon. On March 13, cybersecurity company CloudSek released a report detailing a YouTube scam campaign using AI video creation tools. Artificially created faces promote fraudulent sites.
The original process is not new: hackers send fake partnership offers to YouTubers. Their emails usually include a PDF with ostensibly details of the contract or product being tested. The latter is just a decoy designed to install an infostealer, a malicious software that infiltrates password managers. Once a hacker steals the codes and gains control of a YouTube channel, they start sending out volleys of fraudulent promotions. Most often, these are fraudulent download links for popular programs such as Adobe Photoshop or Premiere.
However, hackers are innovating and starting to add AI-generated “animators” to give their scheme a little more legitimacy. We have searched for some of these videos. Just type “Adobe 2023 Crack” to see thousands of scams. When owners have several thousand followers, they are hacked influencers. Faces are generated by the two most popular services at the moment: Synthesia and Elai.
A scam generated by artificial intelligence on the channel of a Colombian YouTuber. // Source: YouTube/Numerama
Easy Attacks
To be honest, the likelihood of an English-speaking person falling into the trap is very small. The public immediately becomes suspicious. As for the voice, it’s as natural as Daft Punk’s. The artificial puppet simply says, “Discover this product for free by clicking on the link below.” On the other hand, it should be noted that most of the attacked YouTubers are Asians or Hispanics. Some have hundreds of thousands of followers. Thus, cybercriminals will be active in these regions.
CloudSEK recorded a 200-300% increase from November to February in videos with links to stealer malware in the description section. “The videos lure users in with fake guides on how to download pirated versions of software like Photoshop, Premiere Pro, Autodesk 3ds Max, AutoCAD, and other paid products,” said CloudSEK researcher Pawan Kartik M.
The most popular stylers will be Raccoon, RedLine and Vidar. These malware are available for purchase or rent. Hackers aim to get as much data as possible and then resell it on the darknet marketplaces. Although these attacks are not yet very sophisticated, they give an idea of the potential for AI to be exploited by cybercriminals.
Want to know everything about the mobility of tomorrow, from electric vehicles to bicycles? Subscribe to our Watt Else Newsletter!