Techly NewsGet the app

Get the latest tech news

AI Malware Is Here: New Report Shows How Fake AI Tools Are Spreading Ransomware


Cisco Talos has uncovered new threats, including ransomware like CyberLock and Lucky_Gh0$t, and a destructive malware called Numero, all disguised as legitimate AI tool installers to target victims.

Cisco Talos has discovered new threats, including the ransomware CyberLock, Lucky_Gh0$t, and a newly-discovered malware we call “Numero,” all of which masquerade as legitimate AI tool installers. The newly-identified destructive malware, Numero, affects victims by manipulating the graphical user interface (GUI) components of their Windows OSs, rendering systems completely unusable. Finally, CyberLock uses the living-off-the-land binary (LoLBin) ‘cipher.exe’ with the ‘/w’ option to erase free space on the victim's hard drive partitions, hindering forensic recovery of deleted files.

Get the Android app

Or read this on Hacker News

Read more on:

Photo of malware

malware

Photo of tools

tools

Photo of new report

new report

Related news:

News photo

Which LLM should you use? Token Monster automatically combines multiple models and tools for you

News photo

Cybercriminals exploit AI hype to spread ransomware, malware

News photo

Show HN: My LLM CLI tool can run tools now, from Python code or plugins

« Google plans to appeal the antitrust ruling against its search engine dominance
Roborock Saros Z70 Review: This Robovac's Robotic Arm Is a Swing and a Miss »