A campaign known as Gipy has recently been discovered, targeting users in Germany, Russia, Spain, and Taiwan with promises of an AI voice changing application. This campaign utilizes a strain of infostealer malware that allows threat actors to steal data, mine cryptocurrency, and install additional malware on victims’ systems. The Gipy malware first surfaced in early 2023 and has since been identified as a significant threat by researchers at Kaspersky.
According to the researchers, the attackers behind the Gipy campaign are using phishing lures to entice victims into downloading the AI voice altering application. Once installed, the application appears to function as promised, while in the background, the malicious Gipy malware is deployed. As the malware executes, it also launches password-protected malware from GitHub, further compromising the victim’s system.
In their investigation into the Gipy campaign, experts analyzed over 200 archives containing malware. The researchers discovered various types of malware present in these archives, including the Lumma password stealer, Apocalypse ClipBanker, a modified Corona cryptominer, and several Remote Access Trojans (RATs) such as DCRat and RADXRat. Additionally, password stealers like RedLine and RisePro, a Golang-based stealer called Loli, and a Golang-based backdoor named TrueClient were also identified.
Kaspersky issued a statement warning users about the dangers posed by threat actors exploiting the increasing popularity of AI tools for malicious purposes. The researchers emphasized the need for users to remain vigilant and take proactive measures to protect their systems against such attacks.
As cybersecurity threats continue to evolve and become more sophisticated, it is crucial for individuals and organizations to stay informed about the latest malicious activities. By staying vigilant and implementing security best practices, users can reduce their risk of falling victim to campaigns like Gipy. Taking steps such as installing reputable antivirus software, regularly updating software and applications, and practicing safe browsing habits can help mitigate the impact of malware attacks.
In conclusion, the Gipy campaign serves as a reminder of the ongoing threat posed by cybercriminals targeting unsuspecting users with sophisticated phishing lures. As technology continues to advance, it is essential for individuals and organizations to prioritize cybersecurity measures and remain cautious when downloading applications or clicking on links. By staying informed and proactive, users can better protect themselves against evolving cyber threats and safeguard their sensitive information from falling into the wrong hands.