Latest


Microsoft's Bing Chat responses injected by ads pushing malware: Report

  •   Sat, Sep 30 2023 01:25:11 PM

San Francisco, Sep 30 (IANS): Cybersecurity researchers have discovered that malicious advertisements or harmful ads are now being distributed via Microsoft's AI-powered Bing Chat responses, promoting fake download sites that spread malware, a new report has said.

According to the cybersecurity company Malwarebytes, malicious ads appear to contain download links for the 'Advanced IP Scanner' utility, which has been exploited by ransomware operators earlier.

"Ads can be inserted into a Bing Chat conversation in various ways. One of those is when a user hovers over a link and an ad is displayed first before the organic result," said Jerome Segura, director of threat intelligence, Malwarebytes.

In February, Microsoft introduced its Bing Chat AI search assistant and a month later began injecting ads alongside it to generate revenue from this new platform. However, incorporating ads into Bing Chat has opened the door to hackers.

When the researchers asked Bing Chat how to download Advanced IP Scanner, it displayed a link to download it in the chat. When you hover over an underlined link in a chat, Bing Chat may display an advertisement before the legitimate download link. In this case, the sponsored link was a malware advertisement, the researchers explained.

Malvertizing campaigns are created by hackers who hack into the advertising accounts of legitimate Australian businesses and create ads that target system admins (IP scanner) and lawyers (MyCase law manager), the report said.

When users click on the malicious ad for the IP scanner, they are directed to a website ('mynetfoldersip(.)cfd') that distinguishes bots and crawlers from human victims by checking IP addresses, timezones, and various system indicators for sandbox/virtual machines. Victims are then redirected to 'advanced-ip-scanner(.)com,' a clone of Advanced IP Scanner that employs typosquatting to deceive visitors, according to the report.

"We recommend users pay particular attention to the websites they visit but also use a number of security tools to get additional protection," the researchers advised.

 
  

Top Stories


Leave a Comment

Title: Microsoft's Bing Chat responses injected by ads pushing malware: Report



You have 2000 characters left.

Disclaimer:

Please write your correct name and email address. Kindly do not post any personal, abusive, defamatory, infringing, obscene, indecent, discriminatory or unlawful or similar comments. Daijiworld.com will not be responsible for any defamatory message posted under this article.

Please note that sending false messages to insult, defame, intimidate, mislead or deceive people or to intentionally cause public disorder is punishable under law. It is obligatory on Daijiworld to provide the IP address and other details of senders of such comments, to the authority concerned upon request.

Hence, sending offensive comments using daijiworld will be purely at your own risk, and in no way will Daijiworld.com be held responsible.

You might also like