Malware

AI tool-spoofing EvilAI malware facilitates global compromise

Organizations around the world particularly manufacturing, government, and healthcare entities across India, the U.S., France, Italy, and Brazil have been subjected to attacks spreading the EvilAI malware under the guise of fake artificial intelligence-enhanced tools, The Hacker News reports.

Malicious programs AppSuite, OneStart, PDF Editor, Manual Finder, and TamperedChef, among others, have been leveraged by threat actors to deploy EvilAI as a stager for initial access, persistence, and further payload compromise, as well as security software enumeration, according to a Trend Micro analysis.

Additional findings by G DATA revealed AppSuite, OneStart, and Manual Finder to share the same creator and server infrastructure, but while such a report noted differences between TamperedChef and BaoLoader, both payloads were found by TRUESEC researchers to be the same. Moreover, other apps impersonating image viewer and calendar tools were discovered by Field Effect and GuidePoint Security to also be launching TamperedChef malware.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.

Related Terms

Adware

You can skip this ad in 5 seconds