CyberWire Daily - A new stealer hiding behind AI hype. [Research Saturday]
Episode Date: June 7, 2025This week, we are joined by Michael Gorelik, Chief Technology Officer from Morphisec, discussing their work on "New Noodlophile Stealer Distributes Via Fake AI Video Generation Platforms." A new threa...t dubbed Noodlophile Stealer is exploiting the popularity of AI-powered content tools by posing as fake AI video generation platforms, luring users into uploading media in exchange for malware-laced downloads. Distributed through convincing Facebook groups and viral campaigns, the malware steals browser credentials, cryptocurrency wallets, and can deploy a remote access trojan like XWorm. The campaign uses a layered, obfuscated delivery chain disguised as legitimate video editing software, making it both deceptive and difficult to detect. The research can be found here: New Noodlophile Stealer Distributes Via Fake AI Video Generation Platforms Learn more about your ad choices. Visit megaphone.fm/adchoices
Transcript
Discussion (0)
You're listening to the CyberWire Network, powered by N2K.
Hey everybody, Dave here.
I've talked about DeleteMe before, and I'm still using it because it still works.
It's been a few months now, and I'm just as impressed today as I was when I signed
up.
DeleteMe keeps finding and removing my personal information from data broker sites and they
keep me updated with detailed reports so I know exactly what's been taken down.
I'm genuinely relieved knowing my privacy isn't something I have to worry about every
day.
The DeleteMe team handles everything.
It's the set it and forget it
piece of mind.
And it's not just for individuals. Delete Me also offers solutions for businesses, helping
companies protect their employees' personal information and reduce exposure to social
engineering and phishing threats.
And right now, our listeners get a special deal, 20% off your Delete Me plan.
Just go to joindeleteeme.com slash n2k and use promo code n2k at checkout.
That's joindeleteeme.com slash n2k, code n2k. Hello everyone and welcome to the CyberWires Research Saturday.
I'm Dave Bittner and this is our weekly conversation with researchers and analysts tracking down
the threats and vulnerabilities, solving some of the hard problems and protecting ourselves in a rapidly evolving cyberspace.
Thanks for joining us.
So this is how we discovered basically the execution
of the Infosteel and the nuclear oil.
Infosteel was executing actually on one of our medium-sized customers.
And then we are starting to basically investigate and look back, which actually discovered, brought to the discovery of a full chain of AI frameworks compromised, which I'm sure we'll be discussing right now.
That's Michael Gorlick, Chief Technology Officer at Morphosec.
The research we're discussing today is titled, New Noodlephile Stealer Distributes Via Fake
AI Video Generation Platforms.
Well, let's dig into it together here.
What exactly is a Nudlofile Stealer and what are its primary functions?
Yeah, so this is very similar in a way to some of the other InfoStealers, though its
delivery technique is quite advanced and relatively rare in which it was delivered through Python
in memory with base 85 encoding, which is very different from base 64.
The still itself, I guess the history of the browsers, it can hijack and intercept wallet credentials and
more.
But it's relatively minimal in a way to possibly avoid significant foot print on the endpoint.
And how would someone find themselves with this on their system? How does it infiltrate someone?
Yeah, so in this case, the delivery technique is quite advanced.
And we are talking about the delivery.
In our blog, Postal Discovered, just the delivery of an archive that was basically downloaded by the different victims.
And this archive, and we'll get to the AI framework, starting from the download portion.
If you download this archive, this archive basically includes different files like document, PDF, and others with additional hidden directory.
If you download it actually today you will see that there are quite a lot of still those
AI framework sites that also deliver archives but this time you'll find invoices and other
type of documents that can resonate very nicely in the way of social engineering.
But those files, the document PDF or the invoice PDF or any of the other content files are not really invoices, are not really documents. They basically are in advanced archive files with
a bunch of different executables like we described in the blog itself,
and with the modified headers to avoid basically
simple scanning of those files and bypass existing solutions.
So that eventually the first loader operation is the one to fix those headers back and eventually
decrypt or unarchive some of the files by changing their names back from the PDF to
or RAR or ZIP or whatever and then then using a specific password, opening them, and get to execute the next stage operation,
which are the Python compiled executables, which is also an interesting stage by itself.
But really we are talking about a significant archive with executables that are blown up
with proportions of 150, 160, 170 megabytes with many, let's say, advanced
techniques. Until you get to those archive, you still have a couple of very
advanced techniques that will execute, for example,.NET code within a native executable,
etc. It's quite advanced techniques to bypass simple interpretation, scanning, interpret
dot net, sorry, comments, scanning.
