Beware: Malware in Fake Facebook Ads for AI Video Tools

Nicole Wang
Nicole Wang

Customer Development Manager

 
May 29, 2025 2 min read

Cybercriminals Exploit AI Video Generation Trend with Malicious Ads

Facebook social media app logo on log-in, sign-up registration page
Image courtesy of TechRadar

Fake AI Video Editor Ads Targeting Users

The threat group UNC6032 is running a campaign using fake ads on social media platforms to promote non-existent AI video generation tools. According to Google’s Mandiant Threat Defense group, these ads have reached over 2 million users on platforms like Facebook and LinkedIn. The ads lead to bogus websites that distribute malware instead of the advertised services.

Researchers have identified thousands of instances where these ads impersonate legitimate tools, such as Canva Dream Lab and Luma AI, to deceive users. Clicking on these ads often leads to downloading Python-based infostealers and backdoors, jeopardizing users' sensitive information.

For more details, see the findings from Mandiant here.

Risks Associated with AI Tools

The UNC6032 group, believed to have connections to Vietnam, has exploited the growing interest in AI applications. Mandiant's investigation revealed that the malicious ads had a total reach of over 2.3 million users, though this does not necessarily indicate the number of actual victims.

Experts warn that these fake AI tools target a wide audience, not just graphic designers, and advise users to verify the legitimacy of websites before downloading software.

To learn more about the risks, refer to the analysis here.

Person's hand holding an iPhone and using the Luma Labs Dream Machine artificial intelligence video generator
Image courtesy of CyberScoop

Mechanism of Infection

The fake ads lead to websites that mimic actual AI video generation services. Users are prompted to enter details to generate content, but instead receive malware disguised as a legitimate file. This malware often includes remote access trojans (RATs) and information stealers that can compromise credentials, credit card data, and other sensitive information.

For insights on how these campaigns function, refer to the comprehensive report by Mandiant here.

The Noodlophile Stealer and Its Impact

The Noodlophile Stealer is another malware variant that has emerged, exploiting the trend of fake AI platforms. This stealer can harvest browser credentials and cryptocurrency wallet information, all while masquerading as legitimate software.

The tactics employed by these attackers are becoming increasingly sophisticated, utilizing social engineering to lure unsuspecting users. The malware is delivered through fake platforms that promise advanced content generation services.

For additional details on this malware and its methods, see the analysis here.

Graph from Google Trends showing the rise in internet searches for “AI video generator” over the past year.
Image courtesy of CyberScoop

Preventive Measures and Recommendations

Organizations and individuals are urged to employ cybersecurity measures such as monitoring tools and threat intelligence to protect against these evolving threats. GrackerAI offers AI-powered cybersecurity marketing solutions that help organizations stay informed about emerging trends and threats. By automating news insights, GrackerAI enables marketing teams to create timely and relevant content that resonates with cybersecurity professionals.

To explore how GrackerAI can assist in your cybersecurity marketing efforts, visit our website at GrackerAI.

Nicole Wang
Nicole Wang

Customer Development Manager

 

Customer success strategist who ensures cybersecurity companies achieve their 100K+ monthly visitor goals through GrackerAI's portal ecosystem. Transforms customer insights into product improvements that consistently deliver 18% conversion rates and 70% reduced acquisition costs.

Related Articles

2025 Nonprofit Marketing Trends: AI Strategies & Best Practices

Social media is a powerful tool for nonprofit organizations to connect with their target audiences. The evolving landscape of these platforms necessitates staying updated on best practices for optimal engagement and impact.

By Hitesh Kumawat July 23, 2025 5 min read
Read full article

Unlocking Business Potential: The Role of Chief Content Officers

Chief content officers (CCOs) are increasingly common in non-media companies, driven by the growing demand for unbranded content that resonates with consumers. Over 50 non-media companies, including Airbnb and HP, have appointed CCOs to foster authentic connections with their audiences. These roles differ significantly from traditional marketing positions, focusing on producing credible, independent content that builds trust. Angela Matusik from HP states, “This is not about steering people directly to purchase. It’s about creating long-term relationships with consumers.”

By Govind Kumar July 23, 2025 3 min read
Read full article

Revamping Corporate Sustainability: Beyond Checkboxes to Impact

Sustainability has become essential for businesses, transitioning from a secondary consideration to a core corporate strategy. Companies that view sustainability merely as a checkbox risk falling behind in today's market. A PwC survey indicates over 80 percent of consumers are concerned about climate change. As sustainability expectations shift, leaders are urged to build innovative ecosystems and enhance product offerings.

By Abhimanyu Singh July 22, 2025 3 min read
Read full article

AI Revolutionizes Content Creation in Digital Marketing & SaaS

The rise of artificial intelligence (AI) is transforming digital marketing strategies, making content creation more efficient. AI content writers provide innovative solutions for generating engaging and informative content at scale. These advancements in technology enable businesses to reach wider audiences with personalized messaging, which enhances engagement and conversion rates.

By Ankit Lohar July 22, 2025 3 min read
Read full article