A new stealer hiding behind AI hype. [Research Saturday]

5 snips

Jun 7, 2025

Join Michael Gorelik, Chief Technology Officer at Morphisec, as he unveils the Noodlophile Stealer, a new type of malware hiding behind the allure of fake AI video generation platforms. This sneaky threat lures users into uploading content, only to steal their browser credentials and cryptocurrency. Gorelik discusses the deceptive delivery methods, including viral campaigns that mimic legitimate software. He highlights the evolving challenges in cybersecurity and the importance of vigilance in spotting these malicious tactics.

Ask episode

AI Snips

Chapters

Transcript

Episode notes

INSIGHT

Advanced InfoStealer Delivery

Noodlophile stealer uses advanced delivery techniques with Python in-memory execution and base85 encoding.
It steals browser credentials and wallets but keeps a minimal footprint to evade detection.

INSIGHT

Fake AI Platforms Deceive Users

Fake AI video generation platforms exploit AI hype to deliver malware through downloads.
These platforms have more social media followers than legitimate platforms, making them highly deceptive.

ADVICE

Be Cautious With AI Downloads

Avoid downloading archives from AI video generation platforms as they conceal malicious executables.
Use tools like 7-zip carefully to inspect for hidden folders before opening downloaded files.

Get the Snipd Podcast app to discover more snips from this episode

Get the app