AI Web App Builder 'Lovable' Plagued by Scam Page Vulnerability

It turns out some AI tools are surprisingly easy to turn to the dark side. Lovable, an AI platform that builds web applications from simple text prompts, is particularly vulnerable. Researchers discovered that even novice cybercriminals can use it to create convincing fake login pages for stealing credentials.

Guardio Labs' Nati Tal explains, "Lovable is a scammer's dream. It can create pixel-perfect scam pages, host them live, use evasion techniques, and even provide an admin dashboard to track stolen data. It just... works, with no guardrails." You can read the full report here.

They've dubbed this technique VibeScamming, a play on "vibe coding," where you basically describe what you want the AI to code for you.

AI: A Double-Edged Sword

We've known for a while that bad actors are using AI for nefarious purposes. Remember those stories about OpenAI ChatGPT and Google Gemini being used to help write malware?

And it's not just those big names. Even models like DeepSeek are susceptible to prompt attacks and jailbreaking, using techniques like Bad Likert Judge, Crescendo, and Deceptive Delight to bypass safety measures. The result? AI can generate phishing emails, keyloggers, and even ransomware (though it might need a little tweaking).

Last month, Symantec (owned by Broadcom) showed how OpenAI's Operator, an AI agent that can do things online for you, could be used to find email addresses, create PowerShell scripts to grab system info, store that info on Google Drive, and then write and send phishing emails. Talk about automation!

Lowering the Bar for Cybercrime

The problem is that these AI tools are making it easier for people without much technical skill to create malware.

Take Immersive World, for example. This "jailbreaking" technique lets you build an information stealer that grabs credentials and other sensitive data from Chrome. It uses narrative engineering – basically, creating a fictional world with specific rules – to trick the AI into doing what it's not supposed to.

Guardio Labs found that platforms like Lovable (and to a lesser degree, Anthropic Claude) can be used to create entire scam campaigns, including SMS messages, fake links sent via Twilio, and even Telegram integration.

VibeScamming starts by asking the AI to automate each step of an attack. Then, using a "level up" approach, the attacker gently guides the AI to create more convincing phishing pages, improve delivery methods, and make the scam seem more legitimate.

Lovable can create a very convincing fake Microsoft login page, host it on its own subdomain (something.lovable.app), and then redirect victims to office.com after stealing their credentials.

Worse, both Claude and Lovable will even help you avoid security flags and exfiltrate stolen credentials to external services like Firebase, RequestBin, JSONBin, or even a private Telegram channel.

Tal emphasizes, "It's not just how similar the fake login page looks, but also the user experience. It's smoother than the real Microsoft login! This shows how powerful task-focused AI can be, and how easily it can be abused."

And it gets worse: "It not only generated the scam page with full credential storage, but also a fully functional admin dashboard to review all captured data – credentials, IP addresses, timestamps, and full plaintext passwords."

Testing AI's Vulnerability

Guardio has created the VibeScamming Benchmark to test how well AI models resist abuse in phishing scenarios. ChatGPT scored 8 out of 10 (most cautious), Claude scored 4.3, and Lovable scored only 1.8 (highly exploitable).

Tal concludes, "ChatGPT, while the most advanced, is also the most cautious. Claude started with good pushback but was easily persuaded.