How to Spot Fake Art and Deepfakes

Artificial intelligence (AI) is making its way from high-tech labs and Hollywood plots into the hands of the general population. ChatGPT, the text generation tool, hardly needs an introduction and AI art generators (like Midjourney and DALL-E) are hot on its heels in popularity. Inputting nonsensical prompts and receiving ridiculous art clips in return is a fun way to spend an afternoon. 

However, while you’re using AI art generators for a laugh, cybercriminals are using the technology to trick people into believing sensationalist fake news, catfish dating profiles, and damaging impersonations. Sophisticated AI-generated art can be difficult to spot, but here are a few signs that you may be viewing a dubious image or engaging with a criminal behind an AI-generated profile. 

What Are AI Art Generators and Deepfakes? 

To better understand the cyberthreats posed by each, here are some quick definitions: 

• AI art generators. Generative AI is typically the specific type of AI behind art generators. This type of AI is loaded with billions of examples of art. When someone gives it a prompt, the AI flips through its vast library and selects a combination of artworks it thinks will best fulfill the prompt. AI art is a hot topic of debate in the art world because none of the works it creates are technically original. It derives its final product from various artists, the majority of whom haven’t granted the computer program permission to use their creations. 
• Deepfake. A deepfake is a manipulation of existing photos and videos of real people. The resulting manipulation either makes an entirely new person out of a compilation of real people, or the original subject is manipulated to look like they’re doing something they never did. 

AI art and deepfake aren’t technologies found on the dark web. Anyone can download an AI art or deepfake app, such as FaceStealer and Fleeceware. Because the technology isn’t illegal and it has many innocent uses, it’s difficult to regulate. 

How Do People Use AI Art Maliciously? 

It’s perfectly innocent to use AI art to create a cover photo for your social media profile or to pair it with a blog post. However, it’s best to be transparent with your audience and include a disclaimer or caption saying that it’s not original artwork. AI art turns malicious when people use images to intentionally trick others and gain financially from the trickery. 

Catfish may use deepfake profile pictures and videos to convince their targets that they’re genuinely looking for love. Revealing their real face and identity could put a criminal catfish at risk of discovery, so they either use someone else’s pictures or deepfake an entire library of pictures. 

Fake news propagators may also enlist the help of AI art or a deepfake to add “credibility” to their conspiracy theories. When they pair their sensationalist headlines with a photo that, at quick glance, proves its legitimacy, people may be more likely to share and spread the story. Fake news is damaging to society because of the extreme negative emotions they can generate in huge crowds. The resulting hysteria or outrage can lead to violence in some cases. 

Finally, some criminals may use deepfake to trick face ID and gain entry to sensitive online accounts.     To prevent someone from deepfaking their way into your accounts, protect your accounts with multifactor authentication. That means that more than one method of identification is necessary to open the account. These methods can be one-time codes sent to your cellphone, passwords, answers to security questions, or fingerprint ID in addition to face ID.  

3 Ways to Spot Fake Images 

Before you start an online relationship or share an apparent news story on social media, scrutinize images using these three tips to pick out malicious AI-generated art and deepfake. 

1. Inspect the context around the image.

Fake images usually don’t appear by themselves. There’s often text or a larger article around them. Inspect the text for typos, poor grammar, and overall poor composition. Phishers are notorious for their poor writing skills. AI-generated text is more difficult to detect because its grammar and spelling are often correct; however, the sentences may seem choppy. 

2. Evaluate the claim.

Does the image seem too bizarre to be real? Too good to be true? Extend this generation’s rule of thumb of “Don’t believe everything you read on the internet” to include “Don’t believe everything you see on the internet.” If a fake news story is claiming to be real, search for the headline elsewhere. If it’s truly noteworthy, at least one other site will report on the event. 

3. Check for distortions.

AI technology often generates a finger or two too many on hands, and a deepfake creates eyes that may have a soulless or dead look to them. Also, there may be shadows in places where they wouldn’t be natural, and the skin tone may look uneven. In deepfaked videos, the voice and facial expressions may not exactly line up, making the subject look robotic and stiff. 

