TrendAI™ Research tracked a sustained malvertising campaign that abused Google Ads to deliver ClickFix social engineering attacks disguised as popular AI developer tools. The campaign impersonated at least six legitimate brand names, including ChatGPT Codex, Perplexity, Cursor IDE, JetBrains, Claude AI, and claude.ai, and simultaneously ran Mac utility scam lures.
By leveraging paid search ads targeting users actively seeking AI development tools, the attackers were able to target technically proficient users who are more likely to interact with command-line instructions without suspicion. This marks a sophisticated evolution of the ClickFix social engineering technique, where victims are tricked into manually executing malicious commands, typically by copying and pasting PowerShell or terminal commands under the guise of “fixing” a problem or completing a software installation.
Read more…
Source: Trend Micro
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Australian universities and NGOs targeted by Iranian and Chinese hackers
February 27, 2018
Australian universities have been targeted by hackers with connections to Iran in recent months, and “a number of investigations” are in progress, according to cybersecurity firm CrowdStrike. “There are a lot of things that are happening geopolitically that are driving a lot of attacks,” the company’s vice president for technology strategy Michael Sentonas told journalists in ...
- Massive Malspam Campaign Targets Unpatched Systems
February 27, 2018
Cybercriminals are leveraging a recently patched critical Adobe Flash Player vulnerability in a massive spam campaign targeting unpatched computers. According to the research firm Morphisec, cybercriminals are blasting spam messages that urge recipients to click a link to download a Word document. And when a victim opens the document and enables macros, malware attempts to exploit an ...
- Ransomware: Get ready for the next wave of destructive cyberattacks
February 26, 2018
It might look to be out of the limelight compared to 2017, but it would be foolish to write ransomware off yet, as more attacks using the file-encrypting malware are ahead. High profile incidents like WannaCry, NotPetya and Bad Rabbit made ransomeware infamous last year. WannaCry and NotPetya have since both been attributed to be the work of nation-states – the former to North ...
- Hackers are selling legitimate code-signing certificates to evade malware detection
February 22, 2018
Security researchers have found that hackers are using code-signing certificates more to make it easier to bypass security appliances and infect their victims. New research by Recorded Future’s Insikt Group found that hackers and malicious actors are obtaining legitimate certificates from issuing authorities in order to sign malicious code. Read more… Source: ZDNet
- Global economy loses more than half a trillion dollars through cybercrime
February 22, 2018
The global economy loses roughly $600 billion every year due to cybercrime, experts have warned. A new worldwide study from McAfee added that global losses are also set to increase more and more going forward, given that in 2014, the damage stood at $445 billion. “Crime is more efficient, less risky, more profitable and has never been easier to ...
- Bot and drone misuse could lead to cybercrime explosion
February 21, 2018
The rapid development of drones and artificial intelligence is a “game-changer” that will present a serious threat to national security if it isn’t addressed. The assessment, made by 26 experts from institutions including Cambridge and Oxford Universities, warns of the potential for malicious use of artificial intelligence (AI) by rogue states, criminals, and terrorists. The panel forecast ...