The rise of AI tools is being exploited by cybercriminals, with Russian hackers using fake AI websites to lure tech-savvy individuals into downloading malware that steals sensitive crypto wallet data.
Russian hackers have found a new way to target cryptocurrency holders, using fake AI websites to steal valuable crypto wallet information.
According to cybersecurity firm Silent Push, a notorious hacking group known as “FIN7” is behind these deceptive sites, which promise users AI-generated non-consensual nude images in exchange for their details.
Instead of receiving the images, unsuspecting users download malware designed to extract login credentials and sensitive information, including details from crypto wallets.
The malware, identified as RedLine and Lumma Stealer, quietly infiltrates devices, compromising personal data.
Zach Edwards, a senior analyst at Silent Push, noted that this scam primarily targets tech-savvy individuals who are interested in AI tools.
The hackers behind FIN7 have been especially effective at disguising their sites as legitimate platforms, using search engine optimization (SEO) tactics to rank highly on search engines.
These sites offer seemingly professional services, such as the ability to upload images and create deepfake nudes, further adding to their deceptive allure.
However, once users attempt to access the promised images, they are redirected to a broken Dropbox link that leaves them empty-handed—except for malware now hidden in their devices.
Silent Push has already identified at least seven fake sites, including “aiNude.ai,” “easynude. website,” and “nude-ai.pro,” which have since been taken down.
Despite these sites being removed, cybersecurity experts warn that anyone who visited them should consider their devices compromised.
FIN7 is known for its long history of financial fraud and has connections to ransomware gangs such as DarkSide and BlackMatter, which were responsible for major cyberattacks, including a $20 million ransom demand from UnitedHealth.