A surge of new cybersecurity threats has been uncovered by Cisco Talos, revealing a campaign in which malicious actors disguise malware and ransomware as AI tool installers. Among the threats identified are CyberLock, Lucky_Gh0$t, and Numero, posing severe risks to businesses seeking AI-powered solutions. The attackers exploit AI’s mainstream popularity using SEO poisoning and fake websites – a tactic with growing global and regional implications.
In a report published on 29 May 2025, Cisco Talos revealed a sophisticated social engineering campaign that lures users with fake AI tool installers to distribute ransomware and destructive malware. The malware trio – CyberLock, Lucky_Gh0$t, and the new wiper variant Numero – are masquerading as AI software such as lead generation and B2B automation platforms.
Key Campaign Characteristics:
- Fake AI websites, such as
novaleadsai[.]com, copy branding and content from legitimate services like NovaLeads. - SEO poisoning boosts visibility of malicious domains in search engine results.
- Telegram and social media platforms serve as secondary distribution vectors.
- Victims include businesses in sales, marketing, and tech sectors.
Malware Deep Dive
CyberLock Ransomware (Active Since February 2025)
- Delivered via a fake
.NETexecutable (NovaLeadsAI.exe) compiled and distributed on 2 February 2025, the same day the fake domain was registered. - The binary contains an embedded PowerShell ransomware payload.
- Encrypts files using AES and appends
.cyberlockextension. - Leaves a ransom note demanding $50,000 in Monero (XMR) with humanitarian aid claims (e.g., Palestine, Ukraine, Africa, Asia).
- Threatens data leak within 72 hours, though no exfiltration code was found.
“The humanitarian narrative is a manipulative social engineering tactic designed to confuse and coerce victims,” said Chetan Raghuprasad, Talos Security Researcher. Source
- Employs LoLBins like
cipher.exeto erase disk free space, impeding forensic recovery. - Modifies victim’s desktop wallpaper to a cybersecurity blog image — motive unclear.
Lucky_Gh0$t Ransomware
- Variant of the Yashma/Chaos ransomware lineage.
- Features minor binary modifications, but maintains core encryption logic.
- Continues the trend of frequent rebrands among amateur ransomware gangs.
Numero (Destructive Malware)
- Newly discovered malware with no ransom demands.
- Targets Windows GUI components, rendering systems unusable.
- Likely intended for data destruction or disruption rather than profit.
Global & Regional Impact
Middle East & Africa
Organizations in UAE, KSA, Nigeria, and South Africa are increasingly embracing AI-driven lead generation and automation tools. The malicious use of fake AI platforms directly threatens:
- Local SMBs with low cyber awareness.
- Regulated industries, where NCA (KSA) and NITDA (Nigeria) stress compliance with software sourcing regulations.
- Ongoing regional AI investments that depend on trust and adoption.
“The intersection of AI and malware poses a real threat to digital transformation initiatives across MEA. Regulators must now consider AI-based deception in their cyber policy frameworks,” warned Amira H., CISO at a fintech startup in Riyadh.
Global Comparison
- Similar campaigns using fake ChatGPT and Copilot clones have been observed in Europe (CERT-FR, April 2025) and Asia (JPCERT/CC, March 2025).
- The widespread reliance on AI tools — particularly in sales enablement and marketing — makes this a global supply chain risk.
MITRE ATT&CK Mapping & IOCs
Tactics & Techniques:
- T1189: Drive-by Compromise (SEO Poisoning)
- T1566.002: Phishing via Website
- T1059.001: PowerShell Execution
- T1027: Obfuscated Files
- T1490: Inhibit System Recovery
- T1486: Data Encrypted for Impact
Indicators of Compromise:
- Domain: novaleadsai[.]com
- Email: cyberspectreislocked@onionmail[.]org
- File: NovaLeadsAI.exe (compiled: 2 Feb 2025)
- File extensions encrypted: .docx, .xlsx, .jpg, .mp4, .zip, .sql, .exe, .java, .ps1, .vhd, etc.
Actionable Takeaways for Defenders & Executives
- Block and monitor known malicious domains like
novaleadsai[.]comat DNS and firewall levels. - Educate users on identifying fake AI tools and SEO poisoning techniques through security awareness programs.
- Enforce allow-listing of software sources and limit user installation rights.
- Inspect ZIP files and
.NET executablesfrom unverified sources before execution. - Implement PowerShell execution policies and monitor
ShowWindow,cipher.exe, andLoLBinsactivity. - Monitor social media and SEO results for impersonation of your brand or product.
- Perform regular offline backups and test recovery processes against ransomware scenarios.
- Use deception technology to detect malware attempting GUI manipulations (for threats like Numero).
- Join threat intelligence exchanges to stay informed about active TTPs.
- Report suspicious AI product domains to national CERTs or regulatory cyber authorities.
Conclusion: Trust, But Verify
As businesses race to integrate AI into their operations, cybercriminals are leveraging this urgency to unleash new waves of disguised threats. This campaign is a stark reminder that the appearance of innovation can hide dangerous deception. It is now imperative that AI trustworthiness be reinforced through verification, vendor vetting, and robust cybersecurity hygiene. The fake-AI-malware trend is likely just beginning — defenders must stay vigilant.
Sources
- Cisco Talos: Fake AI Tool Installers Distribute Ransomware and Malware (29 May 2025)
- CERT-FR: Alert on AI Tool Clones (15 April 2025)
- JPCERT/CC: Malware Disguised as AI Assistants (20 March 2025)
- NovaLeads (Legit AI Tool)
- Monero Cryptocurrency Tracker
- MITRE ATT&CK Framework
- NITDA Nigeria Cybersecurity Guidelines
- KSA National Cybersecurity Authority (NCA)
- CyberCory – Latest Cybersecurity Trends