So my understanding is that these folks are using fake AI video generation platforms to
be a vector for the malware?
Yes, exactly.
We intercepted, I think this was the most interesting thing.
We intercepted a bunch of websites, but we're investigating those AI framework websites, but when we were investigating those AI framework
websites, LumaDream, DreamAI, we got to a very popular Facebook
pages.
There are a bunch of those Facebook pages
that are still very much active.
They have websites with high reputation
delivering this malware, and all of them using a very similar template.
And if you look at the websites, on the different websites,
you'll see that their followers,
their amount of followers is even higher
than the regular, the original one, the original framework.
So take for example, a legitimate framework called LumaLabs,
the iVideo Generator framework.
You'll see that the amount of followers there,
it's about 2.7 thousand of followers.
You have all different screenshots there.
In a way, this platform is intended for you to upload
your images and then see this
platform generating video.
Many of you probably saw those kinds of advertisements of inputting or basically uploading your kid
image and as a result you have an output of a video that shows how the kid becomes older and all
those very interesting advertisements.
So you have the same advertisement there.
And I have non-real malicious platforms here with 3.000 followers, with 1.8 thousand followers, totally legit with like my Facebook marked blue
mark validated, fully pushing those malicious platform. And if you get to those platforms,
the difference between those malicious platforms to their legitimate platforms is the fact that
those malicious platforms just allow you to download those example of videos,
let's call it like that, for free
without going through the old signing operation.
While the legitimate one is actually requires you
to sign up for that thing.
But if you go look even deeper and try to compare,
okay, so maybe the SSL certificate are not good enough,
maybe there could be some issues.
You'll find that all the legitimate and non-legitimate
websites are all using kind of very basic certificates
like Let's and Crit or something like that,
or that one.
Which is funny, but not not exactly because of the increase
of those platforms. Every second person creates something very cool today with using those EI
tools. They go and sign their websites with the most basic certificate they can get to.
And there is no concept of high reputation, low reputation anymore, right?
Because all of them are low reputation, legitimate or not legitimate.
So you get kind of to the point in which, hey, I don't know if it's legitimate or not and I
don't have anyone to trust if it's legitimate or not.
We'll be right back. And now a word from our sponsor, Spy Cloud.
Identity is the new battleground, and attackers are exploiting stolen identities to infiltrate
your organization.
Traditional defenses can't keep up.
Spy Cloud's holistic identity threat protection helps security teams uncover and automatically
remediate hidden exposures across your users from breaches, malware, and phishing
to neutralize identity-based threats like account takeover, fraud, and
ransomware. Don't let invisible threats compromise your business. Get your free
corporate dark net exposure report
at spycloud.com slash cyberwire
and see what attackers already know.
That's spycloud.com slash cyberwire.
Are you crushing your bills?
Defeating your monthly payments.
Sounds like you're at the top of your financial game.
Rise to it with the BMO Eclipse Rise Visa Card.
The credit card that rewards your good financial habits.
Earn points for paying your credit card bill in full and on time every month.
Level up from bill payer to reward slayer.
Terms and conditions apply.
So what happens once I engage with this fake
AI video generation platform?
So I'm on Facebook, I'm scrolling through as you do.
This catches my eye and I decide to play with it.
What happens next in terms of it being able
to take advantage of me and install the malware?
How does it work?
Yeah, so you get from one of those like Facebook
advertisement in which you see some kind of nice video,
cool video, this leads you to a page
with high reputation advertising, higher than the legitimate one.
And at the core of the page, in the main part of the page,
you have the link for the platform itself.
Sometimes the link also comes from top buttons,
like learn more, automatically forwards your direction
to that platform.
As soon as you get to the platform, the platform in a way is very similar to the legitimate
platforms you can find in other places.
Very cool design, looks very professional, and many times leads to the same result of
downloading some kind of archive file. So whether you upload your images, just trying to something for free, there are different
control flows that's called like that, different flows that will lead to the same malicious
files called JavaScript file that eventually triggers the download of an archive. So you get to this download from different interactions with those malicious websites.
It's always the same archive and different websites deliver different archives.
It's always an archive still and quite a heavy one, right?
And then from obviously downloading the archive, you want to open it.
This archive, when you just look at the zip or unarchive it,
you will see only one file.
But essentially, this archive has a hidden directory
which has all those malicious component.
Now, if you use, for example,
salmon zip and just open that archive without decrypting it, you will see that hidden folder. Most of the users
unfortunately are not like so sophisticated. They just open the zip and
miss out on this hidden folder which will be triggered by the executable.
