• Cyber Syrup
  • Posts
  • Fake AI Tool Installers Used to Distribute Ransomware and Destructive Malware

Fake AI Tool Installers Used to Distribute Ransomware and Destructive Malware

Cybersecurity researchers have uncovered a growing wave of malicious campaigns exploiting the popularity of artificial intelligence (AI) tools to distribute a variety of ransomware and malware threats

May 30, 2025

In partnership with

CYBER SYRUP
Delivering the sweetest insights on cybersecurity.

Find out why 1M+ professionals read Superhuman AI daily.

In 2 years you will be working for AI

Or an AI will be working for you

Here's how you can future-proof yourself:

  1. Join the Superhuman AI newsletter – read by 1M+ people at top companies

  2. Master AI tools, tutorials, and news in just 3 minutes a day

  3. Become 10X more productive using AI

Join 1,000,000+ pros at companies like Google, Meta, and Amazon that are using AI to get ahead.

Fake AI Tool Installers Used to Distribute Ransomware and Destructive Malware

Cybersecurity researchers have uncovered a growing wave of malicious campaigns exploiting the popularity of artificial intelligence (AI) tools to distribute a variety of ransomware and malware threats. These campaigns use fake websites and malicious installers that impersonate legitimate platforms like OpenAI ChatGPT and InVideo AI to target users, particularly in the business-to-business (B2B) and marketing sectors.

According to research from Cisco Talos, the threats being deployed include the CyberLock and Lucky_Gh0$t ransomware strains, along with a newly discovered destructive malware named Numero.

Breakdown of the Malware Variants

1. CyberLock Ransomware

  • Developed in PowerShell

  • Encrypts specific file types across C:\, D:\, and E:\ drives

  • Uses elevated privileges to execute and encrypt targeted files

  • Demands a $50,000 ransom in Monero, claiming funds support humanitarian causes

  • Employs cipher.exe with the /w flag to wipe free disk space, complicating forensic recovery

2. Lucky_Gh0$t Ransomware

  • A variant of the Yashma ransomware, itself derived from the Chaos ransomware series

  • Distributed via a malicious self-extracting installer (SFX) posing as a premium ChatGPT tool

  • Targets files under 1.2 GB for encryption

  • Deletes volume shadow copies and backup data

  • Drops a ransom note with a unique decryption ID and communication instructions via the Session messaging app

3. Numero Malware

  • A 32-bit Windows malware written in C++

  • Manipulates the Graphical User Interface (GUI) of the operating system

  • Disrupts system functionality by replacing desktop elements with numeric strings

  • Includes anti-debugging and anti-analysis measures

  • Delivered via a counterfeit InVideo AI installer that includes:

    • A Windows batch script

    • A Visual Basic Script

    • The Numero executable

  • Executes in an infinite loop to ensure persistence

Delivery Tactics and Impersonation

Fake AI Websites

The threat actors have created fraudulent websites—such as novaleadsai[.]com—designed to resemble legitimate AI platforms. These sites:

  • Offer seemingly free or trial access to premium AI tools

  • Use SEO poisoning to rank higher in search results

  • Deliver malware through ZIP files containing executables like NovaLeadsAI.exe

Upon execution, the installer launches CyberLock ransomware, initiating file encryption and presenting a ransom demand with a humanitarian justification.

Malvertising Campaigns and Emerging Threats

Parallel research by Google Mandiant, Morphisec, and Check Point has revealed another malvertising campaign attributed to a threat group dubbed UNC6032, likely based in Vietnam. This campaign:

  • Uses fake ads on platforms like Facebook and LinkedIn

  • Redirects users to clone sites of legitimate AI services (e.g., Luma AI, Kling AI, Canva Dream Lab)

  • Distributes a Rust-based dropper named STARKVEIL

STARKVEIL and Its Payloads

Once downloaded, STARKVEIL installs a suite of malware:

  • GRIMPULL – A downloader using TOR tunnels to fetch .NET payloads

  • FROSTRIFT – A .NET backdoor that scans for:

    • System and software information

    • Password manager and cryptocurrency wallet extensions in Chromium browsers

  • XWorm – A known .NET remote access trojan (RAT) with capabilities like:

    • Keylogging

    • Command execution

    • Screen capture

    • Data exfiltration via Telegram

These payloads are launched using a Python-based dropper called COILHATCH, which performs DLL side-loading for stealthy execution.

Key Takeaways and Recommendations

Why It Matters

The use of fake AI tools highlights how threat actors are leveraging popular technology trends to reach a wide and unsuspecting audience. These attacks are no longer limited to IT professionals or developers—any user enticed by a new AI tool is now a potential target.

Mitigation Strategies

  • Only download AI tools from verified and official sources

  • Avoid clicking on sponsored ads or unfamiliar links in search results

  • Use endpoint detection tools capable of identifying behavior-based threats

  • Educate employees about social engineering and fake installers

  • Restrict the execution of scripts and installers from untrusted locations

"The temptation to try the latest AI tool can lead to anyone becoming a victim," warned Mandiant researchers. “These tools no longer target just graphic designers.”

Conclusion

The weaponization of fake AI tool installers for deploying ransomware and malware demonstrates a significant shift in cybercriminal tactics. With the line between innovation and exploitation becoming increasingly blurred, users must practice vigilance and organizations should reinforce security hygiene to prevent falling victim to AI-themed cyberattacks.