ESET Report: AI, banking malware used to steal money via deepfake videos
ESSENTIAL Security against Evolving Threats (ESET) has released its latest Threat Report, which summarizes threat landscape trends seen in ESET telemetry from December 2023 through May 2024 and from the perspective of both ESET threat detection and research experts,
The past six months painted a dynamic landscape of Android financial threats, malware going after victims’ mobile banking funds — be they in the form of “traditional” banking malware or, more recently, cryptostealers.
Infostealing malware can now be found impersonating generative AI tools, and new mobile malware GoldPickaxe is capable of stealing facial recognition data to create deepfake videos used by the malware’s operators to authenticate fraudulent financial transactions.
Video games and cheating tools used in online multiplayer games were recently found to contain infostealer malware, such as the RedLine Stealer, which saw several detection spikes in H1 2024 in ESET telemetry.
“GoldPickaxe has both Android and iOS versions and has been targeting victims in Southeast Asia through localized malicious apps. As ESET researchers investigated this malware family, they discovered that an older Android sibling of GoldPickaxe, called GoldDiggerPlus, has also tunneled its way to Latin America and South Africa by actively targeting victims in these regions,” ESET Threat Detection Director Ji í Kropá explained.
In recent months Infostealing malware also began to utilize the impersonation of generative AI tools. In H1 2024, Rilide Stealer was spotted misusing the names of generative AI assistants, such as OpenAI’s Sora and Google’s Gemini, to entice potential victims.
The ESET Threat Report features news about a recently released deep-dive investigation into one of the most advanced server-side malware campaigns, which is still growing — Ebury group, with their malware and botnet.
Check out the ESET Threat Report H1 2024 on WeLiveSecurity. com or follow ESET Research on Twitter (now known as X) for more information.