Since its launch, Microsoft’s Bing Chat has been making headlines, but not all of them have been positive. The latest issue for the AI chatbot is its tendency to send users to malware-infected websites. The discovery was made by antivirus firm Malwarebytes, who discussed the incident in a blog post.
According to the company, Bing Chat displays malware advertisements that lead users to malicious websites instead of filtering them out. Bing Chat, similar to other chatbots, can assist users in finding information, websites, apps, and more. However, since its initial release, Microsoft has been inserting advertisements into the links it provides, much like Google search ads placed above initial results.
The problem is that it is effortless for bad actors to purchase an ad to promote a website that appears legitimate. If users are not cautious, they can easily fall victim to this bait-and-switch scenario.
Malwarebytes explained how this works in their blog post by giving the example of asking Bing Chat to download a popular IP scanning app used by system administrators. Although Bing Chat provided a link to the official website, hovering over the link revealed two results: the authentic website with a malicious ad placed above it.
If users fail to scrutinize the link or are unfamiliar with the website address, they might inadvertently end up on a deceptive website. Upon further analysis, Malwarebytes discovered that the fake website redirected visitors to another site that closely resembled the app’s official URL. Users were then prompted to download malware that could potentially harm their computers.
For now, it is advised to exercise caution when clicking on links provided by Bing Chat. It may be wise to stick with a standard search engine and install an ad blocker to prevent malicious ads from reaching your device.
