AI platforms can be abused for stealthy malware communication

Cybersecurity researchers at Check Point have exposed a clever hack where bad actors exploit AI chatbots like Grok and Microsoft Copilot for under-the-radar command-and-control ops, turning these helpful bots into sneaky intermediaries for malware chatter. Instead of risky direct links to their servers, attackers instruct the AI to fetch URLs and relay encrypted commands or stolen data back to infected machines via web interfaces, bypassing traditional security flags by leveraging the bots’ trusted status. Their proof-of-concept, built with Windows 11’s WebView2 component, shows how malware can interact anonymously without accounts or API keys, making it a nightmare for tracing and blocking. For SMBs and MSPs, this underscores the need to amp up defenses with multi-layered security practices, like isolating web views and monitoring AI interactions, to keep your networks from becoming unwitting accomplices. And while Microsoft urges defense-in-depth strategies, it’s a stark reminder that even your favorite AI sidekicks can be weaponized if you’re not vigilant—time to double-check those workflows, folks.

Source: https://www.bleepingcomputer.com/news/security/ai-platforms-can-be-abused-for-stealthy-malware-communication/