Lumma Stealer Distributed via Fake EditPro AI Image Generator

A recent campaign is leveraging the popularity of artificial intelligence tools to distribute Ransomware-adjacent infostealers. According to research published by the SANS Internet Storm Center, attackers have established a sophisticated Phishing operation centered around a fraudulent tool branded as “EditPro AI.” This campaign primarily targets users seeking AI-enhanced photo editing software, directing them to a professional-looking website hosted at editpro-ai[.]pro.

The TTP employed by this threat actor involves highly targeted social media advertisements, particularly on platforms like X (formerly Twitter), which direct traffic to the malicious landing page. Once on the site, users are prompted to download the software for either Windows or macOS, leading to the deployment of Lumma Stealer. This evolution is significant because it highlights a growing trend of cross-platform targeting in the infostealer market, which has historically been dominated by Windows-based threats.

How to Detect EditPro AI Malware in Corporate Environments

Detecting this campaign requires monitoring for specific network and host-based IoC signatures. The primary delivery mechanism is a ZIP archive containing the malicious payload. On Windows systems, the file is typically named EditPro-AI-Setup-v1-2-1.exe. This binary is a variant of Lumma Stealer, a malware family known for its ability to harvest browser data, session cookies, and cryptocurrency wallet information.

For macOS users, the site provides a disk image (.dmg) file. While macOS has built-in protections like Gatekeeper, the social engineering involved often convinces users to bypass these security warnings manually. Defenders should look for unauthorized Mach-O binaries executing from user-writable directories. Analyzing Lumma Stealer macOS indicators reveals that the malware attempts to establish C2 communication with several hardcoded domains, often using rotating infrastructure to evade simple IP-based blocking.

Technical Breakdown of the EditPro AI Malicious Image Generator

The EditPro AI malicious image generator analysis conducted by researchers found that the website is surprisingly high-quality, featuring convincing marketing copy and fake user reviews. This level of polish increases the likelihood of successful infection within professional environments where employees might be looking for creative tools.

Upon execution, the Windows payload performs several anti-analysis checks before unpacking itself into memory. It then targets sensitive directories associated with popular web browsers (Chrome, Edge, Firefox) to extract login credentials. The macOS variant operates similarly, targeting the Keychain and browser profiles stored in the Library folder. In both cases, the stolen data is compressed and exfiltrated to the attacker’s infrastructure via HTTPS, making the traffic blend in with legitimate web activity.

Recommendations for Defenders

To mitigate the risk of this campaign, the SOC should prioritize the following actions:

• DNS Filtering: Block the domain editpro-ai[.]pro and its subdomains at the perimeter. Monitor for unusual DNS requests to newly registered domains (NRDs) that mimic AI-related services.
• Endpoint Protection: Ensure that EDR solutions are configured to alert on unsigned binaries attempting to access browser profile directories or sensitive system paths.
• User Awareness: Educate staff on the risks of downloading software from unverified social media advertisements, emphasizing that even professional-looking websites can be malicious.
• Application Control: Implement a policy of least privilege to prevent users from executing unapproved software installers, particularly those downloaded from the internet.

While no CVE is directly exploited in the initial infection vector, the reliance on human error remains a potent threat. Security teams should remain vigilant for similar “lures” as the demand for AI productivity tools continues to grow.