In a novel malware campaign, attackers are leveraging fake AI-powered video and image editing sites to spread a newly identified malware strain: Noodlophile Stealer. This was revealed in recent research by Morphisec.
Cybercriminals are like pickpockets; they go where the crowds are. They see users eagerly flocking to platforms that promise to turn selfies into cinematic videos or enhance images with a click and are seizing the day.
“Noodlophile Stealer represents a new addition to the malware ecosystem. Previously undocumented in public malware trackers or reports, this stealer combines browser credential theft, wallet exfiltration, and optional remote access deployment,” Shmuel Uzan, a security researcher at Morphisec said.
Promoted through viral social media posts and seemingly legitimate Facebook groups (some garnering over 62,000 views per post), these fraudulent platforms masquerade as next-gen AI content generators. Users are encouraged to upload media files in exchange for AI-generated video content. Instead of getting a personalized clip, victims download malware that is cloaked as the final “AI result.”
From Upload to Exploit
Once users interact with the bogus AI site and upload content, they’re directed to download a ZIP archive, often dubbed VideoDreamAI.zip. Alas, buried inside is an executable with the misleading filename Video Dream MachineAI.mp4.exe. Once clicked, it sets off a multi-stage infection chain, deploying both Noodlophile Stealer and, in some cases, the remote access tool XWorm.
This isn’t your typical drive-by download, but rather a deeply layered attack exploiting trust in AI and cleverly crafted to evade detection.
While malware delivered through cracked software or fake game mods is nothing new, this operation targets a newer and more trusting demographic: creators and small business owners experimenting with AI tools.
Noodlophile Stealer is a new entrant in the malware-as-a-service (MaaS) scene. It was designed for credential harvesting, crypto wallet theft, and optional remote access deployment, and communicates via Telegram bots, offering malefactors a stealthy channel to siphon stolen data.
Following the Malware’s Trail
Researchers found references to “Noodlophile” in underground forums, bundled with access services dubbed “Get Cookie + Pass”, tools commonly used for account takeovers. Further investigation suggests the malware’s developer may be Vietnamese, based on language clues and their presence in Facebook comment threads promoting the fake AI tools.
Their profile links back to other known malware distribution schemes, including ransomware and infostealer sales.
The deception runs deep. Once executed, the Video Dream MachineAI.mp4.exe file (a repackaged version of the real CapCut video editor) triggers a complex infection sequence involving:
- CapCut.exe: A 140MB+ binary that hosts embedded .NET malware and loads it dynamically, blending in as legitimate software.
- AICore.dll: A helper DLL enabling external command execution.
- Document.docx: A batch script in disguise, encoded to evade static analysis.
- Document.pdf: A Base64-encoded RAR archive, used to smuggle Python components necessary for the final payload.
- Meta: A renamed WinRAR utility used to extract the above components silently.
- Randomuser2025.txt: An obfuscated Python script that decodes and executes the Noodlophile & XWorm payloads entirely in memory, leaving minimal forensic traces.
This attack has multiple layers and employs living-off-the-land binaries (LOLBins) like certutil.exe to decode files and establish persistence via Windows Registry keys. The final payload steals credentials and can inject itself into legitimate processes like RegAsm.exe, a technique known as process hollowing, often used to avoid antivirus detection.
AI as the Next Malware Delivery Vector
This campaign shows how emerging tech trends, like AI tools for creators, can be quickly and easily weaponized. As AI becomes more accessible, cybercrooks are adapting their lures to match user expectations and behavior.
Unlike poorly constructed phishing emails or shady warez sites, these fake platforms are slick, well-promoted, and socially engineered to seem safe.
The takeaway: if something seems too good to be true, it is, and this is particularly true of AI tools. Users should avoid downloading executables from unknown sources, scrutinize file extensions, and remain vigilant even in seemingly trustworthy social media spaces.
Information Security Buzz News Editor
Kirsten Doyle has been in the technology journalism and editing space for nearly 24 years, during which time she has developed a great love for all aspects of technology, as well as words themselves. Her experience spans B2B tech, with a lot of focus on cybersecurity, cloud, enterprise, digital transformation, and data centre. Her specialties are in news, thought leadership, features, white papers, and PR writing, and she is an experienced editor for both print and online publications.
The opinions expressed in this post belong to the individual contributors and do not necessarily reflect the views of Information Security Buzz.