It turns out that ads containing malware are hidden in Bing Chat responses



An investigation by security firm Malwarebytes revealed that a malicious fake site that installs malware was hidden in Bing Chat

advertisements that present information through dialogue with AI.

Malicious ad served inside Bing's AI chatbot
https://www.malwarebytes.com/blog/threat-intelligence/2023/09/malicious-ad-served-inside-bing-ai-chatbot

Bing Chat responses infiltrated by ads pushing malware
https://www.bleepingcomputer.com/news/security/bing-chat-responses-infiltrated-by-ads-pushing-malware/

Below are examples of malvertising found by Malwarebytes. When I asked if I wanted to download a software called 'Advanced IP Scanner,' the AI answered with a link, but the link was from a fake download site.



When you click on a link presented by Bing Chat, it first determines whether it is a bot or security researcher's system by checking the IP address, time zone, and virtual machine identification, and only users who are judged to be easy targets will be directed to the fake site. You will be redirected. It then tricks you into downloading a fake installer and running it.



The fake installer contains three files containing the malicious file, and when the obfuscated script of the malicious file is executed, it accesses the outside and receives

the payload , the code that is the main body of the malware. It is seen that



Malwarebytes revealed that someone hijacked the advertising account of a legitimate company in Australia and posted fake ads on Bing Chat disguised as ads targeting system administrators (Advanced IP Scanner) and ads targeting lawyers (MyCase law manager). I'm trying to find out what was leaked.



In this investigation, the final payload was not found, so it is not clear what kind of malware will be installed, but there have been cases in the past where information stealing malware and remote access Trojan horses have been distributed. It has been reported.

Malwarebytes recommended using its security software , Malwarebytes' Anti-Malware, to protect your system.

In addition, BleepingComputer, an IT news site that covered this matter, said, ``The discovery of malvertising in Bing Chat conversations highlights the expanding scope of cyber threats. It is very important for users to be careful with chatbot search results and always double-check URLs before downloading anything.'

Related Posts:

in Software,   Security, Posted by log1l_ks