The Sting of Fake Kling: Facebook Malvertising Lures Victims to Fake AI Generation Website
(research.checkpoint.com)
from Pro@programming.dev to cybersecurity@infosec.pub on 20 May 20:09
https://programming.dev/post/30696400
from Pro@programming.dev to cybersecurity@infosec.pub on 20 May 20:09
https://programming.dev/post/30696400
- AI media generation is a significant trend in how we use the Internet in 2025. Kling AI is a widely used platform, with 6 million users since its launch in June 2024.
- A threat actor mimicked Kling AI and drove traffic to a convincing fake website via counterfeit Facebook pages and paid ads.
- User submissions of a text prompt or image on this fake site produce a seemingly innocent media file whose filename uses Hangul Filler characters to conceal an executable.
- In some cases, the executable’s loader used .NET Native AOT compilation for stealth. Executing it installs an infostealer with monitoring capabilities.
- This campaign has a global reach, with victims reported across multiple regions, most notably in Asia.
threaded - newest