Cybercriminals are now using fake AI tools on social media to spread Noodlophile malware
By: bitcoin ethereum news|2025/05/12 20:00:12
0
Share
Cybercriminals are using fake AI tools on social media to spread Noodlophile malware. According to a security expert, the malware can steal important information like browser credentials, cryptocurrency wallet information, and more. The attackers make platforms with believable AI themes that can then be promoted on social media. These may look like real AI tools, but they are actually just fronts to get people to download malware that is hiding inside them. Criminal AI-themed platforms are advertised via Facebook groups The main social media platform being used is Facebook. Fake AI platforms are luring millions of people who use AI-powered tools every day to make materials like art, music, and videos from photos. FAKE AI TOOLS ARE THE NEW NIGERIAN PRINCE — AND THEY’RE AFTER YOUR PASSWORDS Think you’re downloading the next hot AI video editor? Surprise — it’s malware in a trench coat. Hackers are luring people with slick-looking Facebook ads for fake tools like “CapCut AI,” racking up... https://t.co/jOuVc15ZiH pic.twitter.com/hteD7bNuoE — Mario Nawfal (@MarioNawfal) May 12, 2025 Morphisec researcher Shmuel Uzan said, “Instead of relying on traditional phishing or cracked software sites, they build convincing AI-themed platforms – often advertised via legitimate-looking Facebook groups and viral social media campaigns.” Links in these groups lead to the developer’s profile. Their BIO reveals further involvement in malware sales and distribution. When a user hits on a post, they are taken to what looks like free AI editing tools, where they are told to upload a picture or video. Then, they are told to download VideoDreamAI.zip, which looks like the AI tool but is actually a harmful ZIP file. This makes a Python code that makes it possible to use the Noodlophile Stealer. When shared on Facebook, these posts have gotten as many as 62,000 views from just one post. Luma Dreammachine AI, Luma Dreammaching, and gratistuslibros are some of the fake social media pages that have been found. In addition, an investigation of the term “Noodlophile” across cybercrime marketplaces uncovered groups offering it as part of malware-as-a-service (MaaS) schemes. Tools like Noodlophile are advertised alongside access services labeled “Get Cookie + Pass,” designed for account takeover and credential theft. Noodlophile Stealer talks to the attackers through a Telegram bot In some cases, the data stealer has been joined with remote access Trojans like XWorm to gain even more power over the host’s computer and data. At the very end of the attack, it was found that the Noodlophile Stealer talks to the attackers through a Telegram bot, which is a secret way for them to send stolen data to other people Cybercriminals like to use Telegram, which has more than 900 million daily users, to trade stolen databases, user credentials, credit card information, and other things. The site is also used by fraudsters to talk to each other, share hacking methods, and sell illegal goods. As Cryptopolitan reported , the founder of Telegram, Pavel Durov, has been arrested because of the involvement of Telegram and illicit activities. However, Durov insisted that his company would rather exit a national market than disclose private messages. “In its 12-year history, Telegram has never disclosed a single byte of private messages,” Durov reckoned. “In accordance with the EU Digital Services Act, if provided with a valid court order, Telegram would only disclose the IP addresses and phone numbers of criminal suspects, not messages.” The Noodlophile malware is thought to have come from Vietnam, as shown by a GitHub page that calls the user “a passionate Malware Developer from Vietnam.” Also, he was observed responding to Facebook posts promoting this new method. Law enforcement officials say that cybercrime is particularly common in Southeast Asia and that Facebook has also been used in the past to spread stealer software. Cryptopolitan Academy: Coming Soon – A New Way to Earn Passive Income with DeFi in 2025. Learn More Source: https://www.cryptopolitan.com/cybercriminals-fake-ai-tools-noodlophile/
You may also like
Semiconductor stocks plummet, yet Anthropic wants to create a 2nm chip
Abandoning TSMC and teaming up with Samsung. Anthropic launches a self-developed 2nm chip program, challenging Nvidia and starting a battle to break through computing power costs.
Where is Zhao Changpeng's billion-dollar investment going? YZi Labs' investment landscape fully revealed
Zhao Changpeng's billion-dollar new "family office" YZi Labs investment landscape revealed: 70% of the funds are committed to the crypto ecosystem, while 30% are cross-industry bets on AI and biotechnology, launching a new capital experiment in the post-Binance era.
Ethereum Foundation Report: A Basic Guide to Ethereum for Governments and Financial Institutions
The Ethereum Foundation has released this non-technical introductory report aimed at government officials, central banks, regulators, and corporate decision-makers, explaining how Ethereum works, how it is governed, how it differs from other blockchains, and how institutions and governments are alre...
A pre-announced harvesting case: After the cryptocurrency price dropped by 99%, the public chain Saga exited to transform into AI
True failure often isn't a single price drop, but rather a pricing mechanism that repeatedly rewards those who tell stories while repeatedly punishing those who believe in the stories.
When American giants collectively "defect" from Chinese AI models
Coinbase CEO publicly stated: the company has fully switched its AI to a Chinese model, cutting expenses in half while usage has doubled. Snowflake and Lindy are also doing the same thing—an unnoticed "AI model migration wave" is happening.
