ESET’s Threat Report reveals that infostealing malware impersonates generative AI (GenAI) tools. New mobile malware GoldPickaxe can steal facial recognition data to create deepfake videos to authenticate fraudulent financial transactions.
“GoldPickaxe has both Android and iOS versions and has been targeting victims in Southeast Asia through localised malicious apps. As ESET researchers investigated this malware family, they discovered that an older Android sibling of GoldPickaxe, called GoldDiggerPlus, has also tunnelled its way to Latin America and South Africa by actively targeting victims in these regions,” explains Jiří Kropáč, director of ESET Threat Detection.
Infostealing malware
In recent months, infostealing malware has also begun maximising the impersonation of GenAI tools. ESET Research has increasingly seen cybercriminals abusing AI since 2023 and projects it to become a continuous trend.
Infostealers also attacked gaming enthusiasts who ventured outside the official gaming ecosystem. ESET researchers found infostealer malware, such as Lumma Stealer and RedLine Stealer, in cracked video games and cheating tools used in online multiplayer games.
ESET also found that Balada Injector, a gang notorious for exploiting WordPress plug-in vulnerabilities, compromised over 20,000 websites and racked up over 400,000 hits in ESET telemetry for the variants used in the gang’s recent campaign in the first half of 2024
Operation Chronos, a global disruption conducted by law enforcement in February 2024, surpassed LockBit in the ransomware scene.
