1. Forum
  2. tqwNet
  3. TQW_GENTECH

  • Criminals are using AI-generated fake copyright violation threats

    From TechnologyDaily@1337:1/100 to All on Mon Sep 29 21:30:09 2025
    Criminals are using AI-generated fake copyright violation threats to take
    over social media and websites - here's what you need to know

    Date:
    Mon, 29 Sep 2025 20:18:00 +0000

    Description:
    Cofense research sees cybercriminals spoof legal firms with AI tools, spreading malware that steals crypto and may evolve into ransomware.

    FULL STORY ======================================================================Cybercri minals exploit copyright fear to push malware into everyday online spaces Telegram bots now double as command hubs for evolving malware threats Fake legal firms deliver malware through takedown scams in multiple languages

    Cybercriminals have long relied on fear as a way to manipulate victims, and copyright claims are proving to be one of the latest tools of choice.

    Research by Cofense Intelligence found attackers are sending messages
    designed to look like legitimate takedown requests to multiple users.

    However, the real intention of these messages is to deliver malware under the guise of legal pressure. A campaign built on deception

    The report outlined how a Vietnamese threat actor referred to as Lone None
    has been distributing campaigns that spoof legal firms, sending messages
    which claim to flag copyright-infringing content on the targets website or social media account.

    What makes this wave of activity notable is the use of multiple languages, suggesting reliance on machine translation or AI tools to generate convincing templates across regions.

    Victims are pressured into following links, which, instead of solving an alleged copyright problem, lead to malware downloads.

    The attack chain has several unusual features that distinguish it from more traditional phishing attempts.

    Instead of relying on ordinary hosting methods, the operators have embedded payload information within Telegram bot profile pages.

    From there, targets are steered toward archive files hosted on free platforms such as Dropbox or MediaFire.

    Inside these archives, legitimate applications like PDF readers are bundled alongside malicious files.

    The malware loader is disguised to resemble normal Windows processes, and it uses obfuscated Python scripts to establish persistence and fetch additional components.

    Beyond the familiar PureLogs Stealer, Cofense reports the presence of a new malware strain named Lone None Stealer, also called PXA Stealer.

    This tool is engineered to focus on cryptocurrency theft, quietly replacing copied wallet addresses with those controlled by the attackers.

    Communication with the operators is handled through Telegram bots, keeping
    the infrastructure flexible and harder to disrupt.

    Although the current campaigns emphasize information stealing, the methods used could just as easily deliver ransomware in future iterations.

    While technical indicators such as unusual Python installations on a host can aid in detection, the most effective shield is still training and vigilance.

    A combination of advanced email security tools and endpoint protection offers a strong defense, since filtering alone cannot fully prevent these copyright-spoofing campaigns. You might also like We've also listed the best proxies for enterprises around



    ======================================================================
    Link to news story: https://www.techradar.com/pro/security/criminals-are-using-ai-generated-fake-c opyright-violation-threats-to-take-over-social-media-and-websites-heres-what-y ou-need-to-know


    --- Mystic BBS v1.12 A49 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)