Russian hackers are deploying ‘AI Deepnude generators’—software designed to create nude images of women from uploaded photos—to infect users’ devices with viruses, according to a report by security firm Silent Push.
Experts indicate that the hacker group FIN7 has established at least seven websites offering tools to ‘undress’ women. Potential victims are prompted to download malicious files that could compromise credentials or install ransomware on their devices.
In some instances, hackers offer a free trial version, inviting users to upload an image. Upon downloading and agreeing to use the software, the installation of a malicious file begins.
Analysts have succeeded in shutting down all identified sites but warned that new ones will be launched.
FIN7, a group linked to Russia, has been active since at least 2013, according to Silent Push analysts. Last year, the US Department of Justice announced the arrest of three of its members, including the alleged leader, Ukrainian citizen Fedir Hladyr.
The group has created over 4,000 phishing domains and subdomains. FIN7’s activities extend far beyond Deepnude, targeting the hospitality and food sectors to steal customer data and conduct fraudulent bank transfers.
Victims include companies like Chipotle, Chili’s, and Arby’s. The group also established fake security firms, Combi Security and Bastion Secure, to recruit technical specialists.
The use of artificial intelligence for attacks is a relatively new phenomenon, unlike the use of adult content themes. In the early 2000s, cybercriminals already used porn sites to spread trojans and spyware.
In August, US authorities filed a lawsuit against websites exploiting women with AI ‘undressing’ technology.