Cybercriminals Abuse AI Website Creation App For Phishing

Aug. 21, 2025, 12:24 p.m.

Description

Cybercriminals are exploiting an AI-powered website creation platform called Lovable to generate fraudulent websites for credential phishing and malware delivery. The threat actors create or clone sites impersonating well-known brands, use CAPTCHA for filtering, and post stolen credentials to Telegram. Campaigns observed include Tycoon phishing, payment and personal data theft, cryptocurrency wallet draining, and malware distribution. The ease of use of such AI tools significantly lowers the barrier to entry for cybercriminals, allowing them to quickly create convincing phishing pages. While Lovable has implemented new security measures, organizations are advised to consider allow-listing policies for frequently abused tools.

External References

https://www.proofpoint.com/us/blog/threat-insight/cybercriminals-abuse-ai-website-creation-app-phishing
https://otx.alienvault.com/pulse/68a66a49869588c8cfb1af6a
Tags
phishing
cryptocurrency
credential theft
zgrat
malware delivery
doiloader
tycoon
2025-08-21
ai-generated websites
lovable platform

Date

  • Created: Aug. 21, 2025, 12:37 a.m.
  • Published: Aug. 21, 2025, 12:37 a.m.
  • Modified: Aug. 21, 2025, 12:24 p.m.

Attack Patterns

  • Tycoon
  • DOILoader
  • zgRAT

Additional Informations

  • Technology
  • Finance
  • Telecommunications