Microsoft has issued a warning about cybercriminals using AI chatbots to send victims to malicious websites.
Microsoft has issued a warning about cybercriminals using AI chatbots to send victims to malicious websites.
In a new report, the tech giant has found that threat actors have managed to find a way to trick AI into directing users towards fake and malicious links.
In a post, the company wrote: “Microsoft Defender Experts identified an active cryptojacking campaign in which malicious download sites are surfaced not only through traditional search engine poisoning, but also through AI chatbot interactions.
“This emerging delivery technique extends social engineering beyond conventional search results and increases the visibility of malicious software recommendations.
“The campaign impersonates trusted system utilities including CrystalDiskInfo, HWMonitor, Display Driver Uninstaller, FurMark, K-Lite Codec Pack, and PDFgear to target users likely to own high-performance GPUs.
“Rather than maximizing infection volume, the threat actor appears focused on compromising systems with higher mining value.”
Microsoft also opened up more about potential use of the malicious campaign in the future.
The team continued: “Beyond cryptocurrency mining, the campaign establishes persistent remote access through abused ScreenConnect deployments that could later support data theft, lateral movement, or ransomware activity.
“This combination of AI-assisted delivery, software impersonation, and persistent access highlights how threat actors are adapting social engineering and monetization strategies to modern user behavior.
“Microsoft Defender detected and blocked activity associated with this campaign. Organizations should enable cloud-delivered protection, run EDR in block mode, and enable attack surface reduction rules to reduce risk.”
Microsoft warns about cybercriminals using AI chatbots
