Hackers Abuse AI Chatbot Recommendations to Push Malicious Software Download Links
Cybersecurity NewsArchived May 27, 2026✓ Full text saved
Hackers are finding new ways to trick people into downloading malware, and this time, they are hiding behind tools many of us have come to trust. A newly uncovered cryptojacking campaign is abusing AI chatbot interactions to steer unsuspecting users toward malicious software download sites. The threat is quiet, convincing, and surprisingly easy for anyone […] The post Hackers Abuse AI Chatbot Recommendations to Push Malicious Software Download Links appeared first on Cyber Security News .
Full text archived locally
✦ AI Summary· Claude Sonnet
HomeCyber Security News
Hackers Abuse AI Chatbot Recommendations to Push Malicious Software Download Links
By Tushar Subhra Dutta
May 27, 2026
Hackers are finding new ways to trick people into downloading malware, and this time, they are hiding behind tools many of us have come to trust.
A newly uncovered cryptojacking campaign is abusing AI chatbot interactions to steer unsuspecting users toward malicious software download sites. The threat is quiet, convincing, and surprisingly easy for anyone to fall for, regardless of how careful they think they are online.
The campaign targets people who search for popular system utilities and hardware-monitoring tools, software commonly used by tech-savvy users and PC enthusiasts.
When someone searches for well-known programs like CrystalDiskInfo, HWMonitor, Display Driver Uninstaller, FurMark, or K-Lite Codec Pack, they can land on fake sites that look completely legitimate.
The attackers have specifically focused on users with high-performance GPUs, not to cast a wide net, but to target machines that offer the most value for cryptocurrency mining.
Analysts at Microsoft identified this campaign after detecting and blocking activity linked to it.
Microsoft Defender Experts and the Microsoft Defender Security Research Team said in a report shared with Cyber Security News (CSN) that this delivery method “extends social engineering beyond conventional search results and increases the visibility of malicious software recommendations.”
The researchers noted that earlier stages of the campaign relied on traditional search engine manipulation, but by April 2026, a new and more dangerous tactic had emerged.
Attack chain (Source – Microsoft)
What makes this campaign different is how it evolved. Instead of only poisoning search engine results, the threat actors began influencing responses generated by large language model (LLM)-based AI tools.
When users asked AI chatbots for software download recommendations, the chatbots returned links pointing to attacker-controlled domains. Microsoft described this as AI search result poisoning, a direct extension of the old-school SEO manipulation playbook now applied to a widely trusted technology.
Search engine results showing a malicious source of hwmonitor (Source – Microsoft)
The goals of the campaign go beyond cryptocurrency mining. Attackers also set up persistent remote access on compromised machines using ScreenConnect software, leaving the door open for follow-on activity such as data theft, lateral movement across networks, or even ransomware deployment.
More than 150 malicious domains have been identified as part of this infrastructure, most of them hosted through a dynamic DNS provider commonly associated with threat actor activity.
Hackers Abuse AI Chatbot Recommendations
Once a victim clicks a download button on one of the fake sites, they receive a ZIP archive that looks like a legitimate software package. Hidden inside is a rogue DLL file called “autorun.dll” that activates when the real executable is launched.
This triggers the installation of a second malicious file, “vcredist_x64.dll,” which quietly deploys ScreenConnect for full control over the victim’s machine.
After ScreenConnect connects back to an attacker-controlled server, it delivers a file called “SimpleRunPE.exe.” This binary creates Registry Run keys and scheduled tasks for persistence, configures Microsoft Defender exclusions to avoid detection, and uses process hollowing to run mining code under a trusted Microsoft-signed binary.
The malware supports three mining programs: gminer, lolMiner, and SRBMiner-MULTI. To stay hidden, it also monitors for tools like Task Manager, Process Hacker, and Process Explorer, immediately pausing mining the moment any of them are opened.
Defending Against AI-Assisted Malware Delivery
Microsoft recommends that organizations enable cloud-delivered protection and run endpoint detection and response (EDR) in block mode to intercept threats even when antivirus signatures lag behind.
Files dropped after extraction of the ZIP file after download (Source – Microsoft)
Implementing attack surface reduction rules adds another layer of defense against the DLL sideloading and process injection techniques used in this campaign. These configurations should be treated as baseline security hygiene, not optional extras.
For everyday users, the lesson is to verify software downloads through official vendor websites only, regardless of where a link comes from, including AI chatbot recommendations.
AI tools can surface helpful answers, but they can also be manipulated by threat actors to point users in dangerous directions. Staying skeptical of any download link, even one that appears in a trusted AI conversation, is now an important part of staying safe online.
Indicators of Compromise (IoCs):-
Type Indicator Description
Domain direct-download.gleeze[.]com Attacker-controlled domain serving malicious ZIP archives
Domain start-download.gleeze[.]com Attacker-controlled domain serving malicious ZIP archives
Domain direct-downloads.giize[.]com Attacker-controlled domain serving malicious ZIP archives
Domain free-download.giize[.]com Attacker-controlled domain serving malicious ZIP archives
IP Address 193.42.11[.]108 Attacker-controlled ScreenConnect C2 server
SHA256 Hash 16562974deec80e41ef57a71a6de8c03ceb393005fb1432f8d9d82c61294ef8c Malicious file hash associated with campaign payload
SHA256 Hash 1b2555b09ac62164638f47c8272beb6b0f97186e37d3a54cb84c723ff7a2eee5 Malicious file hash associated with campaign payload
Note: IP addresses and domains are intentionally defanged (e.g., [.]) to prevent accidental resolution or hyperlinking. Re-fang only within controlled threat intelligence platforms such as MISP, VirusTotal, or your SIEM.
Follow us on Google News, LinkedIn, and X to Get More Instant Updates, Set CSN as a Preferred Source in Google.
Tags
cyber security
cyber security news
Copy URL
Linkedin
Twitter
ReddIt
Telegram
Tushar Subhra Dutta
Tushar is a senior cybersecurity and breach reporter. He specializes in covering cybersecurity news, trends, and emerging threats, data breaches, and malware attacks. With years of experience, he brings clarity and depth to complex security topics.
Trending News
GitHub Internal Repositories Breached Via Weaponized VS Code Extension
Windows Kernel Vulnerability Allows Attackers to Modify Kernel Memory Counters
CISA Warns of Microsoft Defender 0-Day Vulnerabilities Exploited in Attacks
India’s CERT-In Asks Organizations to Patch Vulnerabilities in Systems Within 12 hours
Hackers Use SEO Poisoning to Impersonate Gemini CLI and Claude Code Installers
Latest News
AI
Attackers Can Exploit BadHost to Access Sensitive AI Agent Server Endpoints
Android
New BTMOB Malware Lets Attackers Remotely Control Android Devices
Cyber Security News
CISA Warns of LiteSpeed cPanel Plugin Vulnerability Exploited in Attacks
Cyber Security News
GitHub Enterprise Server 3.20.3 Released With Fox for Critical Vulnerabilities
Cyber Security News
Windows Kernel Vulnerability Allows Attackers to Modify Kernel Memory Counters