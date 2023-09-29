Microsoft Bing Chat users searching for software downloads can be easily tricked into going to dodgy websites that install malware instead of the promised program.

According to a Malwarebytes blog post, the AI-powered chatbot may show both the official website for the software and an ad that can be malicious when a user hovers over the link provided by Bing Chat.

It gives the user a choice of visiting either link. However, as the malicious ad link is shown above the official website, users may be more likely to click it despite the small “Ad” label next to it.

It provided an example of asking Bing Chat for a download link to Advanced IP Scanner, but the first link shown was a malicious add to “IP Scanner for Network”.

Upon clicking the first link, users visit a website that filters traffic to separate real victims from bots, sandboxes, and security researchers by checking their IP address, time zone, and various system settings.

After filtering out unwanted traffic, victims are redirected to a fake site that mimics the official Advanced IP Scanner website.

It provides a link to an installer, which contains three files. However, only one of them is malicious and is a complicated script.

When the script is executed, it reaches out to an external IP address, presumably to request an additional payload.

“We recommend users pay particular attention to the websites they visit but also use a number of security tools to get additional protection,” Malwarebytes said.