What about detection here?
I mean, what sort of challenges do security professionals
face when trying to detect and mitigate something
like Nudel file?
Yeah, well, if it wouldn't be an archive that you would download,
the detection would be simpler.
You could detect that on the perimeter level,
many of the browsers and the defender for cloud
and different very basic filtering capabilities to do.
Identify those advanced.NET overblown executables
or misconfigured like RAR files.
But the fact that you download an archive,
the archive is very easy to hide artifacts within those archives.
So as soon as it gets to your disk,
it's actually quite challenging to detect by existing controls.
So you need more sophisticated controls in place,
like ours, for example,
or you can implement if you own a business
and you can allow yourself to implement
hardening capabilities like application controls
and others, which basically do not allow you
just to execute anything.
And even if your MP4 has some kind of long spaces that leads to an execution of executable,
it still will prevent that. So it's really dependent on the organization. For the regular users or
innovators or those that are just interested to download something cool from those kind of platforms,
I would really recommend not to download archives
and if they get archives, just delete those.
If this platform kind of downloads you an MP4,
you will be able to trust at least your basic security
controls that will identify this is not an executable,
it's an MP4, it's a video file.
Your browser will not let you an executable, it's an MP4. It's a video file. Your browser will not let you download executable
without using a smart screen,
which is the core technology that provided by Microsoft.
But smart screen can be bypassed again by using archives.
So are there any particular technical elements of this that are worth sharing?
Anything that caught your attention inside the malware itself?
I mean, the malware itself really is one of the things that we identified as the way they
used to decrypt the fight on coded cell, they used a combination of base
64 and base 85.
It's just quite rare we saw those kind of techniques in some of the githubs that were
correlated to Korean attacks. We did follow the OSIN and got to actors that are Taiwanese in this
case, which is also a bit of a unique, don't see too many Taiwanese attack on this scale.
So there were definitely, if we are looking on the Austin side, a couple of interesting points.
But again, the base 85 decoding was, for me,
if we are looking on the InfoSteeler, the most interesting.
The InfoSteeler also, and many times,
delivered in parallel with the RAT, in this case.
It was the X-Worm.
Also delivered a very similar way by
basically taking a base 64 and decoded that with base 85, this is double decoding.
And then everyone knows what the X-Worm is, obviously it's extremely
persistent and it's much beyond just stealing browser cookies, your history
and wallets.
It's a persistent, fully capable malware that can execute remote commands.
And I would say in most of the cases of this NoviHill delivery, we had that fraud delivered
in parallel to the InfoStealer.
So definitely you would like to validate your network outbound communication.
You would like to validate your persistency steps, you know, the regular run keys, regular
services if no new services were generated. Kind of the basic persistence, validation,
something that for sure I would value.
What do you hope that people take away from this research that you've published?
What are the take-homes for you?
Yeah, I mean we'll always have sophisticated
malware, so this is our job, right?
I'm doing it 25 years.
And every time the hackers, the adversaries, are innovating in a crazy pace,
and with the AI, they innovate even faster.
You see new tactics, new techniques all the time.
At this moment, I'm kind of not concerned with regard to the super advanced malware.
I'm more concerned with the delivery techniques, as probably was sound from my small lecture.
This is the time right now in which it kind of reminds me of the 2016 exploit kit times
and the times when the Wannock riot appeared,
very non-stable in a time where many new attack surfaces
and new delivery techniques are possible.
And it will take a year or two until security controls
will adapt to this new delivery risk and
we'll find a solution to try and identify what is a legitimate AI
framework and what is not. Until then I would recommend people not to hurry and
download anything from those AI platforms, be extremely careful, and validate everything that is downloaded and where do you upload stuff as well.
Many of them are generated by a simple person using the same AI tools
that are available to anyone else.
Our thanks to Michael Gorlick from Morphosec for joining us. The research is titled New Noodlephile Stealer Distributes Via Fake AI Video Generation Platforms.
We'll have a link in the show notes.
And that's Research Saturday brought to you by N2K Cyberwire.
We'd love to hear from you.
We're conducting our annual audience survey to learn more about our listeners.
We're collecting your insights until the end of August.
There's a link in the show notes.
We hope you'll check it out.
This episode was produced by Liz Stokes.
We're mixed by Elliot Peltsman and Trey Hester.
Our executive producer is
Jennifer Iben, Peter Kilpe is our publisher, and I'm Dave Bittner.
Thanks for listening, we'll see you back here next time.