EditProAI is a new AI tool that’s going viral — Don’t fall for its scam

The rise of AI-generated content has created new opportunities for cybercriminals to distribute malware through fake AI tool websites.

Latest cyber threat alert: A fraudulent AI image and video generator website called EditProAI is being used to distribute malware that targets both Windows and macOS systems.

• The malicious website appears legitimate with professional menus and privacy policies but delivers harmful malware when users click the “Get Now” button
• Windows users receive Lumma Stealer malware through a file named “Edit-ProAI-Setup-newest_release.exe”
• Mac users are targeted with AMOS malware via a file called “EditProAi_v.4.36.dmg”

Distribution tactics: The cybercriminals behind EditProAI are leveraging both search engine optimization and social media to spread their malware.

• The scam is promoted through Google search results and social media posts
• Attackers use politically charged deepfake content featuring Biden and Trump to attract potential victims
• A related site called EditPro, with a slightly different URL, requests payment in Indian rupees for photo editing services

Malware capabilities: The downloaded malicious software is designed to steal sensitive personal and financial information from infected devices.

• The malware targets cryptocurrency wallets, browser cookies, login credentials, and stored passwords
• Credit card information and browsing history are also harvested from web browsers
• Stolen data is compressed and transmitted to the attackers’ servers for potential resale or further cyberattacks

Security research details: This malware campaign was uncovered through collaborative cybersecurity research efforts.

• Cybersecurity researcher @g0njxa first identified the threat
• BleepingComputer subsequently published detailed findings about the malware operation
• The discovery highlights the growing trend of cybercriminals exploiting interest in AI tools

Future implications: The emergence of AI-themed malware campaigns signals a concerning evolution in cyber threats, as criminals capitalize on public interest in artificial intelligence technology to distribute increasingly sophisticated malware.