Friday, June 14, 2024

Hackers Inject Malicious Ads into GPT-4 Powered Bing Chat

In February 2023, Microsoft unveiled its revolutionary AI-assisted search engine, Bing Chat, driven by OpenAI’s cutting-edge GPT-4 technology. 

This announcement marked a notable event in the world of online search, sparking both curiosity and speculation about the potential shift in the search industry’s dynamics, long dominated by Google.

Given that tech giants derive a substantial portion of their revenue from advertising, it was only a matter of time before Microsoft introduced advertisements into the Bing Chat platform shortly after its launch. 

However, as with any online ads, there comes an inherent risk.

Malvertising via Bing Chat Conversations

Bing Chat represents a unique approach to online searches, combining text and images to offer a distinctive user experience.


Deploy Advanced AI-Powered Email Security Solution

Implementing AI-Powered Email security solutions “Trustifi” can secure your business from today’s most dangerous email threats, such as Email Tracking, Blocking, Modifying, Phishing, Account Take Over, Business Email Compromise, Malware & Ransomware

Within six months of its launch, Microsoft celebrated a remarkable achievement—over one billion chats conducted through the platform.

The incorporation of ads into Bing Chat conversations can occur in several ways. 


One method involves displaying an ad when a user hovers their cursor over a link, with the ad appearing before the organic search result. 

To illustrate this, let’s consider a scenario where a user is looking to download a program called “Advanced IP Scanner,” commonly used by network administrators. 

When the user hovers over the first sentence of their query, a dialog pops up, showcasing an ad alongside the official website for the software:

Users faced with this ad have the option to visit either the ad or the official link. However, the prominently positioned ad is more likely to attract clicks. 

While a small “Ad” label accompanies this link, it might be easily overlooked, leading users to perceive it as a regular search result.

Phishing Sites Distributing Malware

Clicking on the aforementioned ad directs users to a website that filters incoming traffic and distinguishes genuine victims from bots, sandboxes, or security researchers. 

It accomplishes this by analyzing factors such as IP address, time zone, and system settings like web rendering, which can reveal the use of virtual machines.

Real users are subsequently redirected to a counterfeit website (advenced-ip-scanner[.]com), diligently imitating the official one. 

Meanwhile, other visitors are sent to a deceptive landing page, luring them into downloading what appears to be a legitimate installer:

Within this MSI installer lies a trio of files, but only one of them is malicious—an intricately obfuscated script:

Upon execution, this script communicates with an external IP address (65.21.119[.]59), presumably for self-identification and the reception of additional malicious payloads.

The Evolution of Search and the Persistence of Malicious Ads

Threat actors continue to exploit search ads as a means to redirect users to malevolent websites hosting malware. 

While Bing Chat presents a unique search experience, it still serves certain ads akin to those encountered during conventional Bing queries.

In this particular case, malicious actors compromised the ad account of a legitimate Australian business, creating two malicious ads—one targeting network administrators (Advanced IP Scanner) and another aimed at legal professionals (MyCase law manager), reads Malwarebytes report.

malicious Ads

With convincing landing pages, victims can easily fall prey to downloading malware without suspecting foul play.

In light of these threats, it is essential for users to exercise caution when navigating websites and leverage various security tools to enhance their protection. 

This security incident has been reported to Microsoft and several other related malicious ads in an ongoing effort to safeguard online users.

Protect yourself from vulnerabilities using Patch Manager Plus to quickly patch over 850 third-party applications. Take advantage of the free trial to ensure 100% security.


Latest articles

Sleepy Pickle Exploit Let Attackers Exploit ML Models And Attack End-Users

Hackers are targeting, attacking, and exploiting ML models. They want to hack into these...

SolarWinds Serv-U Vulnerability Let Attackers Access sensitive files

SolarWinds released a security advisory for addressing a Directory Traversal vulnerability which allows a...

Smishing Triad Hackers Attacking Online Banking, E-Commerce AND Payment Systems Customers

Hackers often attack online banking platforms, e-commerce portals, and payment systems for illicit purposes.Resecurity...

Threat Actor Claiming Leak Of 5 Million Ecuador’s Citizen Database

A threat actor has claimed responsibility for leaking the personal data of 5 million...

Ascension Hack Caused By an Employee Who Downloaded a Malicious File

Ascension, a leading healthcare provider, has made significant strides in its investigation and recovery...

AWS Announced Malware Detection Tool For S3 Buckets

Amazon Web Services (AWS) has announced the general availability of Amazon GuardDuty Malware Protection...

Hackers Exploiting MS Office Editor Vulnerability to Deploy Keylogger

Researchers have identified a sophisticated cyberattack orchestrated by the notorious Kimsuky threat group.The...
Guru baran
Guru baran
Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Free Webinar

API Vulnerability Scanning

71% of the internet traffic comes from APIs so APIs have become soft targets for hackers.Securing APIs is a simple workflow provided you find API specific vulnerabilities and protect them.In the upcoming webinar, join Vivek Gopalan, VP of Products at Indusface as he takes you through the fundamentals of API vulnerability scanning..
Key takeaways include:

  • Scan API endpoints for OWASP API Top 10 vulnerabilities
  • Perform API penetration testing for business logic vulnerabilities
  • Prioritize the most critical vulnerabilities with AcuRisQ
  • Workflow automation for this entire process

Related Articles