Microsoft’s AI-powered Bing Chat has recently fallen prey to a sophisticated malware advertising campaign, with malicious ads infiltrating conversations and directing users to fake download sites known to distribute malware.
Bleeping Computer reports that Microsoft’s Bing Chat emerged as the software giant’s answer to Google’s dominance in the search industry. Powered by OpenAI’s GPT-4 engine, a more recent version of the tech powering ChatGPT, Bing Chat aimed to revolutionize online searches by offering users an interactive, chat-based experience, making searches more intuitive and user-friendly.
However, the integration of ads into Bing Chat conversations since March has opened the floodgates to a myriad of security concerns, with threat actors exploiting the platform to disseminate malware through deceptive advertisements.
The malicious advertisements observed by security experts are sophisticated, promoting counterfeit download sites that distribute malware. These ads are particularly concerning as they exploit the inherent trust users place in AI-powered chatbots.
The conversational nature of these tools can potentially convince users to click on ads, amplifying the existing problem of malware ads on search platforms. The ads, although labeled as promoted results, seem to be a weak measure to mitigate the inherent risks, as users might perceive them as trustworthy due to the conversational interaction.
One notable instance involves malicious ads impersonating download sites for the ‘Advanced IP Scanner’ utility, a tool previously exploited by malicious entities such as RomCom RAT and Somnia ransomware operators. When users inquire about downloading the Advanced IP Scanner, Bing Chat displays a link in the chat.
However, hovering over this link may reveal an advertisement first, followed by the legitimate download link. This malware ad campaign was notably orchestrated by an individual who compromised the ad account of a legitimate Australian business, creating malicious ads that specifically target system admins and lawyers.
The victims of this campaign are redirected to deceptive sites that trick visitors using techniques like “typosquatting.” The downloaded installer from these sites contains a malicious script that connects to an external resource to retrieve the payload.
While the final payload for this malware campaign remains unidentified, it is speculated that, akin to similar campaigns, it could distribute information-stealing malware or remote access trojans, allowing threat actors to breach other accounts or corporate networks.
The infiltration of Bing Chat by malicious ads underscores the escalating challenges in cybersecurity, especially with the integration of AI-powered tools in online platforms. The incident serves as a reminder of the continuous evolution of cyber threats and the need for robust security measures.
Read more at Bleeping Computer here.
Lucas Nolan is a reporter for Breitbart News covering issues of free speech and online censorship.