← Back to Pulse Feed
PULSE DETAIL
PULSE NAME
Text-to-Malware: How Cybercriminals Weaponize Fake AI-Themed Websites | Google Cloud Blog
WHITE Figure PetrP.73 2025-05-27 Modified: 2025-05-27
50
IOCs
MEDIUM VOLUME
A study by Mandiant Threat Defense and Google Cloud Next shows how cybercriminals are weaponizing the interest in artificial intelligence (AI) through fake websites and malicious social media ads, including Facebook and LinkedIn.
protobufhkcusoftwareurlswebdriversfigurethreat intelligencefrostriftstarkveilxwormgrimpull
MITRE ATT&CK & Malware Families
ATT&CK TECHNIQUES
MALWARE FAMILIES
Threat Intelligence FROSTRIFT STARKVEIL XWORM GRIMPULL
Indicators of Compromise (7 / 50 total)
All FileHash-SHA256 URL YARA domain hostname
TYPEINDICATORDESCRIPTIONCREATED
URL http://artisanaqua.ddnsking.com:25699 2025-05-27
URL http://strokes.zapto.org:56001 2025-05-27
URL http://strokes.zapto.org:7789 2025-05-27
URL https://klingxai.com 2025-05-27
URL https://lumalabsai.in/. 2025-05-27
URL https://lumalabsai.in/complete 2025-05-27
URL https://lumalabsai.in/complete/ 2025-05-27
References (1)
↗ https://cloud.google.com/blog/topics/threat-intelligence/cybercriminals-weaponize-fake-ai-websites