AI Porn Sites: New Virus Risk.

Russian Hackers Target Porn Users with AI-Driven Malware

Since the mainstream Adoption of the internet, porn sites have been notorious for carrying malware. The latest method employed by cybercriminals involves the use of AI-driven "deepnude generators" to target unsuspecting users.

FIN7 Cybercrime Group Revived

Russian hackers connected to the notorious cybercrime group FIN7, which was believed to be dismantled in 2023, have resurfaced with a new and highly deceptive strategy. FIN7 has recently set up thousands of fake domains, including several "deepnude generator" websites designed to infect users with malware.

• These deceptive sites offered a "free download" option that redirected users to malicious payloads.
• Techniques like changing domains make it challenging to shut down these websites permanently.

The domains used by the hackers included names like easynude(.)website, ai-nude(.)Cloud, and nude-ai(.)pro.

AI-Driven Malware Challenges Security Measures

Detecting and preventing malware attacks like those orchestrated by FIN7 is a significant challenge. According to security experts like San Jose State University Professor Ahmed Banafa, once a user interacts with a malicious website, malware can be quickly downloaded onto their device.

Banafa highlighted that porn sites are a common target for such attacks due to the vulnerability of users.

Historical Trends of Malware Distribution

While the use of AI in malware distribution is a new twist, the strategy of targeting users through deceptive means is not unprecedented. Dating back to 1999 and early 2000s, cybercriminals leveraged Platforms like America Online and adult websites to spread viruses and spyware.

• Viruses like Melissa and ILOVEYOU infected users' devices undetected.
• Last month, San Francisco took Legal action against 18 deepfake websites exploiting women and girls.

The use of generative AI Technology for malicious purposes raises concerns in the cybersecurity realm.

FIN7's Extensive Reach and Operations

FIN7, also known as Financially Motivated Threat Group 7, has been linked to significant cybercrime activities beyond malware on porn sites. The group has targeted corporate entities, infiltrating systems to steal sensitive Data and execute fraudulent transactions.

• Well-known companies like Chipotle, Chili's, and Arby's have been victims of FIN7.
• The group has stolen millions of customers' card data through point-of-sale system breaches.

Additionally, FIN7 established fake security firms to recruit cybersecurity professionals for illicit activities, showcasing the group's complex and deceptive operations.

Conclusion

The resurgence of FIN7 and the use of AI-driven malware highlight the evolving landscape of cyber threats. Understanding these tactics and staying vigilant against deceptive practices on the internet are crucial steps in safeguarding personal and corporate data.