EXECUTIVE SUMMARY:
A campaign has emerged that exploits the rising demand for artificial intelligence software by delivering malware disguised as popular AI tools. Threat actors are targeting individuals and organizations seeking AI solutions by using deceptive websites and installers that imitate legitimate AI applications. These installers are embedded with ransomware and destructive malware that compromise systems upon execution. Victims are tricked into visiting seemingly trustworthy download portals, often ranked high on search engines due to search engine optimization abuse. Once downloaded, the fake tools launch malicious payloads under the guise of legitimate AI software. The attacks primarily affect professionals in sectors like B2B sales, technology, marketing, and content creation, where the demand for AI automation is growing rapidly. The impact includes file encryption, system disruption, data loss, and potential operational downtime, posing a significant threat to productivity and business continuity.
The attack uses a combination of deception and technical evasion techniques to reach and compromise targets. The malware delivery begins with fake AI installers hosted on lookalike domains, spread via social media platforms and search engine poisoning. One notable ransomware, CyberLock, is distributed through a loader disguised as a tool called NovaLeadsAI. It is PowerShell-based, employs AES encryption, and appends a “.cyberlock” extension to files. It drops a ransom note and modifies system wallpaper, demanding a $50,000 Monero payment. It also uses cipher.exe to wipe free disk space to block recovery attempts. Another variant, Lucky_Gh0$t, mimics a premium ChatGPT installer and includes open-source Microsoft AI tools to appear legitimate while hiding the ransomware binary. This variant instructs victims to communicate through a secure messenger app for ransom negotiations. A third malware, Numero, poses as an installer for a video content AI platform. It manipulates GUI elements using Windows APIs, rendering the system unusable and entering infinite loops. Numero also includes anti-debugging capabilities to resist analysis, making it particularly difficult to reverse engineer or dissect.
These campaigns illustrate a broader trend in cyberattacks where emerging technologies are leveraged as bait to mislead users. By masquerading as AI solutions, attackers exploit trust and curiosity surrounding technological innovation. The combination of ransomware and destructive malware indicates a dual objective—financial gain and system sabotage. The use of common communication platforms for distribution and negotiation increases the reach and adaptability of the threat actors. Furthermore, the inclusion of realistic decoys, such as actual AI software in installer bundles, complicates detection efforts. These tactics suggest a calculated approach to maximizing infiltration success while minimizing detection. The campaign highlights how threat actors continue to evolve socially engineered attacks, making even tech-savvy users vulnerable. With increasing reliance on AI software across industries, this trend could see more fake AI tools used as delivery vehicles for a range of malware.
THREAT PROFILE:
| Tactic | Technique ID | Technique |
| Resource Development | T1583 | Acquire Infrastructure |
| Initial Access | T1189 | Drive-by Compromise |
| Execution | T1059 | Command and Scripting Interpreter |
| Defense Evasion | T1140 | Deobfuscate/Decode Files or Info |
| T1497 | Virtualization/Sandbox Evasion | |
| Impact | T1486 | Data Encrypted for Impact |
| T1490 | Inhibit System Recovery | |
| T1499 | Endpoint Denial of Service |
REFERENCES:
The following reports contain further technical details: