Saturday, March 2, 2024

Hackers Inject Malicious Ads into GPT-4 Powered Bing Chat

In February 2023, Microsoft unveiled its revolutionary AI-assisted search engine, Bing Chat, driven by OpenAI’s cutting-edge GPT-4 technology. 

This announcement marked a notable event in the world of online search, sparking both curiosity and speculation about the potential shift in the search industry’s dynamics, long dominated by Google.

Given that tech giants derive a substantial portion of their revenue from advertising, it was only a matter of time before Microsoft introduced advertisements into the Bing Chat platform shortly after its launch. 

However, as with any online ads, there comes an inherent risk.

Malvertising via Bing Chat Conversations

Bing Chat represents a unique approach to online searches, combining text and images to offer a distinctive user experience.


Deploy Advanced AI-Powered Email Security Solution

Implementing AI-Powered Email security solutions “Trustifi” can secure your business from today’s most dangerous email threats, such as Email Tracking, Blocking, Modifying, Phishing, Account Take Over, Business Email Compromise, Malware & Ransomware

Within six months of its launch, Microsoft celebrated a remarkable achievement—over one billion chats conducted through the platform.

The incorporation of ads into Bing Chat conversations can occur in several ways. 


One method involves displaying an ad when a user hovers their cursor over a link, with the ad appearing before the organic search result. 

To illustrate this, let’s consider a scenario where a user is looking to download a program called “Advanced IP Scanner,” commonly used by network administrators. 

When the user hovers over the first sentence of their query, a dialog pops up, showcasing an ad alongside the official website for the software:

Users faced with this ad have the option to visit either the ad or the official link. However, the prominently positioned ad is more likely to attract clicks. 

While a small “Ad” label accompanies this link, it might be easily overlooked, leading users to perceive it as a regular search result.

Phishing Sites Distributing Malware

Clicking on the aforementioned ad directs users to a website that filters incoming traffic and distinguishes genuine victims from bots, sandboxes, or security researchers. 

It accomplishes this by analyzing factors such as IP address, time zone, and system settings like web rendering, which can reveal the use of virtual machines.

Real users are subsequently redirected to a counterfeit website (advenced-ip-scanner[.]com), diligently imitating the official one. 

Meanwhile, other visitors are sent to a deceptive landing page, luring them into downloading what appears to be a legitimate installer:

Within this MSI installer lies a trio of files, but only one of them is malicious—an intricately obfuscated script:

Upon execution, this script communicates with an external IP address (65.21.119[.]59), presumably for self-identification and the reception of additional malicious payloads.

The Evolution of Search and the Persistence of Malicious Ads

Threat actors continue to exploit search ads as a means to redirect users to malevolent websites hosting malware. 

While Bing Chat presents a unique search experience, it still serves certain ads akin to those encountered during conventional Bing queries.

In this particular case, malicious actors compromised the ad account of a legitimate Australian business, creating two malicious ads—one targeting network administrators (Advanced IP Scanner) and another aimed at legal professionals (MyCase law manager), reads Malwarebytes report.

malicious Ads

With convincing landing pages, victims can easily fall prey to downloading malware without suspecting foul play.

In light of these threats, it is essential for users to exercise caution when navigating websites and leverage various security tools to enhance their protection. 

This security incident has been reported to Microsoft and several other related malicious ads in an ongoing effort to safeguard online users.

Protect yourself from vulnerabilities using Patch Manager Plus to quickly patch over 850 third-party applications. Take advantage of the free trial to ensure 100% security.


Latest articles

AI Worm Developed by Researchers Spreads Automatically Between AI Agents

Researchers have developed what they claim to be one of the first generative AI...

20 Million+ Cutout.Pro User Records Leaked On Hacking Forums

CutOut.Pro, an AI-powered photo and video editing platform, has reportedly suffered a data breach,...

CWE Version 4.14 Released: What’s New!

The Common Weakness Enumeration (CWE) project, a cornerstone in the cybersecurity landscape, has unveiled...

RisePro Stealer Attacks Windows Users Steals Sensitive Data

A new wave of cyber threats has emerged as the RisePro information stealer targets...

Golden Corral Restaurant Chain Hacked: 180,000+ Users’ Data Stolen

The Golden Corral Corporation, a popular American restaurant chain, has suffered a significant data...

CISA Warns Of Hackers Exploiting Multiple Flaws In Ivanti VPN

Threat actors target and abuse VPN flaws because VPNs are often used to secure...

BEAST AI Jailbreak Language Models Within 1 Minute With High Accuracy

Malicious hackers sometimes jailbreak language models (LMs) to exploit bugs in the systems so...
Guru baran
Guru baran
Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Live Account Takeover Attack Simulation

Live Account Take Over Attack

Live Webinar on How do hackers bypass 2FA ,Detecting ATO attacks, A demo of credential stuffing, brute force and session jacking-based ATO attacks, Identifying attacks with behaviour-based analysis and Building custom protection for applications and APIs.

Related Articles