Bing Chat, a widely used AI-driven chatbot akin to ChatGPT, is facing a concerning issue: an infiltration of ads that serve as vectors for malware and promote counterfeit download platforms.
How does this malware function? Read on to find out all the details!
Bing Chat Facing Malicious Ads, Comes With Advanced IP Scanner
As per a detailed report from the reputable cybersecurity firm Malwarebytes, Bing Chat ads, often presented as promoted results when users interact with links during their conversations, have become a tool for threat actors to disseminate malware.
As per a Microsoft spokesperson, “Our content policies prohibit advertising content that is deceptive, fraudulent or that can be harmful to users. We can confirm that this content has been removed and that the advertiser was blocked from our networks as part of our detection scan process.”
Malwarebytes has highlighted that these advertisements, infected with malware, masquerade as a well-known utility – Advanced IP Scanner. Researchers elaborate that when users inquire about how to download this software via Bing Chat, it provides links within the chat, with sponsored links prominently displayed at the top.
Upon clicking on these sponsored links, users are directed to a website that distinguishes between bots and human users by analyzing information such as timezone and IP address. Actual human users are then redirected to a deceptive website named ‘advenced-ip-scanner[.]com’, where they are encouraged to download an installer riddled with malware.
Malware Campaign Orchestrated By Ad Account of Australian Business
Although Malwarebytes researchers were unable to ascertain the exact type of malware being distributed, they uncovered that this campaign was orchestrated by compromising the ad account of a legitimate Australian business. The attackers created two malicious ad campaigns, one targeting system administrators (posing as Advanced IP Scanner) and another aimed at lawyers (pretending to be MyCase law manager).
Bing Chat, a recently introduced platform, revolutionizes the traditional search experience by offering an interactive approach compared to conventional search engines such as Google Search. The AI chatbot, powered by GPT-4, exemplifies the rapid evolution of cyber threats. This incident underscores the critical importance for users to exercise caution and refrain from blindly clicking on search results, given the evolving landscape of cyber threats.