Cybercriminals are now using fake AI tools on social media to spread Noodlophile malware

By: bitcoin ethereum news|2025/05/12 20:00:12
0
Share
copy
Cybercriminals are using fake AI tools on social media to spread Noodlophile malware. According to a security expert, the malware can steal important information like browser credentials, cryptocurrency wallet information, and more. The attackers make platforms with believable AI themes that can then be promoted on social media. These may look like real AI tools, but they are actually just fronts to get people to download malware that is hiding inside them. Criminal AI-themed platforms are advertised via Facebook groups The main social media platform being used is Facebook. Fake AI platforms are luring millions of people who use AI-powered tools every day to make materials like art, music, and videos from photos. FAKE AI TOOLS ARE THE NEW NIGERIAN PRINCE — AND THEY’RE AFTER YOUR PASSWORDS Think you’re downloading the next hot AI video editor? Surprise — it’s malware in a trench coat. Hackers are luring people with slick-looking Facebook ads for fake tools like “CapCut AI,” racking up... https://t.co/jOuVc15ZiH pic.twitter.com/hteD7bNuoE — Mario Nawfal (@MarioNawfal) May 12, 2025 Morphisec researcher Shmuel Uzan said, “Instead of relying on traditional phishing or cracked software sites, they build convincing AI-themed platforms – often advertised via legitimate-looking Facebook groups and viral social media campaigns.” Links in these groups lead to the developer’s profile. Their BIO reveals further involvement in malware sales and distribution. When a user hits on a post, they are taken to what looks like free AI editing tools, where they are told to upload a picture or video. Then, they are told to download VideoDreamAI.zip, which looks like the AI tool but is actually a harmful ZIP file. This makes a Python code that makes it possible to use the Noodlophile Stealer. When shared on Facebook, these posts have gotten as many as 62,000 views from just one post. Luma Dreammachine AI, Luma Dreammaching, and gratistuslibros are some of the fake social media pages that have been found. In addition, an investigation of the term “Noodlophile” across cybercrime marketplaces uncovered groups offering it as part of malware-as-a-service (MaaS) schemes. Tools like Noodlophile are advertised alongside access services labeled “Get Cookie + Pass,” designed for account takeover and credential theft. Noodlophile Stealer talks to the attackers through a Telegram bot In some cases, the data stealer has been joined with remote access Trojans like XWorm to gain even more power over the host’s computer and data. At the very end of the attack, it was found that the Noodlophile Stealer talks to the attackers through a Telegram bot, which is a secret way for them to send stolen data to other people Cybercriminals like to use Telegram, which has more than 900 million daily users, to trade stolen databases, user credentials, credit card information, and other things. The site is also used by fraudsters to talk to each other, share hacking methods, and sell illegal goods. As Cryptopolitan reported , the founder of Telegram, Pavel Durov, has been arrested because of the involvement of Telegram and illicit activities. However, Durov insisted that his company would rather exit a national market than disclose private messages. “In its 12-year history, Telegram has never disclosed a single byte of private messages,” Durov reckoned. “In accordance with the EU Digital Services Act, if provided with a valid court order, Telegram would only disclose the IP addresses and phone numbers of criminal suspects, not messages.” The Noodlophile malware is thought to have come from Vietnam, as shown by a GitHub page that calls the user “a passionate Malware Developer from Vietnam.” Also, he was observed responding to Facebook posts promoting this new method. Law enforcement officials say that cybercrime is particularly common in Southeast Asia and that Facebook has also been used in the past to spread stealer software. Cryptopolitan Academy: Coming Soon – A New Way to Earn Passive Income with DeFi in 2025. Learn More Source: https://www.cryptopolitan.com/cybercriminals-fake-ai-tools-noodlophile/

-- Price

--

You may also like

Semiconductor stocks plummet, yet Anthropic wants to create a 2nm chip

Abandoning TSMC and teaming up with Samsung. Anthropic launches a self-developed 2nm chip program, challenging Nvidia and starting a battle to break through computing power costs.

Where is Zhao Changpeng's billion-dollar investment going? YZi Labs' investment landscape fully revealed

Zhao Changpeng's billion-dollar new "family office" YZi Labs investment landscape revealed: 70% of the funds are committed to the crypto ecosystem, while 30% are cross-industry bets on AI and biotechnology, launching a new capital experiment in the post-Binance era.

Ethereum Foundation Report: A Basic Guide to Ethereum for Governments and Financial Institutions

The Ethereum Foundation has released this non-technical introductory report aimed at government officials, central banks, regulators, and corporate decision-makers, explaining how Ethereum works, how it is governed, how it differs from other blockchains, and how institutions and governments are alre...

A pre-announced harvesting case: After the cryptocurrency price dropped by 99%, the public chain Saga exited to transform into AI

True failure often isn't a single price drop, but rather a pricing mechanism that repeatedly rewards those who tell stories while repeatedly punishing those who believe in the stories.

When American giants collectively "defect" from Chinese AI models

Coinbase CEO publicly stated: the company has fully switched its AI to a Chinese model, cutting expenses in half while usage has doubled. Snowflake and Lindy are also doing the same thing—an unnoticed "AI model migration wave" is happening.

BIS Report Compliance Observation: The Real Risks of Stablecoins, Not Just "Depegging"

The issue with stablecoins is not just whether their price will decouple, but whether they can be integrated into a recognizable, monitorable, accountable, and regulated financial system.

Contents

Popular coins

Latest Crypto News

Read more
iconiconiconiconiconiconicon
Customer Support:@weikecs
Business Cooperation:@weikecs
Quant Trading & MM:bd@weex.com
VIP Program:support@weex.com