Bing Chat suggests malware downloads

29 September 2023
Getting your Trinity Audio player ready...
  • ChatGPT malware recommendations.
  • Hackers quick to exploit in-chat ads.
  • Pressure on MicroSoft to monetize.

Less than a year after Microsoft acquired OpenAI and started having to justify its cost to Redmond’s shareholders, the Bing AI chatbot has been infiltrated by malware purveyors who are using ChatGPT to spread malware,

Bing Chat is one of the many ways that Microsoft is using its new purchase in users’ everyday interactions with all things Microsoft. It was hailed by Microsoft’s CEO, Satya Nadella, as “your AI-powered copilot for the web,” on February 7, 2023.

However, cybersecurity provider Malwarebytes found ads injected into users’ Bing Chat feeds advertising a well-known Windows application called Advanced IP Scanner. When the bot was asked for instructions on downloading the binaries, users following the sponsored link were taken to a site ( where the package offered was a malware instance. The site’s URL was displayed as “,” a fine example of typo-squatting.

Users downloading the package received three files, one of which attempted to further download a malicious payload, completing the ChatGPT malware production circle.

Follow the money

The combination of new technology, trustingly naive users, a need to claw back some of the $10bn OpenAI price tag, and good old-fashioned avarice has conspired to create a situation in which bad actors are finding new attack vectors with enthusiasm.

And the Bing Chat issue will likely not be the last. CEO Satya Nadella has said, “Every product of Microsoft will have some of the same AI capabilities to completely transform the product.” That raises the dread specter of a smart-ass Clippy 2.0 schilling malware to unsuspecting office workers all over the globe, and the Windows desktop suggesting clever workflows in a torrent of distracting pop-ups.

Microsoft Bing’s initial spike in its proportion of users in the lucrative search engine market hit the rocks in July of this year when the OpenAI integration with ChatGPT was temporarily suspended after claims users could use the AI to circumvent paywalls to gated content. During the long summer break in 2023, ChatGPT’s direct use fell by around 10%, a drop associated with the novelty wearing off, or more alarmingly for our sister site’s readers, because college students were on vacation.

If Microsoft can gain a significant portion of the search engine traffic that Google enjoys and similarly mine users’ data for advertising, it will not need to use advertisement features in its ChatGPT-derived user-facing offerings. Until then, however, those using the AI bot to get smarter and more fulsome search engine results from Bing will continue to be offered goods and services based on their browsing habits.

The need to recoup the cost of the acquisition means that instances of bad actors also monetizing their activities will continue to rise, and ChatGPT malware instances will rise in number. Although the vast majority of internet and web users know to be careful when clicking links, the Bing Chat feature is new and shiny enough for many people to drop their guard.

Instance of ChatGPT malware payload drop.

Source: Shutterstock AI

Competing robots via for attention

Meanwhile, Google’s Bard use grew by nearly 190% in May of this year as ChatGPT’s shine began to wear off.

While some of the big names in AI have tended to make headlines for being some of the first out of the gate, there are plenty of alternatives to try. Tech HQ‘s particular favorite is, but also worth a look are the anthropomorphic and Claude from Anthropic.

Several projects covered on this site exist, intending to create machine learning systems that can run locally on small devices. While these promise an end to the dominance of the cloud-based, power-hungry large AI services, they are likely a few years away for the average user.