Cyber-criminals have been exploiting fraudulent synthetic intelligence (AI) bots to try and set up malicious software program below the guise of real AI purposes.
In line with a brand new advisory printed by ESET safety researchers, the marketing campaign got here to mild when an commercial on Fb promoted the obtain of what gave the impression to be the newest model of Google’s genuine AI software, “Bard.”
The advert contained a number of discrepancies that triggered suspicion, ESET safety specialist Thomas Uhlemann defined. Notably, the hyperlink offered didn’t result in any recognizable Google area; as an alternative, it directed customers to an unfamiliar service named rebrand.ly, positioned in Dublin, Eire.
Nearer inspection revealed oddities within the advert’s language and the linked feedback part. Commenters’ optimistic suggestions appeared generic, devoid of particular Google-related context. All feedback additionally gave the impression to be time-stamped at the very same second.
Delving deeper into the matter, Uhlemann uncovered a suspicious hyperlink flagged by sure antivirus distributors. Accessing the hyperlink by means of an nameless browser window revealed a webpage masquerading as a reputable Google web site. This posed a big risk, as accessing such a web page whereas logged right into a browser may probably expose customers’ delicate data.
Whereas the positioning was hosted on Google’s cloud infrastructure, its content material was unrelated to the tech large.
Additional indicators emerged: a Vietnamese title on the browser tab and language anomalies that hinted at a potential connection to attackers in Vietnam. The “Obtain” button led to a private Google Drive house, in an try and legitimize the malware distribution as an official Google service.
The downloaded file, named GoogleAIUpdate.rar, was password protected. Uhlemann deciphered the password, revealing an MSI installer containing malware.
Antivirus software program promptly flagged the installer as malicious, because it had the potential to change browser settings and flood customers with undesirable commercials.
“On the time of writing, the marketing campaign was nonetheless seen in several variations, however I reported it and can most definitely not be the one one doing so,” added Uhlemann. “It appears that evidently this is likely to be a much bigger marketing campaign as I’ve now encountered different examples resembling ‘meta AI’ or different pretend ‘Google AI’ adverts.”
The ESET advisory comes a number of months after Google launched a framework to safe generative AI on June 9.
Learn extra on AI bots: Dangerous Bots Now Account For 30% of All Web Visitors
Characteristic picture credit score: gguy / Shutterstock.com
