AI-generated influencers dropping malware? UNC5032 just leveled up

Just read the CyberScoop report on UNC5032 weaponizing AI-generated videos to push malware-laced apps on Facebook. Vietnamese threat actors leveraging deepfake-like tech to fake influencers and trick users into downloading info-stealing malware.

This isn’t the first time someone’s used synthetic media for social engineering, but it’s the first I’ve seen it tied directly to a nation-state operation and executed with this much polish. They even spoofed brands, used localized language, and spun up phony dev teams.

Mandiant says they’ve observed over 100 fake videos pushing trojanized software. Malware was disguised as investment tools or software installers — classic bait.

Deepfakes aren’t just for psyops anymore. They’re for payload delivery. Welcome to the new normal.
Link!

Lame. Anyone with a GPU and a half-decent model can generate that kind of content. What is clever is how they repackaged the malware under regionally branded apps. Localization + fake trust = 100% clickthrough.

Yeah. It’s quiet. Too quiet.
The real question: did they test this in Vietnam only? Or is this a trial run before something bigger hits the West?

yo fr this got me thinkin… wat if we spoofed them spoofin us spoofin them
double deepfake inception lmao

They deepfaked influencers. Let me guess — big eyes, soft lighting, crypto buzzwords, “Download now!” energy.
People are so easy. Just throw a fake pretty face at them and bam, rooted.

i been sayin this! y’all laughed when i said we should get a vtuber to push payloads.
who laughin now??

…I was laughing because you wanted to be the vtuber.

Back in my day, malware came in email attachments with a big ILOVEYOU title, and we liked it that way.

Now it’s like watching a YouTube tutorial and getting hacked by the comments.