CarderPlanet
Professional
Don't blindly trust a digital companion when it comes to installing software.
Responses displayed by Bing, Microsoft's artificial intelligence chatbot, revealed a mechanism for spreading malicious software when searching for popular software tools. This was announced by Malwarebytes in its report yesterday .
Microsoft launched Bing Chat in February of this year. This interactive search engine is powered by OpenAI's large GPT-4 language model. A month later, the tech giant began exploring ways to redirect users to ads directly from chats in order to somehow monetize its product.
However, this move quickly turned into a loophole for attackers using advertising mechanisms to promote phishing sites and distribute malware. "Ads can be integrated into the Bing Chat dialog in various ways," explained Jerome Segura of Malwarebytes.
A link in Bing leads to the redirecting site
In the example given by the researchers, a request to Bing Chat to download the legitimate "Advanced IP Scanner" software returned a link to the user, which, when hovered over, showed a malicious ad leading to a fraudulent link.
When you click on this link, the user is redirected to a traffic redirection system that detects whether the request is coming from a real person or a bot. Real people are redirected to a fake site "advЕnced-ip-scanner.com", which imitates the official one, differing in the domain name only by a letter, which is quite difficult to notice with a cursory glance.
The legitimate site turned out to be fake
The setup program is configured to run a Visual Basic script that sends a beacon to an external server with the probable purpose of receiving the payload of the next stage. The exact nature of the malware being delivered is currently unknown, but you can actually pack any malicious software into the downloaded payload.
A notable aspect of this campaign is that the attacker managed to break into the advertising account of a legitimate Australian advertising organization and create ads from under its profile, which removes suspicion of the reliability of content on the part of search providers.
"Attackers continue to use search ads to redirect users to malicious sites that contain malicious software," Segura said. According to him, convincing fake pages easily lull the user's trust, and they download malicious software without noticing the trick.
This incident demonstrates that even advanced artificial intelligence technologies based on modern language models are not protected from abuse by cybercriminals.
In light of these developments, users are advised to avoid clicking on any links from the chatbot dialog, even if they look authentic and reliable. Alternatively, carefully check URLs for signs of fraud.
At the same time, companies should pay more attention to security when implementing such technologies in order to prevent their use to harm.
Responses displayed by Bing, Microsoft's artificial intelligence chatbot, revealed a mechanism for spreading malicious software when searching for popular software tools. This was announced by Malwarebytes in its report yesterday .
Microsoft launched Bing Chat in February of this year. This interactive search engine is powered by OpenAI's large GPT-4 language model. A month later, the tech giant began exploring ways to redirect users to ads directly from chats in order to somehow monetize its product.
However, this move quickly turned into a loophole for attackers using advertising mechanisms to promote phishing sites and distribute malware. "Ads can be integrated into the Bing Chat dialog in various ways," explained Jerome Segura of Malwarebytes.
A link in Bing leads to the redirecting site
In the example given by the researchers, a request to Bing Chat to download the legitimate "Advanced IP Scanner" software returned a link to the user, which, when hovered over, showed a malicious ad leading to a fraudulent link.
When you click on this link, the user is redirected to a traffic redirection system that detects whether the request is coming from a real person or a bot. Real people are redirected to a fake site "advЕnced-ip-scanner.com", which imitates the official one, differing in the domain name only by a letter, which is quite difficult to notice with a cursory glance.
The legitimate site turned out to be fake
The setup program is configured to run a Visual Basic script that sends a beacon to an external server with the probable purpose of receiving the payload of the next stage. The exact nature of the malware being delivered is currently unknown, but you can actually pack any malicious software into the downloaded payload.
A notable aspect of this campaign is that the attacker managed to break into the advertising account of a legitimate Australian advertising organization and create ads from under its profile, which removes suspicion of the reliability of content on the part of search providers.
"Attackers continue to use search ads to redirect users to malicious sites that contain malicious software," Segura said. According to him, convincing fake pages easily lull the user's trust, and they download malicious software without noticing the trick.
This incident demonstrates that even advanced artificial intelligence technologies based on modern language models are not protected from abuse by cybercriminals.
In light of these developments, users are advised to avoid clicking on any links from the chatbot dialog, even if they look authentic and reliable. Alternatively, carefully check URLs for signs of fraud.
At the same time, companies should pay more attention to security when implementing such technologies in order to prevent their use to harm.
