IT Home reported on June 7 that security company Cisco Talos issued a notice revealing that hackers set up counterfeit AI tool websites to spread ransomware Trojans such as CyberLock, Lucky_Gh0$t, Numero, etc. At present, the corresponding hackers have counterfeited platforms such as Novaleads, ChatGPT, InVideo AI.
IT Home Reference Report learned that taking the counterfeit Novaleads platform as an example, although the original Novaleads company actually mainly operates "customer relationship management service" software and is not involved in AI, the hacker has seized a false brand called "Novaleads AI" by himself, and registered the corresponding domain name, set up an official website, and distributed the so-called AI software, but the corresponding software is actually a ransomware Trojan. After running it, it will ask the victim for a digital currency worth US$50,000 as a ransom.
In terms of counterfeit ChatGPT platform, hackers provide the so-called "ChatGPT 4.0" to users who do not understand AI Full version of the installer", the corresponding file name is "ChatGPT 4.0 full version - Premium.exe". After the victim runs, all files smaller than 1.2GB on the computer will be encrypted.
In terms of counterfeit InVideo AI, hackers set up a false official website to spread a Numero Trojan, after the corresponding Trojan runs, it will continuously monitor the victim's desktop window and overwrite all window titles, buttons and contents as "1234567890", resulting in the interface being unusable or recognizable. The program will be restarted every 60 seconds, with the purpose of completely paralyzing the victim's system.
