Facebook users targeted by a fake Midjourney page pushing malware
A recent incident has brought to light the dangers lurking on social media platforms, particularly Facebook, where cybercriminals are actively promoting malware to unsuspecting users. According to a report by Bitdefender, a Facebook page with over 1.2 million subscribers was found to be pushing infostealers disguised as Generative AI tools.
The scheme involved hackers taking control of a vulnerable Facebook page, renaming it to Midjourney, and aggressively promoting it through paid advertisements. The fraudulent page accumulated a vast number of subscribers before being shut down, showcasing the scale of the operation.
In addition to the fake Facebook page, the cybercriminals also set up a website imitating Midjourney, offering a downloadable version of the alleged genAI tool. Users who downloaded the program unknowingly installed the Rilide v4 infostealer, masquerading as a Google Translate extension for web browsers.
The majority of victims targeted by this scam were men aged 25-55 located in Europe, with a significant portion residing in countries such as Germany, Poland, Italy, and France. While Facebook took down the malicious page, experts warn that similar schemes are still prevalent on the platform, underscoring the need for users to exercise caution and verify the legitimacy of online tools before downloading them.
Generative AI tools like Midjourney, SORA, and DALL-E are increasingly being leveraged by cybercriminals to distribute malware under the guise of legitimate software. As such, users are urged to remain vigilant and conduct thorough research to avoid falling victim to such scams.
