A report by Malwarebytes has shown that Bing Chat AI responses may contain malware.
In March, Microsoft began experimenting with ads in Bing Chat responses, placing them within the chat experience in footnotes and by hovering over the response. Malwarebytes researchers found that scammers are now using these ads for malvertising, which involves using online advertisements to spread malware and infiltrate unsuspecting users’ devices.
Scammers are inserting malicious ads so that they appear first over the organic result ad in the hover ad experience in Bing Chat. For example, in the Advanced IP Scanner results, the first and most prominent link that shows up is the malicious ad. Underneath it, in tiny letters, is the actual organic ad that users would likely miss.
Upon clicking the first link, users are taken to a website (mynetfoldersip[.]cfd) whose purpose is to filter traffic and separate real victims from bots, sandboxes, or security researchers. It does that by checking your IP address, time zone, and various other system settings such as web rendering that identifies virtual machines.
Real humans are redirected to a fake site (advenced-ip-scanner[.]com) that mimics the official one while others are sent to a decoy page. The next step is for victims to download the supposed installer and run it.
When users click the malicious link, they are redirected to a website that filters traffic to separate the real victims from the bots. The real victims are then redirected to a decoy page where they are tempted to click on “free download” to download an installer that contains malicious files.
To execute this scam, a malicious actor must have hacked into the ad account of a real business and created malicious ads.
The sources for this piece include articles in ZDNET and Malwarebytes.
