Users of Kling AI deepfake (May 2025)

Cybercriminals used fake Facebook pages and ads impersonating Kling AI to distribute malware. Users were lured to spoofed websites where they were tricked into downloading a malicious file disguised as AI-generated images or videos. The malware gave attackers remote control of the victim's system and the ability to steal sensitive data. The campaign used a remote access trojan (RAT) called PureHVNC.