Boost Your Online Safety With McAfee 

Fake images are tough to spot, and they’ll likely get more realistic the more the technology improves. Awareness of emerging AI threats better prepares you to take control of your online life. There are quizzes online that compare deepfake and AI art with genuine people and artworks created by humans. When you have a spare ten minutes, consider taking a quiz and recognizing your mistakes to identify malicious fake art in the future. 

To give you more confidence in the security of your online life, partner with McAfee. McAfee+ Ultimate is the all-in-one privacy, identity, and device security service. Protect up to six members of your family with the family plan, and receive up to $2 million in identity theft coverage. Partner with McAfee to stop any threats that sneak under your watchful eye. 

The post How to Spot Fake Art and Deepfakes appeared first on McAfee Blog.

The Rise and Risks of AI Art Apps

Authored by Fernando Ruiz

The popularity of AI-based mobile applications that can create artistic images based on pictures, such as the “Magic Avatars” from Lensa, and the OpenAI service DALL-E 2 that generates them from text, have increased the mainstream interest of these tools. Users should be aware of those seeking to take advantage to distribute Potential Unwanted Programs (PUPs) or malware, such as through deceptive applications that promise the same or similar advanced features but are just basic image editors or otherwise repackaged apps that can drain your data plan and battery life with Clicker and HiddenAds behaviors, subscribe you to expensive services that provide little or no value over alternatives  (Fleeceware), or even steal your social media account credentials (FaceStealer).

Dozens of apps surface daily claiming to offer AI image creation. Some of them might be legitimate or based on open-source projects such as Stable Diffusion, but in the search for a free application that produces quality results, users might try new apps that could compromise their privacy, user experience, wallet and/or security.

The McAfee Mobile Research Team recently discovered a series of repackaged image editors on the Google Play app store which presented concerning behaviors.  McAfee Mobile Security products help protect against such apps, including those classified as Android/FakeApp, Android/FaceStealer, Android/PUP.Repacked and Android/PUP.GenericAdware.

McAfee, a member of the App Defense Alliance focused on protecting users by preventing threats from reaching their devices and improving app quality across the ecosystem, reported the discovered apps to Google, which took prompt action and the apps are no longer available on Google Play.

We now discuss various types of privacy and/or security risks associated with the types of apps recently removed from the app store.

FaceStealer

“Pista – Cartoon Photo Effect” and “NewProfilePicture” are examples of apps that offered compelling visual results, however, each was based on the same image editor with basic filters and trojanized with Android/FaceStealer, which is a well-known malware capable of compromising a victim’s Facebook or Instagram account. The apps could capture user credentials during a Facebook login by embedding a javascript function loaded from a remote server (to evade detection) into a flutter webview activity that displays the Facebook login screen. 

“NewProfilePicture” and “Pista – Cartoon Photo Effect” are examples of FaceStealer malware that posed as a cartoon avatar creator.

The same image editor which was repackaged into the above two apps has also been repackaged alternatively with adware modules and distributed by other developers under other app names, such as “Cartoon Effect | Cartoon Photo”:  

 

Fleeceware

Fleeceware refers to mobile apps that use various tactics to enroll users into subscriptions with high fees, typically after a free trial period, and often with little or no value to the subscriber beyond cheaper or free alternatives. If the user does not take care to cancel their subscription, they continue to be charged even after deleting the app.

“Toonify Me”, which is no longer available on the Play Store, cost $49.99 per week after 3 days – almost $2,600 per year – for what featured AI-generated illustrations in the app description, but was another repackaged version of the same image editor functionality found within “NewProfilePicture” and “Pista – Cartoon Photo Effect”. 

In this case, the “Toonify Me” app did not allow feature access without enrolling in the subscription, and the “CONTINUE” button which initiated the subscription was the only option to tap in the app once it was launched.

Adware

Promoted by ads that described it as capable of transforming pictures into artistic drawings, the “Fun Coloring – Paint by Number” app is an example of a repackaged version of a different, legitimate pixel painting app.  It lacked the advertised AI effects and was plagued with adware-like behavior.  

