Microsoft’s Bing Chat, powered by OpenAI’s GPT-4 engine, has been compromised by malware-infected ads. This poses a new threat as Bing Chat becomes a more interactive and popular alternative to Google. Cybersecurity researchers have highlighted the issue.
Microsoft started putting ads in Bing Chat in March to make money from the platform. This introduces new risks for users due to the conversational nature of the feature.
Cybersecurity researchers found that hackers used malicious ads disguised as download sites for “Advanced IP Scanner.” When users asked Bing Chat for the download link, they were provided with a link that, when hovered over, displayed an ad before the real download link. The hackers compromised the advertising account of a legitimate Australian company and created targeted ads for system administrators and lawyers, distributing malware.
Users who clicked on the ad were taken to a fake version of Advanced IP Scanner’s website that aimed to deceive visitors. The downloaded installer contained a malicious script that connected to an external source and stole personal data. Be cautious when using Bing Chat and double-check URLs before downloading anything to avoid falling for hackers’ tricks. While Bing Chat may not intentionally redirect to malware, hackers can manipulate results to get you to download their malicious software. Stay vigilant!