Since the introduction of OpenAI's text-to-video platform Sora in February, ads hawking fake software downloads have flooded the internet.
People need to exercise extra caution because cyber criminals have ingeniously crafted a counterfeit OpenAI website designed to lure users into engaging with the much-anticipated tool.
The fake site is a convincing replica of the genuine OpenAI platform, according to experts from agency directory DesignRush.
The promotion of this deceptive webpage began through Facebook ads on March 13, originating from a domain named opensora[dot]cloud, created just a day prior.
OpenAI Developer Forum users started reporting sightings of these deceptive SORA ads on March 14.
Within five days, cyber criminals transferred their operations to another domain, opensora[dot]info, which remains active to this day.
During these two weeks, about 250 ads were run by the attackers, as reported on Meta's Ad Library.
These fraudulent domains used Hostinger, a low-cost web hosting service known for providing WHOIS privacy protection to its premium users.
The WHOIS privacy protection service obscures the domain owner's identity by hiding the contact details of domain registrants and replacing them with a proxy service's information.
Upon downloading the file on the site, users receive a setup archive named “setup-x86_64.”
Currently, this file has not been flagged as malicious by any cybersecurity firm, according to Virus Total's records.
Sora, OpenAI's new AI tool that converts textual prompts into realistic high-quality videos, has excited many who are eager to try it.
However, its availability is currently in the testing phase, and access is limited to a select group of individuals.