BIS Report Compliance Observation: The Real Risks of Stablecoins, Not Just "Depegging"
The issue with stablecoins is not just whether their price will decouple, but whether they can be integrated into a recognizable, monitorable, accountable, and regulated financial system.
Portugal 2-1 Croatia: Ronaldo's 20-Year Knockout-Stage Drought Ends With a Debt Finally Collected
Portugal beat Croatia 2-1 in the 2026 global football championship's knockout rounds as Ronaldo scored his first-ever knockout-stage goal, Gonçalo Ramos struck a stoppage-time winner, and VAR ruled out a late equalizer for offside.
Bitcoin Price Prediction July 2026: Will BTC Recover to $70K or Drop Below $55K?
Bitcoin price prediction for July 2026: Can BTC recover to $70,000 or fall below $55,000? Explore ETF flows, key support levels, Fed outlook, and our Bitcoin forecast.
A South Korean company that learned the strategy of hoarding coins, from a bull market to delisting?
When the overall momentum of the Korean stock market is strong, this batch of cryptocurrency concept stocks, branded as the "Korean version of Strategy," finds itself at a crossroads of life and death.
WEEX API Broker Program: Turn Your Trading Platform Into a Revenue Engine
Become a WEEX API Broker and earn up to 70% trading fee sharing. Get institutional-grade liquidity, OAuth Fast Connect, and a 4-5 day integration for your AI trading platform, bot, or signal community.
How to choose between buying discounted ETH, Bitmine, and SharpLink?
The answer may not lie in whose story is told better, but in specific dimensions such as cost of holding, financing ability, liquidity, and whether the narrative can be realized.
Wosh: Inflation has cooled in recent weeks, AI is reshaping the economy, and forward guidance has lost its necessity
Federal Reserve Chairman Waller clearly stated at the ECB forum that the Fed will abandon forward guidance on interest rates, with future decisions relying entirely on real-time economic data. He noted that inflation risks in the U.S. have decreased over the past four weeks, but the ultimate impact ...
From Pump.fun to Collector Crypt: Has Solana's income throne changed hands?
The revenue from consumer applications on Solana is no longer solely reliant on meme coin issuance, but is gradually spreading to more consumption scenarios.
Dan Bin's latest speech: Don't miss out on a great era
Don't let hesitation trap your steps, and don't let shortsightedness waste the passing years—make sure not to miss this magnificent era that belongs to us.
Robinhood launches its own blockchain, no longer wanting to be a tenant on others' chains
While laying off employees and issuing bonds, it is the predictive market business that temporarily supports the income.
Why Tokenized Stocks Are Booming in 2026 While Crypto Is Still Struggling
Why are tokenized stocks booming while the crypto market struggles? Explore the latest 2026 data, institutional adoption, and what it means for traders.
Looking at Stripe's ambitions and the future of stablecoins from OUSD
Stripe enters the stablecoin network battle with OUSD, a comprehensive look at the third paradigm evolution of digital dollars and the new infrastructure for global payments in the AI era.
Do you want to buy CRCL?
A detailed breakdown of Circle's business fundamentals and valuation logic: The panic over OUSD and the market correction have triggered a short-term mispricing, presenting an opportunity for left-side positioning and legislative speculation below $60.
Semiconductor stocks plummet, yet Anthropic wants to create a 2nm chip
Abandoning TSMC and teaming up with Samsung. Anthropic launches a self-developed 2nm chip program, challenging Nvidia and starting a battle to break through computing power costs.
Where is Zhao Changpeng's billion-dollar investment going? YZi Labs' investment landscape fully revealed
Zhao Changpeng's billion-dollar new "family office" YZi Labs investment landscape revealed: 70% of the funds are committed to the crypto ecosystem, while 30% are cross-industry bets on AI and biotechnology, launching a new capital experiment in the post-Binance era.
Ethereum Foundation Report: A Basic Guide to Ethereum for Governments and Financial Institutions
The Ethereum Foundation has released this non-technical introductory report aimed at government officials, central banks, regulators, and corporate decision-makers, explaining how Ethereum works, how it is governed, how it differs from other blockchains, and how institutions and governments are alre...
A pre-announced harvesting case: After the cryptocurrency price dropped by 99%, the public chain Saga exited to transform into AI
True failure often isn't a single price drop, but rather a pricing mechanism that repeatedly rewards those who tell stories while repeatedly punishing those who believe in the stories.
When American giants collectively "defect" from Chinese AI models
Coinbase CEO publicly stated: the company has fully switched its AI to a Chinese model, cutting expenses in half while usage has doubled. Snowflake and Lindy are also doing the same thing—an unnoticed "AI model migration wave" is happening.
BIS Report Compliance Observation: The Real Risks of Stablecoins, Not Just "Depegging"
The issue with stablecoins is not just whether their price will decouple, but whether they can be integrated into a recognizable, monitorable, accountable, and regulated financial system.
Customer Support:@weikecs
Business Cooperation:@weikecs
Quant Trading & MM:bd@weex.com
VIP Program:support@weex.com





