With the rapid rise in popularity of AI-powered tools, cybercriminals are finding innovative ways to exploit public interest for nefarious purposes. Recently, reports have emerged that fake Facebook pages with seemingly credible followings are being used to push malware onto unsuspecting users.
A striking instance of this is the case of a counterfeit Midjourney AI Facebook page that garnered more than 1.2 million followers. This page was part of an elaborate scheme to coax users into downloading malware-ridden files under the pretense of offering AI-related services. This fraudulent activity extends beyond Midjourney AI imitations. Other generative AI tools, such as ChatGPT, DALL-E, and Sora, have been the face of similar scams aimed at distributing harmful software.
These fake pages often advertise and link to websites designed to mirror legitimate AI tool interfaces, with one goal in mind: to trick visitors into downloading dangerous files. The demographic targeted by this scam primarily comprises men aged between 25 and 55, particularly in Europe. Instead of obtaining the promised AI tools, many victims end up inadvertently installing infostealers, such as Rilide v4, disguised as useful browser extensions like Google Translate. Additionally, users have been duped into downloading other types of malware including Vidar, Nova, and IceRAT.
One such campaign involving the fraudulent Midjourney AI page reached upwards of 500,000 Facebook users with its ads before being shut down on March 8. The circumstances of the page’s removal, whether by vigilance from Meta due to reports from deceived users or actions by the actual Midjourney developers, are not entirely clear.
It is important to understand that these fraudulent operations often do not start from scratch. Hackers customarily take control of existing Facebook pages that already have a substantial follower base. Once the hackers commandeer these pages, they repurpose them for their malicious campaigns.
Although the fake Midjourney AI Facebook page has been closed, the threat persists with many active pages continuing to propagate similar deceptive activities. Internet users should exercise caution; legitimate generative AI tools like ChatGPT, Gemini, Sora, and DALL-E are web-based platforms without downloadable desktop versions. Hence, promises of free access to premium subscriptions of these tools on Facebook are likely fraudulent.
Vigilance is key when navigating such offers online. It is recommended that users research thoroughly and verify the authenticity of any tool or service being promoted. With the right knowledge and a cautious approach, it’s possible to stay protected from these deceptive and harmful tactics.
