Cybercriminals Exploit AI Video Generation Trend with Malicious Ads

Ankit Lohar
Ankit Lohar

Software Developer

 
May 29, 2025 3 min read

Fake AI Video Editor Ads Targeting Users

The threat group UNC6032 is running a campaign using fake ads on social media platforms to promote non-existent AI video generation tools. According to Google’s Mandiant Threat Defense group, these ads have reached over 2 million users on platforms like Facebook and LinkedIn. The ads lead to bogus websites that distribute malware instead of the advertised services. Researchers have identified thousands of instances where these ads impersonate legitimate tools, such as Canva Dream Lab and Luma AI, to deceive users. Clicking on these ads often leads to downloading Python-based infostealers and backdoors, jeopardizing users' sensitive information. For more details, see the findings from Mandiant here.

Risks Associated with AI Tools

The UNC6032 group, believed to have connections to Vietnam, has exploited the growing interest in AI applications. Mandiant's investigation revealed that the malicious ads had a total reach of over 2.3 million users, though this does not necessarily indicate the number of actual victims. Experts warn that these fake AI tools target a wide audience, not just graphic designers, and advise users to verify the legitimacy of websites before downloading software. To learn more about the risks, refer to the analysis here. Person's hand holding an iPhone and using the Luma Labs Dream Machine artificial intelligence video generator Image courtesy of CyberScoop

Mechanism of Infection

The fake ads lead to websites that mimic actual AI video generation services. Users are prompted to enter details to generate content, but instead receive malware disguised as a legitimate file. This malware often includes remote access trojans (RATs) and information stealers that can compromise credentials, credit card data, and other sensitive information. For insights on how these campaigns function, refer to the comprehensive report by Mandiant here.

The Noodlophile Stealer and Its Impact

The Noodlophile Stealer is another malware variant that has emerged, exploiting the trend of fake AI platforms. This stealer can harvest browser credentials and cryptocurrency wallet information, all while masquerading as legitimate software. The tactics employed by these attackers are becoming increasingly sophisticated, utilizing social engineering to lure unsuspecting users. The malware is delivered through fake platforms that promise advanced content generation services. For additional details on this malware and its methods, see the analysis here. Graph from Google Trends showing the rise in internet searches for “AI video generator” over the past year. Image courtesy of CyberScoop

Preventive Measures and Recommendations

Organizations and individuals are urged to employ cybersecurity measures such as monitoring tools and threat intelligence to protect against these evolving threats. GrackerAI offers AI-powered cybersecurity marketing solutions that help organizations stay informed about emerging trends and threats. By automating news insights, GrackerAI enables marketing teams to create timely and relevant content that resonates with cybersecurity professionals. To explore how GrackerAI can assist in your cybersecurity marketing efforts, visit our website at GrackerAI.

Latest Cybersecurity Trends & Breaking News

Quantum Computing's Threat to RSA Encryption Check Point Completes Purchase of Cyberint

Ankit Lohar
Ankit Lohar

Software Developer

 

Software engineer developing the core algorithms that transform cybersecurity company data into high-ranking portal content. Creates the technology that turns product insights into organic traffic goldmines.

Related Articles

Top 7 Tools to Help SaaS Companies Find High-Intent Leads
SaaS lead generation

Top 7 Tools to Help SaaS Companies Find High-Intent Leads

Explore the top 7 tools to help SaaS companies find high-intent leads, boost conversions, and streamline customer acquisition with smarter targeting.

By Abhimanyu Singh December 5, 2025 5 min read
Read full article
AI Chat with PDF: A Practical Guide for AEO-Focused Marketers and Visibility Strategists
AI Tools

AI Chat with PDF: A Practical Guide for AEO-Focused Marketers and Visibility Strategists

Learn how AEO and GEO marketers use AI Chat with PDF tools to extract insights, structure Q&A content, analyze competitors, and boost AI visibility with Gracker.

By Mohit Singh Gogawat December 5, 2025 5 min read
Read full article
Stop Bleeding Leads: The Cybersecurity Marketing ROI Audit B2B SaaS Can't Ignore
cybersecurity marketing ROI

Stop Bleeding Leads: The Cybersecurity Marketing ROI Audit B2B SaaS Can't Ignore

Discover how B2B SaaS companies can stop wasting marketing dollars and boost ROI with a comprehensive cybersecurity marketing audit. Identify leaks, optimize strategies, and drive lead generation.

By Deepak Gupta December 5, 2025 11 min read
Read full article
How Social Media Aggregators Drive B2B Engagement and SEO Results
social media aggregators

How Social Media Aggregators Drive B2B Engagement and SEO Results

Learn how social media aggregators drive B2B engagement, boost SEO rankings, build trust with social proof, and enhance brand visibility.

By Ankit Agarwal December 4, 2025 3 min read
Read full article