Organizations around the world particularly manufacturing, government, and healthcare entities across India, the U.S., France, Italy, and Brazil have been subjected to attacks spreading the EvilAI malware under the guise of fake artificial intelligence-enhanced tools, The Hacker News reports.Malicious programs AppSuite, OneStart, PDF Editor, Manual Finder, and TamperedChef, among others, have been leveraged by threat actors to deploy EvilAI as a stager for initial access, persistence, and further payload compromise, as well as security software enumeration, according to a Trend Micro analysis.Additional findings by G DATA revealed AppSuite, OneStart, and Manual Finder to share the same creator and server infrastructure, but while such a report noted differences between TamperedChef and BaoLoader, both payloads were found by TRUESEC researchers to be the same. Moreover, other apps impersonating image viewer and calendar tools were discovered by Field Effect and GuidePoint Security to also be launching TamperedChef malware.
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news
Related Terms
AdwareYou can skip this ad in 5 seconds



