Bing Chatbot Caught Allowing Malicious Ads to Slip Through
November 13, 2023
This essay is the work of a dumb humanoid. No smart software required.
Bing has been so excited to share its integrated search chatbot with the world. Unfortunately, there is a bit of a wrinkle. Neowin reports, “Microsoft Is Reportedly Allowing Malicious Ads to Be Served on Bing’s AI Chat.” Citing a report from Malwarebytes, writer Mehrotra A tells us:
“Bing AI currently adds hyperlinks to text when responding to user queries and some times, these hyperlinks are sponsored ads. However, when Malwarebytes asked Bing AI how to download Advanced IP Scanner, it gave a hyperlink to a malicious website instead of the official website. While, Microsoft does put a small ad label next to the link, it is easy to overlook and an unsuspecting user will not think twice before clicking the link and downloading a file that could very well damage their system. In this instance, the ad opened a fake URL that filtered traffic and took the real users to a fake website that mimics the official Advanced IP Scanner website. Once some one runs the executable installer, the script tries to connect to an external IP address. Unfortunately, Malwarebytes did not find the final intention or the payload but it could have easily being a spyware or a ransomware.”
Quite the oversight. The write-up concludes Microsoft is not sufficiently vetting marketing campaigns before they go live. We can only hope Malwarebyte’s discovery will change that.
Cynthia Murrell, November 13, 2023