- I've yet to find a retro stereo amp that delivers sound as accurately for various genres than this
- Use AI at work? You might be ruining your reputation, a new study finds
- Why Whoop's policy change has fans fuming
- Apple now sells refurbished iPhone 15 models at discounted prices (including the Pro Max)
- The best no-log VPNs of 2025: Expert tested and reviewed
Deceptive AI Bots Spread Malware, Raise Security Concerns
Cyber-criminals have been exploiting fraudulent artificial intelligence (AI) bots to attempt and install malicious software under the guise of genuine AI applications.
According to a new advisory published by ESET security researchers, the campaign came to light when an advertisement on Facebook promoted the download of what seemed to be the latest version of Google’s authentic AI tool, “Bard.”
The ad contained several discrepancies that triggered suspicion, ESET security specialist Thomas Uhlemann explained. Notably, the link provided didn’t lead to any recognizable Google domain; instead, it directed users to an unfamiliar service named rebrand.ly, located in Dublin, Ireland.
Closer inspection revealed oddities in the ad’s language and the connected comments section. Commenters’ positive feedback appeared generic, devoid of specific Google-related context. All comments also seemed to be time-stamped at the exact same moment.
Delving deeper into the matter, Uhlemann uncovered a suspicious link flagged by certain antivirus vendors. Accessing the link through an anonymous browser window revealed a webpage masquerading as a legitimate Google site. This posed a significant threat, as accessing such a page while logged into a browser could potentially expose users’ sensitive information.
While the site was hosted on Google’s cloud infrastructure, its content was unrelated to the tech giant.
Further indicators emerged: a Vietnamese title on the browser tab and language anomalies that hinted at a possible connection to attackers in Vietnam. The “Download” button led to a personal Google Drive space, in an attempt to legitimize the malware distribution as an official Google service.
The downloaded file, named GoogleAIUpdate.rar, was password protected. Uhlemann deciphered the password, revealing an MSI installer containing malware.
Antivirus software promptly flagged the installer as malicious, as it had the potential to modify browser settings and flood users with unwanted advertisements.
“At the time of writing, the campaign was still visible in different variations, but I reported it and will most certainly not be the only one doing so,” added Uhlemann. “It seems that this might be a bigger campaign as I’ve now encountered other examples such as ‘meta AI’ or other fake ‘Google AI’ ads.”
The ESET advisory comes a few months after Google launched a framework to secure generative AI on June 9.
Read more on AI bots: Bad Bots Now Account For 30% of All Internet Traffic
Feature image credit: gguy / Shutterstock.com
