More malicious websites, malware portals, and phishing pages have been created using the artificial intelligence-powered website creation and hosting platform Lovable despite the website builder's newly adopted protections, according to BleepingComputer.
Attacks exploiting Lovable have been observed across a quartet of campaigns, one of which was a widespread Tycoon phishing-as-a-service kit-powered operation involving emails with Lovable-hosted links redirecting to bogus Microsoft login pages that facilitated credential, multi-factor authentication token, and session cookie compromise, a report from Proofpoint showed. Threat actors have also harnessed Lovable-hosted phishing pages in a UPS-spoofing payment and data theft campaign and an Aave-impersonating cryptocurrency theft operation. On the other hand, multiple Lovable apps purporting to be invoice portals have been leveraged in another campaign that resulted in the delivery of the zgRAT trojan. While Lovable has moved to facilitate the real-time discovery of illicit sites, with plans to adopt more proactive measures to block nefarious accounts, Guardio Labs reported the creation of a malicious site without any warning from the platform.
Attacks exploiting Lovable have been observed across a quartet of campaigns, one of which was a widespread Tycoon phishing-as-a-service kit-powered operation involving emails with Lovable-hosted links redirecting to bogus Microsoft login pages that facilitated credential, multi-factor authentication token, and session cookie compromise, a report from Proofpoint showed. Threat actors have also harnessed Lovable-hosted phishing pages in a UPS-spoofing payment and data theft campaign and an Aave-impersonating cryptocurrency theft operation. On the other hand, multiple Lovable apps purporting to be invoice portals have been leveraged in another campaign that resulted in the delivery of the zgRAT trojan. While Lovable has moved to facilitate the real-time discovery of illicit sites, with plans to adopt more proactive measures to block nefarious accounts, Guardio Labs reported the creation of a malicious site without any warning from the platform.
