Users who download the fake EditPro application are advised to consider all their saved passwords, cryptocurrency wallets, and authentications compromised and to reset them immediately. They should also enable multi-factor authentication at all sensitive sites. The stolen credentials are used to breach corporate networks, conduct data theft campaigns, and corrupt network routing information.
Key takeaways:
- Fake AI image and video generators are infecting Windows and macOS with the Lumma Stealer and AMOS information-stealing malware, used to steal credentials and cryptocurrency wallets from infected devices.
- Threat actors have created fake websites that impersonate an AI video and image editor called EditPro, which when clicked, downloads malware onto the user's device.
- The stolen data is collected into an archive and sent back to the attacker, who can use the information in further attacks or sell it on cybercrime marketplaces.
- Information-stealing malware has seen massive growth over the last few years, with threat actors conducting massive global operations to steal people's credentials and authentication tokens, which are then used to breach corporate networks and conduct data theft campaigns.