A report from 404 Media reveals that Russian hackers, specifically the hacking group “FIN7,” are exploiting fake AI websites to steal cryptocurrency wallet details and sensitive personal information.
Silent Push, a cybersecurity firm, uncovered that these misleading sites fascinate users with promises of “Nude AI” tools, which claim to generate inappropriate images from clothed photos using artificial intelligence. Instead of delivering on these illicit promises, the websites secretly install malware that collects sensitive data, including crypto wallet credentials. Despite being declared inactive by the US Department of Justice last year, FIN7 has resurfaced with this new scam, targeting individuals interested in unethical AI applications.
FIN7 : A Hacking Group
FIN7 has been a prominent player in the world of cybercrime since 2013, with links to ransomware gangs like DarkSide, BlackMatter, and BlackCat. They’ve been involved in high-profile attacks, demanding large ransoms from corporations and creating sophisticated phishing schemes.
After three key members were arrested and sentenced in 2023, it seemed like FIN7 had been dismantled for good. However, recent findings from cybersecurity firm Silent Push indicate the group has found a new way to exploit digital vulnerabilities—targeting individuals through fake “nude AI” generator sites.
The “Nude AI” Scam
The scam revolves around websites that pose as platforms offering AI-powered “nude AI” services, supposedly capable of transforming clothed photos into non-consensual nude images. These sites, including “aiNude[.]ai,” “easynude[.]website,” and “nude-ai[.]pro,” claim to provide free trials or downloads for generating these images.
Cybersecurity expert Zach Edwards from Silent Push explains the appeal: “There’s a specific type of audience who wants to be on the bleeding edge of creepy, while ignoring new laws around deepfakes, and who are proactively searching out ‘nude AI’ software.” However, instead of delivering on their shady promises, these sites infect users’ devices with malware.
How the Nude AI Malware Works
FIN7’s fake “nude AI” websites operate like many phishing scams. When users attempt to download the software required to “nudify” images, they are instead downloading infostealer malware. This malware, often disguised as legitimate software, is designed to extract sensitive data, including login credentials, email accounts, and cryptocurrency wallet information.
The malware deployed by these “nude AI” sites is typically RedLine or Lumma Stealer. Once on a victim’s device, it silently collects valuable information, often targeting tech-savvy individuals who are likely to have crypto accounts. According to Edwards, “The deepfake AI software may have an audience of mostly men, many of whom also use other AI software or hold cryptocurrency accounts.”
The Consequences for Victims
The consequences for falling into the “Nude AI” trap can be severe. Once the malware is installed, victims are at risk of having their login details and cryptocurrency wallets compromised. The hackers behind the scam can then use this information to demand ransoms, blackmail victims, or drain their financial accounts.
This is particularly concerning for cryptocurrency users, as the malware specifically seeks out crypto wallet information. The rise in cryptocurrency adoption has made crypto wallets an appealing target for cybercriminals. Once a wallet’s credentials are stolen, the hackers can transfer funds, leaving victims with little recourse for recovery.
FIN7’s Evolving Tactics
While FIN7 was previously known for large scale corporate attacks, this new “nude AI” scheme shows their ability to adapt to changing trends in technology and internet behavior. By targeting individuals instead of corporations, they are tapping into the demand for unethical AI-powered tools like “nude AI” software, which allows them to expand their reach and continue their criminal activities.
FIN7’s history of creating highly sophisticated phishing schemes such as posing as legitimate companies to distribute malware has given them the expertise to make these fake “nude AI” websites look professional and credible. In this latest scam, their use of search engine optimization (SEO) tactics ensures that the sites rank highly on search results, further increasing the chances of ensnaring unsuspecting victims.
A Moral Dilemma
This particular scam raises an important moral question: Is the individuals attempting to use “nude AI” software to generate non consensual images, or the hackers exploiting their intentions? While the hackers are clearly breaking the law, the fact that they are targeting individuals engaging in unethical and illegal activities themselves makes this case particularly complex.
FIN7 has once again shown their expertise in preying on human weaknesses. By exploiting the demand for controversial AI technologies like “nude AI,” they have created an effective trap that not only steals personal data but also exposes the vulnerabilities of individuals who seek out unethical digital tools.
Also Read : BlackRock and Microsoft are joining forces for a huge $30 billion investment in Artificial Intelligence (AI)
Conclusion
The rise of “nude AI” generator sites reflects the dangerous in emerging technologies with unethical behavior. While many of the fake “Nude AI” sites have been taken down, the damage has already been done for many victims. FIN7’s ability to leverage this technology for cybercrime demonstrates the adaptability of cybercriminals and the growing threat to individual security. In the world of cybercrime, it seems that anyone whether a victim or perpetrator can quickly find themselves on the receiving end of a scam.
