Pornography websites are the latest attack vectors for crypto hackers.
A Russian group known as FIN7 is now using "deep nude" websites to spread trojans and viruses.
Malware and Porn have had a long history spanning decades. AI simply worsens things.
It is important to remain vigilant especially when interacting with unfamiliar websites or downloading free content.
According to recent reports, a Russian hacker group is now using a new breed of AI to spread all kinds of malware.
This group is specifically targeting "deep nude" websites—automatic nude photo generators that generate dozens of explicit images at the click of a button.
The ongoing trend has marked a disturbing combination of AI plus cybercrime and the need for vigilance is clear now, more than ever.
Here are the full details
Porn sites, while not new to the malware business, now feature images that lure victims into clicking on them.
Once clicked, said victim unknowingly downloads malware onto their device.
This then opens their computer (and they themselves) to the slew of cyberattacks that often follow.
At the center of this scheme is a cybercrime syndicate called FIN7.
Introducing FIN7
FIN7 is a notorious group that many thought had been “busted and disbanded”. This group has been linked to several classes of cybercrime all across the globe.
However, their latest venture has noticed the growing demand for AI-generated adult content.
By exploiting this need, they can now spread malware faster and wider than ever.
Crypto wallets can now be drained and personal data can be stolen much faster.
This cybercrime syndicate has been active since 2012.
KrebsOnSecurity even notes that as of July 2024, the group had been responsible for around $3 billion in stolen funds worldwide.
From 2016 to 2017, FIN7 managed to compromise over 6,500 Point of Sale (PoS) terminals.
They have targeted major companies like American Express, Cisco, CNN, Costco, Dropbox and dozens of others.
Such widespread damage makes them as dangerous as North Korea’s Lazarus group, if not more.
For more than a decade now, the group has wreaked havoc by infiltrating corporate systems, stealing customer data and making fraudulent bank transfers.
Interestingly, U.S. authorities successfully tracked down and arrested key members of the gang last year.
They even celebrated this feat, believing that the group was now dead.
Recently, however, a report from Virginia-based cybersecurity firm Silent Push revealed otherwise.
Silent Push’s findings show that FIN7 is still alive and kicking.
In fact, this syndicate has launched thousands of fake websites including the ones in question, which are posing as "deep nude generators."
An example of the aiNude[.]ai Deepnude Generator
These sites act as honeypots of sorts and are designed to entice users with the promise of free AI-made nude images.
Once users click on the download links, they are redirected to domains containing malware (often through Dropbox or other file-sharing platforms).
The speed at which this malware is installed makes it difficult to detect or even prevent the attack.
Before the victim realizes what is happening, their device has already been compromised.
While this method of attack is old, its consequences are still as brutal.
Many of these AI-driven malware programs are connected to crypto-drainers and identity theft tools.
Once installed, the malware can siphon funds from popular wallets like MetaMask or even scan a computer for valid personal information.
The malware operates silently, stealing private keys, passwords and recovery phrases: All of which can give hackers full access to the victim’s crypto holdings.
Once funds are stolen, they are often funneled through a web of wallets and exchanges where they disappear for good.
The use of AI in these cybercrime exploits has been growing at an alarming rate.
Specifically, AI-driven "deep nude generators" allow hackers to tailor their approach to specific victim profiles.
This helps them to create a more personalized and effective bait.
As San Francisco City Attorney David Chiu highlighted in a recent lawsuit against illegal deepfake websites:
AI holds immense promise. At the same time, it also introduces new avenues for exploitation.
Unknowingly downloading malware
Hackers are not just relying on brute-force attacks anymore.
Instead they are deploying intelligent, targeted strategies that exploit human weaknesses.
AI is only the newest addition to the fray.
The pornography industry and malware have had a long history that has been around for decades.
Sometime in the late 1990s, the "Melissa" virus made headlines for the same thing. This virus successfully spread malware through adult newsgroups and infected thousands of computers.
The epidemic was especially severe in the early 2000s when adult websites became a breeding ground for Trojans and spyware disguised as video players.
These often recorded user keystrokes and changed their browser settings to allow the attackers easier access.
Finally, while authorities have taken down many of FIN7’s deepnude websites, the group continues to create more to fill in the gaps.
Cybersecurity experts are now urging users to exercise caution.
This is especially important when engaging with unfamiliar websites or downloading free content.
As with many forms of cybercrime, human error remains the weakest link.
Disclaimer: Voice of Crypto aims to deliver accurate and up-to-date information, but it will not be responsible for any missing facts or inaccurate information. Cryptocurrencies are highly volatile financial assets, so research and make your own financial decisions.