Threat actors are using fake AI image and video generators to distribute Lumma Stealer and AMOS information-stealing malware on Windows and macOS. These malicious programs masquerade as an AI application called EditProAI, targeting users through search results and social media advertisements. The malware steals credentials, passwords, credit card information, and cryptocurrency wallets from popular web browsers. Victims are lured by deepfake political videos and professional-looking websites. The Windows variant uses a stolen code signing certificate to appear legitimate. Users who have downloaded this malware should consider their saved passwords and authentication compromised, reset them immediately, and enable multi-factor authentication on sensitive accounts. Author: AlienVault
Related Tags:
T1216
ai
T1588.002
T1204.001
T1056.001
macos
amos
T1555
T1552
Associated Indicators:
editproai.org
editproai.pro
http://proai.club/panelgood/