You are currently viewing Over 62,000 Facebook Users Tricked by Fake AI Tools, Infected with Noodlophile Malware

Over 62,000 Facebook Users Tricked by Fake AI Tools, Infected with Noodlophile Malware

The rise of AI tools has been nothing short of exciting—everyone wants to try the latest chatbot, image generator, or virtual assistant. But cybercriminals are using this curiosity against us.

Security experts recently uncovered a sneaky campaign where fake AI tools were used to spread a dangerous piece of malware called Noodlophile. Over 62,000 people—many of them active on Facebook—have already been targeted.

Hooked by Curiosity: How It Starts

Let’s face it: when we see ads promising free access to premium AI tools or exclusive early features, it’s tempting to click.

That’s exactly what these attackers are banking on.

They’re creating Facebook ads and posts that look legit—offering flashy downloads like:

  • “Try ChatGPT Premium for Free!”
  • “Unlock Midjourney’s Hidden Features”
  • “Boost Your Workflow with This AI Tool”

But instead of downloading a real tool, users are tricked into installing Noodlophile malware on their devices.

Meet Noodlophile: Silent but Dangerous

Noodlophile doesn’t cause a pop-up or crash your screen—it works quietly in the background, stealing valuable personal data like:

  • Saved browser passwords
  • Session cookies (think: logged-in accounts)
  • Crypto wallet info
  • Clipboard contents
  • Your device’s system info

It then sends all that data to the attacker’s server, all without you noticing a thing.

How the Scam Works – Step by Step

  1. Enticing Facebook Ads: Fake AI tool promotions are posted or sponsored.
  2. Click & Redirect: You’re taken to a very convincing website that mimics real AI platforms.
  3. Download & Install: You download what looks like an AI app—but it’s actually malware.
  4. Game Over: Noodlophile gets to work stealing your data and securing its place on your system.

Most victims had no idea anything was wrong—because the entire setup looked polished and professional.

Why Facebook?

Facebook is still a top target for cybercriminals because:

  • People trust what they see from friends or popular pages
  • Posts and links spread quickly through likes and shares
  • Ads can be narrowly targeted at specific users
  • Many users don’t double-check sources or think about cybersecurity

This combination makes it a goldmine for attackers using social engineering tactics.

How to Stay Safe Online

Double-check the source – Only download tools from official websites or known platforms.
Use antivirus or endpoint protection – Keep your security software updated.
Enable two-factor authentication (2FA) – Adds an extra layer of protection to your accounts.
Think before you click – If it sounds too good to be true, it probably is.
Spread the word – Let friends and coworkers know about these scams so they can avoid them too.

The AI wave isn’t slowing down anytime soon, and cybercriminals know it. They’re smart, opportunistic, and constantly evolving—using whatever is trending to get into our systems.

So whether it’s a hot new AI tool or some freebie that seems amazing, pause and verify before you download.

Stay safe, stay informed—and always click with caution.

Media Disclaimer: This report is based on internal and external research obtained through various means. The information provided is for reference purposes only, and users bear full responsibility for their reliance on it. Summitsystemsissp assumes no liability for the accuracy or consequences of using this information

Tags: , , , , , , , , , , ,