Unknown generative AI developers
Incidents involved as Developer
Incident 97113 Rapports
Iranian Hacker Group Cotton Sandstorm Integrating AI into Cyber Influence Operations
2023-05-02
The Iranian state-sponsored group Cotton Sandstorm, linked to the IRGC, has integrated generative AI into cyber influence operations. In December 2023, it launched Operation “For Humanity," using AI-crafted messaging to hijack a U.S.-based IPTV streaming service with propaganda about the Israel-Hamas conflict. The group also engages in election-related reconnaissance, which suggests they used AI-enhanced influence efforts ahead of the 2024 U.S. election.
PlusIncident 9992 Rapports
Attackers Reportedly Deployed Simulated AI Support Chatbot to Trick Instagram Business Users into Adding Malicious 2FA Login
2025-03-12
A phishing campaign has reportedly been impersonating Meta support using a fake chatbot interface to hijack Instagram Business accounts. Victims received emails claiming ad violations and were directed to a fraudulent site mimicking Meta's support. There, a simulated chatbot instructed users to add the attacker’s Authenticator app as a secure login method, enabling account takeover. It remains unclear whether the chatbot used AI or was human-operated via a bot-like interface. See editor's note.
PlusIncident 10172 Rapports
Alleged Deepfake Investment Scam in Spain Defrauds 208 Victims of €19 million ($20.9 million)
2025-04-07
Spanish police arrested six individuals allegedly behind a €19M ($20.9M) global investment scam powered by AI. The operation used deepfake ads featuring national celebrities to deceive victims, many of whom were selected through targeting algorithms. Scammers posed as financial advisors and fake officials, cycling through romance baiting, investment fraud, and recovery scams. AI-generated content amplified trust and engagement.
PlusIncident 10192 Rapports
Alleged AI-Generated Clone of Exante Brokerage Used to Defraud U.S. Investor via JPMorgan Account
2025-04-10
Scammers used AI tools to clone the broker Exante and defraud at least one U.S. victim by registering a JPMorgan Chase account and replicating Exante’s trading interface. AI-generated fake documents, deepfakes, and cloned websites enabled the scheme. Exante, which does not operate in the U.S., confirmed the fraud and filed reports with multiple U.S. agencies.
Plus