AI meets next-gen info stealers in social media malvertising campaigns

Bitdefender Labs documents widespread malvertising campaigns on Meta that impersonate popular generative-AI tools (Midjourney, Sora, ChatGPT, etc.) to trick users into installing malicious installers and browser extensions which deploy info-stealers (Rilide V4, Vidar, Nova) and backdoors (IceRAT). The report includes technical analysis of samples, extensive IOCs (hashes, malicious domains and IPs), campaign tactics (compromised pages, sponsored ads, MaaS distribution), geographic targeting across multiple European countries, and recommendations to prevent infections.