The notorious hacking group FIN7 has developed a network of fake AI-powered deepnude generator websites aimed at infecting visitors with information-stealing malware, Bleepingcomputer reports.
Active since 2013, FIN7, believed to be linked to Russian cybercriminals, has a history of financial fraud and cyberattacks, including associations with ransomware groups like DarkSide, BlackMatter, and BlackCat. Their latest campaign uses fake websites that claim to generate deepfake nudes of individuals, a technology that has raised global ethical concerns. Despite its controversial nature, public interest in AI-generated nudes remains high, making it an ideal lure for cybercriminals.
According to Silent Push, these sites, such as “aiNude[.]ai” and “nude-ai[.]pro,” trick users by offering “free downloads” of AI-generated images. Instead of delivering the promised content, they distribute malware like Lumma Stealer, which compromises web browsers, cryptocurrency wallets, and other sensitive data. In some cases, FIN7 has also deployed Redline Stealer and D3F@ck Loader to gather more information from compromised systems.
The group promotes these fake deepnude generators using black hat SEO techniques to increase their visibility in search results. While the identified websites have been taken down, anyone who interacted with them is advised to assume their system has been compromised.
FIN7 continues to expand its cybercriminal activities, also distributing the NetSupport RAT and spoofing well-known brands like Canon and Zoom to deceive users into downloading malicious software. The group remains a significant threat, frequently evolving its tactics and launching new malware campaigns.
