Bing Chat Responses Infiltrated By Ads Pushing Malware 14
Bill Toulas writes via BleepingComputer: Malicious advertisements are now being injected into Microsoft's AI-powered Bing Chat responses, promoting fake download sites that distribute malware. [...] Malicious ads spotted by Malwarebytes are pretending to be download sites for the popular 'Advanced IP Scanner' utility, which has been previously used by RomCom RAT and Somnia ransomware operators.
The researchers found that when you asked Bing Chat how to download Advanced IP Scanner, it would display a link to download it in the chat. However, when you hover over an underlined link in a chat, Bing Chat may show an advertisement first, followed by the legitimate download link. In this case, the sponsored link was a malvertisements pushing malware. [...] Unfortunately, Malwarebytes could not find the final payload for this malware campaign, so it is unclear what malware is ultimately being installed. However, in similar campaigns, threat actors commonly distribute information-stealing malware or remote access trojans that allow them to breach other accounts or corporate networks.
The researchers found that when you asked Bing Chat how to download Advanced IP Scanner, it would display a link to download it in the chat. However, when you hover over an underlined link in a chat, Bing Chat may show an advertisement first, followed by the legitimate download link. In this case, the sponsored link was a malvertisements pushing malware. [...] Unfortunately, Malwarebytes could not find the final payload for this malware campaign, so it is unclear what malware is ultimately being installed. However, in similar campaigns, threat actors commonly distribute information-stealing malware or remote access trojans that allow them to breach other accounts or corporate networks.
Can OpenGPT systems also be infected? (Score:3)
If OpenGPT can access the internet on its own with the understanding of 3 year old kid about potential threats,
can it be tricked into downloading malware in its quest to get some information?
"Infiltrated" (Score:4, Informative)
You say that like that hasn't been the plan all along.
Using M$ Edge is like using IE on win98se. The weakest link in the whole system as usual, and now irremovable again.
That's nothing. (Score:5, Informative)
Bing Chat may show an advertisement (Score:4, Interesting)
"...when you hover over an underlined link in a chat, Bing Chat may show an advertisement first, followed by the legitimate download link..."
WHAT? Is that real? LINKS have ads by M$?
The absolute dystopian future has engulfed our timeline. There is no coming out of this alive.
Re: (Score:2)
Remember Tasty Wheat?
Re: (Score:2)
If there's empty space, fill it with advertising.
Yeah but you stack the odds against you (Score:2)
This story implies that someone somewhere once went "Hey you know what? Let's find this network security tool using the AI chatbot version of a Microsoft search engine".
First of all, I don't buy it. People who look for IP scanners just don't do that.
Secondly, if they really did, they shouldn't be too surprised if they got results designed to exploit simpletons.
Drowning in ads (Score:3)
I just don't get the ad spend. How can it be worthwhile for so many companies to push so many ads? It must be an insane amount of money.
On top of that, many of us never see the ads. Anyone with a technical clue, or a technical friend, or enough money to pay a techie. By now that ought to be a substantial segment of the target audience. Between browser plugins and DNS filtering (PiHole), almost all ads can be eliminated.
Anyway, where's the anti-trust enforcement? We've been this route before with IE. Why is Microsoft (and Google, and Apple, and Meta) getting away with even worse behavior this time? Do they buy and sell Congresscritters on eBay or something?
It's not even a purposeful attack (Score:2)
Just a combination of several people that don't care leading a "regular" scheme to reach new heights.
It's no wonder adblocking is basically a necessity nowadays.
Wonder who they're going to fire for this... (Score:3)
Was chatting with a buddy who works with the bing team about this, he couldn't say much but did say there was a lot of finger pointing and a lot of "not my problem/fault" stuff going on there right now..... from my time there is sure sounds like SOP to me.
Every possible use-case for ChatGPT... (Score:2)
There is no silver lining to the dark cloud of web 3.0.
Duh (Score:2)
It recommends Microsoft software, duh.
Are there non-malicious ads? (Score:2)
So far the ones I have seen at the very least tried to steal my lifetime. I would call that pretty malicious.
and nobody noticed any (Score:1)
...difference.