This fake AI image generator is pushing info-stealing malware onto Macs and PCs

News
By published

Passwords, financial info and other stolen data from this fake AI tool is sent right back to hackers

Malware
(Image credit: Shutterstock)

Threat actors have been using links to fake AI image and video generators to steal login credentials and browsing history from infected Windows PCs and Macs

As reported by BleepingComputer and first discovered by cybersecurity researcher gonjxa on X, these fake apps are being spread through both search results and ads on the social media platform showing political deepfakes. The malicious links they contain lead to very professional appearing websites purporting to be for the fake AI image and video editing software application EditProAi.

Though it feels legitimate and even looks so at first glance, the download link for this fake AI app actually contains malware, namely the Windows variant of Lumma Stealer on PC and the macOS version of AMOS on Apple computers.

The malware itself attacks Chromium-based browsers to steal credentials, passwords, credit cards, cookies and browsing history, as well as cryptocurrency. Google Chrome, Microsoft Edge, Mozilla Firefox, Opera and Samsung Internet are all among the affected browsers.

Data is then archived and sent back to the attackers where it can be sold on the dark web or used in further attacks. The PC malware used in this campaign leverages a stolen code signing certificate from the freeware utility developer Softwareok.com to help it bypass Microsoft's built-in defenses.

If you’ve downloaded and installed this program, all of your authentications, saved passwords and crypto wallets should be considered compromised. Every site you visited after installing it should have its password reset with a strong, unique password. Likewise, any online banking or email services you visited with it installed on your computer need to be secured by using 2FA or multi-factor authentication if you haven't done so already.

How to stay safe from malware

A woman looking at a smartphone while using a laptop

(Image credit: Shutterstock)

It’s been said before but it bears repeating: you can never be too safe online. Whether it’s a new game or an AI image generator, if something seems too good to be true, it almost certainly is. That’s why you want to stick with known sites, services and in this case, AI tools like the ones on our list of the best AI image generators.

You also obviously will want to have strong protection against viruses on your Mac or PC, so make sure you have the best antivirus software on your PC and the best Mac antivirus software on your Apple computer. This ensures that malware is detected and blocked from infecting your machine which prevents your sensitive personal and financial data from being stolen by hackers in the first place.

At the same time, you want to stick to known sites and services with a good reputation and background, when in doubt, use Google or another reputable search engine for background information and reviews. And for the love of Dolly Parton, don’t just click on any link from social media or share your personal info all over the internet. If you do, you're just asking for trouble and you could even end up becoming a victim of identity theft.

More from Tom's Guide

See more Computing News
Amber Bouman
Amber Bouman
Senior Editor Security

Amber Bouman is the senior security editor at Tom's Guide where she writes about antivirus software, home security, identity theft and more. She has long had an interest in personal security, both online and off, and also has an appreciation for martial arts and edged weapons. With over two decades of experience working in tech journalism, Amber has written for a number of publications including PC World, Maximum PC, Tech Hive, and Engadget covering everything from smartphones to smart breast pumps. 

Read more
A hacker typing quickly on a keyboard
Hackers are posing as Apple and Google to infect Macs with malware — don’t fall for these fake browser updates
An image of a CAPTCHA
Hackers are using reCAPTCHA to trick users into infecting their own PCs with malware — how to stay safe
Reddit logo and Reddit logo on phone
Hackers have created hundreds of fake Reddit sites to spread info-stealing malware
An FBI agent typing on a computer
FBI issues warning to millions of Americans to avoid these websites that can steal your passwords and banking info
A laptop displaying the Chrome logo
Don't click this — malicious ads impersonating Google Chrome spreading dangerous malware
MacBook Pro 2021 (16-inch) on a patio table
Millions of Mac owners urged to be on alert for info-stealing malware
Latest in Malware & Adware
Green skull on smartphone screen.
Malicious Android apps with 60 million installs bombarding phones with ads and phishing attacks — how to stay safe
Malware
Dangerous new password-stealing trojan automatically reinstalls itself on infected PCs
An FBI agent typing on a computer
FBI issues warning to millions of Americans to avoid these websites that can steal your passwords and banking info
A hacker typing quickly on a keyboard
New MassJacker malware is hijacking digital wallets to steal large sums from users
A person trying to set up a new Wi-Fi router
Thousands of TP-Link routers have been infected by a botnet to spread malware
A smartphone screen displaying the Android name and logo next to a sign reading 'MALWARE'.
Fake Google Play Store pages are spreading Trojan malware that can steal your financial data
Latest in News
A first look at Amazon's Fallout TV series coming to Prime Video
‘Fallout’ season 3 plans are reportedly being made — while season 2 is still filming
Surface Laptop 7 from the front
Amazon just gave Surface Laptop 7 a 'frequently returned' label — here's what's going on
New emojis with iOS 18.4 beta release.
iOS 18.4 beta brings 8 new emoji to your iPhone — here's all the new options
23andME box
23andMe has declared bankruptcy — here's how to delete your data now
half-life alyx
Latest Half-Life 3 rumors point to a 2025 release — and maybe pigs will fly
NFL Sunday Ticket logo for YouTube
NFL Sunday Ticket 2025 pricing revealed — and it's bad news
More about malware and adware
Green skull on smartphone screen.

Malicious Android apps with 60 million installs bombarding phones with ads and phishing attacks — how to stay safe
Malware

Dangerous new password-stealing trojan automatically reinstalls itself on infected PCs
Two members of our review team photographed during a pressure relief test on the Saatva Classic mattress, with one typing notes into a laptop and the other measuring the amount of sinkage caused by a 56lb cast iron weight being dropped into the middle of the Saatva Classic mattress

People with this bed type are most satisfied with their mattress — and it’s not what we expected
See more latest