A report has revealed that cyber-criminals are utilizing fraudulent AI bots to distribute malicious software disguised as legitimate AI applications. This poses a significant threat to users and organizations.

Description

The report highlights a specific incident involving a Facebook ad that promoted the download of a supposed new version of Google’s AI tool, called “Bard.” However [1], the ad raised suspicions due to inconsistencies, such as redirecting users to an unfamiliar service in Dublin instead of a recognized Google domain [1]. Further investigation uncovered a suspicious link flagged by antivirus vendors [1], leading to a webpage posing as an authentic Google site. The downloaded file [1] [2], named GoogleAIUpdate.rar [1], was password protected and contained malware capable of altering browser settings and bombarding users with unwanted advertisements [1]. This ongoing campaign has seen other fake “Google AI” ads being reported. The report also warns against falling for similar scams, as it is part of a larger effort to spread adware.

AI bots [1] [2] [3], while useful for programmers in creating software code, also present a risk of being used to develop malicious software such as viruses [3], ransomware [3], and Trojans [3]. Even users with basic knowledge of malicious software can leverage AI technology to write functional malware that can evade detection [3].

Conclusion

The use of fraudulent AI bots to distribute malicious software is a concerning trend. It not only highlights the need for heightened cybersecurity measures but also emphasizes the importance of user vigilance and awareness. As AI technology continues to advance, it is crucial for individuals and organizations to stay informed about potential threats and take proactive steps to protect themselves.

References

[1] https://www.infosecurity-magazine.com/news/deceptive-ai-bots-spread-malware/
[2] https://www.welivesecurity.com/en/scams/a-bards-tale-how-fake-ai-bots-try-to-install-malware/
[3] https://za.mintgroup.net/blog/ai/ai-bots-identifying-and-navigating-the-risks-part-1/