Cybercriminals are exploiting an AI-powered website creation platform called Lovable to generate fraudulent websites for credential phishing and malware delivery. The threat actors create or clone sites impersonating well-known brands, use CAPTCHA for filtering, and post stolen credentials to Telegram. Campaigns observed include Tycoon phishing, payment and personal data theft, cryptocurrency wallet draining, and malware distribution. The ease of use of such AI tools significantly lowers the barrier to entry for cybercriminals, allowing them to quickly create convincing phishing pages. While Lovable has implemented new security measures, organizations are advised to consider allow-listing policies for frequently abused tools. Author: AlienVault
Related Tags:
ai-generated websites
DOILoader
Tycoon
malware delivery
T1218.011
ZGRat
T1193
Credential Theft
T1185
Associated Indicators:
https://33eq8.oquvzop.es/CFTvqhHpUgs@x/
https://reward-aave.us/web3/
84.32.41.163