AI website generators used in malware campaigns

Adversaries are exploiting AI-powered website builders like Lovable to quickly create malicious infrastructure, facilitating malware distribution and credential phishing. These user-friendly platforms allow even inexperienced actors to deploy sophisticated phishing kits without advanced skills.

AI Website Generators Exploited for Malware Campaigns: A Growing ThreatAI Website Generators Exploited for Malware Campaigns: A Growing Threat

Emerging Threats Proofpoint researchers have identified thousands of malicious Lovable URLs targeting organizations with lures impersonating trusted brands. This trend shows how AI automates site creation while embedding deceptive elements for data exfiltration, often routing stolen credentials to Telegram or enabling adversary-in-the-middle (AiTM) attacks.

AI Website Generators Exploited for Malware Campaigns: A Growing ThreatAI Website Generators Exploited for Malware Campaigns: A Growing Threat

For instance, a February 2025 phishing operation led users to counterfeit Microsoft authentication pages, harvesting credentials and MFA tokens. Cryptocurrency threats have also emerged, with wallet drainers disguised as DeFi platforms.

NPAV offers a robust solution to combat cyber fraud. Protect yourself with our top-tier security product, Z Plus Security