TrendAI™ Research tracked a sustained malvertising campaign that abused Google Ads to deliver ClickFix social engineering attacks disguised as popular AI developer tools. The campaign impersonated at least six legitimate brand names, including ChatGPT Codex, Perplexity, Cursor IDE, JetBrains, Claude AI, and claude.ai, and simultaneously ran Mac utility scam lures.
By leveraging paid search ads targeting users actively seeking AI development tools, the attackers were able to target technically proficient users who are more likely to interact with command-line instructions without suspicion. This marks a sophisticated evolution of the ClickFix social engineering technique, where victims are tricked into manually executing malicious commands, typically by copying and pasting PowerShell or terminal commands under the guise of “fixing” a problem or completing a software installation.
Read more…
Source: Trend Micro
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Don’t click that Google Docs link! Gmail hijack mail spreads like wildfire
May 3, 2017
If you get an email today sharing a Google Docs file with you, don’t click it – you may accidentally hand over your Gmail inbox and your contacts to a mystery attacker. The phishing campaign really kicked off in a big way on Wednesday morning, US West Coast time. The malicious email contains what appears to ...
- Hundreds of Fake UK Bank Sites Exposed, Pose High Risk for Customers
May 3, 2017
Hackers have registered over 300 domains with names similar to those of several popular British banks, which they use to trick customers into handing over personal details or login data. According to DomainTools, a company handling domain names and DNS-based cyber threats, 324 such domains were discovered only in relation to banks in the United Kingdom, ...
- DDoS Attacks Can Cost Businesses Up to $2.5M Per Attack, Report Says
May 2, 2017
The time to respond and mitigate DDoS attacks can be costly for companies, and some businesses can lose roughly $2.5 million on average per attack, a research report released today said. Neustar, an analytics firm that sees swathes of DDoS attack telemetry daily, boiled down some of the figures in a dispatch, its annual Worldwide DDoS Attacks and Cyber Insights ...
- PCs with Intel Server Chipsets, Launched Since 2010, Can be Hacked Remotely
May 1, 2017
Updated: Since the below-reported vulnerability is highly critical and it would take a few weeks for sysadmins to protect their enterprise network, the research team has not yet disclosed the technical details of the vulnerability. Meanwhile, I have talked with Maksim Malyutin, a member of Embedi research team who discovered the vulnerability in March, and updated ...
- TalkTalk hack attack: Two men plead guilty to customer data theft
April 27, 2017
Two men have pleaded guilty to hacking into TalkTalk’s website in October 2015 and stealing thousands of customer records containing sensitive data. Matthew Hanley, 22, of Devonshire Drive, Tamworth admitted to three offences under the Computer Misuse Act. The Metropolitan Police said that he confessed to breaching TalkTalk’s site, had obtained files that would enable the ...
- FalseGuide malware victim count jumps to 2 million
April 26, 2017
An estimated 2 million Android users have now fallen victim to malware mistakenly downloaded from Google Play, which was initially reported to have affected approximately 600,000 users. The malware, dubbed FalseGuide, was hidden in more than 40 guide apps for games, the oldest of which was uploaded to Google Play as early as November last year, ...