Advertisement of “Fun Coloring – Paint by Number” on social media which included app store link 

Consistent with many reviews complaining about unexpected ads out of the context of the app, once installed, the app started a service that communicated in the background with Facebook Graph API every 5 seconds and might pull ads based on received commands after some time of execution. The app contained multiple injected SDK modules from AppsFlyer, Fyber, InMobi, IAB, Mintegral, PubNative and Smaato (none of which are in the original app, which was repackaged to include these), which would help monetize installations without regard for user experience. 

Conclusion

When new types of apps become popular and new ones appear on the market to offer similar features, users should act with caution to avoid becoming victim to those wanting to exploit public interest.

When installing an app that causes you doubt, make sure you:

• Read the pricing and other terms carefully
• Check those permissions requested are reasonable with the purpose of the app
• Look for consistently bad reviews describing unexpected or unwanted app behavior
• Verify if the developer has other apps available and their reviews
• Consider skipping the app download if you aren’t convinced of its safety

Even if an app is legitimate, we also encourage users to look closely before installation at any available privacy policy to understand how personal data will be treated.  Your face is a biometric identifier that’s not easy to change, and multiple pictures might be needed (and stored) to create your model.

Artificial intelligence tools will continue to amaze us with their capabilities and probably will become more accessible and safer to use over time.  For now, keep in mind that AI technology is still limited and experimental, and can be expensive to use – always consider any hidden costs.  AI also will bring more challenges as we discussed on the 2023 McAfee Threat Prediction blog.

IDENTIFIED APPS

The following table lists the application package name, hash sum SHA256, the minimum number of installations on Google Play, and the type of detected threat. These apps were removed from Google Play, but some may remain available elsewhere.

Package Name	SHA256	Installs	Type
com.ayogamez.sketchcartoon	9cb1d996643fbec26bb9878939735221dfbf639075ceea3abdb94e0982c494c1	5M	Adware
com.rocketboosterapps.toonifyme	3f45a38b103e1812146df8ce179182f54c4a0191e19560fcbd77240cbc39886b	10K	Fleeceware
com.nhatanhstudio.cartoon.photoeffect	2c7f4fc403d1449b70218624d8a409497bf4694493c7f4c06cd8ccecff21799a	5K	Repackaged Adware
com.cambe.PhotoCartoon	5327f415d0e9b21523f64403ec231e1fd0279c48b41f023160cd1d70dd733dbf	10K	Repackaged Adware
com.chiroh.cartoon.prismaeffect	18fef9f92639e31dd6566854feb30e1e4333b971b05ae9aba93ac0aa395c955b	1K	Repackaged Adware
cartoon.photo.effect.editor.cartoon.maker.online. caricature.appanime.convert.photo.intocartoon	3b941b7005572760b95239d73b8a8bbfdb81d26d405941171328daa8f3c01183	50	Repackaged Adware
com.waxwell.saunders.pistaphotoeditor	489d4aaec3bc694ddd124ab8b4f0b7621a51aad13598fd39cd5c3d2067b950e5	50	FaceStealer
com.ashtoon.tooncool.skordoi	980c090c01bef890ef74bd93e181d67a5c6cd1b091573eaaf2e1988756aacd50	100K	FaceStealer
com.faceart.savetoon.cartoonedit	55ffc2e392280e8967de0857b02946094268588209963c6146dad01ae537daca	100	FaceStealer
com.okenyo.creatkartoon.studio	e696d7304e5f56d7125dd54c853ff35a394a4175fcaf7785d332404e161d6deb	500K	FaceStealer
com.onlansuyanto.editor.bading	59f9630c2ebe4896f585ec7722c43bb54c926e3e915dcfa4ff807bea444dc07b	10K	FaceStealer
com.madtoon.aicartoon.kiroah	c29adfade300dde5e9c31b23d35a6792ed4a7ad8394d37b69b5cecc931a7ad9f	100K	FaceStealer
com.acetoon.studio.facephoto	24cf7fcaefe98bc9db34f551d11906d3f1349a5b60adf5fa37f15a872b61ee95	100K	FaceStealer
com.funcolornext.beautyfungoodcolor	b2cfa8b2eccecdcb06293512df0db463850704383f920e5782ee6c5347edc6f5	100K	Repackaged Adware

 

 

The post The Rise and Risks of AI Art Apps appeared first on McAfee Blog.