Fake AI Facebook ads are luring in businesses to have their data stolen

No, you’re not getting exclusive access to Bard

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

Hackers are trying to trick businesses with a Facebook presence to installmalware, cybersecurity researchers have revealed.

Cybersecurity researchers from Trend Micro recently published an in-depth analysis of a campaign leveraging Facebook ads, and tapping into the Artificial Intelligence (AI) and Large Language Models (LLM) trends, to trick businesses into installing malware.

In itsreport, the team says the ultimate goal of the malware is to grant its masters access to the budget these firms set aside for Facebook advertising so that they can use it to further their own malicious goals.

Meta AI

In the campaign, unnamed threat actors created Facebook ads that promoted fake software designed to boost productivity, increase reach and revenue, or assist in teaching. This software was advertised as being powered by AI, including Bard -Google’s AI-poweredchatbotthat’s currently unavailable in the European Union (EU), and something called “Meta AI”.

These are the best identity theft protection tools around>Facebook business owners targeted by hackers>Dangerous new infostealer targets top password managers

To access the software, the victims were invited to click on the link provided in the ad copy. The link leads the victims to a landing page hosted on Google Sites, which holds a download button. Pressing the button initiates the download of malware stored on Google Drive, Dropbox, and similar legitimate cloud storage solutions.

The malware - a singleMSIfile - was hidden in an encrypted archive with a simple password, which allowed it to bypass antivirus programs. Victims who take the bait and install the software on theirendpointswill get a malicious Chrome extension that impersonates Google Translate. In reality, the malware steals Facebook cookies, access tokens, and other information, all with the goal of assessing whether the victim’s Facebook account has access to a company page, and has funds preloaded to use in running Facebook ad campaigns. Ultimately, the funds would be used by the hackers to advertise their own goals.

While the identity of the threat actors was not disclosed, the researchers found several keywords and variables in the malicious script in Vietnamese.

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

Dangerous Android banking malware looks to trick victims with fake money transfers

Sophos Firewall hack on government network used an all-new custom malware

New World: Aeternum review: Amazon’s ailing MMORPG gets a much-needed second wind