Exercise caution with ads hawking fake OpenAI Sora software downloads – they're a minefield.
Cybercriminals ingeniously crafted a counterfeit OpenAI website designed to lure users into engaging with the much-anticipated text-to-video tool.
This fake site is a convincing replica of the genuine OpenAI platform, according to experts from agency directory DesignRush.
Sora, OpenAI's new AI tool that converts textual prompts into realistic videos, has excited many who are eager to try it.
However, its availability is currently limited only to a select group of individuals for testing purposes.
The promotion of this deceptive webpage began through Facebook ads on March 13, originating from a domain named opensora[dot]cloud, established just a day prior.
Within five days, cybercriminals transferred their operations to another domain, opensora[dot]info, which remains active to this day.
During these two weeks, approximately 250 ads were run by the attackers, as reported on Meta's Ad Library.
These fraudulent domains were hosted using Hostinger, a low-cost web hosting service known for offering WHOIS privacy protection to its premium users.
The WHOIS privacy protection service hides the contact details of domain registrants, replacing them with a proxy service's information, thus obscuring the domain owner's identity.
Upon downloading the file on the site, users receive a setup archive named “setup-x86_64.”
Currently, this file hasn’t been flagged as malicious by any cybersecurity firm, according to Virus Total's records.
Users on the OpenAI Developer Forum began reporting sightings of these deceptive SORA ads on March 4.
Editing by Katherine 'Makkie' Maclang