"Searching for AI Tools? Watch Out for Rogue Sites Distributing RedLine Malware"

As part of a BATLOADER campaign designed to distribute the RedLine Stealer malware, malicious Google Search ads for generative Artificial Intelligence (AI) services such as OpenAI ChatGPT and Midjourney are being used to direct users to questionable websites. In an analysis, security researchers at eSentire noted that both AI services are popular but lack first-party standalone applications. Users interact with ChatGPT via their web interface, while Midjourney uses Discord. Threat actors have exploited this gap to direct AI app-seekers to malicious websites promoting fake apps. BATLOADER is a loader malware that is spread via drive-by downloads, in which users searching for specific keywords on search engines are shown fraudulent ads that, when clicked, redirect them to landing pages where malware is hosted. This article continues to discuss the use of malicious Google Search ads for generative AI services to direct users to sketchy websites as part of a BATLOADER campaign aimed at delivering RedLine Stealer malware. 

THN reports "Searching for AI Tools? Watch Out for Rogue Sites Distributing RedLine Malware"