AI Voice Generator App Used to Drop Gipy Malware

Users get duped into downloading malicious files disguised to look like an application that uses artificial intelligence to alter voices.

Dark Reading Staff, Dark Reading

May 24, 2024

1 Min Read
Futuristic AI speaks and imitates the human voice with open mouth emitting sound waves
Source: OleCNX via Alamy Stock Photo

Gipy, a newly discovered campaign using a strain of infostealer malware, is targeting users in Germany, Russia, Spain, and Taiwan with phishing lures promising an AI voice changing application.

Researchers at Kaspersky said Gipy malware first emerged in early 2023 and, once delivered, allows adversaries to steal data, mine cryptocurrency, and install additional malware on the victim's system.

Threat actors in this instance are luring victims with the promise of a legitimate AI voice altering application, the researchers explained. Once the user installs it, the application starts to work as promised, meanwhile, Gipy malware is also being delivered in the background, the Kasperky team added.

As Gipy is executed, the researchers noted the malware then launches password-protected malware from GitHub.

During their investigation into the campaign, experts analyzed over 200 of these archives.

"Most of the ones on GitHub contain the infamous Lumma password stealer," Kaspersky said in an emailed statement. "However, the experts also found Apocalypse ClipBanker, a modified Corona cryptominer, and several RATs, including DCRat and RADXRat. Additionally, they discovered password stealers like RedLine and RisePro, a Golang-based stealer called Loli, and a Golang-based backdoor named TrueClient."

The researchers urge users to be aware that threat actors are keen to exploit the rising popularity of AI tools with these kinds of malicious exploits.

About the Author(s)

Dark Reading Staff

Dark Reading

Dark Reading is a leading cybersecurity media site.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like

More Insights