Fake AI 'Nudify' Sites Reportedly Linked to Malware Distribution by Russian Hacker Collective FIN7
October 2, 2024
The hacker group FIN7 is allegedly behind fake AI "nudify" websites distributing infostealer malware to users, according to an investigation by Silent Push. These sites are reported to lure individuals seeking deepfake AI tools into downloading malware disguised as software to "nudify" photos. The malware steals sensitive data from victims, which is used for extortion or financial fraud. FIN7's activity on this front reportedly marks the revival of a group previously declared defunct by the U.S. Department of Justice.
- Alleged deployer
- fin7, carbon-spider, elbrus, sangria-tempest
- Alleged developer
- fin7, carbon-spider, elbrus, sangria-tempest
- Alleged harmed parties
- users-of-fake-nudify-sites
Source
Data from the AI Incident Database (AIID). Cite this incident: https://incidentdatabase.ai/cite/865
Data source
Incident data is from the AI Incident Database (AIID).
When citing the database as a whole, please use:
McGregor, S. (2021) Preventing Repeated Real World AI Failures by Cataloging Incidents: The AI Incident Database. In Proceedings of the Thirty-Third Annual Conference on Innovative Applications of Artificial Intelligence (IAAI-21). Virtual Conference.
Pre-print on arXiv · Database snapshots & citation guide
We use weekly snapshots of the AIID for stable reference. For the official suggested citation of a specific incident, use the “Cite this incident” link on each incident page.