AI/ML Russian hacker used AI to run fraud scheme on MAGA Telegram channel June 1, 2026 Share By SC Staff (Adobe Stock) A Russian-speaking threat actor has been identified as operating a large Telegram channel that served as a hub for fraud, credential theft, and cryptocurrency harvesting, according to Trend Micro. The actor used AI to impersonate an American military veteran to attract members from the QAnon and MAGA communities, according to a recent report by Tech Radar. The threat actor created the public Telegram channel, @americanpatriotus, shortly after the Capitol riot in 2021. The channel targeted members of the MAGA and QAnon communities who had been excluded from mainstream social media. The actor used a jailbroken version of Google Gemini, bypassing ethical safeguards by issuing prompts in Russian, to ingest news articles and automatically populate the channel with content. This AI was also used to assist in credential theft and fraud campaigns. The actor claimed to be an "authorised pentester" and used the AI to find "hidden angles" related to control and financial manipulation. The campaign likely cost the threat actor near-zero due to the use of 73 stolen API keys. The actor distributed a remote-access trojan (RAT) and employed AI-assisted password brute-forcing, compromising 29 WordPress admin credentials, infiltrating a company, and stealing cryptocurrency. Source: Tech Radar An In-Depth Guide to AI Get essential knowledge and practical strategies to use AI to better your security program. Learn More SC Staff Related AI/ML Attackers use ChatGPT feature to spread malware SC Staff June 1, 2026 The campaign discovered by Push Security, dubbed "LLMShare," utilizes Google ads to direct users searching for ChatGPT to a malicious shared page hosted on the legitimate chatgpt.com domain. AI/ML How to defend at machine speed: A post-LLM era playbook Picus Security June 1, 2026 AI-era attacks now move at machine speed, forcing defenders to rethink validation and response. AI/ML AI helps Russian-speaking GreyVibe run five parallel attack chains on Ukrainian targets Steve Zurier May 29, 2026 Researchers say Russian-speaking group GreyVibe uses AI tools to scale cyberattacks on Ukraine. Get daily email updates SC Media's daily must-read of the most current and pressing daily news Business Email By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy . Subscribe You can skip this ad in 5 seconds