
Cybercriminals are luring users into downloading malware through fake AI generators. After a user uploads their own image as a prompt, the website provides a downloadable file containing an infostealer.
“This file installs malware — such as Noodlophile or Noodlophile bundled with XWorm — onto their systems, enabling attackers to steal data, harvest credentials, and potentially gain remote access to infected devices,” wrote Shmuel Uzan, a security researcher for Morphisec, in a report.
Fake AI tools are advertised on Facebook
The new form of social engineering appears to start on Facebook, as attackers advertise links to “AI-themed platforms” in groups where members are searching for free AI tools. These groups have thousands of members, and posts in them can reach up to 62,000 views, according to Uzan.
The bogus websites where victims seek access to the promised AI services mimic legitimate software, misusing names and logos such as Luma Dream Machine. One even includes the CapCut logo, a popular video editing app owned by TikTok parent company ByteDance.
The websites encourage visitors to upload their own images or videos, claiming that AI will be used to edit the files or generate new content using them as a prompt. Once uploaded, the platform “processes” the reference file and then presents a Download Now button.
SEE: TechRepublic Premium’s Malware Quick Glossary
When victims try to download their AI-generated content, they get infected
When the victim clicks the button, they download a ZIP file named VideoDreamAI.zip, which contains a series of components, including a .NET loader, C++-based executables, and batch scripts. One executable, Video Dream MachineAI.mp4.exe, launches the second, CapCut.exe, which subsequently runs the .NET loader.
The loader downloads a Python payload called srchost.exe from a remote server, which, when executed, deploys an infostealer that harvests the victim’s browser credentials, cookies, crypto wallets, tokens, and other data. This has been dubbed the Noodlophile Infostealer, and can send the stolen details to the attackers through a Telegram bot. In some cases, a remote access trojan like XWorm is also loaded.
Who is being targeted, and what makes this campaign unique
In addition to images and videos, the fraudulent platforms uncovered by Uzan offer AI-generated websites and mockups, suggesting that the attacker’s targets are businesses. However, their use of Facebook groups for promotion indicates they are not pursuing large corporate clients, but rather small or medium-sized businesses looking for free tools to cut marketing costs.
“What makes this campaign unique is its exploitation of AI as a social engineering lure — turning an emerging legitimate trend into an infection vector,” Uzan wrote. “Unlike older malware campaigns disguised as pirated software or game cheats, this operation targets a newer, more trusting audience: creators and small businesses exploring AI for productivity.”
Noodlophile is believed to originate in Vietnam
Searching for the term “Noodlophile” on cybercrime forums revealed that it was being advertised as part of a malware-as-a-service offering, Uzan found. He also discovered the malware’s developer on Facebook leaving comments on posts that promoted an account takeover technique associated with the Noodlophile infostealer.
Due to the language and other social media indicators, Uzan believes the developer is Vietnamese. The associated GitHub profile, which has had the name Noodlophile removed, says that they are a “passionate Malware Developer” who sells cyber security tools.