Cybercriminals are increasingly using AI-generated lures such as deepfake content and impersonated AI tools to distribute malware and ransomware. Smaller threat groups like CyberLock, Lucky_Gh0$t, and Numero are exploiting SEO poisoning and malvertising to infect victims with malicious payloads. #CyberLock #Lucky_Gh0$t #Numero
Keypoints
- Cybercriminals utilize AI-generated content and impersonation to lure victims.
- Smaller ransomware groups are adopting SEO and malvertising strategies for distribution.
- CyberLock ransomware is delivered through fake AI tool websites offering free subscriptions.
- Lucky_Gh0$t encrypts files with random extensions and demands Monero ransom for decryption.
- Numero infects Windows systems by corrupting GUI components without encrypting data.